From b35fe4f339b3675356f4be369ccd3336f0080f9e Mon Sep 17 00:00:00 2001 From: hadar-co Date: Tue, 4 Jul 2023 12:27:34 +0300 Subject: [PATCH] feat: add ACS-controller schemas (#187) --- .../certificate_v1alpha1.json | 321 ++++ .../api_v1alpha1.json | 206 +++ .../authorizer_v1alpha1.json | 166 ++ .../deployment_v1alpha1.json | 132 ++ .../integration_v1alpha1.json | 211 +++ .../route_v1alpha1.json | 202 +++ .../stage_v1alpha1.json | 237 +++ .../vpclink_v1alpha1.json | 131 ++ .../scalabletarget_v1alpha1.json | 147 ++ .../scalingpolicy_v1alpha1.json | 253 +++ .../cachepolicy_v1alpha1.json | 225 +++ .../eventdatastore_v1alpha1.json | 207 +++ .../trail_v1alpha1.json | 162 ++ .../loggroup_v1alpha1.json | 147 ++ .../backup_v1alpha1.json | 125 ++ .../globaltable_v1alpha1.json | 121 ++ dynamodb.services.k8s.aws/table_v1alpha1.json | 562 +++++++ .../dhcpoptions_v1alpha1.json | 137 ++ .../elasticipaddress_v1alpha1.json | 139 ++ ec2.services.k8s.aws/flowlog_v1alpha1.json | 197 +++ ec2.services.k8s.aws/instance_v1alpha1.json | 853 +++++++++++ .../internetgateway_v1alpha1.json | 153 ++ ec2.services.k8s.aws/natgateway_v1alpha1.json | 230 +++ ec2.services.k8s.aws/routetable_v1alpha1.json | 367 +++++ .../securitygroup_v1alpha1.json | 400 +++++ ec2.services.k8s.aws/subnet_v1alpha1.json | 275 ++++ .../transitgateway_v1alpha1.json | 163 ++ ec2.services.k8s.aws/vpc_v1alpha1.json | 248 +++ .../vpcendpoint_v1alpha1.json | 317 ++++ .../pullthroughcacherule_v1alpha1.json | 111 ++ ecr.services.k8s.aws/repository_v1alpha1.json | 162 ++ eks.services.k8s.aws/addon_v1alpha1.json | 226 +++ eks.services.k8s.aws/cluster_v1alpha1.json | 399 +++++ .../fargateprofile_v1alpha1.json | 206 +++ eks.services.k8s.aws/nodegroup_v1alpha1.json | 385 +++++ .../cacheparametergroup_v1alpha1.json | 207 +++ .../cachesubnetgroup_v1alpha1.json | 189 +++ .../replicationgroup_v1alpha1.json | 709 +++++++++ .../snapshot_v1alpha1.json | 289 ++++ .../user_v1alpha1.json | 196 +++ .../usergroup_v1alpha1.json | 159 ++ .../jobrun_v1alpha1.json | 172 +++ .../virtualcluster_v1alpha1.json | 139 ++ .../archive_v1alpha1.json | 144 ++ .../endpoint_v1alpha1.json | 173 +++ .../eventbus_v1alpha1.json | 118 ++ .../rule_v1alpha1.json | 508 ++++++ iam.services.k8s.aws/group_v1alpha1.json | 142 ++ .../openidconnectprovider_v1alpha1.json | 129 ++ iam.services.k8s.aws/policy_v1alpha1.json | 159 ++ iam.services.k8s.aws/role_v1alpha1.json | 208 +++ iam.services.k8s.aws/user_v1alpha1.json | 185 +++ kafka.services.k8s.aws/cluster_v1alpha1.json | 395 +++++ kinesis.services.k8s.aws/stream_v1alpha1.json | 161 ++ kms.services.k8s.aws/alias_v1alpha1.json | 118 ++ kms.services.k8s.aws/grant_v1alpha1.json | 168 ++ kms.services.k8s.aws/key_v1alpha1.json | 250 +++ lambda.services.k8s.aws/alias_v1alpha1.json | 143 ++ .../codesigningconfig_v1alpha1.json | 128 ++ .../eventsourcemapping_v1alpha1.json | 339 +++++ .../function_v1alpha1.json | 548 +++++++ .../functionurlconfig_v1alpha1.json | 172 +++ .../layerversion_v1alpha1.json | 153 ++ memorydb.services.k8s.aws/acl_v1alpha1.json | 199 +++ .../cluster_v1alpha1.json | 511 +++++++ .../parametergroup_v1alpha1.json | 169 ++ .../snapshot_v1alpha1.json | 251 +++ .../subnetgroup_v1alpha1.json | 173 +++ memorydb.services.k8s.aws/user_v1alpha1.json | 209 +++ mq.services.k8s.aws/broker_v1alpha1.json | 360 +++++ .../firewall_v1alpha1.json | 335 ++++ .../firewallpolicy_v1alpha1.json | 322 ++++ .../rulegroup_v1alpha1.json | 590 +++++++ .../domain_v1alpha1.json | 540 +++++++ .../organizationalunit_v1alpha1.json | 123 ++ pipes.services.k8s.aws/pipe_v1alpha1.json | 1029 +++++++++++++ .../alertmanagerdefinition_v1alpha1.json | 125 ++ .../loggingconfiguration_v1alpha1.json | 126 ++ .../rulegroupsnamespace_v1alpha1.json | 143 ++ .../workspace_v1alpha1.json | 116 ++ rds.services.k8s.aws/dbcluster_v1alpha1.json | 791 ++++++++++ .../dbclusterparametergroup_v1alpha1.json | 225 +++ rds.services.k8s.aws/dbinstance_v1alpha1.json | 963 ++++++++++++ .../dbparametergroup_v1alpha1.json | 178 +++ rds.services.k8s.aws/dbproxy_v1alpha1.json | 204 +++ .../dbsubnetgroup_v1alpha1.json | 198 +++ .../globalcluster_v1alpha1.json | 168 ++ .../hostedzone_v1alpha1.json | 167 ++ s3.services.k8s.aws/bucket_v1alpha1.json | 1356 +++++++++++++++++ sagemaker.services.k8s.aws/app_v1alpha1.json | 151 ++ .../dataqualityjobdefinition_v1alpha1.json | 338 ++++ .../domain_v1alpha1.json | 364 +++++ .../endpoint_v1alpha1.json | 436 ++++++ .../endpointconfig_v1alpha1.json | 288 ++++ .../featuregroup_v1alpha1.json | 220 +++ .../hyperparametertuningjob_v1alpha1.json | 1098 +++++++++++++ .../model_v1alpha1.json | 278 ++++ .../modelbiasjobdefinition_v1alpha1.json | 323 ++++ ...lexplainabilityjobdefinition_v1alpha1.json | 313 ++++ .../modelpackage_v1alpha1.json | 888 +++++++++++ .../modelpackagegroup_v1alpha1.json | 122 ++ .../modelqualityjobdefinition_v1alpha1.json | 341 +++++ .../monitoringschedule_v1alpha1.json | 424 ++++++ .../notebookinstance_v1alpha1.json | 194 +++ ...ebookinstancelifecycleconfig_v1alpha1.json | 135 ++ .../pipeline_v1alpha1.json | 156 ++ .../pipelineexecution_v1alpha1.json | 151 ++ .../processingjob_v1alpha1.json | 432 ++++++ .../trainingjob_v1alpha1.json | 659 ++++++++ .../transformjob_v1alpha1.json | 270 ++++ .../userprofile_v1alpha1.json | 286 ++++ .../adoptedresource_v1alpha1.json | 188 +++ services.k8s.aws/fieldexport_v1alpha1.json | 139 ++ sfn.services.k8s.aws/activity_v1alpha1.json | 119 ++ .../statemachine_v1alpha1.json | 174 +++ .../platformapplication_v1alpha1.json | 214 +++ .../platformendpoint_v1alpha1.json | 111 ++ .../subscription_v1alpha1.json | 152 ++ sns.services.k8s.aws/topic_v1alpha1.json | 182 +++ sqs.services.k8s.aws/queue_v1alpha1.json | 177 +++ 120 files changed, 33818 insertions(+) create mode 100644 acm.services.k8s.aws/certificate_v1alpha1.json create mode 100644 apigatewayv2.services.k8s.aws/api_v1alpha1.json create mode 100644 apigatewayv2.services.k8s.aws/authorizer_v1alpha1.json create mode 100644 apigatewayv2.services.k8s.aws/deployment_v1alpha1.json create mode 100644 apigatewayv2.services.k8s.aws/integration_v1alpha1.json create mode 100644 apigatewayv2.services.k8s.aws/route_v1alpha1.json create mode 100644 apigatewayv2.services.k8s.aws/stage_v1alpha1.json create mode 100644 apigatewayv2.services.k8s.aws/vpclink_v1alpha1.json create mode 100644 applicationautoscaling.services.k8s.aws/scalabletarget_v1alpha1.json create mode 100644 applicationautoscaling.services.k8s.aws/scalingpolicy_v1alpha1.json create mode 100644 cloudfront.services.k8s.aws/cachepolicy_v1alpha1.json create mode 100644 cloudtrail.services.k8s.aws/eventdatastore_v1alpha1.json create mode 100644 cloudtrail.services.k8s.aws/trail_v1alpha1.json create mode 100644 cloudwatchlogs.services.k8s.aws/loggroup_v1alpha1.json create mode 100644 dynamodb.services.k8s.aws/backup_v1alpha1.json create mode 100644 dynamodb.services.k8s.aws/globaltable_v1alpha1.json create mode 100644 dynamodb.services.k8s.aws/table_v1alpha1.json create mode 100644 ec2.services.k8s.aws/dhcpoptions_v1alpha1.json create mode 100644 ec2.services.k8s.aws/elasticipaddress_v1alpha1.json create mode 100644 ec2.services.k8s.aws/flowlog_v1alpha1.json create mode 100644 ec2.services.k8s.aws/instance_v1alpha1.json create mode 100644 ec2.services.k8s.aws/internetgateway_v1alpha1.json create mode 100644 ec2.services.k8s.aws/natgateway_v1alpha1.json create mode 100644 ec2.services.k8s.aws/routetable_v1alpha1.json create mode 100644 ec2.services.k8s.aws/securitygroup_v1alpha1.json create mode 100644 ec2.services.k8s.aws/subnet_v1alpha1.json create mode 100644 ec2.services.k8s.aws/transitgateway_v1alpha1.json create mode 100644 ec2.services.k8s.aws/vpc_v1alpha1.json create mode 100644 ec2.services.k8s.aws/vpcendpoint_v1alpha1.json create mode 100644 ecr.services.k8s.aws/pullthroughcacherule_v1alpha1.json create mode 100644 ecr.services.k8s.aws/repository_v1alpha1.json create mode 100644 eks.services.k8s.aws/addon_v1alpha1.json create mode 100644 eks.services.k8s.aws/cluster_v1alpha1.json create mode 100644 eks.services.k8s.aws/fargateprofile_v1alpha1.json create mode 100644 eks.services.k8s.aws/nodegroup_v1alpha1.json create mode 100644 elasticache.services.k8s.aws/cacheparametergroup_v1alpha1.json create mode 100644 elasticache.services.k8s.aws/cachesubnetgroup_v1alpha1.json create mode 100644 elasticache.services.k8s.aws/replicationgroup_v1alpha1.json create mode 100644 elasticache.services.k8s.aws/snapshot_v1alpha1.json create mode 100644 elasticache.services.k8s.aws/user_v1alpha1.json create mode 100644 elasticache.services.k8s.aws/usergroup_v1alpha1.json create mode 100644 emrcontainers.services.k8s.aws/jobrun_v1alpha1.json create mode 100644 emrcontainers.services.k8s.aws/virtualcluster_v1alpha1.json create mode 100644 eventbridge.services.k8s.aws/archive_v1alpha1.json create mode 100644 eventbridge.services.k8s.aws/endpoint_v1alpha1.json create mode 100644 eventbridge.services.k8s.aws/eventbus_v1alpha1.json create mode 100644 eventbridge.services.k8s.aws/rule_v1alpha1.json create mode 100644 iam.services.k8s.aws/group_v1alpha1.json create mode 100644 iam.services.k8s.aws/openidconnectprovider_v1alpha1.json create mode 100644 iam.services.k8s.aws/policy_v1alpha1.json create mode 100644 iam.services.k8s.aws/role_v1alpha1.json create mode 100644 iam.services.k8s.aws/user_v1alpha1.json create mode 100644 kafka.services.k8s.aws/cluster_v1alpha1.json create mode 100644 kinesis.services.k8s.aws/stream_v1alpha1.json create mode 100644 kms.services.k8s.aws/alias_v1alpha1.json create mode 100644 kms.services.k8s.aws/grant_v1alpha1.json create mode 100644 kms.services.k8s.aws/key_v1alpha1.json create mode 100644 lambda.services.k8s.aws/alias_v1alpha1.json create mode 100644 lambda.services.k8s.aws/codesigningconfig_v1alpha1.json create mode 100644 lambda.services.k8s.aws/eventsourcemapping_v1alpha1.json create mode 100644 lambda.services.k8s.aws/function_v1alpha1.json create mode 100644 lambda.services.k8s.aws/functionurlconfig_v1alpha1.json create mode 100644 lambda.services.k8s.aws/layerversion_v1alpha1.json create mode 100644 memorydb.services.k8s.aws/acl_v1alpha1.json create mode 100644 memorydb.services.k8s.aws/cluster_v1alpha1.json create mode 100644 memorydb.services.k8s.aws/parametergroup_v1alpha1.json create mode 100644 memorydb.services.k8s.aws/snapshot_v1alpha1.json create mode 100644 memorydb.services.k8s.aws/subnetgroup_v1alpha1.json create mode 100644 memorydb.services.k8s.aws/user_v1alpha1.json create mode 100644 mq.services.k8s.aws/broker_v1alpha1.json create mode 100644 networkfirewall.services.k8s.aws/firewall_v1alpha1.json create mode 100644 networkfirewall.services.k8s.aws/firewallpolicy_v1alpha1.json create mode 100644 networkfirewall.services.k8s.aws/rulegroup_v1alpha1.json create mode 100644 opensearchservice.services.k8s.aws/domain_v1alpha1.json create mode 100644 organizations.services.k8s.aws/organizationalunit_v1alpha1.json create mode 100644 pipes.services.k8s.aws/pipe_v1alpha1.json create mode 100644 prometheusservice.services.k8s.aws/alertmanagerdefinition_v1alpha1.json create mode 100644 prometheusservice.services.k8s.aws/loggingconfiguration_v1alpha1.json create mode 100644 prometheusservice.services.k8s.aws/rulegroupsnamespace_v1alpha1.json create mode 100644 prometheusservice.services.k8s.aws/workspace_v1alpha1.json create mode 100644 rds.services.k8s.aws/dbcluster_v1alpha1.json create mode 100644 rds.services.k8s.aws/dbclusterparametergroup_v1alpha1.json create mode 100644 rds.services.k8s.aws/dbinstance_v1alpha1.json create mode 100644 rds.services.k8s.aws/dbparametergroup_v1alpha1.json create mode 100644 rds.services.k8s.aws/dbproxy_v1alpha1.json create mode 100644 rds.services.k8s.aws/dbsubnetgroup_v1alpha1.json create mode 100644 rds.services.k8s.aws/globalcluster_v1alpha1.json create mode 100644 route53.services.k8s.aws/hostedzone_v1alpha1.json create mode 100644 s3.services.k8s.aws/bucket_v1alpha1.json create mode 100644 sagemaker.services.k8s.aws/app_v1alpha1.json create mode 100644 sagemaker.services.k8s.aws/dataqualityjobdefinition_v1alpha1.json create mode 100644 sagemaker.services.k8s.aws/domain_v1alpha1.json create mode 100644 sagemaker.services.k8s.aws/endpoint_v1alpha1.json create mode 100644 sagemaker.services.k8s.aws/endpointconfig_v1alpha1.json create mode 100644 sagemaker.services.k8s.aws/featuregroup_v1alpha1.json create mode 100644 sagemaker.services.k8s.aws/hyperparametertuningjob_v1alpha1.json create mode 100644 sagemaker.services.k8s.aws/model_v1alpha1.json create mode 100644 sagemaker.services.k8s.aws/modelbiasjobdefinition_v1alpha1.json create mode 100644 sagemaker.services.k8s.aws/modelexplainabilityjobdefinition_v1alpha1.json create mode 100644 sagemaker.services.k8s.aws/modelpackage_v1alpha1.json create mode 100644 sagemaker.services.k8s.aws/modelpackagegroup_v1alpha1.json create mode 100644 sagemaker.services.k8s.aws/modelqualityjobdefinition_v1alpha1.json create mode 100644 sagemaker.services.k8s.aws/monitoringschedule_v1alpha1.json create mode 100644 sagemaker.services.k8s.aws/notebookinstance_v1alpha1.json create mode 100644 sagemaker.services.k8s.aws/notebookinstancelifecycleconfig_v1alpha1.json create mode 100644 sagemaker.services.k8s.aws/pipeline_v1alpha1.json create mode 100644 sagemaker.services.k8s.aws/pipelineexecution_v1alpha1.json create mode 100644 sagemaker.services.k8s.aws/processingjob_v1alpha1.json create mode 100644 sagemaker.services.k8s.aws/trainingjob_v1alpha1.json create mode 100644 sagemaker.services.k8s.aws/transformjob_v1alpha1.json create mode 100644 sagemaker.services.k8s.aws/userprofile_v1alpha1.json create mode 100644 services.k8s.aws/adoptedresource_v1alpha1.json create mode 100644 services.k8s.aws/fieldexport_v1alpha1.json create mode 100644 sfn.services.k8s.aws/activity_v1alpha1.json create mode 100644 sfn.services.k8s.aws/statemachine_v1alpha1.json create mode 100644 sns.services.k8s.aws/platformapplication_v1alpha1.json create mode 100644 sns.services.k8s.aws/platformendpoint_v1alpha1.json create mode 100644 sns.services.k8s.aws/subscription_v1alpha1.json create mode 100644 sns.services.k8s.aws/topic_v1alpha1.json create mode 100644 sqs.services.k8s.aws/queue_v1alpha1.json diff --git a/acm.services.k8s.aws/certificate_v1alpha1.json b/acm.services.k8s.aws/certificate_v1alpha1.json new file mode 100644 index 00000000..648ba575 --- /dev/null +++ b/acm.services.k8s.aws/certificate_v1alpha1.json @@ -0,0 +1,321 @@ +{ + "description": "Certificate is the Schema for the Certificates API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "CertificateSpec defines the desired state of Certificate.", + "properties": { + "certificateAuthorityARN": { + "description": "The Amazon Resource Name (ARN) of the private certificate authority (CA) that will be used to issue the certificate. If you do not provide an ARN and you are trying to request a private certificate, ACM will attempt to issue a public certificate. For more information about private CAs, see the Amazon Web Services Private Certificate Authority (https://docs.aws.amazon.com/privateca/latest/userguide/PcaWelcome.html) user guide. The ARN must have the following form: \n arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012", + "type": "string" + }, + "domainName": { + "description": "Fully qualified domain name (FQDN), such as www.example.com, that you want to secure with an ACM certificate. Use an asterisk (*) to create a wildcard certificate that protects several sites in the same domain. For example, *.example.com protects www.example.com, site.example.com, and images.example.com. \n In compliance with RFC 5280 (https://datatracker.ietf.org/doc/html/rfc5280), the length of the domain name (technically, the Common Name) that you provide cannot exceed 64 octets (characters), including periods. To add a longer domain name, specify it in the Subject Alternative Name field, which supports names up to 253 octets in length.", + "type": "string" + }, + "domainValidationOptions": { + "description": "The domain name that you want ACM to use to send you emails so that you can validate domain ownership.", + "items": { + "description": "Contains information about the domain names that you want ACM to use to send you emails that enable you to validate domain ownership.", + "properties": { + "domainName": { + "type": "string" + }, + "validationDomain": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "keyAlgorithm": { + "description": "Specifies the algorithm of the public and private key pair that your certificate uses to encrypt data. RSA is the default key algorithm for ACM certificates. Elliptic Curve Digital Signature Algorithm (ECDSA) keys are smaller, offering security comparable to RSA keys but with greater computing efficiency. However, ECDSA is not supported by all network clients. Some AWS services may require RSA keys, or only support ECDSA keys of a particular size, while others allow the use of either RSA and ECDSA keys to ensure that compatibility is not broken. Check the requirements for the AWS service where you plan to deploy your certificate. \n Default: RSA_2048", + "type": "string" + }, + "options": { + "description": "Currently, you can use this parameter to specify whether to add the certificate to a certificate transparency log. Certificate transparency makes it possible to detect SSL/TLS certificates that have been mistakenly or maliciously issued. Certificates that have not been logged typically produce an error message in a browser. For more information, see Opting Out of Certificate Transparency Logging (https://docs.aws.amazon.com/acm/latest/userguide/acm-bestpractices.html#best-practices-transparency).", + "properties": { + "certificateTransparencyLoggingPreference": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "subjectAlternativeNames": { + "description": "Additional FQDNs to be included in the Subject Alternative Name extension of the ACM certificate. For example, add the name www.example.net to a certificate for which the DomainName field is www.example.com if users can reach your site by using either name. The maximum number of domain names that you can add to an ACM certificate is 100. However, the initial quota is 10 domain names. If you need more than 10 names, you must request a quota increase. For more information, see Quotas (https://docs.aws.amazon.com/acm/latest/userguide/acm-limits.html). \n The maximum length of a SAN DNS name is 253 octets. The name is made up of multiple labels separated by periods. No label can be longer than 63 octets. Consider the following examples: \n - (63 octets).(63 octets).(63 octets).(61 octets) is legal because the total length is 253 octets (63+1+63+1+63+1+61) and no label exceeds 63 octets. \n - (64 octets).(63 octets).(63 octets).(61 octets) is not legal because the total length exceeds 253 octets (64+1+63+1+63+1+61) and the first label exceeds 63 octets. \n - (63 octets).(63 octets).(63 octets).(62 octets) is not legal because the total length of the DNS name (63+1+63+1+63+1+62) exceeds 253 octets.", + "items": { + "type": "string" + }, + "type": "array" + }, + "tags": { + "description": "One or more resource tags to associate with the certificate.", + "items": { + "description": "A key-value pair that identifies or specifies metadata about an ACM resource.", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "required": [ + "domainName" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "CertificateStatus defines the observed state of Certificate", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "createdAt": { + "description": "The time at which the certificate was requested.", + "format": "date-time", + "type": "string" + }, + "extendedKeyUsages": { + "description": "Contains a list of Extended Key Usage X.509 v3 extension objects. Each object specifies a purpose for which the certificate public key can be used and consists of a name and an object identifier (OID).", + "items": { + "description": "The Extended Key Usage X.509 v3 extension defines one or more purposes for which the public key can be used. This is in addition to or in place of the basic purposes specified by the Key Usage extension.", + "properties": { + "name": { + "type": "string" + }, + "oid": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "failureReason": { + "description": "The reason the certificate request failed. This value exists only when the certificate status is FAILED. For more information, see Certificate Request Failed (https://docs.aws.amazon.com/acm/latest/userguide/troubleshooting.html#troubleshooting-failed) in the Certificate Manager User Guide.", + "type": "string" + }, + "importedAt": { + "description": "The date and time when the certificate was imported. This value exists only when the certificate type is IMPORTED.", + "format": "date-time", + "type": "string" + }, + "inUseBy": { + "description": "A list of ARNs for the Amazon Web Services resources that are using the certificate. A certificate can be used by multiple Amazon Web Services resources.", + "items": { + "type": "string" + }, + "type": "array" + }, + "issuedAt": { + "description": "The time at which the certificate was issued. This value exists only when the certificate type is AMAZON_ISSUED.", + "format": "date-time", + "type": "string" + }, + "issuer": { + "description": "The name of the certificate authority that issued and signed the certificate.", + "type": "string" + }, + "keyUsages": { + "description": "A list of Key Usage X.509 v3 extension objects. Each object is a string value that identifies the purpose of the public key contained in the certificate. Possible extension values include DIGITAL_SIGNATURE, KEY_ENCHIPHERMENT, NON_REPUDIATION, and more.", + "items": { + "description": "The Key Usage X.509 v3 extension defines the purpose of the public key contained in the certificate.", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "notAfter": { + "description": "The time after which the certificate is not valid.", + "format": "date-time", + "type": "string" + }, + "notBefore": { + "description": "The time before which the certificate is not valid.", + "format": "date-time", + "type": "string" + }, + "renewalEligibility": { + "description": "Specifies whether the certificate is eligible for renewal. At this time, only exported private certificates can be renewed with the RenewCertificate command.", + "type": "string" + }, + "renewalSummary": { + "description": "Contains information about the status of ACM's managed renewal (https://docs.aws.amazon.com/acm/latest/userguide/acm-renewal.html) for the certificate. This field exists only when the certificate type is AMAZON_ISSUED.", + "properties": { + "domainValidationOptions": { + "items": { + "description": "Contains information about the validation of each domain name in the certificate.", + "properties": { + "domainName": { + "type": "string" + }, + "resourceRecord": { + "description": "Contains a DNS record value that you can use to validate ownership or control of a domain. This is used by the DescribeCertificate action.", + "properties": { + "name": { + "type": "string" + }, + "type_": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "validationDomain": { + "type": "string" + }, + "validationEmails": { + "items": { + "type": "string" + }, + "type": "array" + }, + "validationMethod": { + "type": "string" + }, + "validationStatus": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "renewalStatus": { + "type": "string" + }, + "renewalStatusReason": { + "type": "string" + }, + "updatedAt": { + "format": "date-time", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "revocationReason": { + "description": "The reason the certificate was revoked. This value exists only when the certificate status is REVOKED.", + "type": "string" + }, + "revokedAt": { + "description": "The time at which the certificate was revoked. This value exists only when the certificate status is REVOKED.", + "format": "date-time", + "type": "string" + }, + "serial": { + "description": "The serial number of the certificate.", + "type": "string" + }, + "signatureAlgorithm": { + "description": "The algorithm that was used to sign the certificate.", + "type": "string" + }, + "status": { + "description": "The status of the certificate. \n A certificate enters status PENDING_VALIDATION upon being requested, unless it fails for any of the reasons given in the troubleshooting topic Certificate request fails (https://docs.aws.amazon.com/acm/latest/userguide/troubleshooting-failed.html). ACM makes repeated attempts to validate a certificate for 72 hours and then times out. If a certificate shows status FAILED or VALIDATION_TIMED_OUT, delete the request, correct the issue with DNS validation (https://docs.aws.amazon.com/acm/latest/userguide/dns-validation.html) or Email validation (https://docs.aws.amazon.com/acm/latest/userguide/email-validation.html), and try again. If validation succeeds, the certificate enters status ISSUED.", + "type": "string" + }, + "subject": { + "description": "The name of the entity that is associated with the public key contained in the certificate.", + "type": "string" + }, + "type_": { + "description": "The source of the certificate. For certificates provided by ACM, this value is AMAZON_ISSUED. For certificates that you imported with ImportCertificate, this value is IMPORTED. ACM does not provide managed renewal (https://docs.aws.amazon.com/acm/latest/userguide/acm-renewal.html) for imported certificates. For more information about the differences between certificates that you import and those that ACM provides, see Importing Certificates (https://docs.aws.amazon.com/acm/latest/userguide/import-certificate.html) in the Certificate Manager User Guide.", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/apigatewayv2.services.k8s.aws/api_v1alpha1.json b/apigatewayv2.services.k8s.aws/api_v1alpha1.json new file mode 100644 index 00000000..7db5c543 --- /dev/null +++ b/apigatewayv2.services.k8s.aws/api_v1alpha1.json @@ -0,0 +1,206 @@ +{ + "description": "API is the Schema for the APIS API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "ApiSpec defines the desired state of Api. \n Represents an API.", + "properties": { + "apiKeySelectionExpression": { + "type": "string" + }, + "basepath": { + "type": "string" + }, + "body": { + "type": "string" + }, + "corsConfiguration": { + "description": "Represents a CORS configuration. Supported only for HTTP APIs. See Configuring CORS (https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-cors.html) for more information.", + "properties": { + "allowCredentials": { + "type": "boolean" + }, + "allowHeaders": { + "description": "Represents a collection of allowed headers. Supported only for HTTP APIs.", + "items": { + "type": "string" + }, + "type": "array" + }, + "allowMethods": { + "description": "Represents a collection of methods. Supported only for HTTP APIs.", + "items": { + "type": "string" + }, + "type": "array" + }, + "allowOrigins": { + "description": "Represents a collection of origins. Supported only for HTTP APIs.", + "items": { + "type": "string" + }, + "type": "array" + }, + "exposeHeaders": { + "description": "Represents a collection of allowed headers. Supported only for HTTP APIs.", + "items": { + "type": "string" + }, + "type": "array" + }, + "maxAge": { + "description": "An integer with a value between -1 and 86400. Supported only for HTTP APIs.", + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + }, + "credentialsARN": { + "type": "string" + }, + "description": { + "type": "string" + }, + "disableExecuteAPIEndpoint": { + "type": "boolean" + }, + "disableSchemaValidation": { + "type": "boolean" + }, + "failOnWarnings": { + "type": "boolean" + }, + "name": { + "type": "string" + }, + "protocolType": { + "type": "string" + }, + "routeKey": { + "type": "string" + }, + "routeSelectionExpression": { + "type": "string" + }, + "tags": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "target": { + "type": "string" + }, + "version": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "APIStatus defines the observed state of API", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "apiEndpoint": { + "type": "string" + }, + "apiGatewayManaged": { + "type": "boolean" + }, + "apiID": { + "type": "string" + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "createdDate": { + "format": "date-time", + "type": "string" + }, + "importInfo": { + "items": { + "type": "string" + }, + "type": "array" + }, + "warnings": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/apigatewayv2.services.k8s.aws/authorizer_v1alpha1.json b/apigatewayv2.services.k8s.aws/authorizer_v1alpha1.json new file mode 100644 index 00000000..ce20c783 --- /dev/null +++ b/apigatewayv2.services.k8s.aws/authorizer_v1alpha1.json @@ -0,0 +1,166 @@ +{ + "description": "Authorizer is the Schema for the Authorizers API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "AuthorizerSpec defines the desired state of Authorizer. \n Represents an authorizer.", + "properties": { + "apiID": { + "type": "string" + }, + "apiRef": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "authorizerCredentialsARN": { + "type": "string" + }, + "authorizerPayloadFormatVersion": { + "type": "string" + }, + "authorizerResultTtlInSeconds": { + "format": "int64", + "type": "integer" + }, + "authorizerType": { + "type": "string" + }, + "authorizerURI": { + "type": "string" + }, + "enableSimpleResponses": { + "type": "boolean" + }, + "identitySource": { + "items": { + "type": "string" + }, + "type": "array" + }, + "identityValidationExpression": { + "type": "string" + }, + "jwtConfiguration": { + "description": "Represents the configuration of a JWT authorizer. Required for the JWT authorizer type. Supported only for HTTP APIs.", + "properties": { + "audience": { + "items": { + "type": "string" + }, + "type": "array" + }, + "issuer": { + "description": "A string representation of a URI with a length between [1-2048].", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "name": { + "type": "string" + } + }, + "required": [ + "authorizerType", + "identitySource", + "name" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "AuthorizerStatus defines the observed state of Authorizer", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "authorizerID": { + "type": "string" + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/apigatewayv2.services.k8s.aws/deployment_v1alpha1.json b/apigatewayv2.services.k8s.aws/deployment_v1alpha1.json new file mode 100644 index 00000000..04268b7d --- /dev/null +++ b/apigatewayv2.services.k8s.aws/deployment_v1alpha1.json @@ -0,0 +1,132 @@ +{ + "description": "Deployment is the Schema for the Deployments API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "DeploymentSpec defines the desired state of Deployment. \n An immutable representation of an API that can be called by users. A Deployment must be associated with a Stage for it to be callable over the internet.", + "properties": { + "apiID": { + "type": "string" + }, + "apiRef": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "description": { + "type": "string" + }, + "stageName": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "DeploymentStatus defines the observed state of Deployment", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "autoDeployed": { + "type": "boolean" + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "createdDate": { + "format": "date-time", + "type": "string" + }, + "deploymentID": { + "type": "string" + }, + "deploymentStatus": { + "type": "string" + }, + "deploymentStatusMessage": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/apigatewayv2.services.k8s.aws/integration_v1alpha1.json b/apigatewayv2.services.k8s.aws/integration_v1alpha1.json new file mode 100644 index 00000000..9593d47b --- /dev/null +++ b/apigatewayv2.services.k8s.aws/integration_v1alpha1.json @@ -0,0 +1,211 @@ +{ + "description": "Integration is the Schema for the Integrations API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "IntegrationSpec defines the desired state of Integration. \n Represents an integration.", + "properties": { + "apiID": { + "type": "string" + }, + "apiRef": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "connectionID": { + "type": "string" + }, + "connectionRef": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "connectionType": { + "type": "string" + }, + "contentHandlingStrategy": { + "type": "string" + }, + "credentialsARN": { + "type": "string" + }, + "description": { + "type": "string" + }, + "integrationMethod": { + "type": "string" + }, + "integrationSubtype": { + "type": "string" + }, + "integrationType": { + "type": "string" + }, + "integrationURI": { + "type": "string" + }, + "passthroughBehavior": { + "type": "string" + }, + "payloadFormatVersion": { + "type": "string" + }, + "requestParameters": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "requestTemplates": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "responseParameters": { + "additionalProperties": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "type": "object" + }, + "templateSelectionExpression": { + "type": "string" + }, + "timeoutInMillis": { + "format": "int64", + "type": "integer" + }, + "tlsConfig": { + "description": "The TLS configuration for a private integration. If you specify a TLS configuration, private integration traffic uses the HTTPS protocol. Supported only for HTTP APIs.", + "properties": { + "serverNameToVerify": { + "description": "A string with a length between [1-512].", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "required": [ + "integrationType" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "IntegrationStatus defines the observed state of Integration", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "apiGatewayManaged": { + "type": "boolean" + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "integrationID": { + "type": "string" + }, + "integrationResponseSelectionExpression": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/apigatewayv2.services.k8s.aws/route_v1alpha1.json b/apigatewayv2.services.k8s.aws/route_v1alpha1.json new file mode 100644 index 00000000..c81161b6 --- /dev/null +++ b/apigatewayv2.services.k8s.aws/route_v1alpha1.json @@ -0,0 +1,202 @@ +{ + "description": "Route is the Schema for the Routes API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "RouteSpec defines the desired state of Route. \n Represents a route.", + "properties": { + "apiID": { + "type": "string" + }, + "apiKeyRequired": { + "type": "boolean" + }, + "apiRef": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "authorizationScopes": { + "items": { + "type": "string" + }, + "type": "array" + }, + "authorizationType": { + "type": "string" + }, + "authorizerID": { + "type": "string" + }, + "authorizerRef": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "modelSelectionExpression": { + "type": "string" + }, + "operationName": { + "type": "string" + }, + "requestModels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "requestParameters": { + "additionalProperties": { + "description": "Validation constraints imposed on parameters of a request (path, query string, headers).", + "properties": { + "required": { + "type": "boolean" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "object" + }, + "routeKey": { + "type": "string" + }, + "routeResponseSelectionExpression": { + "type": "string" + }, + "target": { + "type": "string" + }, + "targetRef": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + } + }, + "required": [ + "routeKey" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "RouteStatus defines the observed state of Route", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "apiGatewayManaged": { + "type": "boolean" + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "routeID": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/apigatewayv2.services.k8s.aws/stage_v1alpha1.json b/apigatewayv2.services.k8s.aws/stage_v1alpha1.json new file mode 100644 index 00000000..e94be554 --- /dev/null +++ b/apigatewayv2.services.k8s.aws/stage_v1alpha1.json @@ -0,0 +1,237 @@ +{ + "description": "Stage is the Schema for the Stages API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "StageSpec defines the desired state of Stage. \n Represents an API stage.", + "properties": { + "accessLogSettings": { + "description": "Settings for logging access in a stage.", + "properties": { + "destinationARN": { + "description": "Represents an Amazon Resource Name (ARN).", + "type": "string" + }, + "format": { + "description": "A string with a length between [1-1024].", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "apiID": { + "type": "string" + }, + "apiRef": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "autoDeploy": { + "type": "boolean" + }, + "clientCertificateID": { + "type": "string" + }, + "defaultRouteSettings": { + "description": "Represents a collection of route settings.", + "properties": { + "dataTraceEnabled": { + "type": "boolean" + }, + "detailedMetricsEnabled": { + "type": "boolean" + }, + "loggingLevel": { + "description": "The logging level.", + "type": "string" + }, + "throttlingBurstLimit": { + "format": "int64", + "type": "integer" + }, + "throttlingRateLimit": { + "type": "number" + } + }, + "type": "object", + "additionalProperties": false + }, + "deploymentID": { + "type": "string" + }, + "deploymentRef": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "description": { + "type": "string" + }, + "routeSettings": { + "additionalProperties": { + "description": "Represents a collection of route settings.", + "properties": { + "dataTraceEnabled": { + "type": "boolean" + }, + "detailedMetricsEnabled": { + "type": "boolean" + }, + "loggingLevel": { + "description": "The logging level.", + "type": "string" + }, + "throttlingBurstLimit": { + "format": "int64", + "type": "integer" + }, + "throttlingRateLimit": { + "type": "number" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "object" + }, + "stageName": { + "type": "string" + }, + "stageVariables": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "tags": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "required": [ + "stageName" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "StageStatus defines the observed state of Stage", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "apiGatewayManaged": { + "type": "boolean" + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "createdDate": { + "format": "date-time", + "type": "string" + }, + "lastDeploymentStatusMessage": { + "type": "string" + }, + "lastUpdatedDate": { + "format": "date-time", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/apigatewayv2.services.k8s.aws/vpclink_v1alpha1.json b/apigatewayv2.services.k8s.aws/vpclink_v1alpha1.json new file mode 100644 index 00000000..c7527787 --- /dev/null +++ b/apigatewayv2.services.k8s.aws/vpclink_v1alpha1.json @@ -0,0 +1,131 @@ +{ + "description": "VPCLink is the Schema for the VPCLinks API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "VpcLinkSpec defines the desired state of VpcLink. \n Represents a VPC link.", + "properties": { + "name": { + "type": "string" + }, + "securityGroupIDs": { + "items": { + "type": "string" + }, + "type": "array" + }, + "subnetIDs": { + "items": { + "type": "string" + }, + "type": "array" + }, + "tags": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "required": [ + "name", + "subnetIDs" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "VPCLinkStatus defines the observed state of VPCLink", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "createdDate": { + "format": "date-time", + "type": "string" + }, + "vpcLinkID": { + "type": "string" + }, + "vpcLinkStatus": { + "type": "string" + }, + "vpcLinkStatusMessage": { + "type": "string" + }, + "vpcLinkVersion": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/applicationautoscaling.services.k8s.aws/scalabletarget_v1alpha1.json b/applicationautoscaling.services.k8s.aws/scalabletarget_v1alpha1.json new file mode 100644 index 00000000..e063070a --- /dev/null +++ b/applicationautoscaling.services.k8s.aws/scalabletarget_v1alpha1.json @@ -0,0 +1,147 @@ +{ + "description": "ScalableTarget is the Schema for the ScalableTargets API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "ScalableTargetSpec defines the desired state of ScalableTarget. \n Represents a scalable target.", + "properties": { + "maxCapacity": { + "description": "The maximum value that you plan to scale out to. When a scaling policy is in effect, Application Auto Scaling can scale out (expand) as needed to the maximum capacity limit in response to changing demand. This property is required when registering a new scalable target. \n Although you can specify a large maximum capacity, note that service quotas may impose lower limits. Each service has its own default quotas for the maximum capacity of the resource. If you want to specify a higher limit, you can request an increase. For more information, consult the documentation for that service. For information about the default quotas for each service, see Service Endpoints and Quotas (https://docs.aws.amazon.com/general/latest/gr/aws-service-information.html) in the Amazon Web Services General Reference.", + "format": "int64", + "type": "integer" + }, + "minCapacity": { + "description": "The minimum value that you plan to scale in to. When a scaling policy is in effect, Application Auto Scaling can scale in (contract) as needed to the minimum capacity limit in response to changing demand. This property is required when registering a new scalable target. \n For certain resources, the minimum value allowed is 0. This includes Lambda provisioned concurrency, Spot Fleet, ECS services, Aurora DB clusters, EMR clusters, and custom resources. For all other resources, the minimum value allowed is 1.", + "format": "int64", + "type": "integer" + }, + "resourceID": { + "description": "The identifier of the resource that is associated with the scalable target. This string consists of the resource type and unique identifier. \n - ECS service - The resource type is service and the unique identifier is the cluster name and service name. Example: service/default/sample-webapp. \n - Spot Fleet - The resource type is spot-fleet-request and the unique identifier is the Spot Fleet request ID. Example: spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE. \n - EMR cluster - The resource type is instancegroup and the unique identifier is the cluster ID and instance group ID. Example: instancegroup/j-2EEZNYKUA1NTV/ig-1791Y4E1L8YI0. \n - AppStream 2.0 fleet - The resource type is fleet and the unique identifier is the fleet name. Example: fleet/sample-fleet. \n - DynamoDB table - The resource type is table and the unique identifier is the table name. Example: table/my-table. \n - DynamoDB global secondary index - The resource type is index and the unique identifier is the index name. Example: table/my-table/index/my-table-index. \n - Aurora DB cluster - The resource type is cluster and the unique identifier is the cluster name. Example: cluster:my-db-cluster. \n - SageMaker endpoint variant - The resource type is variant and the unique identifier is the resource ID. Example: endpoint/my-end-point/variant/KMeansClustering. \n - Custom resources are not supported with a resource type. This parameter must specify the OutputValue from the CloudFormation template stack used to access the resources. The unique identifier is defined by the service provider. More information is available in our GitHub repository (https://github.com/aws/aws-auto-scaling-custom-resource). \n - Amazon Comprehend document classification endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:document-classifier-endpoint/EXAMPLE. \n - Amazon Comprehend entity recognizer endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:entity-recognizer-endpoint/EXAMPLE. \n - Lambda provisioned concurrency - The resource type is function and the unique identifier is the function name with a function version or alias name suffix that is not $LATEST. Example: function:my-function:prod or function:my-function:1. \n - Amazon Keyspaces table - The resource type is table and the unique identifier is the table name. Example: keyspace/mykeyspace/table/mytable. \n - Amazon MSK cluster - The resource type and unique identifier are specified using the cluster ARN. Example: arn:aws:kafka:us-east-1:123456789012:cluster/demo-cluster-1/6357e0b2-0e6a-4b86-a0b4-70df934c2e31-5. \n - Amazon ElastiCache replication group - The resource type is replication-group and the unique identifier is the replication group name. Example: replication-group/mycluster. \n - Neptune cluster - The resource type is cluster and the unique identifier is the cluster name. Example: cluster:mycluster.", + "type": "string" + }, + "roleARN": { + "description": "This parameter is required for services that do not support service-linked roles (such as Amazon EMR), and it must specify the ARN of an IAM role that allows Application Auto Scaling to modify the scalable target on your behalf. \n If the service supports service-linked roles, Application Auto Scaling uses a service-linked role, which it creates if it does not yet exist. For more information, see Application Auto Scaling IAM roles (https://docs.aws.amazon.com/autoscaling/application/userguide/security_iam_service-with-iam.html#security_iam_service-with-iam-roles).", + "type": "string" + }, + "scalableDimension": { + "description": "The scalable dimension associated with the scalable target. This string consists of the service namespace, resource type, and scaling property. \n - ecs:service:DesiredCount - The desired task count of an ECS service. \n - elasticmapreduce:instancegroup:InstanceCount - The instance count of an EMR Instance Group. \n - ec2:spot-fleet-request:TargetCapacity - The target capacity of a Spot Fleet. \n - appstream:fleet:DesiredCapacity - The desired capacity of an AppStream 2.0 fleet. \n - dynamodb:table:ReadCapacityUnits - The provisioned read capacity for a DynamoDB table. \n - dynamodb:table:WriteCapacityUnits - The provisioned write capacity for a DynamoDB table. \n - dynamodb:index:ReadCapacityUnits - The provisioned read capacity for a DynamoDB global secondary index. \n - dynamodb:index:WriteCapacityUnits - The provisioned write capacity for a DynamoDB global secondary index. \n - rds:cluster:ReadReplicaCount - The count of Aurora Replicas in an Aurora DB cluster. Available for Aurora MySQL-compatible edition and Aurora PostgreSQL-compatible edition. \n - sagemaker:variant:DesiredInstanceCount - The number of EC2 instances for an SageMaker model endpoint variant. \n - custom-resource:ResourceType:Property - The scalable dimension for a custom resource provided by your own application or service. \n - comprehend:document-classifier-endpoint:DesiredInferenceUnits - The number of inference units for an Amazon Comprehend document classification endpoint. \n - comprehend:entity-recognizer-endpoint:DesiredInferenceUnits - The number of inference units for an Amazon Comprehend entity recognizer endpoint. \n - lambda:function:ProvisionedConcurrency - The provisioned concurrency for a Lambda function. \n - cassandra:table:ReadCapacityUnits - The provisioned read capacity for an Amazon Keyspaces table. \n - cassandra:table:WriteCapacityUnits - The provisioned write capacity for an Amazon Keyspaces table. \n - kafka:broker-storage:VolumeSize - The provisioned volume size (in GiB) for brokers in an Amazon MSK cluster. \n - elasticache:replication-group:NodeGroups - The number of node groups for an Amazon ElastiCache replication group. \n - elasticache:replication-group:Replicas - The number of replicas per node group for an Amazon ElastiCache replication group. \n - neptune:cluster:ReadReplicaCount - The count of read replicas in an Amazon Neptune DB cluster.", + "type": "string" + }, + "serviceNamespace": { + "description": "The namespace of the Amazon Web Services service that provides the resource. For a resource provided by your own application or service, use custom-resource instead.", + "type": "string" + }, + "suspendedState": { + "description": "An embedded object that contains attributes and attribute values that are used to suspend and resume automatic scaling. Setting the value of an attribute to true suspends the specified scaling activities. Setting it to false (default) resumes the specified scaling activities. \n Suspension Outcomes \n - For DynamicScalingInSuspended, while a suspension is in effect, all scale-in activities that are triggered by a scaling policy are suspended. \n - For DynamicScalingOutSuspended, while a suspension is in effect, all scale-out activities that are triggered by a scaling policy are suspended. \n - For ScheduledScalingSuspended, while a suspension is in effect, all scaling activities that involve scheduled actions are suspended. \n For more information, see Suspending and resuming scaling (https://docs.aws.amazon.com/autoscaling/application/userguide/application-auto-scaling-suspend-resume-scaling.html) in the Application Auto Scaling User Guide.", + "properties": { + "dynamicScalingInSuspended": { + "type": "boolean" + }, + "dynamicScalingOutSuspended": { + "type": "boolean" + }, + "scheduledScalingSuspended": { + "type": "boolean" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "required": [ + "resourceID", + "scalableDimension", + "serviceNamespace" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "ScalableTargetStatus defines the observed state of ScalableTarget", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "creationTime": { + "description": "The Unix timestamp for when the scalable target was created.", + "format": "date-time", + "type": "string" + }, + "lastModifiedTime": { + "description": "The Unix timestamp for when the scalable target was created.", + "format": "date-time", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/applicationautoscaling.services.k8s.aws/scalingpolicy_v1alpha1.json b/applicationautoscaling.services.k8s.aws/scalingpolicy_v1alpha1.json new file mode 100644 index 00000000..facf59e2 --- /dev/null +++ b/applicationautoscaling.services.k8s.aws/scalingpolicy_v1alpha1.json @@ -0,0 +1,253 @@ +{ + "description": "ScalingPolicy is the Schema for the ScalingPolicies API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "ScalingPolicySpec defines the desired state of ScalingPolicy. \n Represents a scaling policy to use with Application Auto Scaling. \n For more information about configuring scaling policies for a specific service, see Getting started with Application Auto Scaling (https://docs.aws.amazon.com/autoscaling/application/userguide/getting-started.html) in the Application Auto Scaling User Guide.", + "properties": { + "policyName": { + "description": "The name of the scaling policy.", + "type": "string" + }, + "policyType": { + "description": "The policy type. This parameter is required if you are creating a scaling policy. \n The following policy types are supported: \n # TargetTrackingScaling\u2014Not supported for Amazon EMR \n StepScaling\u2014Not supported for DynamoDB, Amazon Comprehend, Lambda, Amazon Keyspaces, Amazon MSK, Amazon ElastiCache, or Neptune. \n For more information, see Target tracking scaling policies (https://docs.aws.amazon.com/autoscaling/application/userguide/application-auto-scaling-target-tracking.html) and Step scaling policies (https://docs.aws.amazon.com/autoscaling/application/userguide/application-auto-scaling-step-scaling-policies.html) in the Application Auto Scaling User Guide.", + "type": "string" + }, + "resourceID": { + "description": "The identifier of the resource associated with the scaling policy. This string consists of the resource type and unique identifier. \n - ECS service - The resource type is service and the unique identifier is the cluster name and service name. Example: service/default/sample-webapp. \n - Spot Fleet - The resource type is spot-fleet-request and the unique identifier is the Spot Fleet request ID. Example: spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE. \n - EMR cluster - The resource type is instancegroup and the unique identifier is the cluster ID and instance group ID. Example: instancegroup/j-2EEZNYKUA1NTV/ig-1791Y4E1L8YI0. \n - AppStream 2.0 fleet - The resource type is fleet and the unique identifier is the fleet name. Example: fleet/sample-fleet. \n - DynamoDB table - The resource type is table and the unique identifier is the table name. Example: table/my-table. \n - DynamoDB global secondary index - The resource type is index and the unique identifier is the index name. Example: table/my-table/index/my-table-index. \n - Aurora DB cluster - The resource type is cluster and the unique identifier is the cluster name. Example: cluster:my-db-cluster. \n - SageMaker endpoint variant - The resource type is variant and the unique identifier is the resource ID. Example: endpoint/my-end-point/variant/KMeansClustering. \n - Custom resources are not supported with a resource type. This parameter must specify the OutputValue from the CloudFormation template stack used to access the resources. The unique identifier is defined by the service provider. More information is available in our GitHub repository (https://github.com/aws/aws-auto-scaling-custom-resource). \n - Amazon Comprehend document classification endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:document-classifier-endpoint/EXAMPLE. \n - Amazon Comprehend entity recognizer endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:entity-recognizer-endpoint/EXAMPLE. \n - Lambda provisioned concurrency - The resource type is function and the unique identifier is the function name with a function version or alias name suffix that is not $LATEST. Example: function:my-function:prod or function:my-function:1. \n - Amazon Keyspaces table - The resource type is table and the unique identifier is the table name. Example: keyspace/mykeyspace/table/mytable. \n - Amazon MSK cluster - The resource type and unique identifier are specified using the cluster ARN. Example: arn:aws:kafka:us-east-1:123456789012:cluster/demo-cluster-1/6357e0b2-0e6a-4b86-a0b4-70df934c2e31-5. \n - Amazon ElastiCache replication group - The resource type is replication-group and the unique identifier is the replication group name. Example: replication-group/mycluster. \n - Neptune cluster - The resource type is cluster and the unique identifier is the cluster name. Example: cluster:mycluster.", + "type": "string" + }, + "scalableDimension": { + "description": "The scalable dimension. This string consists of the service namespace, resource type, and scaling property. \n - ecs:service:DesiredCount - The desired task count of an ECS service. \n - elasticmapreduce:instancegroup:InstanceCount - The instance count of an EMR Instance Group. \n - ec2:spot-fleet-request:TargetCapacity - The target capacity of a Spot Fleet. \n - appstream:fleet:DesiredCapacity - The desired capacity of an AppStream 2.0 fleet. \n - dynamodb:table:ReadCapacityUnits - The provisioned read capacity for a DynamoDB table. \n - dynamodb:table:WriteCapacityUnits - The provisioned write capacity for a DynamoDB table. \n - dynamodb:index:ReadCapacityUnits - The provisioned read capacity for a DynamoDB global secondary index. \n - dynamodb:index:WriteCapacityUnits - The provisioned write capacity for a DynamoDB global secondary index. \n - rds:cluster:ReadReplicaCount - The count of Aurora Replicas in an Aurora DB cluster. Available for Aurora MySQL-compatible edition and Aurora PostgreSQL-compatible edition. \n - sagemaker:variant:DesiredInstanceCount - The number of EC2 instances for an SageMaker model endpoint variant. \n - custom-resource:ResourceType:Property - The scalable dimension for a custom resource provided by your own application or service. \n - comprehend:document-classifier-endpoint:DesiredInferenceUnits - The number of inference units for an Amazon Comprehend document classification endpoint. \n - comprehend:entity-recognizer-endpoint:DesiredInferenceUnits - The number of inference units for an Amazon Comprehend entity recognizer endpoint. \n - lambda:function:ProvisionedConcurrency - The provisioned concurrency for a Lambda function. \n - cassandra:table:ReadCapacityUnits - The provisioned read capacity for an Amazon Keyspaces table. \n - cassandra:table:WriteCapacityUnits - The provisioned write capacity for an Amazon Keyspaces table. \n - kafka:broker-storage:VolumeSize - The provisioned volume size (in GiB) for brokers in an Amazon MSK cluster. \n - elasticache:replication-group:NodeGroups - The number of node groups for an Amazon ElastiCache replication group. \n - elasticache:replication-group:Replicas - The number of replicas per node group for an Amazon ElastiCache replication group. \n - neptune:cluster:ReadReplicaCount - The count of read replicas in an Amazon Neptune DB cluster.", + "type": "string" + }, + "serviceNamespace": { + "description": "The namespace of the Amazon Web Services service that provides the resource. For a resource provided by your own application or service, use custom-resource instead.", + "type": "string" + }, + "stepScalingPolicyConfiguration": { + "description": "A step scaling policy. \n This parameter is required if you are creating a policy and the policy type is StepScaling.", + "properties": { + "adjustmentType": { + "type": "string" + }, + "cooldown": { + "format": "int64", + "type": "integer" + }, + "metricAggregationType": { + "type": "string" + }, + "minAdjustmentMagnitude": { + "format": "int64", + "type": "integer" + }, + "stepAdjustments": { + "items": { + "description": "Represents a step adjustment for a StepScalingPolicyConfiguration (https://docs.aws.amazon.com/autoscaling/application/APIReference/API_StepScalingPolicyConfiguration.html). Describes an adjustment based on the difference between the value of the aggregated CloudWatch metric and the breach threshold that you've defined for the alarm. \n For the following examples, suppose that you have an alarm with a breach threshold of 50: \n - To trigger the adjustment when the metric is greater than or equal to 50 and less than 60, specify a lower bound of 0 and an upper bound of 10. \n - To trigger the adjustment when the metric is greater than 40 and less than or equal to 50, specify a lower bound of -10 and an upper bound of 0. \n There are a few rules for the step adjustments for your step policy: \n - The ranges of your step adjustments can't overlap or have a gap. \n - At most one step adjustment can have a null lower bound. If one step adjustment has a negative lower bound, then there must be a step adjustment with a null lower bound. \n - At most one step adjustment can have a null upper bound. If one step adjustment has a positive upper bound, then there must be a step adjustment with a null upper bound. \n - The upper and lower bound can't be null in the same step adjustment.", + "properties": { + "metricIntervalLowerBound": { + "type": "number" + }, + "metricIntervalUpperBound": { + "type": "number" + }, + "scalingAdjustment": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "targetTrackingScalingPolicyConfiguration": { + "description": "A target tracking scaling policy. Includes support for predefined or customized metrics. \n This parameter is required if you are creating a policy and the policy type is TargetTrackingScaling.", + "properties": { + "customizedMetricSpecification": { + "description": "Represents a CloudWatch metric of your choosing for a target tracking scaling policy to use with Application Auto Scaling. \n For information about the available metrics for a service, see Amazon Web Services Services That Publish CloudWatch Metrics (https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/aws-services-cloudwatch-metrics.html) in the Amazon CloudWatch User Guide. \n To create your customized metric specification: \n * Add values for each required parameter from CloudWatch. You can use an existing metric, or a new metric that you create. To use your own metric, you must first publish the metric to CloudWatch. For more information, see Publish Custom Metrics (https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/publishingMetrics.html) in the Amazon CloudWatch User Guide. \n * Choose a metric that changes proportionally with capacity. The value of the metric should increase or decrease in inverse proportion to the number of capacity units. That is, the value of the metric should decrease when capacity increases, and increase when capacity decreases. \n For more information about CloudWatch, see Amazon CloudWatch Concepts (https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch_concepts.html).", + "properties": { + "dimensions": { + "items": { + "description": "Describes the dimension names and values associated with a metric.", + "properties": { + "name": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "metricName": { + "type": "string" + }, + "namespace": { + "type": "string" + }, + "statistic": { + "type": "string" + }, + "unit": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "disableScaleIn": { + "type": "boolean" + }, + "predefinedMetricSpecification": { + "description": "Represents a predefined metric for a target tracking scaling policy to use with Application Auto Scaling. \n Only the Amazon Web Services that you're using send metrics to Amazon CloudWatch. To determine whether a desired metric already exists by looking up its namespace and dimension using the CloudWatch metrics dashboard in the console, follow the procedure in Building dashboards with CloudWatch (https://docs.aws.amazon.com/autoscaling/application/userguide/monitoring-cloudwatch.html) in the Application Auto Scaling User Guide.", + "properties": { + "predefinedMetricType": { + "type": "string" + }, + "resourceLabel": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "scaleInCooldown": { + "format": "int64", + "type": "integer" + }, + "scaleOutCooldown": { + "format": "int64", + "type": "integer" + }, + "targetValue": { + "type": "number" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "required": [ + "policyName", + "resourceID", + "scalableDimension", + "serviceNamespace" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "ScalingPolicyStatus defines the observed state of ScalingPolicy", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "alarms": { + "description": "The CloudWatch alarms created for the target tracking scaling policy.", + "items": { + "description": "Represents a CloudWatch alarm associated with a scaling policy.", + "properties": { + "alarmARN": { + "type": "string" + }, + "alarmName": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "creationTime": { + "description": "The Unix timestamp for when the scaling policy was created.", + "format": "date-time", + "type": "string" + }, + "lastModifiedTime": { + "description": "The Unix timestamp for when the scaling policy was created.", + "format": "date-time", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/cloudfront.services.k8s.aws/cachepolicy_v1alpha1.json b/cloudfront.services.k8s.aws/cachepolicy_v1alpha1.json new file mode 100644 index 00000000..d177f9cf --- /dev/null +++ b/cloudfront.services.k8s.aws/cachepolicy_v1alpha1.json @@ -0,0 +1,225 @@ +{ + "description": "CachePolicy is the Schema for the CachePolicies API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "CachePolicySpec defines the desired state of CachePolicy. \n A cache policy. \n When it's attached to a cache behavior, the cache policy determines the following: \n - The values that CloudFront includes in the cache key. These values can include HTTP headers, cookies, and URL query strings. CloudFront uses the cache key to find an object in its cache that it can return to the viewer. \n - The default, minimum, and maximum time to live (TTL) values that you want objects to stay in the CloudFront cache. \n The headers, cookies, and query strings that are included in the cache key are also included in requests that CloudFront sends to the origin. CloudFront sends a request when it can't find a valid object in its cache that matches the request's cache key. If you want to send values to the origin but not include them in the cache key, use OriginRequestPolicy.", + "properties": { + "cachePolicyConfig": { + "description": "A cache policy configuration.", + "properties": { + "comment": { + "type": "string" + }, + "defaultTTL": { + "format": "int64", + "type": "integer" + }, + "maxTTL": { + "format": "int64", + "type": "integer" + }, + "minTTL": { + "format": "int64", + "type": "integer" + }, + "name": { + "type": "string" + }, + "parametersInCacheKeyAndForwardedToOrigin": { + "description": "This object determines the values that CloudFront includes in the cache key. These values can include HTTP headers, cookies, and URL query strings. CloudFront uses the cache key to find an object in its cache that it can return to the viewer. \n The headers, cookies, and query strings that are included in the cache key are also included in requests that CloudFront sends to the origin. CloudFront sends a request when it can't find an object in its cache that matches the request's cache key. If you want to send values to the origin but not include them in the cache key, use OriginRequestPolicy.", + "properties": { + "cookiesConfig": { + "description": "An object that determines whether any cookies in viewer requests (and if so, which cookies) are included in the cache key and in requests that CloudFront sends to the origin.", + "properties": { + "cookieBehavior": { + "type": "string" + }, + "cookies": { + "description": "Contains a list of cookie names.", + "properties": { + "items": { + "items": { + "type": "string" + }, + "type": "array" + }, + "quantity": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "enableAcceptEncodingBrotli": { + "type": "boolean" + }, + "enableAcceptEncodingGzip": { + "type": "boolean" + }, + "headersConfig": { + "description": "An object that determines whether any HTTP headers (and if so, which headers) are included in the cache key and in requests that CloudFront sends to the origin.", + "properties": { + "headerBehavior": { + "type": "string" + }, + "headers": { + "description": "Contains a list of HTTP header names.", + "properties": { + "items": { + "items": { + "type": "string" + }, + "type": "array" + }, + "quantity": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "queryStringsConfig": { + "description": "An object that determines whether any URL query strings in viewer requests (and if so, which query strings) are included in the cache key and in requests that CloudFront sends to the origin.", + "properties": { + "queryStringBehavior": { + "type": "string" + }, + "queryStrings": { + "description": "Contains a list of query string names.", + "properties": { + "items": { + "items": { + "type": "string" + }, + "type": "array" + }, + "quantity": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + } + }, + "required": [ + "cachePolicyConfig" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "CachePolicyStatus defines the observed state of CachePolicy", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "eTag": { + "description": "The current version of the cache policy.", + "type": "string" + }, + "id": { + "description": "The unique identifier for the cache policy.", + "type": "string" + }, + "lastModifiedTime": { + "description": "The date and time when the cache policy was last modified.", + "format": "date-time", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/cloudtrail.services.k8s.aws/eventdatastore_v1alpha1.json b/cloudtrail.services.k8s.aws/eventdatastore_v1alpha1.json new file mode 100644 index 00000000..0dd28149 --- /dev/null +++ b/cloudtrail.services.k8s.aws/eventdatastore_v1alpha1.json @@ -0,0 +1,207 @@ +{ + "description": "EventDataStore is the Schema for the EventDataStores API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "EventDataStoreSpec defines the desired state of EventDataStore. \n A storage lake of event data against which you can run complex SQL-based queries. An event data store can include events that you have logged on your account from the last 90 to 2555 days (about three months to up to seven years). To select events for an event data store, use advanced event selectors (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html#creating-data-event-selectors-advanced).", + "properties": { + "advancedEventSelectors": { + "description": "The advanced event selectors to use to select the events for the data store. For more information about how to use advanced event selectors, see Log events by using advanced event selectors (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html#creating-data-event-selectors-advanced) in the CloudTrail User Guide.", + "items": { + "description": "Advanced event selectors let you create fine-grained selectors for the following CloudTrail event record \ufb01elds. They help you control costs by logging only those events that are important to you. For more information about advanced event selectors, see Logging data events for trails (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html) in the CloudTrail User Guide. \n - readOnly \n - eventSource \n - eventName \n - eventCategory \n - resources.type \n - resources.ARN \n You cannot apply both event selectors and advanced event selectors to a trail.", + "properties": { + "fieldSelectors": { + "items": { + "description": "A single selector statement in an advanced event selector.", + "properties": { + "endsWith": { + "items": { + "type": "string" + }, + "type": "array" + }, + "equals": { + "items": { + "type": "string" + }, + "type": "array" + }, + "field": { + "type": "string" + }, + "notEndsWith": { + "items": { + "type": "string" + }, + "type": "array" + }, + "notEquals": { + "items": { + "type": "string" + }, + "type": "array" + }, + "notStartsWith": { + "items": { + "type": "string" + }, + "type": "array" + }, + "startsWith": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "multiRegionEnabled": { + "description": "Specifies whether the event data store includes events from all regions, or only from the region in which the event data store is created.", + "type": "boolean" + }, + "name": { + "description": "The name of the event data store.", + "type": "string" + }, + "organizationEnabled": { + "description": "Specifies whether an event data store collects events logged for an organization in Organizations.", + "type": "boolean" + }, + "retentionPeriod": { + "description": "The retention period of the event data store, in days. You can set a retention period of up to 2555 days, the equivalent of seven years.", + "format": "int64", + "type": "integer" + }, + "tags": { + "items": { + "description": "A custom key-value pair associated with a resource such as a CloudTrail trail.", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "terminationProtectionEnabled": { + "description": "Specifies whether termination protection is enabled for the event data store. If termination protection is enabled, you cannot delete the event data store until termination protection is disabled.", + "type": "boolean" + } + }, + "required": [ + "name" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "EventDataStoreStatus defines the observed state of EventDataStore", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "createdTimestamp": { + "description": "The timestamp that shows when the event data store was created.", + "format": "date-time", + "type": "string" + }, + "status": { + "description": "The status of event data store creation.", + "type": "string" + }, + "updatedTimestamp": { + "description": "The timestamp that shows when an event data store was updated, if applicable. UpdatedTimestamp is always either the same or newer than the time shown in CreatedTimestamp.", + "format": "date-time", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/cloudtrail.services.k8s.aws/trail_v1alpha1.json b/cloudtrail.services.k8s.aws/trail_v1alpha1.json new file mode 100644 index 00000000..2636a114 --- /dev/null +++ b/cloudtrail.services.k8s.aws/trail_v1alpha1.json @@ -0,0 +1,162 @@ +{ + "description": "Trail is the Schema for the Trails API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "TrailSpec defines the desired state of Trail. \n The settings for a trail.", + "properties": { + "cloudWatchLogsLogGroupARN": { + "description": "Specifies a log group name using an Amazon Resource Name (ARN), a unique identifier that represents the log group to which CloudTrail logs will be delivered. Not required unless you specify CloudWatchLogsRoleArn.", + "type": "string" + }, + "cloudWatchLogsRoleARN": { + "description": "Specifies the role for the CloudWatch Logs endpoint to assume to write to a user's log group.", + "type": "string" + }, + "enableLogFileValidation": { + "description": "Specifies whether log file integrity validation is enabled. The default is false. \n When you disable log file integrity validation, the chain of digest files is broken after one hour. CloudTrail does not create digest files for log files that were delivered during a period in which log file integrity validation was disabled. For example, if you enable log file integrity validation at noon on January 1, disable it at noon on January 2, and re-enable it at noon on January 10, digest files will not be created for the log files delivered from noon on January 2 to noon on January 10. The same applies whenever you stop CloudTrail logging or delete a trail.", + "type": "boolean" + }, + "includeGlobalServiceEvents": { + "description": "Specifies whether the trail is publishing events from global services such as IAM to the log files.", + "type": "boolean" + }, + "isMultiRegionTrail": { + "description": "Specifies whether the trail is created in the current region or in all regions. The default is false, which creates a trail only in the region where you are signed in. As a best practice, consider creating trails that log events in all regions.", + "type": "boolean" + }, + "isOrganizationTrail": { + "description": "Specifies whether the trail is created for all accounts in an organization in Organizations, or only for the current Amazon Web Services account. The default is false, and cannot be true unless the call is made on behalf of an Amazon Web Services account that is the management account for an organization in Organizations.", + "type": "boolean" + }, + "kmsKeyID": { + "description": "Specifies the KMS key ID to use to encrypt the logs delivered by CloudTrail. The value can be an alias name prefixed by \"alias/\", a fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique identifier. \n CloudTrail also supports KMS multi-Region keys. For more information about multi-Region keys, see Using multi-Region keys (https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html) in the Key Management Service Developer Guide. \n Examples: \n - alias/MyAliasName \n - arn:aws:kms:us-east-2:123456789012:alias/MyAliasName \n - arn:aws:kms:us-east-2:123456789012:key/12345678-1234-1234-1234-123456789012 \n - 12345678-1234-1234-1234-123456789012", + "type": "string" + }, + "name": { + "description": "Specifies the name of the trail. The name must meet the following requirements: \n - Contain only ASCII letters (a-z, A-Z), numbers (0-9), periods (.), underscores (_), or dashes (-) \n - Start with a letter or number, and end with a letter or number \n - Be between 3 and 128 characters \n - Have no adjacent periods, underscores or dashes. Names like my-_namespace and my--namespace are not valid. \n - Not be in IP address format (for example, 192.168.5.4)", + "type": "string" + }, + "s3BucketName": { + "description": "Specifies the name of the Amazon S3 bucket designated for publishing log files. See Amazon S3 Bucket Naming Requirements (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/create_trail_naming_policy.html).", + "type": "string" + }, + "s3KeyPrefix": { + "description": "Specifies the Amazon S3 key prefix that comes after the name of the bucket you have designated for log file delivery. For more information, see Finding Your CloudTrail Log Files (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-find-log-files.html). The maximum length is 200 characters.", + "type": "string" + }, + "snsTopicName": { + "description": "Specifies the name of the Amazon SNS topic defined for notification of log file delivery. The maximum length is 256 characters.", + "type": "string" + }, + "tags": { + "items": { + "description": "A custom key-value pair associated with a resource such as a CloudTrail trail.", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "required": [ + "name", + "s3BucketName" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "TrailStatus defines the observed state of Trail", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "logFileValidationEnabled": { + "description": "Specifies whether log file integrity validation is enabled.", + "type": "boolean" + }, + "snsTopicARN": { + "description": "Specifies the ARN of the Amazon SNS topic that CloudTrail uses to send notifications when log files are delivered. The format of a topic ARN is: \n arn:aws:sns:us-east-2:123456789012:MyTopic", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/cloudwatchlogs.services.k8s.aws/loggroup_v1alpha1.json b/cloudwatchlogs.services.k8s.aws/loggroup_v1alpha1.json new file mode 100644 index 00000000..39bdb6ee --- /dev/null +++ b/cloudwatchlogs.services.k8s.aws/loggroup_v1alpha1.json @@ -0,0 +1,147 @@ +{ + "description": "LogGroup is the Schema for the LogGroups API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "LogGroupSpec defines the desired state of LogGroup. \n Represents a log group.", + "properties": { + "kmsKeyID": { + "description": "The Amazon Resource Name (ARN) of the KMS key to use when encrypting log data. For more information, see Amazon Resource Names (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#arn-syntax-kms).", + "type": "string" + }, + "kmsKeyRef": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "name": { + "type": "string" + }, + "tags": { + "additionalProperties": { + "type": "string" + }, + "description": "The key-value pairs to use for the tags. \n You can grant users access to certain log groups while preventing them from accessing other log groups. To do so, tag your groups and use IAM policies that refer to those tags. To assign tags when you create a log group, you must have either the logs:TagResource or logs:TagLogGroup permission. For more information about tagging, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html). For more information about using tags to control access, see Controlling access to Amazon Web Services resources using tags (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_tags.html).", + "type": "object" + } + }, + "required": [ + "name" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "LogGroupStatus defines the observed state of LogGroup", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "creationTime": { + "description": "The creation time of the log group, expressed as the number of milliseconds after Jan 1, 1970 00:00:00 UTC.", + "format": "int64", + "type": "integer" + }, + "dataProtectionStatus": { + "description": "Displays whether this log group has a protection policy, or whether it had one in the past. For more information, see PutDataProtectionPolicy (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDataProtectionPolicy.html).", + "type": "string" + }, + "metricFilterCount": { + "description": "The number of metric filters.", + "format": "int64", + "type": "integer" + }, + "retentionInDays": { + "format": "int64", + "type": "integer" + }, + "storedBytes": { + "description": "The number of bytes stored.", + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/dynamodb.services.k8s.aws/backup_v1alpha1.json b/dynamodb.services.k8s.aws/backup_v1alpha1.json new file mode 100644 index 00000000..48af7e37 --- /dev/null +++ b/dynamodb.services.k8s.aws/backup_v1alpha1.json @@ -0,0 +1,125 @@ +{ + "description": "Backup is the Schema for the Backups API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "BackupSpec defines the desired state of Backup.", + "properties": { + "backupName": { + "description": "Specified name for the backup.", + "type": "string" + }, + "tableName": { + "description": "The name of the table.", + "type": "string" + } + }, + "required": [ + "backupName", + "tableName" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "BackupStatus defines the observed state of Backup", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "backupCreationDateTime": { + "description": "Time at which the backup was created. This is the request time of the backup.", + "format": "date-time", + "type": "string" + }, + "backupExpiryDateTime": { + "description": "Time at which the automatic on-demand backup created by DynamoDB will expire. This SYSTEM on-demand backup expires automatically 35 days after its creation.", + "format": "date-time", + "type": "string" + }, + "backupSizeBytes": { + "description": "Size of the backup in bytes. DynamoDB updates this value approximately every six hours. Recent changes might not be reflected in this value.", + "format": "int64", + "type": "integer" + }, + "backupStatus": { + "description": "Backup can be in one of the following states: CREATING, ACTIVE, DELETED.", + "type": "string" + }, + "backupType": { + "description": "BackupType: \n * USER - You create and manage these using the on-demand backup feature. \n * SYSTEM - If you delete a table with point-in-time recovery enabled, a SYSTEM backup is automatically created and is retained for 35 days (at no additional cost). System backups allow you to restore the deleted table to the state it was in just before the point of deletion. \n * AWS_BACKUP - On-demand backup created by you from Backup service.", + "type": "string" + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/dynamodb.services.k8s.aws/globaltable_v1alpha1.json b/dynamodb.services.k8s.aws/globaltable_v1alpha1.json new file mode 100644 index 00000000..2ec150d3 --- /dev/null +++ b/dynamodb.services.k8s.aws/globaltable_v1alpha1.json @@ -0,0 +1,121 @@ +{ + "description": "GlobalTable is the Schema for the GlobalTables API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "GlobalTableSpec defines the desired state of GlobalTable. \n Represents the properties of a global table.", + "properties": { + "globalTableName": { + "description": "The global table name.", + "type": "string" + }, + "replicationGroup": { + "description": "The Regions where the global table needs to be created.", + "items": { + "description": "Represents the properties of a replica.", + "properties": { + "regionName": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "required": [ + "globalTableName", + "replicationGroup" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "GlobalTableStatus defines the observed state of GlobalTable", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "creationDateTime": { + "description": "The creation time of the global table.", + "format": "date-time", + "type": "string" + }, + "globalTableStatus": { + "description": "The current state of the global table: \n * CREATING - The global table is being created. \n * UPDATING - The global table is being updated. \n * DELETING - The global table is being deleted. \n * ACTIVE - The global table is ready for use.", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/dynamodb.services.k8s.aws/table_v1alpha1.json b/dynamodb.services.k8s.aws/table_v1alpha1.json new file mode 100644 index 00000000..82313db5 --- /dev/null +++ b/dynamodb.services.k8s.aws/table_v1alpha1.json @@ -0,0 +1,562 @@ +{ + "description": "Table is the Schema for the Tables API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "TableSpec defines the desired state of Table.", + "properties": { + "attributeDefinitions": { + "description": "An array of attributes that describe the key schema for the table and indexes.", + "items": { + "description": "Represents an attribute for describing the key schema for the table and indexes.", + "properties": { + "attributeName": { + "type": "string" + }, + "attributeType": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "billingMode": { + "description": "Controls how you are charged for read and write throughput and how you manage capacity. This setting can be changed later. \n - PROVISIONED - We recommend using PROVISIONED for predictable workloads. PROVISIONED sets the billing mode to Provisioned Mode (https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/HowItWorks.ReadWriteCapacityMode.html#HowItWorks.ProvisionedThroughput.Manual). \n - PAY_PER_REQUEST - We recommend using PAY_PER_REQUEST for unpredictable workloads. PAY_PER_REQUEST sets the billing mode to On-Demand Mode (https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/HowItWorks.ReadWriteCapacityMode.html#HowItWorks.OnDemand).", + "type": "string" + }, + "globalSecondaryIndexes": { + "description": "One or more global secondary indexes (the maximum is 20) to be created on the table. Each global secondary index in the array includes the following: \n - IndexName - The name of the global secondary index. Must be unique only for this table. \n - KeySchema - Specifies the key schema for the global secondary index. \n - Projection - Specifies attributes that are copied (projected) from the table into the index. These are in addition to the primary key attributes and index key attributes, which are automatically projected. Each attribute specification is composed of: ProjectionType - One of the following: KEYS_ONLY \n - Only the index and primary keys are projected into the index. INCLUDE \n - Only the specified table attributes are projected into the index. The list of projected attributes is in NonKeyAttributes. ALL - All of the table attributes are projected into the index. NonKeyAttributes - A list of one or more non-key attribute names that are projected into the secondary index. The total count of attributes provided in NonKeyAttributes, summed across all of the secondary indexes, must not exceed 100. If you project the same attribute into two different indexes, this counts as two distinct attributes when determining the total. \n - ProvisionedThroughput - The provisioned throughput settings for the global secondary index, consisting of read and write capacity units.", + "items": { + "description": "Represents the properties of a global secondary index.", + "properties": { + "indexName": { + "type": "string" + }, + "keySchema": { + "items": { + "description": "Represents a single element of a key schema. A key schema specifies the attributes that make up the primary key of a table, or the key attributes of an index. \n A KeySchemaElement represents exactly one attribute of the primary key. For example, a simple primary key would be represented by one KeySchemaElement (for the partition key). A composite primary key would require one KeySchemaElement for the partition key, and another KeySchemaElement for the sort key. \n A KeySchemaElement must be a scalar, top-level attribute (not a nested attribute). The data type must be one of String, Number, or Binary. The attribute cannot be nested within a List or a Map.", + "properties": { + "attributeName": { + "type": "string" + }, + "keyType": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "projection": { + "description": "Represents attributes that are copied (projected) from the table into an index. These are in addition to the primary key attributes and index key attributes, which are automatically projected.", + "properties": { + "nonKeyAttributes": { + "items": { + "type": "string" + }, + "type": "array" + }, + "projectionType": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "provisionedThroughput": { + "description": "Represents the provisioned throughput settings for a specified table or index. The settings can be modified using the UpdateTable operation. \n For current minimum and maximum provisioned throughput values, see Service, Account, and Table Quotas (https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/Limits.html) in the Amazon DynamoDB Developer Guide.", + "properties": { + "readCapacityUnits": { + "format": "int64", + "type": "integer" + }, + "writeCapacityUnits": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "keySchema": { + "description": "Specifies the attributes that make up the primary key for a table or an index. The attributes in KeySchema must also be defined in the AttributeDefinitions array. For more information, see Data Model (https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/DataModel.html) in the Amazon DynamoDB Developer Guide. \n Each KeySchemaElement in the array is composed of: \n - AttributeName - The name of this key attribute. \n - KeyType - The role that the key attribute will assume: HASH - partition key RANGE - sort key \n The partition key of an item is also known as its hash attribute. The term \"hash attribute\" derives from the DynamoDB usage of an internal hash function to evenly distribute data items across partitions, based on their partition key values. \n The sort key of an item is also known as its range attribute. The term \"range attribute\" derives from the way DynamoDB stores items with the same partition key physically close together, in sorted order by the sort key value. \n For a simple primary key (partition key), you must provide exactly one element with a KeyType of HASH. \n For a composite primary key (partition key and sort key), you must provide exactly two elements, in this order: The first element must have a KeyType of HASH, and the second element must have a KeyType of RANGE. \n For more information, see Working with Tables (https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/WorkingWithTables.html#WorkingWithTables.primary.key) in the Amazon DynamoDB Developer Guide.", + "items": { + "description": "Represents a single element of a key schema. A key schema specifies the attributes that make up the primary key of a table, or the key attributes of an index. \n A KeySchemaElement represents exactly one attribute of the primary key. For example, a simple primary key would be represented by one KeySchemaElement (for the partition key). A composite primary key would require one KeySchemaElement for the partition key, and another KeySchemaElement for the sort key. \n A KeySchemaElement must be a scalar, top-level attribute (not a nested attribute). The data type must be one of String, Number, or Binary. The attribute cannot be nested within a List or a Map.", + "properties": { + "attributeName": { + "type": "string" + }, + "keyType": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "localSecondaryIndexes": { + "description": "One or more local secondary indexes (the maximum is 5) to be created on the table. Each index is scoped to a given partition key value. There is a 10 GB size limit per partition key value; otherwise, the size of a local secondary index is unconstrained. \n Each local secondary index in the array includes the following: \n - IndexName - The name of the local secondary index. Must be unique only for this table. \n - KeySchema - Specifies the key schema for the local secondary index. The key schema must begin with the same partition key as the table. \n - Projection - Specifies attributes that are copied (projected) from the table into the index. These are in addition to the primary key attributes and index key attributes, which are automatically projected. Each attribute specification is composed of: ProjectionType - One of the following: KEYS_ONLY \n - Only the index and primary keys are projected into the index. INCLUDE \n - Only the specified table attributes are projected into the index. The list of projected attributes is in NonKeyAttributes. ALL - All of the table attributes are projected into the index. NonKeyAttributes - A list of one or more non-key attribute names that are projected into the secondary index. The total count of attributes provided in NonKeyAttributes, summed across all of the secondary indexes, must not exceed 100. If you project the same attribute into two different indexes, this counts as two distinct attributes when determining the total.", + "items": { + "description": "Represents the properties of a local secondary index.", + "properties": { + "indexName": { + "type": "string" + }, + "keySchema": { + "items": { + "description": "Represents a single element of a key schema. A key schema specifies the attributes that make up the primary key of a table, or the key attributes of an index. \n A KeySchemaElement represents exactly one attribute of the primary key. For example, a simple primary key would be represented by one KeySchemaElement (for the partition key). A composite primary key would require one KeySchemaElement for the partition key, and another KeySchemaElement for the sort key. \n A KeySchemaElement must be a scalar, top-level attribute (not a nested attribute). The data type must be one of String, Number, or Binary. The attribute cannot be nested within a List or a Map.", + "properties": { + "attributeName": { + "type": "string" + }, + "keyType": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "projection": { + "description": "Represents attributes that are copied (projected) from the table into an index. These are in addition to the primary key attributes and index key attributes, which are automatically projected.", + "properties": { + "nonKeyAttributes": { + "items": { + "type": "string" + }, + "type": "array" + }, + "projectionType": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "provisionedThroughput": { + "description": "Represents the provisioned throughput settings for a specified table or index. The settings can be modified using the UpdateTable operation. \n If you set BillingMode as PROVISIONED, you must specify this property. If you set BillingMode as PAY_PER_REQUEST, you cannot specify this property. \n For current minimum and maximum provisioned throughput values, see Service, Account, and Table Quotas (https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/Limits.html) in the Amazon DynamoDB Developer Guide.", + "properties": { + "readCapacityUnits": { + "format": "int64", + "type": "integer" + }, + "writeCapacityUnits": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + }, + "sseSpecification": { + "description": "Represents the settings used to enable server-side encryption.", + "properties": { + "enabled": { + "type": "boolean" + }, + "kmsMasterKeyID": { + "type": "string" + }, + "sseType": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "streamSpecification": { + "description": "The settings for DynamoDB Streams on the table. These settings consist of: \n - StreamEnabled - Indicates whether DynamoDB Streams is to be enabled (true) or disabled (false). \n - StreamViewType - When an item in the table is modified, StreamViewType determines what information is written to the table's stream. Valid values for StreamViewType are: KEYS_ONLY - Only the key attributes of the modified item are written to the stream. NEW_IMAGE - The entire item, as it appears after it was modified, is written to the stream. OLD_IMAGE - The entire item, as it appeared before it was modified, is written to the stream. NEW_AND_OLD_IMAGES - Both the new and the old item images of the item are written to the stream.", + "properties": { + "streamEnabled": { + "type": "boolean" + }, + "streamViewType": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "tableClass": { + "description": "The table class of the new table. Valid values are STANDARD and STANDARD_INFREQUENT_ACCESS.", + "type": "string" + }, + "tableName": { + "description": "The name of the table to create.", + "type": "string" + }, + "tags": { + "description": "A list of key-value pairs to label the table. For more information, see Tagging for DynamoDB (https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/Tagging.html).", + "items": { + "description": "Describes a tag. A tag is a key-value pair. You can add up to 50 tags to a single DynamoDB table. \n Amazon Web Services-assigned tag names and values are automatically assigned the aws: prefix, which the user cannot assign. Amazon Web Services-assigned tag names do not count towards the tag limit of 50. User-assigned tag names have the prefix user: in the Cost Allocation Report. You cannot backdate the application of a tag. \n For an overview on tagging DynamoDB resources, see Tagging for DynamoDB (https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/Tagging.html) in the Amazon DynamoDB Developer Guide.", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "timeToLive": { + "description": "Represents the settings used to enable or disable Time to Live for the specified table.", + "properties": { + "attributeName": { + "type": "string" + }, + "enabled": { + "type": "boolean" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "required": [ + "attributeDefinitions", + "keySchema", + "tableName" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "TableStatus defines the observed state of Table", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "archivalSummary": { + "description": "Contains information about the table archive.", + "properties": { + "archivalBackupARN": { + "type": "string" + }, + "archivalDateTime": { + "format": "date-time", + "type": "string" + }, + "archivalReason": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "creationDateTime": { + "description": "The date and time when the table was created, in UNIX epoch time (http://www.epochconverter.com/) format.", + "format": "date-time", + "type": "string" + }, + "globalSecondaryIndexesDescriptions": { + "items": { + "description": "Represents the properties of a global secondary index.", + "properties": { + "backfilling": { + "type": "boolean" + }, + "indexARN": { + "type": "string" + }, + "indexName": { + "type": "string" + }, + "indexSizeBytes": { + "format": "int64", + "type": "integer" + }, + "indexStatus": { + "type": "string" + }, + "itemCount": { + "format": "int64", + "type": "integer" + }, + "keySchema": { + "items": { + "description": "Represents a single element of a key schema. A key schema specifies the attributes that make up the primary key of a table, or the key attributes of an index. \n A KeySchemaElement represents exactly one attribute of the primary key. For example, a simple primary key would be represented by one KeySchemaElement (for the partition key). A composite primary key would require one KeySchemaElement for the partition key, and another KeySchemaElement for the sort key. \n A KeySchemaElement must be a scalar, top-level attribute (not a nested attribute). The data type must be one of String, Number, or Binary. The attribute cannot be nested within a List or a Map.", + "properties": { + "attributeName": { + "type": "string" + }, + "keyType": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "projection": { + "description": "Represents attributes that are copied (projected) from the table into an index. These are in addition to the primary key attributes and index key attributes, which are automatically projected.", + "properties": { + "nonKeyAttributes": { + "items": { + "type": "string" + }, + "type": "array" + }, + "projectionType": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "provisionedThroughput": { + "description": "Represents the provisioned throughput settings for the table, consisting of read and write capacity units, along with data about increases and decreases.", + "properties": { + "lastDecreaseDateTime": { + "format": "date-time", + "type": "string" + }, + "lastIncreaseDateTime": { + "format": "date-time", + "type": "string" + }, + "numberOfDecreasesToday": { + "format": "int64", + "type": "integer" + }, + "readCapacityUnits": { + "format": "int64", + "type": "integer" + }, + "writeCapacityUnits": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "globalTableVersion": { + "description": "Represents the version of global tables (https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/GlobalTables.html) in use, if the table is replicated across Amazon Web Services Regions.", + "type": "string" + }, + "itemCount": { + "description": "The number of items in the specified table. DynamoDB updates this value approximately every six hours. Recent changes might not be reflected in this value.", + "format": "int64", + "type": "integer" + }, + "latestStreamARN": { + "description": "The Amazon Resource Name (ARN) that uniquely identifies the latest stream for this table.", + "type": "string" + }, + "latestStreamLabel": { + "description": "A timestamp, in ISO 8601 format, for this stream. \n Note that LatestStreamLabel is not a unique identifier for the stream, because it is possible that a stream from another table might have the same timestamp. However, the combination of the following three elements is guaranteed to be unique: \n * Amazon Web Services customer ID \n * Table name \n * StreamLabel", + "type": "string" + }, + "replicas": { + "description": "Represents replicas of the table.", + "items": { + "description": "Contains the details of the replica.", + "properties": { + "globalSecondaryIndexes": { + "items": { + "description": "Represents the properties of a replica global secondary index.", + "properties": { + "indexName": { + "type": "string" + }, + "provisionedThroughputOverride": { + "description": "Replica-specific provisioned throughput settings. If not specified, uses the source table's provisioned throughput settings.", + "properties": { + "readCapacityUnits": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "kmsMasterKeyID": { + "type": "string" + }, + "provisionedThroughputOverride": { + "description": "Replica-specific provisioned throughput settings. If not specified, uses the source table's provisioned throughput settings.", + "properties": { + "readCapacityUnits": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + }, + "regionName": { + "type": "string" + }, + "replicaInaccessibleDateTime": { + "format": "date-time", + "type": "string" + }, + "replicaStatus": { + "type": "string" + }, + "replicaStatusDescription": { + "type": "string" + }, + "replicaStatusPercentProgress": { + "type": "string" + }, + "replicaTableClassSummary": { + "description": "Contains details of the table class.", + "properties": { + "lastUpdateDateTime": { + "format": "date-time", + "type": "string" + }, + "tableClass": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "restoreSummary": { + "description": "Contains details for the restore.", + "properties": { + "restoreDateTime": { + "format": "date-time", + "type": "string" + }, + "restoreInProgress": { + "type": "boolean" + }, + "sourceBackupARN": { + "type": "string" + }, + "sourceTableARN": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "tableID": { + "description": "Unique identifier for the table for which the backup was created.", + "type": "string" + }, + "tableSizeBytes": { + "description": "The total size of the specified table, in bytes. DynamoDB updates this value approximately every six hours. Recent changes might not be reflected in this value.", + "format": "int64", + "type": "integer" + }, + "tableStatus": { + "description": "The current state of the table: \n * CREATING - The table is being created. \n * UPDATING - The table is being updated. \n * DELETING - The table is being deleted. \n * ACTIVE - The table is ready for use. \n * INACCESSIBLE_ENCRYPTION_CREDENTIALS - The KMS key used to encrypt the table in inaccessible. Table operations may fail due to failure to use the KMS key. DynamoDB will initiate the table archival process when a table's KMS key remains inaccessible for more than seven days. \n * ARCHIVING - The table is being archived. Operations are not allowed until archival is complete. \n * ARCHIVED - The table has been archived. See the ArchivalReason for more information.", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/ec2.services.k8s.aws/dhcpoptions_v1alpha1.json b/ec2.services.k8s.aws/dhcpoptions_v1alpha1.json new file mode 100644 index 00000000..b9c16bf5 --- /dev/null +++ b/ec2.services.k8s.aws/dhcpoptions_v1alpha1.json @@ -0,0 +1,137 @@ +{ + "description": "DHCPOptions is the Schema for the DHCPOptions API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "DhcpOptionsSpec defines the desired state of DhcpOptions. \n Describes a set of DHCP options.", + "properties": { + "dhcpConfigurations": { + "description": "A DHCP configuration option.", + "items": { + "properties": { + "key": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "tags": { + "description": "The tags. The value parameter is required, but if you don't want the tag to have a value, specify the parameter with no value, and we set the value to an empty string.", + "items": { + "description": "Describes a tag.", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "required": [ + "dhcpConfigurations" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "DHCPOptionsStatus defines the observed state of DHCPOptions", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "dhcpOptionsID": { + "description": "The ID of the set of DHCP options.", + "type": "string" + }, + "ownerID": { + "description": "The ID of the Amazon Web Services account that owns the DHCP options set.", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/ec2.services.k8s.aws/elasticipaddress_v1alpha1.json b/ec2.services.k8s.aws/elasticipaddress_v1alpha1.json new file mode 100644 index 00000000..f10a3696 --- /dev/null +++ b/ec2.services.k8s.aws/elasticipaddress_v1alpha1.json @@ -0,0 +1,139 @@ +{ + "description": "ElasticIPAddress is the Schema for the ElasticIPAddresses API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "ElasticIPAddressSpec defines the desired state of ElasticIPAddress.", + "properties": { + "address": { + "description": "[EC2-VPC] The Elastic IP address to recover or an IPv4 address from an address pool.", + "type": "string" + }, + "customerOwnedIPv4Pool": { + "description": "The ID of a customer-owned address pool. Use this parameter to let Amazon EC2 select an address from the address pool. Alternatively, specify a specific address from the address pool.", + "type": "string" + }, + "networkBorderGroup": { + "description": "A unique set of Availability Zones, Local Zones, or Wavelength Zones from which Amazon Web Services advertises IP addresses. Use this parameter to limit the IP address to this location. IP addresses cannot move between network border groups. \n Use DescribeAvailabilityZones (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeAvailabilityZones.html) to view the network border groups. \n You cannot use a network border group with EC2 Classic. If you attempt this operation on EC2 Classic, you receive an InvalidParameterCombination error.", + "type": "string" + }, + "publicIPv4Pool": { + "description": "The ID of an address pool that you own. Use this parameter to let Amazon EC2 select an address from the address pool. To specify a specific address from the address pool, use the Address parameter instead.", + "type": "string" + }, + "tags": { + "description": "The tags. The value parameter is required, but if you don't want the tag to have a value, specify the parameter with no value, and we set the value to an empty string.", + "items": { + "description": "Describes a tag.", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "ElasticIPAddressStatus defines the observed state of ElasticIPAddress", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "allocationID": { + "description": "[EC2-VPC] The ID that Amazon Web Services assigns to represent the allocation of the Elastic IP address for use with instances in a VPC.", + "type": "string" + }, + "carrierIP": { + "description": "The carrier IP address. This option is only available for network interfaces which reside in a subnet in a Wavelength Zone (for example an EC2 instance).", + "type": "string" + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "customerOwnedIP": { + "description": "The customer-owned IP address.", + "type": "string" + }, + "publicIP": { + "description": "The Elastic IP address.", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/ec2.services.k8s.aws/flowlog_v1alpha1.json b/ec2.services.k8s.aws/flowlog_v1alpha1.json new file mode 100644 index 00000000..4fe8ea68 --- /dev/null +++ b/ec2.services.k8s.aws/flowlog_v1alpha1.json @@ -0,0 +1,197 @@ +{ + "description": "FlowLog is the Schema for the FlowLogs API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "FlowLogSpec defines the desired state of FlowLog. \n Describes a flow log.", + "properties": { + "deliverLogsPermissionARN": { + "description": "The ARN for the IAM role that permits Amazon EC2 to publish flow logs to a CloudWatch Logs log group in your account. \n If you specify LogDestinationType as s3, do not specify DeliverLogsPermissionArn or LogGroupName.", + "type": "string" + }, + "destinationOptions": { + "description": "The destination options.", + "properties": { + "fileFormat": { + "type": "string" + }, + "hiveCompatiblePartitions": { + "type": "boolean" + }, + "perHourPartition": { + "type": "boolean" + } + }, + "type": "object", + "additionalProperties": false + }, + "logDestination": { + "description": "The destination to which the flow log data is to be published. Flow log data can be published to a CloudWatch Logs log group or an Amazon S3 bucket. The value specified for this parameter depends on the value specified for LogDestinationType. \n If LogDestinationType is not specified or cloud-watch-logs, specify the Amazon Resource Name (ARN) of the CloudWatch Logs log group. For example, to publish to a log group called my-logs, specify arn:aws:logs:us-east-1:123456789012:log-group:my-logs. Alternatively, use LogGroupName instead. \n If LogDestinationType is s3, specify the ARN of the Amazon S3 bucket. You can also specify a subfolder in the bucket. To specify a subfolder in the bucket, use the following ARN format: bucket_ARN/subfolder_name/. For example, to specify a subfolder named my-logs in a bucket named my-bucket, use the following ARN: arn:aws:s3:::my-bucket/my-logs/. You cannot use AWSLogs as a subfolder name. This is a reserved term.", + "type": "string" + }, + "logDestinationType": { + "description": "The type of destination to which the flow log data is to be published. Flow log data can be published to CloudWatch Logs or Amazon S3. To publish flow log data to CloudWatch Logs, specify cloud-watch-logs. To publish flow log data to Amazon S3, specify s3. \n If you specify LogDestinationType as s3, do not specify DeliverLogsPermissionArn or LogGroupName. \n Default: cloud-watch-logs", + "type": "string" + }, + "logFormat": { + "description": "The fields to include in the flow log record, in the order in which they should appear. For a list of available fields, see Flow log records (https://docs.aws.amazon.com/vpc/latest/userguide/flow-logs.html#flow-log-records). If you omit this parameter, the flow log is created using the default format. If you specify this parameter, you must specify at least one field. \n Specify the fields using the ${field-id} format, separated by spaces. For the CLI, surround this parameter value with single quotes on Linux or double quotes on Windows.", + "type": "string" + }, + "logGroupName": { + "description": "The name of a new or existing CloudWatch Logs log group where Amazon EC2 publishes your flow logs. \n If you specify LogDestinationType as s3, do not specify DeliverLogsPermissionArn or LogGroupName.", + "type": "string" + }, + "maxAggregationInterval": { + "description": "The maximum interval of time during which a flow of packets is captured and aggregated into a flow log record. You can specify 60 seconds (1 minute) or 600 seconds (10 minutes). \n When a network interface is attached to a Nitro-based instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances), the aggregation interval is always 60 seconds or less, regardless of the value that you specify. \n Default: 600", + "format": "int64", + "type": "integer" + }, + "resourceID": { + "type": "string" + }, + "resourceType": { + "description": "The type of resource for which to create the flow log. For example, if you specified a VPC ID for the ResourceId property, specify VPC for this property.", + "type": "string" + }, + "tags": { + "description": "The tags. The value parameter is required, but if you don't want the tag to have a value, specify the parameter with no value, and we set the value to an empty string.", + "items": { + "description": "Describes a tag.", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "trafficType": { + "description": "The type of traffic to log. You can log traffic that the resource accepts or rejects, or all traffic.", + "type": "string" + } + }, + "required": [ + "resourceID", + "resourceType" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "FlowLogStatus defines the observed state of FlowLog", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "clientToken": { + "description": "Unique, case-sensitive identifier that you provide to ensure the idempotency of the request.", + "type": "string" + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "flowLogID": { + "type": "string" + }, + "unsuccessful": { + "description": "Information about the flow logs that could not be created successfully.", + "items": { + "description": "Information about items that were not successfully processed in a batch call.", + "properties": { + "error": { + "description": "Information about the error that occurred. For more information about errors, see Error codes (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/errors-overview.html).", + "properties": { + "code": { + "type": "string" + }, + "message": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "resourceID": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/ec2.services.k8s.aws/instance_v1alpha1.json b/ec2.services.k8s.aws/instance_v1alpha1.json new file mode 100644 index 00000000..7e3c4103 --- /dev/null +++ b/ec2.services.k8s.aws/instance_v1alpha1.json @@ -0,0 +1,853 @@ +{ + "description": "Instance is the Schema for the Instances API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "InstanceSpec defines the desired state of Instance. \n Describes an instance.", + "properties": { + "blockDeviceMappings": { + "description": "The block device mapping, which defines the EBS volumes and instance store volumes to attach to the instance at launch. For more information, see Block device mappings (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/block-device-mapping-concepts.html) in the Amazon EC2 User Guide.", + "items": { + "description": "Describes a block device mapping, which defines the EBS volumes and instance store volumes to attach to an instance at launch.", + "properties": { + "deviceName": { + "type": "string" + }, + "ebs": { + "description": "Describes a block device for an EBS volume.", + "properties": { + "deleteOnTermination": { + "type": "boolean" + }, + "encrypted": { + "type": "boolean" + }, + "iops": { + "format": "int64", + "type": "integer" + }, + "kmsKeyID": { + "type": "string" + }, + "outpostARN": { + "type": "string" + }, + "snapshotID": { + "type": "string" + }, + "throughput": { + "format": "int64", + "type": "integer" + }, + "volumeSize": { + "format": "int64", + "type": "integer" + }, + "volumeType": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "noDevice": { + "type": "string" + }, + "virtualName": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "capacityReservationSpecification": { + "description": "Information about the Capacity Reservation targeting option. If you do not specify this parameter, the instance's Capacity Reservation preference defaults to open, which enables it to run in any open Capacity Reservation that has matching attributes (instance type, platform, Availability Zone).", + "properties": { + "capacityReservationPreference": { + "type": "string" + }, + "capacityReservationTarget": { + "description": "Describes a target Capacity Reservation or Capacity Reservation group.", + "properties": { + "capacityReservationID": { + "type": "string" + }, + "capacityReservationResourceGroupARN": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "cpuOptions": { + "description": "The CPU options for the instance. For more information, see Optimize CPU options (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html) in the Amazon EC2 User Guide.", + "properties": { + "coreCount": { + "format": "int64", + "type": "integer" + }, + "threadsPerCore": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + }, + "creditSpecification": { + "description": "The credit option for CPU usage of the burstable performance instance. Valid values are standard and unlimited. To change this attribute after launch, use ModifyInstanceCreditSpecification (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyInstanceCreditSpecification.html). For more information, see Burstable performance instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html) in the Amazon EC2 User Guide. \n Default: standard (T2 instances) or unlimited (T3/T3a/T4g instances) \n For T3 instances with host tenancy, only standard is supported.", + "properties": { + "cpuCredits": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "disableAPIStop": { + "description": "Indicates whether an instance is enabled for stop protection. For more information, see Stop protection (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Stop_Start.html#Using_StopProtection).", + "type": "boolean" + }, + "disableAPITermination": { + "description": "If you set this parameter to true, you can't terminate the instance using the Amazon EC2 console, CLI, or API; otherwise, you can. To change this attribute after launch, use ModifyInstanceAttribute (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyInstanceAttribute.html). Alternatively, if you set InstanceInitiatedShutdownBehavior to terminate, you can terminate the instance by running the shutdown command from the instance. \n Default: false", + "type": "boolean" + }, + "ebsOptimized": { + "description": "Indicates whether the instance is optimized for Amazon EBS I/O. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal Amazon EBS I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using an EBS-optimized instance. \n Default: false", + "type": "boolean" + }, + "elasticGPUSpecification": { + "description": "An elastic GPU to associate with the instance. An Elastic GPU is a GPU resource that you can attach to your Windows instance to accelerate the graphics performance of your applications. For more information, see Amazon EC2 Elastic GPUs (https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/elastic-graphics.html) in the Amazon EC2 User Guide.", + "items": { + "description": "A specification for an Elastic Graphics accelerator.", + "properties": { + "type_": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "elasticInferenceAccelerators": { + "description": "An elastic inference accelerator to associate with the instance. Elastic inference accelerators are a resource you can attach to your Amazon EC2 instances to accelerate your Deep Learning (DL) inference workloads. \n You cannot specify accelerators from different generations in the same request.", + "items": { + "description": "Describes an elastic inference accelerator.", + "properties": { + "count": { + "format": "int64", + "type": "integer" + }, + "type_": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "enclaveOptions": { + "description": "Indicates whether the instance is enabled for Amazon Web Services Nitro Enclaves. For more information, see What is Amazon Web Services Nitro Enclaves? (https://docs.aws.amazon.com/enclaves/latest/user/nitro-enclave.html) in the Amazon Web Services Nitro Enclaves User Guide. \n You can't enable Amazon Web Services Nitro Enclaves and hibernation on the same instance.", + "properties": { + "enabled": { + "type": "boolean" + } + }, + "type": "object", + "additionalProperties": false + }, + "hibernationOptions": { + "description": "Indicates whether an instance is enabled for hibernation. For more information, see Hibernate your instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html) in the Amazon EC2 User Guide. \n You can't enable hibernation and Amazon Web Services Nitro Enclaves on the same instance.", + "properties": { + "configured": { + "type": "boolean" + } + }, + "type": "object", + "additionalProperties": false + }, + "iamInstanceProfile": { + "description": "The name or Amazon Resource Name (ARN) of an IAM instance profile.", + "properties": { + "arn": { + "type": "string" + }, + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "imageID": { + "description": "The ID of the AMI. An AMI ID is required to launch an instance and must be specified here or in a launch template.", + "type": "string" + }, + "instanceInitiatedShutdownBehavior": { + "description": "Indicates whether an instance stops or terminates when you initiate shutdown from the instance (using the operating system command for system shutdown). \n Default: stop", + "type": "string" + }, + "instanceMarketOptions": { + "description": "The market (purchasing) option for the instances. \n For RunInstances, persistent Spot Instance requests are only supported when InstanceInterruptionBehavior is set to either hibernate or stop.", + "properties": { + "marketType": { + "type": "string" + }, + "spotOptions": { + "description": "The options for Spot Instances.", + "properties": { + "blockDurationMinutes": { + "format": "int64", + "type": "integer" + }, + "instanceInterruptionBehavior": { + "type": "string" + }, + "maxPrice": { + "type": "string" + }, + "spotInstanceType": { + "type": "string" + }, + "validUntil": { + "format": "date-time", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "instanceType": { + "description": "The instance type. For more information, see Instance types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) in the Amazon EC2 User Guide. \n Default: m1.small", + "type": "string" + }, + "ipv6AddressCount": { + "description": "[EC2-VPC] The number of IPv6 addresses to associate with the primary network interface. Amazon EC2 chooses the IPv6 addresses from the range of your subnet. You cannot specify this option and the option to assign specific IPv6 addresses in the same request. You can specify this option if you've specified a minimum number of instances to launch. \n You cannot specify this option and the network interfaces option in the same request.", + "format": "int64", + "type": "integer" + }, + "ipv6Addresses": { + "description": "[EC2-VPC] The IPv6 addresses from the range of the subnet to associate with the primary network interface. You cannot specify this option and the option to assign a number of IPv6 addresses in the same request. You cannot specify this option if you've specified a minimum number of instances to launch. \n You cannot specify this option and the network interfaces option in the same request.", + "items": { + "description": "Describes an IPv6 address.", + "properties": { + "ipv6Address": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "kernelID": { + "description": "The ID of the kernel. \n We recommend that you use PV-GRUB instead of kernels and RAM disks. For more information, see PV-GRUB (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html) in the Amazon EC2 User Guide.", + "type": "string" + }, + "keyName": { + "description": "The name of the key pair. You can create a key pair using CreateKeyPair (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateKeyPair.html) or ImportKeyPair (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportKeyPair.html). \n If you do not specify a key pair, you can't connect to the instance unless you choose an AMI that is configured to allow users another way to log in.", + "type": "string" + }, + "launchTemplate": { + "description": "The launch template to use to launch the instances. Any parameters that you specify in RunInstances override the same parameters in the launch template. You can specify either the name or ID of a launch template, but not both.", + "properties": { + "launchTemplateID": { + "type": "string" + }, + "launchTemplateName": { + "type": "string" + }, + "version": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "licenseSpecifications": { + "description": "The license configurations.", + "items": { + "description": "Describes a license configuration.", + "properties": { + "licenseConfigurationARN": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "maintenanceOptions": { + "description": "The maintenance and recovery options for the instance.", + "properties": { + "autoRecovery": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "maxCount": { + "description": "The maximum number of instances to launch. If you specify more instances than Amazon EC2 can launch in the target Availability Zone, Amazon EC2 launches the largest possible number of instances above MinCount. \n Constraints: Between 1 and the maximum number you're allowed for the specified instance type. For more information about the default limits, and how to request an increase, see How many instances can I run in Amazon EC2 (http://aws.amazon.com/ec2/faqs/#How_many_instances_can_I_run_in_Amazon_EC2) in the Amazon EC2 FAQ.", + "format": "int64", + "type": "integer" + }, + "metadataOptions": { + "description": "The metadata options for the instance. For more information, see Instance metadata and user data (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html).", + "properties": { + "httpEndpoint": { + "type": "string" + }, + "httpProtocolIPv6": { + "type": "string" + }, + "httpPutResponseHopLimit": { + "format": "int64", + "type": "integer" + }, + "httpTokens": { + "type": "string" + }, + "instanceMetadataTags": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "minCount": { + "description": "The minimum number of instances to launch. If you specify a minimum that is more instances than Amazon EC2 can launch in the target Availability Zone, Amazon EC2 launches no instances. \n Constraints: Between 1 and the maximum number you're allowed for the specified instance type. For more information about the default limits, and how to request an increase, see How many instances can I run in Amazon EC2 (http://aws.amazon.com/ec2/faqs/#How_many_instances_can_I_run_in_Amazon_EC2) in the Amazon EC2 General FAQ.", + "format": "int64", + "type": "integer" + }, + "monitoring": { + "description": "Specifies whether detailed monitoring is enabled for the instance.", + "properties": { + "enabled": { + "type": "boolean" + } + }, + "type": "object", + "additionalProperties": false + }, + "networkInterfaces": { + "description": "The network interfaces to associate with the instance. If you specify a network interface, you must specify any security groups and subnets as part of the network interface.", + "items": { + "description": "Describes a network interface.", + "properties": { + "associateCarrierIPAddress": { + "type": "boolean" + }, + "associatePublicIPAddress": { + "type": "boolean" + }, + "deleteOnTermination": { + "type": "boolean" + }, + "description": { + "type": "string" + }, + "deviceIndex": { + "format": "int64", + "type": "integer" + }, + "interfaceType": { + "type": "string" + }, + "ipv4PrefixCount": { + "format": "int64", + "type": "integer" + }, + "ipv4Prefixes": { + "items": { + "description": "Describes the IPv4 prefix option for a network interface.", + "properties": { + "ipv4Prefix": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "ipv6AddressCount": { + "format": "int64", + "type": "integer" + }, + "ipv6Addresses": { + "items": { + "description": "Describes an IPv6 address.", + "properties": { + "ipv6Address": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "ipv6PrefixCount": { + "format": "int64", + "type": "integer" + }, + "ipv6Prefixes": { + "items": { + "description": "Describes the IPv4 prefix option for a network interface.", + "properties": { + "ipv6Prefix": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "networkCardIndex": { + "format": "int64", + "type": "integer" + }, + "networkInterfaceID": { + "type": "string" + }, + "privateIPAddress": { + "type": "string" + }, + "privateIPAddresses": { + "items": { + "description": "Describes a secondary private IPv4 address for a network interface.", + "properties": { + "primary": { + "type": "boolean" + }, + "privateIPAddress": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "secondaryPrivateIPAddressCount": { + "format": "int64", + "type": "integer" + }, + "subnetID": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "placement": { + "description": "The placement for the instance.", + "properties": { + "affinity": { + "type": "string" + }, + "availabilityZone": { + "type": "string" + }, + "groupName": { + "type": "string" + }, + "hostID": { + "type": "string" + }, + "hostResourceGroupARN": { + "type": "string" + }, + "partitionNumber": { + "format": "int64", + "type": "integer" + }, + "spreadDomain": { + "type": "string" + }, + "tenancy": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "privateDNSNameOptions": { + "description": "The options for the instance hostname. The default values are inherited from the subnet.", + "properties": { + "enableResourceNameDNSAAAARecord": { + "type": "boolean" + }, + "enableResourceNameDNSARecord": { + "type": "boolean" + }, + "hostnameType": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "privateIPAddress": { + "description": "[EC2-VPC] The primary IPv4 address. You must specify a value from the IPv4 address range of the subnet. \n Only one private IP address can be designated as primary. You can't specify this option if you've specified the option to designate a private IP address as the primary IP address in a network interface specification. You cannot specify this option if you're launching more than one instance in the request. \n You cannot specify this option and the network interfaces option in the same request.", + "type": "string" + }, + "ramDiskID": { + "description": "The ID of the RAM disk to select. Some kernels require additional drivers at launch. Check the kernel requirements for information about whether you need to specify a RAM disk. To find kernel requirements, go to the Amazon Web Services Resource Center and search for the kernel ID. \n We recommend that you use PV-GRUB instead of kernels and RAM disks. For more information, see PV-GRUB (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html) in the Amazon EC2 User Guide.", + "type": "string" + }, + "securityGroupIDs": { + "description": "The IDs of the security groups. You can create a security group using CreateSecurityGroup (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateSecurityGroup.html). \n If you specify a network interface, you must specify any security groups as part of the network interface.", + "items": { + "type": "string" + }, + "type": "array" + }, + "securityGroups": { + "description": "[EC2-Classic, default VPC] The names of the security groups. For a nondefault VPC, you must use security group IDs instead. \n If you specify a network interface, you must specify any security groups as part of the network interface. \n Default: Amazon EC2 uses the default security group.", + "items": { + "type": "string" + }, + "type": "array" + }, + "subnetID": { + "description": "[EC2-VPC] The ID of the subnet to launch the instance into. \n If you specify a network interface, you must specify any subnets as part of the network interface.", + "type": "string" + }, + "tags": { + "description": "The tags. The value parameter is required, but if you don't want the tag to have a value, specify the parameter with no value, and we set the value to an empty string.", + "items": { + "description": "Describes a tag.", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "userData": { + "description": "The user data script to make available to the instance. For more information, see Run commands on your Linux instance at launch (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/user-data.html) and Run commands on your Windows instance at launch (https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/ec2-windows-user-data.html). If you are using a command line tool, base64-encoding is performed for you, and you can load the text from a file. Otherwise, you must provide base64-encoded text. User data is limited to 16 KB.", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "InstanceStatus defines the observed state of Instance", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "amiLaunchIndex": { + "description": "The AMI launch index, which can be used to find this instance in the launch group.", + "format": "int64", + "type": "integer" + }, + "architecture": { + "description": "The architecture of the image.", + "type": "string" + }, + "bootMode": { + "description": "The boot mode of the instance. For more information, see Boot modes (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-boot.html) in the Amazon EC2 User Guide.", + "type": "string" + }, + "capacityReservationID": { + "description": "The ID of the Capacity Reservation.", + "type": "string" + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "elasticGPUAssociations": { + "description": "The Elastic GPU associated with the instance.", + "items": { + "description": "Describes the association between an instance and an Elastic Graphics accelerator.", + "properties": { + "elasticGPUAssociationID": { + "type": "string" + }, + "elasticGPUAssociationState": { + "type": "string" + }, + "elasticGPUAssociationTime": { + "type": "string" + }, + "elasticGPUID": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "elasticInferenceAcceleratorAssociations": { + "description": "The elastic inference accelerator associated with the instance.", + "items": { + "description": "Describes the association between an instance and an elastic inference accelerator.", + "properties": { + "elasticInferenceAcceleratorARN": { + "type": "string" + }, + "elasticInferenceAcceleratorAssociationID": { + "type": "string" + }, + "elasticInferenceAcceleratorAssociationState": { + "type": "string" + }, + "elasticInferenceAcceleratorAssociationTime": { + "format": "date-time", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "enaSupport": { + "description": "Specifies whether enhanced networking with ENA is enabled.", + "type": "boolean" + }, + "hypervisor": { + "description": "The hypervisor type of the instance. The value xen is used for both Xen and Nitro hypervisors.", + "type": "string" + }, + "instanceID": { + "description": "The ID of the instance.", + "type": "string" + }, + "instanceLifecycle": { + "description": "Indicates whether this is a Spot Instance or a Scheduled Instance.", + "type": "string" + }, + "ipv6Address": { + "description": "The IPv6 address assigned to the instance.", + "type": "string" + }, + "launchTime": { + "description": "The time the instance was launched.", + "format": "date-time", + "type": "string" + }, + "licenses": { + "description": "The license configurations for the instance.", + "items": { + "description": "Describes a license configuration.", + "properties": { + "licenseConfigurationARN": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "outpostARN": { + "description": "The Amazon Resource Name (ARN) of the Outpost.", + "type": "string" + }, + "platform": { + "description": "The value is Windows for Windows instances; otherwise blank.", + "type": "string" + }, + "platformDetails": { + "description": "The platform details value for the instance. For more information, see AMI billing information fields (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/billing-info-fields.html) in the Amazon EC2 User Guide.", + "type": "string" + }, + "privateDNSName": { + "description": "(IPv4 only) The private DNS hostname name assigned to the instance. This DNS hostname can only be used inside the Amazon EC2 network. This name is not available until the instance enters the running state. \n [EC2-VPC] The Amazon-provided DNS server resolves Amazon-provided private DNS hostnames if you've enabled DNS resolution and DNS hostnames in your VPC. If you are not using the Amazon-provided DNS server in your VPC, your custom domain name servers must resolve the hostname as appropriate.", + "type": "string" + }, + "productCodes": { + "description": "The product codes attached to this instance, if applicable.", + "items": { + "description": "Describes a product code.", + "properties": { + "productCodeID": { + "type": "string" + }, + "productCodeType": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "publicDNSName": { + "description": "(IPv4 only) The public DNS name assigned to the instance. This name is not available until the instance enters the running state. For EC2-VPC, this name is only available if you've enabled DNS hostnames for your VPC.", + "type": "string" + }, + "publicIPAddress": { + "description": "The public IPv4 address, or the Carrier IP address assigned to the instance, if applicable. \n A Carrier IP address only applies to an instance launched in a subnet associated with a Wavelength Zone.", + "type": "string" + }, + "rootDeviceName": { + "description": "The device name of the root device volume (for example, /dev/sda1).", + "type": "string" + }, + "rootDeviceType": { + "description": "The root device type used by the AMI. The AMI can use an EBS volume or an instance store volume.", + "type": "string" + }, + "sourceDestCheck": { + "description": "Indicates whether source/destination checking is enabled.", + "type": "boolean" + }, + "spotInstanceRequestID": { + "description": "If the request is a Spot Instance request, the ID of the request.", + "type": "string" + }, + "sriovNetSupport": { + "description": "Specifies whether enhanced networking with the Intel 82599 Virtual Function interface is enabled.", + "type": "string" + }, + "state": { + "description": "The current state of the instance.", + "properties": { + "code": { + "format": "int64", + "type": "integer" + }, + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "stateReason": { + "description": "The reason for the most recent state transition.", + "properties": { + "code": { + "type": "string" + }, + "message": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "stateTransitionReason": { + "description": "The reason for the most recent state transition. This might be an empty string.", + "type": "string" + }, + "tpmSupport": { + "description": "If the instance is configured for NitroTPM support, the value is v2.0. For more information, see NitroTPM (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/nitrotpm.html) in the Amazon EC2 User Guide.", + "type": "string" + }, + "usageOperation": { + "description": "The usage operation value for the instance. For more information, see AMI billing information fields (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/billing-info-fields.html) in the Amazon EC2 User Guide.", + "type": "string" + }, + "usageOperationUpdateTime": { + "description": "The time that the usage operation was last updated.", + "format": "date-time", + "type": "string" + }, + "virtualizationType": { + "description": "The virtualization type of the instance.", + "type": "string" + }, + "vpcID": { + "description": "[EC2-VPC] The ID of the VPC in which the instance is running.", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/ec2.services.k8s.aws/internetgateway_v1alpha1.json b/ec2.services.k8s.aws/internetgateway_v1alpha1.json new file mode 100644 index 00000000..2c5d8061 --- /dev/null +++ b/ec2.services.k8s.aws/internetgateway_v1alpha1.json @@ -0,0 +1,153 @@ +{ + "description": "InternetGateway is the Schema for the InternetGateways API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "InternetGatewaySpec defines the desired state of InternetGateway. \n Describes an internet gateway.", + "properties": { + "tags": { + "description": "The tags. The value parameter is required, but if you don't want the tag to have a value, specify the parameter with no value, and we set the value to an empty string.", + "items": { + "description": "Describes a tag.", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "vpc": { + "description": "The ID of the VPC.", + "type": "string" + }, + "vpcRef": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "InternetGatewayStatus defines the observed state of InternetGateway", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "attachments": { + "description": "Any VPCs attached to the internet gateway.", + "items": { + "description": "Describes the attachment of a VPC to an internet gateway or an egress-only internet gateway.", + "properties": { + "state": { + "type": "string" + }, + "vpcID": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "internetGatewayID": { + "description": "The ID of the internet gateway.", + "type": "string" + }, + "ownerID": { + "description": "The ID of the Amazon Web Services account that owns the internet gateway.", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/ec2.services.k8s.aws/natgateway_v1alpha1.json b/ec2.services.k8s.aws/natgateway_v1alpha1.json new file mode 100644 index 00000000..a7fac1f0 --- /dev/null +++ b/ec2.services.k8s.aws/natgateway_v1alpha1.json @@ -0,0 +1,230 @@ +{ + "description": "NATGateway is the Schema for the NATGateways API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "NatGatewaySpec defines the desired state of NatGateway. \n Describes a NAT gateway.", + "properties": { + "allocationID": { + "description": "[Public NAT gateways only] The allocation ID of an Elastic IP address to associate with the NAT gateway. You cannot specify an Elastic IP address with a private NAT gateway. If the Elastic IP address is associated with another resource, you must first disassociate it.", + "type": "string" + }, + "allocationRef": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "connectivityType": { + "description": "Indicates whether the NAT gateway supports public or private connectivity. The default is public connectivity.", + "type": "string" + }, + "subnetID": { + "description": "The subnet in which to create the NAT gateway.", + "type": "string" + }, + "subnetRef": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "tags": { + "description": "The tags. The value parameter is required, but if you don't want the tag to have a value, specify the parameter with no value, and we set the value to an empty string.", + "items": { + "description": "Describes a tag.", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "NATGatewayStatus defines the observed state of NATGateway", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "createTime": { + "description": "The date and time the NAT gateway was created.", + "format": "date-time", + "type": "string" + }, + "deleteTime": { + "description": "The date and time the NAT gateway was deleted, if applicable.", + "format": "date-time", + "type": "string" + }, + "failureCode": { + "description": "If the NAT gateway could not be created, specifies the error code for the failure. (InsufficientFreeAddressesInSubnet | Gateway.NotAttached | InvalidAllocationID.NotFound | Resource.AlreadyAssociated | InternalError | InvalidSubnetID.NotFound)", + "type": "string" + }, + "failureMessage": { + "description": "If the NAT gateway could not be created, specifies the error message for the failure, that corresponds to the error code. \n * For InsufficientFreeAddressesInSubnet: \"Subnet has insufficient free addresses to create this NAT gateway\" \n * For Gateway.NotAttached: \"Network vpc-xxxxxxxx has no Internet gateway attached\" \n * For InvalidAllocationID.NotFound: \"Elastic IP address eipalloc-xxxxxxxx could not be associated with this NAT gateway\" \n * For Resource.AlreadyAssociated: \"Elastic IP address eipalloc-xxxxxxxx is already associated\" \n * For InternalError: \"Network interface eni-xxxxxxxx, created and used internally by this NAT gateway is in an invalid state. Please try again.\" \n * For InvalidSubnetID.NotFound: \"The specified subnet subnet-xxxxxxxx does not exist or could not be found.\"", + "type": "string" + }, + "natGatewayAddresses": { + "description": "Information about the IP addresses and network interface associated with the NAT gateway.", + "items": { + "description": "Describes the IP addresses and network interface associated with a NAT gateway.", + "properties": { + "allocationID": { + "type": "string" + }, + "networkInterfaceID": { + "type": "string" + }, + "privateIP": { + "type": "string" + }, + "publicIP": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "natGatewayID": { + "description": "The ID of the NAT gateway.", + "type": "string" + }, + "provisionedBandwidth": { + "description": "Reserved. If you need to sustain traffic greater than the documented limits (https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html), contact us through the Support Center (https://console.aws.amazon.com/support/home?).", + "properties": { + "provisionTime": { + "format": "date-time", + "type": "string" + }, + "provisioned": { + "type": "string" + }, + "requestTime": { + "format": "date-time", + "type": "string" + }, + "requested": { + "type": "string" + }, + "status": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "state": { + "description": "The state of the NAT gateway. \n * pending: The NAT gateway is being created and is not ready to process traffic. \n * failed: The NAT gateway could not be created. Check the failureCode and failureMessage fields for the reason. \n * available: The NAT gateway is able to process traffic. This status remains until you delete the NAT gateway, and does not indicate the health of the NAT gateway. \n * deleting: The NAT gateway is in the process of being terminated and may still be processing traffic. \n * deleted: The NAT gateway has been terminated and is no longer processing traffic.", + "type": "string" + }, + "vpcID": { + "description": "The ID of the VPC in which the NAT gateway is located.", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/ec2.services.k8s.aws/routetable_v1alpha1.json b/ec2.services.k8s.aws/routetable_v1alpha1.json new file mode 100644 index 00000000..6a2a33a1 --- /dev/null +++ b/ec2.services.k8s.aws/routetable_v1alpha1.json @@ -0,0 +1,367 @@ +{ + "description": "RouteTable is the Schema for the RouteTables API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "RouteTableSpec defines the desired state of RouteTable. \n Describes a route table.", + "properties": { + "routes": { + "items": { + "properties": { + "carrierGatewayID": { + "type": "string" + }, + "coreNetworkARN": { + "type": "string" + }, + "destinationCIDRBlock": { + "type": "string" + }, + "destinationIPv6CIDRBlock": { + "type": "string" + }, + "destinationPrefixListID": { + "type": "string" + }, + "egressOnlyInternetGatewayID": { + "type": "string" + }, + "gatewayID": { + "type": "string" + }, + "gatewayRef": { + "description": "Reference field for GatewayID", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "instanceID": { + "type": "string" + }, + "localGatewayID": { + "type": "string" + }, + "natGatewayID": { + "type": "string" + }, + "natGatewayRef": { + "description": "Reference field for NATGatewayID", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "networkInterfaceID": { + "type": "string" + }, + "transitGatewayID": { + "type": "string" + }, + "transitGatewayRef": { + "description": "Reference field for TransitGatewayID", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "vpcEndpointID": { + "type": "string" + }, + "vpcEndpointRef": { + "description": "Reference field for VPCEndpointID", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "vpcPeeringConnectionID": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "tags": { + "description": "The tags. The value parameter is required, but if you don't want the tag to have a value, specify the parameter with no value, and we set the value to an empty string.", + "items": { + "description": "Describes a tag.", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "vpcID": { + "description": "The ID of the VPC.", + "type": "string" + }, + "vpcRef": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "RouteTableStatus defines the observed state of RouteTable", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "associations": { + "description": "The associations between the route table and one or more subnets or a gateway.", + "items": { + "description": "Describes an association between a route table and a subnet or gateway.", + "properties": { + "associationState": { + "description": "Describes the state of an association between a route table and a subnet or gateway.", + "properties": { + "state": { + "type": "string" + }, + "statusMessage": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "gatewayID": { + "type": "string" + }, + "main": { + "type": "boolean" + }, + "routeTableAssociationID": { + "type": "string" + }, + "routeTableID": { + "type": "string" + }, + "subnetID": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "ownerID": { + "description": "The ID of the Amazon Web Services account that owns the route table.", + "type": "string" + }, + "propagatingVGWs": { + "description": "Any virtual private gateway (VGW) propagating routes.", + "items": { + "description": "Describes a virtual private gateway propagating route.", + "properties": { + "gatewayID": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "routeStatuses": { + "description": "The routes in the route table.", + "items": { + "description": "Describes a route in a route table.", + "properties": { + "carrierGatewayID": { + "type": "string" + }, + "coreNetworkARN": { + "type": "string" + }, + "destinationCIDRBlock": { + "type": "string" + }, + "destinationIPv6CIDRBlock": { + "type": "string" + }, + "destinationPrefixListID": { + "type": "string" + }, + "egressOnlyInternetGatewayID": { + "type": "string" + }, + "gatewayID": { + "type": "string" + }, + "instanceID": { + "type": "string" + }, + "instanceOwnerID": { + "type": "string" + }, + "localGatewayID": { + "type": "string" + }, + "natGatewayID": { + "type": "string" + }, + "networkInterfaceID": { + "type": "string" + }, + "origin": { + "type": "string" + }, + "state": { + "type": "string" + }, + "transitGatewayID": { + "type": "string" + }, + "vpcPeeringConnectionID": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "routeTableID": { + "description": "The ID of the route table.", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/ec2.services.k8s.aws/securitygroup_v1alpha1.json b/ec2.services.k8s.aws/securitygroup_v1alpha1.json new file mode 100644 index 00000000..ab0a20bf --- /dev/null +++ b/ec2.services.k8s.aws/securitygroup_v1alpha1.json @@ -0,0 +1,400 @@ +{ + "description": "SecurityGroup is the Schema for the SecurityGroups API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "SecurityGroupSpec defines the desired state of SecurityGroup. \n Describes a security group.", + "properties": { + "description": { + "description": "A description for the security group. This is informational only. \n Constraints: Up to 255 characters in length \n Constraints for EC2-Classic: ASCII characters \n Constraints for EC2-VPC: a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$*", + "type": "string" + }, + "egressRules": { + "items": { + "description": "Describes a set of permissions for a security group rule.", + "properties": { + "fromPort": { + "format": "int64", + "type": "integer" + }, + "ipProtocol": { + "type": "string" + }, + "ipRanges": { + "items": { + "description": "Describes an IPv4 range.", + "properties": { + "cidrIP": { + "type": "string" + }, + "description": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "ipv6Ranges": { + "items": { + "description": "[EC2-VPC only] Describes an IPv6 range.", + "properties": { + "cidrIPv6": { + "type": "string" + }, + "description": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "prefixListIDs": { + "items": { + "description": "Describes a prefix list ID.", + "properties": { + "description": { + "type": "string" + }, + "prefixListID": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "toPort": { + "format": "int64", + "type": "integer" + }, + "userIDGroupPairs": { + "items": { + "description": "Describes a security group and Amazon Web Services account ID pair. \n We are retiring EC2-Classic on August 15, 2022. We recommend that you migrate from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) in the Amazon Elastic Compute Cloud User Guide.", + "properties": { + "description": { + "type": "string" + }, + "groupID": { + "type": "string" + }, + "groupName": { + "type": "string" + }, + "peeringStatus": { + "type": "string" + }, + "userID": { + "type": "string" + }, + "vpcID": { + "type": "string" + }, + "vpcPeeringConnectionID": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "ingressRules": { + "items": { + "description": "Describes a set of permissions for a security group rule.", + "properties": { + "fromPort": { + "format": "int64", + "type": "integer" + }, + "ipProtocol": { + "type": "string" + }, + "ipRanges": { + "items": { + "description": "Describes an IPv4 range.", + "properties": { + "cidrIP": { + "type": "string" + }, + "description": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "ipv6Ranges": { + "items": { + "description": "[EC2-VPC only] Describes an IPv6 range.", + "properties": { + "cidrIPv6": { + "type": "string" + }, + "description": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "prefixListIDs": { + "items": { + "description": "Describes a prefix list ID.", + "properties": { + "description": { + "type": "string" + }, + "prefixListID": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "toPort": { + "format": "int64", + "type": "integer" + }, + "userIDGroupPairs": { + "items": { + "description": "Describes a security group and Amazon Web Services account ID pair. \n We are retiring EC2-Classic on August 15, 2022. We recommend that you migrate from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) in the Amazon Elastic Compute Cloud User Guide.", + "properties": { + "description": { + "type": "string" + }, + "groupID": { + "type": "string" + }, + "groupName": { + "type": "string" + }, + "peeringStatus": { + "type": "string" + }, + "userID": { + "type": "string" + }, + "vpcID": { + "type": "string" + }, + "vpcPeeringConnectionID": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "name": { + "description": "The name of the security group. \n Constraints: Up to 255 characters in length. Cannot start with sg-. \n Constraints for EC2-Classic: ASCII characters \n Constraints for EC2-VPC: a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$*", + "type": "string" + }, + "tags": { + "description": "The tags. The value parameter is required, but if you don't want the tag to have a value, specify the parameter with no value, and we set the value to an empty string.", + "items": { + "description": "Describes a tag.", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "vpcID": { + "description": "[EC2-VPC] The ID of the VPC. Required for EC2-VPC.", + "type": "string" + }, + "vpcRef": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + } + }, + "required": [ + "description", + "name" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "SecurityGroupStatus defines the observed state of SecurityGroup", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "id": { + "description": "The ID of the security group.", + "type": "string" + }, + "rules": { + "description": "Information about security group rules.", + "items": { + "description": "Describes a security group rule.", + "properties": { + "cidrIPv4": { + "type": "string" + }, + "cidrIPv6": { + "type": "string" + }, + "description": { + "type": "string" + }, + "fromPort": { + "format": "int64", + "type": "integer" + }, + "ipProtocol": { + "type": "string" + }, + "isEgress": { + "type": "boolean" + }, + "prefixListID": { + "type": "string" + }, + "securityGroupRuleID": { + "type": "string" + }, + "tags": { + "items": { + "description": "Describes a tag.", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "toPort": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/ec2.services.k8s.aws/subnet_v1alpha1.json b/ec2.services.k8s.aws/subnet_v1alpha1.json new file mode 100644 index 00000000..4aedb7f0 --- /dev/null +++ b/ec2.services.k8s.aws/subnet_v1alpha1.json @@ -0,0 +1,275 @@ +{ + "description": "Subnet is the Schema for the Subnets API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "SubnetSpec defines the desired state of Subnet. \n Describes a subnet.", + "properties": { + "assignIPv6AddressOnCreation": { + "type": "boolean" + }, + "availabilityZone": { + "description": "The Availability Zone or Local Zone for the subnet. \n Default: Amazon Web Services selects one for you. If you create more than one subnet in your VPC, we do not necessarily select a different zone for each subnet. \n To create a subnet in a Local Zone, set this value to the Local Zone ID, for example us-west-2-lax-1a. For information about the Regions that support Local Zones, see Available Regions (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html#concepts-available-regions) in the Amazon Elastic Compute Cloud User Guide. \n To create a subnet in an Outpost, set this value to the Availability Zone for the Outpost and specify the Outpost ARN.", + "type": "string" + }, + "availabilityZoneID": { + "description": "The AZ ID or the Local Zone ID of the subnet.", + "type": "string" + }, + "cidrBlock": { + "description": "The IPv4 network range for the subnet, in CIDR notation. For example, 10.0.0.0/24. We modify the specified CIDR block to its canonical form; for example, if you specify 100.68.0.18/18, we modify it to 100.68.0.0/18. \n This parameter is not supported for an IPv6 only subnet.", + "type": "string" + }, + "customerOwnedIPv4Pool": { + "type": "string" + }, + "enableDNS64": { + "type": "boolean" + }, + "enableResourceNameDNSAAAARecord": { + "type": "boolean" + }, + "enableResourceNameDNSARecord": { + "type": "boolean" + }, + "hostnameType": { + "type": "string" + }, + "ipv6CIDRBlock": { + "description": "The IPv6 network range for the subnet, in CIDR notation. The subnet size must use a /64 prefix length. \n This parameter is required for an IPv6 only subnet.", + "type": "string" + }, + "ipv6Native": { + "description": "Indicates whether to create an IPv6 only subnet.", + "type": "boolean" + }, + "mapPublicIPOnLaunch": { + "type": "boolean" + }, + "outpostARN": { + "description": "The Amazon Resource Name (ARN) of the Outpost. If you specify an Outpost ARN, you must also specify the Availability Zone of the Outpost subnet.", + "type": "string" + }, + "routeTableRefs": { + "items": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "routeTables": { + "items": { + "type": "string" + }, + "type": "array" + }, + "tags": { + "description": "The tags. The value parameter is required, but if you don't want the tag to have a value, specify the parameter with no value, and we set the value to an empty string.", + "items": { + "description": "Describes a tag.", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "vpcID": { + "description": "The ID of the VPC.", + "type": "string" + }, + "vpcRef": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "SubnetStatus defines the observed state of Subnet", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "availableIPAddressCount": { + "description": "The number of unused private IPv4 addresses in the subnet. The IPv4 addresses for any stopped instances are considered unavailable.", + "format": "int64", + "type": "integer" + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "defaultForAZ": { + "description": "Indicates whether this is the default subnet for the Availability Zone.", + "type": "boolean" + }, + "enableLniAtDeviceIndex": { + "description": "Indicates the device position for local network interfaces in this subnet. For example, 1 indicates local network interfaces in this subnet are the secondary network interface (eth1).", + "format": "int64", + "type": "integer" + }, + "ipv6CIDRBlockAssociationSet": { + "description": "Information about the IPv6 CIDR blocks associated with the subnet.", + "items": { + "description": "Describes an association between a subnet and an IPv6 CIDR block.", + "properties": { + "associationID": { + "type": "string" + }, + "ipv6CIDRBlock": { + "type": "string" + }, + "ipv6CIDRBlockState": { + "description": "Describes the state of a CIDR block.", + "properties": { + "state": { + "type": "string" + }, + "statusMessage": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "mapCustomerOwnedIPOnLaunch": { + "description": "Indicates whether a network interface created in this subnet (including a network interface created by RunInstances) receives a customer-owned IPv4 address.", + "type": "boolean" + }, + "ownerID": { + "description": "The ID of the Amazon Web Services account that owns the subnet.", + "type": "string" + }, + "privateDNSNameOptionsOnLaunch": { + "description": "The type of hostnames to assign to instances in the subnet at launch. An instance hostname is based on the IPv4 address or ID of the instance.", + "properties": { + "enableResourceNameDNSAAAARecord": { + "type": "boolean" + }, + "enableResourceNameDNSARecord": { + "type": "boolean" + }, + "hostnameType": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "state": { + "description": "The current state of the subnet.", + "type": "string" + }, + "subnetID": { + "description": "The ID of the subnet.", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/ec2.services.k8s.aws/transitgateway_v1alpha1.json b/ec2.services.k8s.aws/transitgateway_v1alpha1.json new file mode 100644 index 00000000..8acd7b59 --- /dev/null +++ b/ec2.services.k8s.aws/transitgateway_v1alpha1.json @@ -0,0 +1,163 @@ +{ + "description": "TransitGateway is the Schema for the TransitGateways API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "TransitGatewaySpec defines the desired state of TransitGateway. \n Describes a transit gateway.", + "properties": { + "description": { + "description": "A description of the transit gateway.", + "type": "string" + }, + "options": { + "description": "The transit gateway options.", + "properties": { + "amazonSideASN": { + "format": "int64", + "type": "integer" + }, + "autoAcceptSharedAttachments": { + "type": "string" + }, + "defaultRouteTableAssociation": { + "type": "string" + }, + "defaultRouteTablePropagation": { + "type": "string" + }, + "dnsSupport": { + "type": "string" + }, + "multicastSupport": { + "type": "string" + }, + "transitGatewayCIDRBlocks": { + "items": { + "type": "string" + }, + "type": "array" + }, + "vpnECMPSupport": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "tags": { + "description": "The tags. The value parameter is required, but if you don't want the tag to have a value, specify the parameter with no value, and we set the value to an empty string.", + "items": { + "description": "Describes a tag.", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "TransitGatewayStatus defines the observed state of TransitGateway", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "creationTime": { + "description": "The creation time.", + "format": "date-time", + "type": "string" + }, + "ownerID": { + "description": "The ID of the Amazon Web Services account that owns the transit gateway.", + "type": "string" + }, + "state": { + "description": "The state of the transit gateway.", + "type": "string" + }, + "transitGatewayID": { + "description": "The ID of the transit gateway.", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/ec2.services.k8s.aws/vpc_v1alpha1.json b/ec2.services.k8s.aws/vpc_v1alpha1.json new file mode 100644 index 00000000..fdb77364 --- /dev/null +++ b/ec2.services.k8s.aws/vpc_v1alpha1.json @@ -0,0 +1,248 @@ +{ + "description": "VPC is the Schema for the VPCS API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "VpcSpec defines the desired state of Vpc. \n Describes a VPC.", + "properties": { + "amazonProvidedIPv6CIDRBlock": { + "description": "Requests an Amazon-provided IPv6 CIDR block with a /56 prefix length for the VPC. You cannot specify the range of IP addresses, or the size of the CIDR block.", + "type": "boolean" + }, + "cidrBlocks": { + "items": { + "type": "string" + }, + "type": "array" + }, + "enableDNSHostnames": { + "description": "The attribute value. The valid values are true or false.", + "type": "boolean" + }, + "enableDNSSupport": { + "description": "The attribute value. The valid values are true or false.", + "type": "boolean" + }, + "instanceTenancy": { + "description": "The tenancy options for instances launched into the VPC. For default, instances are launched with shared tenancy by default. You can launch instances with any tenancy into a shared tenancy VPC. For dedicated, instances are launched as dedicated tenancy instances by default. You can only launch instances with a tenancy of dedicated or host into a dedicated tenancy VPC. \n Important: The host value cannot be used with this parameter. Use the default or dedicated values only. \n Default: default", + "type": "string" + }, + "ipv4IPAMPoolID": { + "description": "The ID of an IPv4 IPAM pool you want to use for allocating this VPC's CIDR. For more information, see What is IPAM? (https://docs.aws.amazon.com/vpc/latest/ipam/what-is-it-ipam.html) in the Amazon VPC IPAM User Guide.", + "type": "string" + }, + "ipv4NetmaskLength": { + "description": "The netmask length of the IPv4 CIDR you want to allocate to this VPC from an Amazon VPC IP Address Manager (IPAM) pool. For more information about IPAM, see What is IPAM? (https://docs.aws.amazon.com/vpc/latest/ipam/what-is-it-ipam.html) in the Amazon VPC IPAM User Guide.", + "format": "int64", + "type": "integer" + }, + "ipv6CIDRBlock": { + "description": "The IPv6 CIDR block from the IPv6 address pool. You must also specify Ipv6Pool in the request. \n To let Amazon choose the IPv6 CIDR block for you, omit this parameter.", + "type": "string" + }, + "ipv6CIDRBlockNetworkBorderGroup": { + "description": "The name of the location from which we advertise the IPV6 CIDR block. Use this parameter to limit the address to this location. \n You must set AmazonProvidedIpv6CidrBlock to true to use this parameter.", + "type": "string" + }, + "ipv6IPAMPoolID": { + "description": "The ID of an IPv6 IPAM pool which will be used to allocate this VPC an IPv6 CIDR. IPAM is a VPC feature that you can use to automate your IP address management workflows including assigning, tracking, troubleshooting, and auditing IP addresses across Amazon Web Services Regions and accounts throughout your Amazon Web Services Organization. For more information, see What is IPAM? (https://docs.aws.amazon.com/vpc/latest/ipam/what-is-it-ipam.html) in the Amazon VPC IPAM User Guide.", + "type": "string" + }, + "ipv6NetmaskLength": { + "description": "The netmask length of the IPv6 CIDR you want to allocate to this VPC from an Amazon VPC IP Address Manager (IPAM) pool. For more information about IPAM, see What is IPAM? (https://docs.aws.amazon.com/vpc/latest/ipam/what-is-it-ipam.html) in the Amazon VPC IPAM User Guide.", + "format": "int64", + "type": "integer" + }, + "ipv6Pool": { + "description": "The ID of an IPv6 address pool from which to allocate the IPv6 CIDR block.", + "type": "string" + }, + "tags": { + "description": "The tags. The value parameter is required, but if you don't want the tag to have a value, specify the parameter with no value, and we set the value to an empty string.", + "items": { + "description": "Describes a tag.", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "required": [ + "cidrBlocks" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "VPCStatus defines the observed state of VPC", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "cidrBlockAssociationSet": { + "description": "Information about the IPv4 CIDR blocks associated with the VPC.", + "items": { + "description": "Describes an IPv4 CIDR block associated with a VPC.", + "properties": { + "associationID": { + "type": "string" + }, + "cidrBlock": { + "type": "string" + }, + "cidrBlockState": { + "description": "Describes the state of a CIDR block.", + "properties": { + "state": { + "type": "string" + }, + "statusMessage": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "dhcpOptionsID": { + "description": "The ID of the set of DHCP options you've associated with the VPC.", + "type": "string" + }, + "ipv6CIDRBlockAssociationSet": { + "description": "Information about the IPv6 CIDR blocks associated with the VPC.", + "items": { + "description": "Describes an IPv6 CIDR block associated with a VPC.", + "properties": { + "associationID": { + "type": "string" + }, + "ipv6CIDRBlock": { + "type": "string" + }, + "ipv6CIDRBlockState": { + "description": "Describes the state of a CIDR block.", + "properties": { + "state": { + "type": "string" + }, + "statusMessage": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "ipv6Pool": { + "type": "string" + }, + "networkBorderGroup": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "isDefault": { + "description": "Indicates whether the VPC is the default VPC.", + "type": "boolean" + }, + "ownerID": { + "description": "The ID of the Amazon Web Services account that owns the VPC.", + "type": "string" + }, + "state": { + "description": "The current state of the VPC.", + "type": "string" + }, + "vpcID": { + "description": "The ID of the VPC.", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/ec2.services.k8s.aws/vpcendpoint_v1alpha1.json b/ec2.services.k8s.aws/vpcendpoint_v1alpha1.json new file mode 100644 index 00000000..4d8f3366 --- /dev/null +++ b/ec2.services.k8s.aws/vpcendpoint_v1alpha1.json @@ -0,0 +1,317 @@ +{ + "description": "VPCEndpoint is the Schema for the VPCEndpoints API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "VpcEndpointSpec defines the desired state of VpcEndpoint. \n Describes a VPC endpoint.", + "properties": { + "dnsOptions": { + "description": "The DNS options for the endpoint.", + "properties": { + "dnsRecordIPType": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "ipAddressType": { + "description": "The IP address type for the endpoint.", + "type": "string" + }, + "policyDocument": { + "description": "(Interface and gateway endpoints) A policy to attach to the endpoint that controls access to the service. The policy must be in valid JSON format. If this parameter is not specified, we attach a default policy that allows full access to the service.", + "type": "string" + }, + "privateDNSEnabled": { + "description": "(Interface endpoint) Indicates whether to associate a private hosted zone with the specified VPC. The private hosted zone contains a record set for the default public DNS name for the service for the Region (for example, kinesis.us-east-1.amazonaws.com), which resolves to the private IP addresses of the endpoint network interfaces in the VPC. This enables you to make requests to the default public DNS name for the service instead of the public DNS names that are automatically generated by the VPC endpoint service. \n To use a private hosted zone, you must set the following VPC attributes to true: enableDnsHostnames and enableDnsSupport. Use ModifyVpcAttribute to set the VPC attributes. \n Default: true", + "type": "boolean" + }, + "routeTableIDs": { + "description": "(Gateway endpoint) One or more route table IDs.", + "items": { + "type": "string" + }, + "type": "array" + }, + "routeTableRefs": { + "items": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "securityGroupIDs": { + "description": "(Interface endpoint) The ID of one or more security groups to associate with the endpoint network interface.", + "items": { + "type": "string" + }, + "type": "array" + }, + "securityGroupRefs": { + "items": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "serviceName": { + "description": "The service name. To get a list of available services, use the DescribeVpcEndpointServices request, or get the name from the service provider.", + "type": "string" + }, + "subnetIDs": { + "description": "(Interface and Gateway Load Balancer endpoints) The ID of one or more subnets in which to create an endpoint network interface. For a Gateway Load Balancer endpoint, you can specify one subnet only.", + "items": { + "type": "string" + }, + "type": "array" + }, + "subnetRefs": { + "items": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "tags": { + "description": "The tags. The value parameter is required, but if you don't want the tag to have a value, specify the parameter with no value, and we set the value to an empty string.", + "items": { + "description": "Describes a tag.", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "vpcEndpointType": { + "description": "The type of endpoint. \n Default: Gateway", + "type": "string" + }, + "vpcID": { + "description": "The ID of the VPC in which the endpoint will be used.", + "type": "string" + }, + "vpcRef": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + } + }, + "required": [ + "serviceName" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "VPCEndpointStatus defines the observed state of VPCEndpoint", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "creationTimestamp": { + "description": "The date and time that the endpoint was created.", + "format": "date-time", + "type": "string" + }, + "dnsEntries": { + "description": "(Interface endpoint) The DNS entries for the endpoint.", + "items": { + "description": "Describes a DNS entry.", + "properties": { + "dnsName": { + "type": "string" + }, + "hostedZoneID": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "groups": { + "description": "(Interface endpoint) Information about the security groups that are associated with the network interface.", + "items": { + "description": "Describes a security group.", + "properties": { + "groupID": { + "type": "string" + }, + "groupName": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "lastError": { + "description": "The last error that occurred for endpoint.", + "properties": { + "code": { + "type": "string" + }, + "message": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "networkInterfaceIDs": { + "description": "(Interface endpoint) One or more network interfaces for the endpoint.", + "items": { + "type": "string" + }, + "type": "array" + }, + "ownerID": { + "description": "The ID of the Amazon Web Services account that owns the endpoint.", + "type": "string" + }, + "requesterManaged": { + "description": "Indicates whether the endpoint is being managed by its service.", + "type": "boolean" + }, + "state": { + "description": "The state of the endpoint.", + "type": "string" + }, + "vpcEndpointID": { + "description": "The ID of the endpoint.", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/ecr.services.k8s.aws/pullthroughcacherule_v1alpha1.json b/ecr.services.k8s.aws/pullthroughcacherule_v1alpha1.json new file mode 100644 index 00000000..ab2279dc --- /dev/null +++ b/ecr.services.k8s.aws/pullthroughcacherule_v1alpha1.json @@ -0,0 +1,111 @@ +{ + "description": "PullThroughCacheRule is the Schema for the PullThroughCacheRules API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "PullThroughCacheRuleSpec defines the desired state of PullThroughCacheRule. \n The details of a pull through cache rule.", + "properties": { + "ecrRepositoryPrefix": { + "description": "The repository name prefix to use when caching images from the source registry.", + "type": "string" + }, + "registryID": { + "description": "The Amazon Web Services account ID associated with the registry to create the pull through cache rule for. If you do not specify a registry, the default registry is assumed.", + "type": "string" + }, + "upstreamRegistryURL": { + "description": "The registry URL of the upstream public registry to use as the source for the pull through cache rule.", + "type": "string" + } + }, + "required": [ + "ecrRepositoryPrefix", + "upstreamRegistryURL" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "PullThroughCacheRuleStatus defines the observed state of PullThroughCacheRule", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "createdAt": { + "description": "The date and time, in JavaScript date format, when the pull through cache rule was created.", + "format": "date-time", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/ecr.services.k8s.aws/repository_v1alpha1.json b/ecr.services.k8s.aws/repository_v1alpha1.json new file mode 100644 index 00000000..b7e938bc --- /dev/null +++ b/ecr.services.k8s.aws/repository_v1alpha1.json @@ -0,0 +1,162 @@ +{ + "description": "Repository is the Schema for the Repositories API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "RepositorySpec defines the desired state of Repository. \n An object representing a repository.", + "properties": { + "encryptionConfiguration": { + "description": "The encryption configuration for the repository. This determines how the contents of your repository are encrypted at rest.", + "properties": { + "encryptionType": { + "type": "string" + }, + "kmsKey": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "imageScanningConfiguration": { + "description": "The image scanning configuration for the repository. This determines whether images are scanned for known vulnerabilities after being pushed to the repository.", + "properties": { + "scanOnPush": { + "type": "boolean" + } + }, + "type": "object", + "additionalProperties": false + }, + "imageTagMutability": { + "description": "The tag mutability setting for the repository. If this parameter is omitted, the default setting of MUTABLE will be used which will allow image tags to be overwritten. If IMMUTABLE is specified, all image tags within the repository will be immutable which will prevent them from being overwritten.", + "type": "string" + }, + "lifecyclePolicy": { + "description": "The JSON repository policy text to apply to the repository.", + "type": "string" + }, + "name": { + "description": "The name to use for the repository. The repository name may be specified on its own (such as nginx-web-app) or it can be prepended with a namespace to group the repository into a category (such as project-a/nginx-web-app).", + "type": "string" + }, + "policy": { + "description": "The JSON repository policy text to apply to the repository. For more information, see Amazon ECR repository policies (https://docs.aws.amazon.com/AmazonECR/latest/userguide/repository-policy-examples.html) in the Amazon Elastic Container Registry User Guide.", + "type": "string" + }, + "registryID": { + "description": "The Amazon Web Services account ID associated with the registry to create the repository. If you do not specify a registry, the default registry is assumed.", + "type": "string" + }, + "tags": { + "description": "The metadata that you apply to the repository to help you categorize and organize them. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.", + "items": { + "description": "The metadata to apply to a resource to help you categorize and organize them. Each tag consists of a key and a value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "required": [ + "name" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "RepositoryStatus defines the observed state of Repository", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "createdAt": { + "description": "The date and time, in JavaScript date format, when the repository was created.", + "format": "date-time", + "type": "string" + }, + "repositoryURI": { + "description": "The URI for the repository. You can use this URI for container image push and pull operations.", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/eks.services.k8s.aws/addon_v1alpha1.json b/eks.services.k8s.aws/addon_v1alpha1.json new file mode 100644 index 00000000..3ad97fce --- /dev/null +++ b/eks.services.k8s.aws/addon_v1alpha1.json @@ -0,0 +1,226 @@ +{ + "description": "Addon is the Schema for the Addons API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "AddonSpec defines the desired state of Addon. \n An Amazon EKS add-on. For more information, see Amazon EKS add-ons (https://docs.aws.amazon.com/eks/latest/userguide/eks-add-ons.html) in the Amazon EKS User Guide.", + "properties": { + "addonVersion": { + "description": "The version of the add-on. The version must match one of the versions returned by DescribeAddonVersions (https://docs.aws.amazon.com/eks/latest/APIReference/API_DescribeAddonVersions.html).", + "type": "string" + }, + "clientRequestToken": { + "description": "A unique, case-sensitive identifier that you provide to ensure the idempotency of the request.", + "type": "string" + }, + "clusterName": { + "description": "The name of the cluster to create the add-on for.", + "type": "string" + }, + "clusterRef": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "configurationValues": { + "description": "The set of configuration values for the add-on that's created. The values that you provide are validated against the schema in DescribeAddonConfiguration (https://docs.aws.amazon.com/eks/latest/APIReference/API_DescribeAddonConfiguration.html).", + "type": "string" + }, + "name": { + "description": "The name of the add-on. The name must match one of the names that DescribeAddonVersions (https://docs.aws.amazon.com/eks/latest/APIReference/API_DescribeAddonVersions.html) returns.", + "type": "string" + }, + "resolveConflicts": { + "description": "How to resolve field value conflicts for an Amazon EKS add-on. Conflicts are handled based on the value you choose: \n - None \u2013 If the self-managed version of the add-on is installed on your cluster, Amazon EKS doesn't change the value. Creation of the add-on might fail. \n - Overwrite \u2013 If the self-managed version of the add-on is installed on your cluster and the Amazon EKS default value is different than the existing value, Amazon EKS changes the value to the Amazon EKS default value. \n - Preserve \u2013 Not supported. You can set this value when updating an add-on though. For more information, see UpdateAddon (https://docs.aws.amazon.com/eks/latest/APIReference/API_UpdateAddon.html). \n If you don't currently have the self-managed version of the add-on installed on your cluster, the Amazon EKS add-on is installed. Amazon EKS sets all values to default values, regardless of the option that you specify.", + "type": "string" + }, + "serviceAccountRoleARN": { + "description": "The Amazon Resource Name (ARN) of an existing IAM role to bind to the add-on's service account. The role must be assigned the IAM permissions required by the add-on. If you don't specify an existing IAM role, then the add-on uses the permissions assigned to the node IAM role. For more information, see Amazon EKS node IAM role (https://docs.aws.amazon.com/eks/latest/userguide/create-node-role.html) in the Amazon EKS User Guide. \n To specify an existing IAM role, you must have an IAM OpenID Connect (OIDC) provider created for your cluster. For more information, see Enabling IAM roles for service accounts on your cluster (https://docs.aws.amazon.com/eks/latest/userguide/enable-iam-roles-for-service-accounts.html) in the Amazon EKS User Guide.", + "type": "string" + }, + "serviceAccountRoleRef": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "tags": { + "additionalProperties": { + "type": "string" + }, + "description": "The metadata to apply to the cluster to assist with categorization and organization. Each tag consists of a key and an optional value. You define both.", + "type": "object" + } + }, + "required": [ + "name" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "AddonStatus defines the observed state of Addon", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "createdAt": { + "description": "The date and time that the add-on was created.", + "format": "date-time", + "type": "string" + }, + "health": { + "description": "An object that represents the health of the add-on.", + "properties": { + "issues": { + "items": { + "description": "An issue related to an add-on.", + "properties": { + "code": { + "type": "string" + }, + "message": { + "type": "string" + }, + "resourceIDs": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "marketplaceInformation": { + "description": "Information about an Amazon EKS add-on from the Amazon Web Services Marketplace.", + "properties": { + "productID": { + "type": "string" + }, + "productURL": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "modifiedAt": { + "description": "The date and time that the add-on was last modified.", + "format": "date-time", + "type": "string" + }, + "owner": { + "description": "The owner of the add-on.", + "type": "string" + }, + "publisher": { + "description": "The publisher of the add-on.", + "type": "string" + }, + "status": { + "description": "The status of the add-on.", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/eks.services.k8s.aws/cluster_v1alpha1.json b/eks.services.k8s.aws/cluster_v1alpha1.json new file mode 100644 index 00000000..85b071df --- /dev/null +++ b/eks.services.k8s.aws/cluster_v1alpha1.json @@ -0,0 +1,399 @@ +{ + "description": "Cluster is the Schema for the Clusters API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "ClusterSpec defines the desired state of Cluster. \n An object representing an Amazon EKS cluster.", + "properties": { + "clientRequestToken": { + "description": "Unique, case-sensitive identifier that you provide to ensure the idempotency of the request.", + "type": "string" + }, + "encryptionConfig": { + "description": "The encryption configuration for the cluster.", + "items": { + "description": "The encryption configuration for the cluster.", + "properties": { + "provider": { + "description": "Identifies the Key Management Service (KMS) key used to encrypt the secrets.", + "properties": { + "keyARN": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "resources": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "kubernetesNetworkConfig": { + "description": "The Kubernetes network configuration for the cluster.", + "properties": { + "ipFamily": { + "type": "string" + }, + "serviceIPv4CIDR": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "logging": { + "description": "Enable or disable exporting the Kubernetes control plane logs for your cluster to CloudWatch Logs. By default, cluster control plane logs aren't exported to CloudWatch Logs. For more information, see Amazon EKS Cluster control plane logs (https://docs.aws.amazon.com/eks/latest/userguide/control-plane-logs.html) in the Amazon EKS User Guide . \n CloudWatch Logs ingestion, archive storage, and data scanning rates apply to exported control plane logs. For more information, see CloudWatch Pricing (http://aws.amazon.com/cloudwatch/pricing/).", + "properties": { + "clusterLogging": { + "items": { + "description": "An object representing the enabled or disabled Kubernetes control plane logs for your cluster.", + "properties": { + "enabled": { + "type": "boolean" + }, + "types": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "name": { + "description": "The unique name to give to your cluster.", + "type": "string" + }, + "outpostConfig": { + "description": "An object representing the configuration of your local Amazon EKS cluster on an Amazon Web Services Outpost. Before creating a local cluster on an Outpost, review Local clusters for Amazon EKS on Amazon Web Services Outposts (https://docs.aws.amazon.com/eks/latest/userguide/eks-outposts-local-cluster-overview.html) in the Amazon EKS User Guide. This object isn't available for creating Amazon EKS clusters on the Amazon Web Services cloud.", + "properties": { + "controlPlaneInstanceType": { + "type": "string" + }, + "controlPlanePlacement": { + "description": "The placement configuration for all the control plane instances of your local Amazon EKS cluster on an Amazon Web Services Outpost. For more information, see Capacity considerations (https://docs.aws.amazon.com/eks/latest/userguide/eks-outposts-capacity-considerations.html) in the Amazon EKS User Guide", + "properties": { + "groupName": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "outpostARNs": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "resourcesVPCConfig": { + "description": "The VPC configuration that's used by the cluster control plane. Amazon EKS VPC resources have specific requirements to work properly with Kubernetes. For more information, see Cluster VPC Considerations (https://docs.aws.amazon.com/eks/latest/userguide/network_reqs.html) and Cluster Security Group Considerations (https://docs.aws.amazon.com/eks/latest/userguide/sec-group-reqs.html) in the Amazon EKS User Guide. You must specify at least two subnets. You can specify up to five security groups. However, we recommend that you use a dedicated security group for your cluster control plane.", + "properties": { + "endpointPrivateAccess": { + "type": "boolean" + }, + "endpointPublicAccess": { + "type": "boolean" + }, + "publicAccessCIDRs": { + "items": { + "type": "string" + }, + "type": "array" + }, + "securityGroupIDs": { + "items": { + "type": "string" + }, + "type": "array" + }, + "securityGroupRefs": { + "description": "Reference field for SecurityGroupIDs", + "items": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "subnetIDs": { + "items": { + "type": "string" + }, + "type": "array" + }, + "subnetRefs": { + "description": "Reference field for SubnetIDs", + "items": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "roleARN": { + "description": "The Amazon Resource Name (ARN) of the IAM role that provides permissions for the Kubernetes control plane to make calls to Amazon Web Services API operations on your behalf. For more information, see Amazon EKS Service IAM Role (https://docs.aws.amazon.com/eks/latest/userguide/service_IAM_role.html) in the Amazon EKS User Guide .", + "type": "string" + }, + "roleRef": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "tags": { + "additionalProperties": { + "type": "string" + }, + "description": "The metadata to apply to the cluster to assist with categorization and organization. Each tag consists of a key and an optional value. You define both.", + "type": "object" + }, + "version": { + "description": "The desired Kubernetes version for your cluster. If you don't specify a value here, the default version available in Amazon EKS is used. \n The default version might not be the latest version available.", + "type": "string" + } + }, + "required": [ + "name", + "resourcesVPCConfig" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "ClusterStatus defines the observed state of Cluster", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "certificateAuthority": { + "description": "The certificate-authority-data for your cluster.", + "properties": { + "data": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "connectorConfig": { + "description": "The configuration used to connect to a cluster for registration.", + "properties": { + "activationCode": { + "type": "string" + }, + "activationExpiry": { + "format": "date-time", + "type": "string" + }, + "activationID": { + "type": "string" + }, + "provider": { + "type": "string" + }, + "roleARN": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "createdAt": { + "description": "The Unix epoch timestamp in seconds for when the cluster was created.", + "format": "date-time", + "type": "string" + }, + "endpoint": { + "description": "The endpoint for your Kubernetes API server.", + "type": "string" + }, + "health": { + "description": "An object representing the health of your local Amazon EKS cluster on an Amazon Web Services Outpost. This object isn't available for clusters on the Amazon Web Services cloud.", + "properties": { + "issues": { + "items": { + "description": "An issue with your local Amazon EKS cluster on an Amazon Web Services Outpost. You can't use this API with an Amazon EKS cluster on the Amazon Web Services cloud.", + "properties": { + "code": { + "type": "string" + }, + "message": { + "type": "string" + }, + "resourceIDs": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "id": { + "description": "The ID of your local Amazon EKS cluster on an Amazon Web Services Outpost. This property isn't available for an Amazon EKS cluster on the Amazon Web Services cloud.", + "type": "string" + }, + "identity": { + "description": "The identity provider information for the cluster.", + "properties": { + "oidc": { + "description": "An object representing the OpenID Connect (https://openid.net/connect/) (OIDC) identity provider information for the cluster.", + "properties": { + "issuer": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "platformVersion": { + "description": "The platform version of your Amazon EKS cluster. For more information, see Platform Versions (https://docs.aws.amazon.com/eks/latest/userguide/platform-versions.html) in the Amazon EKS User Guide .", + "type": "string" + }, + "status": { + "description": "The current status of the cluster.", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/eks.services.k8s.aws/fargateprofile_v1alpha1.json b/eks.services.k8s.aws/fargateprofile_v1alpha1.json new file mode 100644 index 00000000..da8cf438 --- /dev/null +++ b/eks.services.k8s.aws/fargateprofile_v1alpha1.json @@ -0,0 +1,206 @@ +{ + "description": "FargateProfile is the Schema for the FargateProfiles API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "FargateProfileSpec defines the desired state of FargateProfile. \n An object representing an Fargate profile.", + "properties": { + "clientRequestToken": { + "description": "Unique, case-sensitive identifier that you provide to ensure the idempotency of the request.", + "type": "string" + }, + "clusterName": { + "description": "The name of the Amazon EKS cluster to apply the Fargate profile to.", + "type": "string" + }, + "clusterRef": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "name": { + "description": "The name of the Fargate profile.", + "type": "string" + }, + "podExecutionRoleARN": { + "description": "The Amazon Resource Name (ARN) of the pod execution role to use for pods that match the selectors in the Fargate profile. The pod execution role allows Fargate infrastructure to register with your cluster as a node, and it provides read access to Amazon ECR image repositories. For more information, see Pod Execution Role (https://docs.aws.amazon.com/eks/latest/userguide/pod-execution-role.html) in the Amazon EKS User Guide.", + "type": "string" + }, + "podExecutionRoleRef": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "selectors": { + "description": "The selectors to match for pods to use this Fargate profile. Each selector must have an associated namespace. Optionally, you can also specify labels for a namespace. You may specify up to five selectors in a Fargate profile.", + "items": { + "description": "An object representing an Fargate profile selector.", + "properties": { + "labels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "namespace": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "subnetRefs": { + "items": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "subnets": { + "description": "The IDs of subnets to launch your pods into. At this time, pods running on Fargate are not assigned public IP addresses, so only private subnets (with no direct route to an Internet Gateway) are accepted for this parameter.", + "items": { + "type": "string" + }, + "type": "array" + }, + "tags": { + "additionalProperties": { + "type": "string" + }, + "description": "The metadata to apply to the Fargate profile to assist with categorization and organization. Each tag consists of a key and an optional value. You define both. Fargate profile tags do not propagate to any other resources associated with the Fargate profile, such as the pods that are scheduled with it.", + "type": "object" + } + }, + "required": [ + "name" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "FargateProfileStatus defines the observed state of FargateProfile", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "createdAt": { + "description": "The Unix epoch timestamp in seconds for when the Fargate profile was created.", + "format": "date-time", + "type": "string" + }, + "status": { + "description": "The current status of the Fargate profile.", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/eks.services.k8s.aws/nodegroup_v1alpha1.json b/eks.services.k8s.aws/nodegroup_v1alpha1.json new file mode 100644 index 00000000..04212e66 --- /dev/null +++ b/eks.services.k8s.aws/nodegroup_v1alpha1.json @@ -0,0 +1,385 @@ +{ + "description": "Nodegroup is the Schema for the Nodegroups API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "NodegroupSpec defines the desired state of Nodegroup. \n An object representing an Amazon EKS managed node group.", + "properties": { + "amiType": { + "description": "The AMI type for your node group. If you specify launchTemplate, and your launch template uses a custom AMI, then don't specify amiType, or the node group deployment will fail. If your launch template uses a Windows custom AMI, then add eks:kube-proxy-windows to your Windows nodes rolearn in the aws-auth ConfigMap. For more information about using launch templates with Amazon EKS, see Launch template support (https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the Amazon EKS User Guide.", + "type": "string" + }, + "capacityType": { + "description": "The capacity type for your node group.", + "type": "string" + }, + "clientRequestToken": { + "description": "Unique, case-sensitive identifier that you provide to ensure the idempotency of the request.", + "type": "string" + }, + "clusterName": { + "description": "The name of the cluster to create the node group in.", + "type": "string" + }, + "clusterRef": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "diskSize": { + "description": "The root device disk size (in GiB) for your node group instances. The default disk size is 20 GiB for Linux and Bottlerocket. The default disk size is 50 GiB for Windows. If you specify launchTemplate, then don't specify diskSize, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see Launch template support (https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the Amazon EKS User Guide.", + "format": "int64", + "type": "integer" + }, + "instanceTypes": { + "description": "Specify the instance types for a node group. If you specify a GPU instance type, make sure to also specify an applicable GPU AMI type with the amiType parameter. If you specify launchTemplate, then you can specify zero or one instance type in your launch template or you can specify 0-20 instance types for instanceTypes. If however, you specify an instance type in your launch template and specify any instanceTypes, the node group deployment will fail. If you don't specify an instance type in a launch template or for instanceTypes, then t3.medium is used, by default. If you specify Spot for capacityType, then we recommend specifying multiple values for instanceTypes. For more information, see Managed node group capacity types (https://docs.aws.amazon.com/eks/latest/userguide/managed-node-groups.html#managed-node-group-capacity-types) and Launch template support (https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the Amazon EKS User Guide.", + "items": { + "type": "string" + }, + "type": "array" + }, + "labels": { + "additionalProperties": { + "type": "string" + }, + "description": "The Kubernetes labels to be applied to the nodes in the node group when they are created.", + "type": "object" + }, + "launchTemplate": { + "description": "An object representing a node group's launch template specification. If specified, then do not specify instanceTypes, diskSize, or remoteAccess and make sure that the launch template meets the requirements in launchTemplateSpecification.", + "properties": { + "id": { + "type": "string" + }, + "name": { + "type": "string" + }, + "version": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "name": { + "description": "The unique name to give your node group.", + "type": "string" + }, + "nodeRole": { + "description": "The Amazon Resource Name (ARN) of the IAM role to associate with your node group. The Amazon EKS worker node kubelet daemon makes calls to Amazon Web Services APIs on your behalf. Nodes receive permissions for these API calls through an IAM instance profile and associated policies. Before you can launch nodes and register them into a cluster, you must create an IAM role for those nodes to use when they are launched. For more information, see Amazon EKS node IAM role (https://docs.aws.amazon.com/eks/latest/userguide/create-node-role.html) in the Amazon EKS User Guide . If you specify launchTemplate, then don't specify IamInstanceProfile (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_IamInstanceProfile.html) in your launch template, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see Launch template support (https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the Amazon EKS User Guide.", + "type": "string" + }, + "nodeRoleRef": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "releaseVersion": { + "description": "The AMI version of the Amazon EKS optimized AMI to use with your node group. By default, the latest available AMI version for the node group's current Kubernetes version is used. For information about Linux versions, see Amazon EKS optimized Amazon Linux AMI versions (https://docs.aws.amazon.com/eks/latest/userguide/eks-linux-ami-versions.html) in the Amazon EKS User Guide. Amazon EKS managed node groups support the November 2022 and later releases of the Windows AMIs. For information about Windows versions, see Amazon EKS optimized Windows AMI versions (https://docs.aws.amazon.com/eks/latest/userguide/eks-ami-versions-windows.html) in the Amazon EKS User Guide. \n If you specify launchTemplate, and your launch template uses a custom AMI, then don't specify releaseVersion, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see Launch template support (https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the Amazon EKS User Guide.", + "type": "string" + }, + "remoteAccess": { + "description": "The remote access configuration to use with your node group. For Linux, the protocol is SSH. For Windows, the protocol is RDP. If you specify launchTemplate, then don't specify remoteAccess, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see Launch template support (https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the Amazon EKS User Guide.", + "properties": { + "ec2SshKey": { + "type": "string" + }, + "sourceSecurityGroupRefs": { + "description": "Reference field for SourceSecurityGroups", + "items": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "sourceSecurityGroups": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "scalingConfig": { + "description": "The scaling configuration details for the Auto Scaling group that is created for your node group.", + "properties": { + "desiredSize": { + "format": "int64", + "type": "integer" + }, + "maxSize": { + "format": "int64", + "type": "integer" + }, + "minSize": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + }, + "subnetRefs": { + "items": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "subnets": { + "description": "The subnets to use for the Auto Scaling group that is created for your node group. If you specify launchTemplate, then don't specify SubnetId (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateNetworkInterface.html) in your launch template, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see Launch template support (https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the Amazon EKS User Guide.", + "items": { + "type": "string" + }, + "type": "array" + }, + "tags": { + "additionalProperties": { + "type": "string" + }, + "description": "The metadata to apply to the node group to assist with categorization and organization. Each tag consists of a key and an optional value. You define both. Node group tags do not propagate to any other resources associated with the node group, such as the Amazon EC2 instances or subnets.", + "type": "object" + }, + "taints": { + "description": "The Kubernetes taints to be applied to the nodes in the node group. For more information, see Node taints on managed node groups (https://docs.aws.amazon.com/eks/latest/userguide/node-taints-managed-node-groups.html).", + "items": { + "description": "A property that allows a node to repel a set of pods. For more information, see Node taints on managed node groups (https://docs.aws.amazon.com/eks/latest/userguide/node-taints-managed-node-groups.html).", + "properties": { + "effect": { + "type": "string" + }, + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "updateConfig": { + "description": "The node group update configuration.", + "properties": { + "maxUnavailable": { + "format": "int64", + "type": "integer" + }, + "maxUnavailablePercentage": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + }, + "version": { + "description": "The Kubernetes version to use for your managed nodes. By default, the Kubernetes version of the cluster is used, and this is the only accepted specified value. If you specify launchTemplate, and your launch template uses a custom AMI, then don't specify version, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see Launch template support (https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the Amazon EKS User Guide.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "NodegroupStatus defines the observed state of Nodegroup", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "createdAt": { + "description": "The Unix epoch timestamp in seconds for when the managed node group was created.", + "format": "date-time", + "type": "string" + }, + "health": { + "description": "The health status of the node group. If there are issues with your node group's health, they are listed here.", + "properties": { + "issues": { + "items": { + "description": "An object representing an issue with an Amazon EKS resource.", + "properties": { + "code": { + "type": "string" + }, + "message": { + "type": "string" + }, + "resourceIDs": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "modifiedAt": { + "description": "The Unix epoch timestamp in seconds for when the managed node group was last modified.", + "format": "date-time", + "type": "string" + }, + "resources": { + "description": "The resources associated with the node group, such as Auto Scaling groups and security groups for remote access.", + "properties": { + "autoScalingGroups": { + "items": { + "description": "An Auto Scaling group that is associated with an Amazon EKS managed node group.", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "remoteAccessSecurityGroup": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "The current status of the managed node group.", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/elasticache.services.k8s.aws/cacheparametergroup_v1alpha1.json b/elasticache.services.k8s.aws/cacheparametergroup_v1alpha1.json new file mode 100644 index 00000000..e4069320 --- /dev/null +++ b/elasticache.services.k8s.aws/cacheparametergroup_v1alpha1.json @@ -0,0 +1,207 @@ +{ + "description": "CacheParameterGroup is the Schema for the CacheParameterGroups API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "CacheParameterGroupSpec defines the desired state of CacheParameterGroup. \n Represents the output of a CreateCacheParameterGroup operation.", + "properties": { + "cacheParameterGroupFamily": { + "description": "The name of the cache parameter group family that the cache parameter group can be used with. \n Valid values are: memcached1.4 | memcached1.5 | memcached1.6 | redis2.6 | redis2.8 | redis3.2 | redis4.0 | redis5.0 | redis6.x", + "type": "string" + }, + "cacheParameterGroupName": { + "description": "A user-specified name for the cache parameter group.", + "type": "string" + }, + "description": { + "description": "A user-specified description for the cache parameter group.", + "type": "string" + }, + "parameterNameValues": { + "description": "An array of parameter names and values for the parameter update. You must supply at least one parameter name and value; subsequent arguments are optional. A maximum of 20 parameters may be modified per request.", + "items": { + "description": "Describes a name-value pair that is used to update the value of a parameter.", + "properties": { + "parameterName": { + "type": "string" + }, + "parameterValue": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "tags": { + "description": "A list of tags to be added to this resource. A tag is a key-value pair. A tag key must be accompanied by a tag value, although null is accepted.", + "items": { + "description": "A tag that can be added to an ElastiCache cluster or replication group. Tags are composed of a Key/Value pair. You can use tags to categorize and track all your ElastiCache resources, with the exception of global replication group. When you add or remove tags on replication groups, those actions will be replicated to all nodes in the replication group. A tag with a null Value is permitted.", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "required": [ + "cacheParameterGroupFamily", + "cacheParameterGroupName", + "description" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "CacheParameterGroupStatus defines the observed state of CacheParameterGroup", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "events": { + "description": "A list of events. Each element in the list contains detailed information about one event.", + "items": { + "description": "Represents a single occurrence of something interesting within the system. Some examples of events are creating a cluster, adding or removing a cache node, or rebooting a node.", + "properties": { + "date": { + "format": "date-time", + "type": "string" + }, + "message": { + "type": "string" + }, + "sourceIdentifier": { + "type": "string" + }, + "sourceType": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "isGlobal": { + "description": "Indicates whether the parameter group is associated with a Global datastore", + "type": "boolean" + }, + "parameters": { + "description": "A list of Parameter instances.", + "items": { + "description": "Describes an individual setting that controls some aspect of ElastiCache behavior.", + "properties": { + "allowedValues": { + "type": "string" + }, + "changeType": { + "type": "string" + }, + "dataType": { + "type": "string" + }, + "description": { + "type": "string" + }, + "isModifiable": { + "type": "boolean" + }, + "minimumEngineVersion": { + "type": "string" + }, + "parameterName": { + "type": "string" + }, + "parameterValue": { + "type": "string" + }, + "source": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/elasticache.services.k8s.aws/cachesubnetgroup_v1alpha1.json b/elasticache.services.k8s.aws/cachesubnetgroup_v1alpha1.json new file mode 100644 index 00000000..fadda43f --- /dev/null +++ b/elasticache.services.k8s.aws/cachesubnetgroup_v1alpha1.json @@ -0,0 +1,189 @@ +{ + "description": "CacheSubnetGroup is the Schema for the CacheSubnetGroups API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "CacheSubnetGroupSpec defines the desired state of CacheSubnetGroup. \n Represents the output of one of the following operations: \n - CreateCacheSubnetGroup \n - ModifyCacheSubnetGroup", + "properties": { + "cacheSubnetGroupDescription": { + "description": "A description for the cache subnet group.", + "type": "string" + }, + "cacheSubnetGroupName": { + "description": "A name for the cache subnet group. This value is stored as a lowercase string. \n Constraints: Must contain no more than 255 alphanumeric characters or hyphens. \n Example: mysubnetgroup", + "type": "string" + }, + "subnetIDs": { + "description": "A list of VPC subnet IDs for the cache subnet group.", + "items": { + "type": "string" + }, + "type": "array" + }, + "tags": { + "description": "A list of tags to be added to this resource. A tag is a key-value pair. A tag key must be accompanied by a tag value, although null is accepted.", + "items": { + "description": "A tag that can be added to an ElastiCache cluster or replication group. Tags are composed of a Key/Value pair. You can use tags to categorize and track all your ElastiCache resources, with the exception of global replication group. When you add or remove tags on replication groups, those actions will be replicated to all nodes in the replication group. A tag with a null Value is permitted.", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "required": [ + "cacheSubnetGroupDescription", + "cacheSubnetGroupName", + "subnetIDs" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "CacheSubnetGroupStatus defines the observed state of CacheSubnetGroup", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "events": { + "description": "A list of events. Each element in the list contains detailed information about one event.", + "items": { + "description": "Represents a single occurrence of something interesting within the system. Some examples of events are creating a cluster, adding or removing a cache node, or rebooting a node.", + "properties": { + "date": { + "format": "date-time", + "type": "string" + }, + "message": { + "type": "string" + }, + "sourceIdentifier": { + "type": "string" + }, + "sourceType": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "subnets": { + "description": "A list of subnets associated with the cache subnet group.", + "items": { + "description": "Represents the subnet associated with a cluster. This parameter refers to subnets defined in Amazon Virtual Private Cloud (Amazon VPC) and used with ElastiCache.", + "properties": { + "subnetAvailabilityZone": { + "description": "Describes an Availability Zone in which the cluster is launched.", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "subnetIdentifier": { + "type": "string" + }, + "subnetOutpost": { + "description": "The ID of the outpost subnet.", + "properties": { + "subnetOutpostARN": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "vpcID": { + "description": "The Amazon Virtual Private Cloud identifier (VPC ID) of the cache subnet group.", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/elasticache.services.k8s.aws/replicationgroup_v1alpha1.json b/elasticache.services.k8s.aws/replicationgroup_v1alpha1.json new file mode 100644 index 00000000..346c83b1 --- /dev/null +++ b/elasticache.services.k8s.aws/replicationgroup_v1alpha1.json @@ -0,0 +1,709 @@ +{ + "description": "ReplicationGroup is the Schema for the ReplicationGroups API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "ReplicationGroupSpec defines the desired state of ReplicationGroup. \n Contains all of the attributes of a specific Redis replication group.", + "properties": { + "atRestEncryptionEnabled": { + "description": "A flag that enables encryption at rest when set to true. \n You cannot modify the value of AtRestEncryptionEnabled after the replication group is created. To enable encryption at rest on a replication group you must set AtRestEncryptionEnabled to true when you create the replication group. \n Required: Only available when creating a replication group in an Amazon VPC using redis version 3.2.6, 4.x or later. \n Default: false", + "type": "boolean" + }, + "authToken": { + "description": "Reserved parameter. The password used to access a password protected server. \n AuthToken can be specified only on replication groups where TransitEncryptionEnabled is true. \n For HIPAA compliance, you must specify TransitEncryptionEnabled as true, an AuthToken, and a CacheSubnetGroup. \n Password constraints: \n - Must be only printable ASCII characters. \n - Must be at least 16 characters and no more than 128 characters in length. \n - The only permitted printable special characters are !, &, #, $, ^, <, >, and -. Other printable special characters cannot be used in the AUTH token. \n For more information, see AUTH password (http://redis.io/commands/AUTH) at http://redis.io/commands/AUTH.", + "properties": { + "key": { + "description": "Key is the key within the secret", + "type": "string" + }, + "name": { + "description": "name is unique within a namespace to reference a secret resource.", + "type": "string" + }, + "namespace": { + "description": "namespace defines the space within which the secret name must be unique.", + "type": "string" + } + }, + "required": [ + "key" + ], + "type": "object", + "x-kubernetes-map-type": "atomic", + "additionalProperties": false + }, + "automaticFailoverEnabled": { + "description": "Specifies whether a read-only replica is automatically promoted to read/write primary if the existing primary fails. \n AutomaticFailoverEnabled must be enabled for Redis (cluster mode enabled) replication groups. \n Default: false", + "type": "boolean" + }, + "cacheNodeType": { + "description": "The compute and memory capacity of the nodes in the node group (shard). \n The following node types are supported by ElastiCache. Generally speaking, the current generation types provide more memory and computational power at lower cost when compared to their equivalent previous generation counterparts. \n - General purpose: Current generation: M6g node types (available only for Redis engine version 5.0.6 onward and for Memcached engine version 1.5.16 onward): cache.m6g.large, cache.m6g.xlarge, cache.m6g.2xlarge, cache.m6g.4xlarge, cache.m6g.8xlarge, cache.m6g.12xlarge, cache.m6g.16xlarge For region availability, see Supported Node Types (https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/CacheNodes.SupportedTypes.html#CacheNodes.SupportedTypesByRegion) M5 node types: cache.m5.large, cache.m5.xlarge, cache.m5.2xlarge, cache.m5.4xlarge, cache.m5.12xlarge, cache.m5.24xlarge M4 node types: cache.m4.large, cache.m4.xlarge, cache.m4.2xlarge, cache.m4.4xlarge, cache.m4.10xlarge T4g node types (available only for Redis engine version 5.0.6 onward and Memcached engine version 1.5.16 onward): cache.t4g.micro, cache.t4g.small, cache.t4g.medium T3 node types: cache.t3.micro, cache.t3.small, cache.t3.medium T2 node types: cache.t2.micro, cache.t2.small, cache.t2.medium Previous generation: (not recommended. Existing clusters are still supported but creation of new clusters is not supported for these types.) T1 node types: cache.t1.micro M1 node types: cache.m1.small, cache.m1.medium, cache.m1.large, cache.m1.xlarge M3 node types: cache.m3.medium, cache.m3.large, cache.m3.xlarge, cache.m3.2xlarge \n - Compute optimized: Previous generation: (not recommended. Existing clusters are still supported but creation of new clusters is not supported for these types.) C1 node types: cache.c1.xlarge \n - Memory optimized with data tiering: Current generation: R6gd node types (available only for Redis engine version 6.2 onward). cache.r6gd.xlarge, cache.r6gd.2xlarge, cache.r6gd.4xlarge, cache.r6gd.8xlarge, cache.r6gd.12xlarge, cache.r6gd.16xlarge \n - Memory optimized: Current generation: R6g node types (available only for Redis engine version 5.0.6 onward and for Memcached engine version 1.5.16 onward). cache.r6g.large, cache.r6g.xlarge, cache.r6g.2xlarge, cache.r6g.4xlarge, cache.r6g.8xlarge, cache.r6g.12xlarge, cache.r6g.16xlarge For region availability, see Supported Node Types (https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/CacheNodes.SupportedTypes.html#CacheNodes.SupportedTypesByRegion) R5 node types: cache.r5.large, cache.r5.xlarge, cache.r5.2xlarge, cache.r5.4xlarge, cache.r5.12xlarge, cache.r5.24xlarge R4 node types: cache.r4.large, cache.r4.xlarge, cache.r4.2xlarge, cache.r4.4xlarge, cache.r4.8xlarge, cache.r4.16xlarge Previous generation: (not recommended. Existing clusters are still supported but creation of new clusters is not supported for these types.) M2 node types: cache.m2.xlarge, cache.m2.2xlarge, cache.m2.4xlarge R3 node types: cache.r3.large, cache.r3.xlarge, cache.r3.2xlarge, cache.r3.4xlarge, cache.r3.8xlarge \n Additional node type info \n - All current generation instance types are created in Amazon VPC by default. \n - Redis append-only files (AOF) are not supported for T1 or T2 instances. \n - Redis Multi-AZ with automatic failover is not supported on T1 instances. \n - Redis configuration variables appendonly and appendfsync are not supported on Redis version 2.8.22 and later.", + "type": "string" + }, + "cacheParameterGroupName": { + "description": "The name of the parameter group to associate with this replication group. If this argument is omitted, the default cache parameter group for the specified engine is used. \n If you are running Redis version 3.2.4 or later, only one node group (shard), and want to use a default parameter group, we recommend that you specify the parameter group by name. \n - To create a Redis (cluster mode disabled) replication group, use CacheParameterGroupName=default.redis3.2. \n - To create a Redis (cluster mode enabled) replication group, use CacheParameterGroupName=default.redis3.2.cluster.on.", + "type": "string" + }, + "cacheSecurityGroupNames": { + "description": "A list of cache security group names to associate with this replication group.", + "items": { + "type": "string" + }, + "type": "array" + }, + "cacheSubnetGroupName": { + "description": "The name of the cache subnet group to be used for the replication group. \n If you're going to launch your cluster in an Amazon VPC, you need to create a subnet group before you start creating a cluster. For more information, see Subnets and Subnet Groups (https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/SubnetGroups.html).", + "type": "string" + }, + "dataTieringEnabled": { + "description": "Enables data tiering. Data tiering is only supported for replication groups using the r6gd node type. This parameter must be set to true when using r6gd nodes. For more information, see Data tiering (https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/data-tiering.html).", + "type": "boolean" + }, + "description": { + "description": "A user-created description for the replication group.", + "type": "string" + }, + "engine": { + "description": "The name of the cache engine to be used for the clusters in this replication group. Must be Redis.", + "type": "string" + }, + "engineVersion": { + "description": "The version number of the cache engine to be used for the clusters in this replication group. To view the supported cache engine versions, use the DescribeCacheEngineVersions operation. \n Important: You can upgrade to a newer engine version (see Selecting a Cache Engine and Version (https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/SelectEngine.html#VersionManagement)) in the ElastiCache User Guide, but you cannot downgrade to an earlier engine version. If you want to use an earlier engine version, you must delete the existing cluster or replication group and create it anew with the earlier engine version.", + "type": "string" + }, + "kmsKeyID": { + "description": "The ID of the KMS key used to encrypt the disk in the cluster.", + "type": "string" + }, + "logDeliveryConfigurations": { + "description": "Specifies the destination, format and type of the logs.", + "items": { + "description": "Specifies the destination, format and type of the logs.", + "properties": { + "destinationDetails": { + "description": "Configuration details of either a CloudWatch Logs destination or Kinesis Data Firehose destination.", + "properties": { + "cloudWatchLogsDetails": { + "description": "The configuration details of the CloudWatch Logs destination.", + "properties": { + "logGroup": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "kinesisFirehoseDetails": { + "description": "The configuration details of the Kinesis Data Firehose destination.", + "properties": { + "deliveryStream": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "destinationType": { + "type": "string" + }, + "enabled": { + "type": "boolean" + }, + "logFormat": { + "type": "string" + }, + "logType": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "multiAZEnabled": { + "description": "A flag indicating if you have Multi-AZ enabled to enhance fault tolerance. For more information, see Minimizing Downtime: Multi-AZ (http://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/AutoFailover.html).", + "type": "boolean" + }, + "nodeGroupConfiguration": { + "description": "A list of node group (shard) configuration options. Each node group (shard) configuration has the following members: PrimaryAvailabilityZone, ReplicaAvailabilityZones, ReplicaCount, and Slots. \n If you're creating a Redis (cluster mode disabled) or a Redis (cluster mode enabled) replication group, you can use this parameter to individually configure each node group (shard), or you can omit this parameter. However, it is required when seeding a Redis (cluster mode enabled) cluster from a S3 rdb file. You must configure each node group (shard) using this parameter because you must specify the slots for each node group.", + "items": { + "description": "Node group (shard) configuration options. Each node group (shard) configuration has the following: Slots, PrimaryAvailabilityZone, ReplicaAvailabilityZones, ReplicaCount.", + "properties": { + "nodeGroupID": { + "type": "string" + }, + "primaryAvailabilityZone": { + "type": "string" + }, + "primaryOutpostARN": { + "type": "string" + }, + "replicaAvailabilityZones": { + "items": { + "type": "string" + }, + "type": "array" + }, + "replicaCount": { + "format": "int64", + "type": "integer" + }, + "replicaOutpostARNs": { + "items": { + "type": "string" + }, + "type": "array" + }, + "slots": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "notificationTopicARN": { + "description": "The Amazon Resource Name (ARN) of the Amazon Simple Notification Service (SNS) topic to which notifications are sent. \n The Amazon SNS topic owner must be the same as the cluster owner.", + "type": "string" + }, + "numNodeGroups": { + "description": "An optional parameter that specifies the number of node groups (shards) for this Redis (cluster mode enabled) replication group. For Redis (cluster mode disabled) either omit this parameter or set it to 1. \n Default: 1", + "format": "int64", + "type": "integer" + }, + "port": { + "description": "The port number on which each member of the replication group accepts connections.", + "format": "int64", + "type": "integer" + }, + "preferredCacheClusterAZs": { + "description": "A list of EC2 Availability Zones in which the replication group's clusters are created. The order of the Availability Zones in the list is the order in which clusters are allocated. The primary cluster is created in the first AZ in the list. \n This parameter is not used if there is more than one node group (shard). You should use NodeGroupConfiguration instead. \n If you are creating your replication group in an Amazon VPC (recommended), you can only locate clusters in Availability Zones associated with the subnets in the selected subnet group. \n The number of Availability Zones listed must equal the value of NumCacheClusters. \n Default: system chosen Availability Zones.", + "items": { + "type": "string" + }, + "type": "array" + }, + "preferredMaintenanceWindow": { + "description": "Specifies the weekly time range during which maintenance on the cluster is performed. It is specified as a range in the format ddd:hh24:mi-ddd:hh24:mi (24H Clock UTC). The minimum maintenance window is a 60 minute period. Valid values for ddd are: \n Specifies the weekly time range during which maintenance on the cluster is performed. It is specified as a range in the format ddd:hh24:mi-ddd:hh24:mi (24H Clock UTC). The minimum maintenance window is a 60 minute period. \n Valid values for ddd are: \n - sun \n - mon \n - tue \n - wed \n - thu \n - fri \n - sat \n Example: sun:23:00-mon:01:30", + "type": "string" + }, + "primaryClusterID": { + "description": "The identifier of the cluster that serves as the primary for this replication group. This cluster must already exist and have a status of available. \n This parameter is not required if NumCacheClusters, NumNodeGroups, or ReplicasPerNodeGroup is specified.", + "type": "string" + }, + "replicasPerNodeGroup": { + "description": "An optional parameter that specifies the number of replica nodes in each node group (shard). Valid values are 0 to 5.", + "format": "int64", + "type": "integer" + }, + "replicationGroupID": { + "description": "The replication group identifier. This parameter is stored as a lowercase string. \n Constraints: \n - A name must contain from 1 to 40 alphanumeric characters or hyphens. \n - The first character must be a letter. \n - A name cannot end with a hyphen or contain two consecutive hyphens.", + "type": "string" + }, + "securityGroupIDs": { + "description": "One or more Amazon VPC security groups associated with this replication group. \n Use this parameter only when you are creating a replication group in an Amazon Virtual Private Cloud (Amazon VPC).", + "items": { + "type": "string" + }, + "type": "array" + }, + "snapshotARNs": { + "description": "A list of Amazon Resource Names (ARN) that uniquely identify the Redis RDB snapshot files stored in Amazon S3. The snapshot files are used to populate the new replication group. The Amazon S3 object name in the ARN cannot contain any commas. The new replication group will have the number of node groups (console: shards) specified by the parameter NumNodeGroups or the number of node groups configured by NodeGroupConfiguration regardless of the number of ARNs specified here. \n Example of an Amazon S3 ARN: arn:aws:s3:::my_bucket/snapshot1.rdb", + "items": { + "type": "string" + }, + "type": "array" + }, + "snapshotName": { + "description": "The name of a snapshot from which to restore data into the new replication group. The snapshot status changes to restoring while the new replication group is being created.", + "type": "string" + }, + "snapshotRetentionLimit": { + "description": "The number of days for which ElastiCache retains automatic snapshots before deleting them. For example, if you set SnapshotRetentionLimit to 5, a snapshot that was taken today is retained for 5 days before being deleted. \n Default: 0 (i.e., automatic backups are disabled for this cluster).", + "format": "int64", + "type": "integer" + }, + "snapshotWindow": { + "description": "The daily time range (in UTC) during which ElastiCache begins taking a daily snapshot of your node group (shard). \n Example: 05:00-09:00 \n If you do not specify this parameter, ElastiCache automatically chooses an appropriate time range.", + "type": "string" + }, + "tags": { + "description": "A list of tags to be added to this resource. Tags are comma-separated key,value pairs (e.g. Key=myKey, Value=myKeyValue. You can include multiple tags as shown following: Key=myKey, Value=myKeyValue Key=mySecondKey, Value=mySecondKeyValue. Tags on replication groups will be replicated to all nodes.", + "items": { + "description": "A tag that can be added to an ElastiCache cluster or replication group. Tags are composed of a Key/Value pair. You can use tags to categorize and track all your ElastiCache resources, with the exception of global replication group. When you add or remove tags on replication groups, those actions will be replicated to all nodes in the replication group. A tag with a null Value is permitted.", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "transitEncryptionEnabled": { + "description": "A flag that enables in-transit encryption when set to true. \n You cannot modify the value of TransitEncryptionEnabled after the cluster is created. To enable in-transit encryption on a cluster you must set TransitEncryptionEnabled to true when you create a cluster. \n This parameter is valid only if the Engine parameter is redis, the EngineVersion parameter is 3.2.6, 4.x or later, and the cluster is being created in an Amazon VPC. \n If you enable in-transit encryption, you must also specify a value for CacheSubnetGroup. \n Required: Only available when creating a replication group in an Amazon VPC using redis version 3.2.6, 4.x or later. \n Default: false \n For HIPAA compliance, you must specify TransitEncryptionEnabled as true, an AuthToken, and a CacheSubnetGroup.", + "type": "boolean" + }, + "userGroupIDs": { + "description": "The user group to associate with the replication group.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "description", + "replicationGroupID" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "ReplicationGroupStatus defines the observed state of ReplicationGroup", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "allowedScaleDownModifications": { + "description": "A string list, each element of which specifies a cache node type which you can use to scale your cluster or replication group. When scaling down a Redis cluster or replication group using ModifyCacheCluster or ModifyReplicationGroup, use a value from this list for the CacheNodeType parameter.", + "items": { + "type": "string" + }, + "type": "array" + }, + "allowedScaleUpModifications": { + "description": "A string list, each element of which specifies a cache node type which you can use to scale your cluster or replication group. \n When scaling up a Redis cluster or replication group using ModifyCacheCluster or ModifyReplicationGroup, use a value from this list for the CacheNodeType parameter.", + "items": { + "type": "string" + }, + "type": "array" + }, + "authTokenEnabled": { + "description": "A flag that enables using an AuthToken (password) when issuing Redis commands. \n Default: false", + "type": "boolean" + }, + "authTokenLastModifiedDate": { + "description": "The date the auth token was last modified", + "format": "date-time", + "type": "string" + }, + "autoMinorVersionUpgrade": { + "description": "If you are running Redis engine version 6.0 or later, set this parameter to yes if you want to opt-in to the next auto minor version upgrade campaign. This parameter is disabled for previous versions.", + "type": "boolean" + }, + "automaticFailover": { + "description": "Indicates the status of automatic failover for this Redis replication group.", + "type": "string" + }, + "clusterEnabled": { + "description": "A flag indicating whether or not this replication group is cluster enabled; i.e., whether its data can be partitioned across multiple shards (API/CLI: node groups). \n Valid values: true | false", + "type": "boolean" + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "configurationEndpoint": { + "description": "The configuration endpoint for this replication group. Use the configuration endpoint to connect to this replication group.", + "properties": { + "address": { + "type": "string" + }, + "port": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + }, + "dataTiering": { + "description": "Enables data tiering. Data tiering is only supported for replication groups using the r6gd node type. This parameter must be set to true when using r6gd nodes. For more information, see Data tiering (https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/data-tiering.html).", + "type": "string" + }, + "events": { + "description": "A list of events. Each element in the list contains detailed information about one event.", + "items": { + "description": "Represents a single occurrence of something interesting within the system. Some examples of events are creating a cluster, adding or removing a cache node, or rebooting a node.", + "properties": { + "date": { + "format": "date-time", + "type": "string" + }, + "message": { + "type": "string" + }, + "sourceIdentifier": { + "type": "string" + }, + "sourceType": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "globalReplicationGroupInfo": { + "description": "The name of the Global datastore and role of this replication group in the Global datastore.", + "properties": { + "globalReplicationGroupID": { + "type": "string" + }, + "globalReplicationGroupMemberRole": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "logDeliveryConfigurations": { + "description": "Returns the destination, format and type of the logs.", + "items": { + "description": "Returns the destination, format and type of the logs.", + "properties": { + "destinationDetails": { + "description": "Configuration details of either a CloudWatch Logs destination or Kinesis Data Firehose destination.", + "properties": { + "cloudWatchLogsDetails": { + "description": "The configuration details of the CloudWatch Logs destination.", + "properties": { + "logGroup": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "kinesisFirehoseDetails": { + "description": "The configuration details of the Kinesis Data Firehose destination.", + "properties": { + "deliveryStream": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "destinationType": { + "type": "string" + }, + "logFormat": { + "type": "string" + }, + "logType": { + "type": "string" + }, + "message": { + "type": "string" + }, + "status": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "memberClusters": { + "description": "The names of all the cache clusters that are part of this replication group.", + "items": { + "type": "string" + }, + "type": "array" + }, + "memberClustersOutpostARNs": { + "description": "The outpost ARNs of the replication group's member clusters.", + "items": { + "type": "string" + }, + "type": "array" + }, + "multiAZ": { + "description": "A flag indicating if you have Multi-AZ enabled to enhance fault tolerance. For more information, see Minimizing Downtime: Multi-AZ (http://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/AutoFailover.html)", + "type": "string" + }, + "nodeGroups": { + "description": "A list of node groups in this replication group. For Redis (cluster mode disabled) replication groups, this is a single-element list. For Redis (cluster mode enabled) replication groups, the list contains an entry for each node group (shard).", + "items": { + "description": "Represents a collection of cache nodes in a replication group. One node in the node group is the read/write primary node. All the other nodes are read-only Replica nodes.", + "properties": { + "nodeGroupID": { + "type": "string" + }, + "nodeGroupMembers": { + "items": { + "description": "Represents a single node within a node group (shard).", + "properties": { + "cacheClusterID": { + "type": "string" + }, + "cacheNodeID": { + "type": "string" + }, + "currentRole": { + "type": "string" + }, + "preferredAvailabilityZone": { + "type": "string" + }, + "preferredOutpostARN": { + "type": "string" + }, + "readEndpoint": { + "description": "Represents the information required for client programs to connect to a cache node.", + "properties": { + "address": { + "type": "string" + }, + "port": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "primaryEndpoint": { + "description": "Represents the information required for client programs to connect to a cache node.", + "properties": { + "address": { + "type": "string" + }, + "port": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + }, + "readerEndpoint": { + "description": "Represents the information required for client programs to connect to a cache node.", + "properties": { + "address": { + "type": "string" + }, + "port": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + }, + "slots": { + "type": "string" + }, + "status": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "pendingModifiedValues": { + "description": "A group of settings to be applied to the replication group, either immediately or during the next maintenance window.", + "properties": { + "authTokenStatus": { + "type": "string" + }, + "automaticFailoverStatus": { + "type": "string" + }, + "logDeliveryConfigurations": { + "items": { + "description": "The log delivery configurations being modified", + "properties": { + "destinationDetails": { + "description": "Configuration details of either a CloudWatch Logs destination or Kinesis Data Firehose destination.", + "properties": { + "cloudWatchLogsDetails": { + "description": "The configuration details of the CloudWatch Logs destination.", + "properties": { + "logGroup": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "kinesisFirehoseDetails": { + "description": "The configuration details of the Kinesis Data Firehose destination.", + "properties": { + "deliveryStream": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "destinationType": { + "type": "string" + }, + "logFormat": { + "type": "string" + }, + "logType": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "primaryClusterID": { + "type": "string" + }, + "resharding": { + "description": "The status of an online resharding operation.", + "properties": { + "slotMigration": { + "description": "Represents the progress of an online resharding operation.", + "properties": { + "progressPercentage": { + "type": "number" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "userGroups": { + "description": "The status of the user group update.", + "properties": { + "userGroupIDsToAdd": { + "items": { + "type": "string" + }, + "type": "array" + }, + "userGroupIDsToRemove": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "replicationGroupCreateTime": { + "description": "The date and time when the cluster was created.", + "format": "date-time", + "type": "string" + }, + "snapshottingClusterID": { + "description": "The cluster ID that is used as the daily snapshot source for the replication group.", + "type": "string" + }, + "status": { + "description": "The current state of this replication group - creating, available, modifying, deleting, create-failed, snapshotting.", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/elasticache.services.k8s.aws/snapshot_v1alpha1.json b/elasticache.services.k8s.aws/snapshot_v1alpha1.json new file mode 100644 index 00000000..25d7c653 --- /dev/null +++ b/elasticache.services.k8s.aws/snapshot_v1alpha1.json @@ -0,0 +1,289 @@ +{ + "description": "Snapshot is the Schema for the Snapshots API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "SnapshotSpec defines the desired state of Snapshot. \n Represents a copy of an entire Redis cluster as of the time when the snapshot was taken.", + "properties": { + "cacheClusterID": { + "description": "The identifier of an existing cluster. The snapshot is created from this cluster.", + "type": "string" + }, + "kmsKeyID": { + "description": "The ID of the KMS key used to encrypt the snapshot.", + "type": "string" + }, + "replicationGroupID": { + "description": "The identifier of an existing replication group. The snapshot is created from this replication group.", + "type": "string" + }, + "snapshotName": { + "description": "A name for the snapshot being created.", + "type": "string" + }, + "sourceSnapshotName": { + "description": "The name of an existing snapshot from which to make a copy.", + "type": "string" + }, + "tags": { + "description": "A list of tags to be added to this resource. A tag is a key-value pair. A tag key must be accompanied by a tag value, although null is accepted.", + "items": { + "description": "A tag that can be added to an ElastiCache cluster or replication group. Tags are composed of a Key/Value pair. You can use tags to categorize and track all your ElastiCache resources, with the exception of global replication group. When you add or remove tags on replication groups, those actions will be replicated to all nodes in the replication group. A tag with a null Value is permitted.", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "required": [ + "snapshotName" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "SnapshotStatus defines the observed state of Snapshot", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "autoMinorVersionUpgrade": { + "description": "If you are running Redis engine version 6.0 or later, set this parameter to yes if you want to opt-in to the next auto minor version upgrade campaign. This parameter is disabled for previous versions.", + "type": "boolean" + }, + "automaticFailover": { + "description": "Indicates the status of automatic failover for the source Redis replication group.", + "type": "string" + }, + "cacheClusterCreateTime": { + "description": "The date and time when the source cluster was created.", + "format": "date-time", + "type": "string" + }, + "cacheNodeType": { + "description": "The name of the compute and memory capacity node type for the source cluster. \n The following node types are supported by ElastiCache. Generally speaking, the current generation types provide more memory and computational power at lower cost when compared to their equivalent previous generation counterparts. \n * General purpose: Current generation: M6g node types (available only for Redis engine version 5.0.6 onward and for Memcached engine version 1.5.16 onward). cache.m6g.large, cache.m6g.xlarge, cache.m6g.2xlarge, cache.m6g.4xlarge, cache.m6g.8xlarge, cache.m6g.12xlarge, cache.m6g.16xlarge For region availability, see Supported Node Types (https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/CacheNodes.SupportedTypes.html#CacheNodes.SupportedTypesByRegion) M5 node types: cache.m5.large, cache.m5.xlarge, cache.m5.2xlarge, cache.m5.4xlarge, cache.m5.12xlarge, cache.m5.24xlarge M4 node types: cache.m4.large, cache.m4.xlarge, cache.m4.2xlarge, cache.m4.4xlarge, cache.m4.10xlarge T4g node types (available only for Redis engine version 5.0.6 onward and Memcached engine version 1.5.16 onward): cache.t4g.micro, cache.t4g.small, cache.t4g.medium T3 node types: cache.t3.micro, cache.t3.small, cache.t3.medium T2 node types: cache.t2.micro, cache.t2.small, cache.t2.medium Previous generation: (not recommended. Existing clusters are still supported but creation of new clusters is not supported for these types.) T1 node types: cache.t1.micro M1 node types: cache.m1.small, cache.m1.medium, cache.m1.large, cache.m1.xlarge M3 node types: cache.m3.medium, cache.m3.large, cache.m3.xlarge, cache.m3.2xlarge \n * Compute optimized: Previous generation: (not recommended. Existing clusters are still supported but creation of new clusters is not supported for these types.) C1 node types: cache.c1.xlarge \n * Memory optimized with data tiering: Current generation: R6gd node types (available only for Redis engine version 6.2 onward). cache.r6gd.xlarge, cache.r6gd.2xlarge, cache.r6gd.4xlarge, cache.r6gd.8xlarge, cache.r6gd.12xlarge, cache.r6gd.16xlarge \n * Memory optimized: Current generation: R6g node types (available only for Redis engine version 5.0.6 onward and for Memcached engine version 1.5.16 onward). cache.r6g.large, cache.r6g.xlarge, cache.r6g.2xlarge, cache.r6g.4xlarge, cache.r6g.8xlarge, cache.r6g.12xlarge, cache.r6g.16xlarge For region availability, see Supported Node Types (https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/CacheNodes.SupportedTypes.html#CacheNodes.SupportedTypesByRegion) For region availability, see Supported Node Types (https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/CacheNodes.SupportedTypes.html#CacheNodes.SupportedTypesByRegion) R5 node types: cache.r5.large, cache.r5.xlarge, cache.r5.2xlarge, cache.r5.4xlarge, cache.r5.12xlarge, cache.r5.24xlarge R4 node types: cache.r4.large, cache.r4.xlarge, cache.r4.2xlarge, cache.r4.4xlarge, cache.r4.8xlarge, cache.r4.16xlarge Previous generation: (not recommended. Existing clusters are still supported but creation of new clusters is not supported for these types.) M2 node types: cache.m2.xlarge, cache.m2.2xlarge, cache.m2.4xlarge R3 node types: cache.r3.large, cache.r3.xlarge, cache.r3.2xlarge, cache.r3.4xlarge, cache.r3.8xlarge \n Additional node type info \n * All current generation instance types are created in Amazon VPC by default. \n * Redis append-only files (AOF) are not supported for T1 or T2 instances. \n * Redis Multi-AZ with automatic failover is not supported on T1 instances. \n * Redis configuration variables appendonly and appendfsync are not supported on Redis version 2.8.22 and later.", + "type": "string" + }, + "cacheParameterGroupName": { + "description": "The cache parameter group that is associated with the source cluster.", + "type": "string" + }, + "cacheSubnetGroupName": { + "description": "The name of the cache subnet group associated with the source cluster.", + "type": "string" + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "dataTiering": { + "description": "Enables data tiering. Data tiering is only supported for replication groups using the r6gd node type. This parameter must be set to true when using r6gd nodes. For more information, see Data tiering (https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/data-tiering.html).", + "type": "string" + }, + "engine": { + "description": "The name of the cache engine (memcached or redis) used by the source cluster.", + "type": "string" + }, + "engineVersion": { + "description": "The version of the cache engine version that is used by the source cluster.", + "type": "string" + }, + "nodeSnapshots": { + "description": "A list of the cache nodes in the source cluster.", + "items": { + "description": "Represents an individual cache node in a snapshot of a cluster.", + "properties": { + "cacheClusterID": { + "type": "string" + }, + "cacheNodeCreateTime": { + "format": "date-time", + "type": "string" + }, + "cacheNodeID": { + "type": "string" + }, + "cacheSize": { + "type": "string" + }, + "nodeGroupConfiguration": { + "description": "Node group (shard) configuration options. Each node group (shard) configuration has the following: Slots, PrimaryAvailabilityZone, ReplicaAvailabilityZones, ReplicaCount.", + "properties": { + "nodeGroupID": { + "type": "string" + }, + "primaryAvailabilityZone": { + "type": "string" + }, + "primaryOutpostARN": { + "type": "string" + }, + "replicaAvailabilityZones": { + "items": { + "type": "string" + }, + "type": "array" + }, + "replicaCount": { + "format": "int64", + "type": "integer" + }, + "replicaOutpostARNs": { + "items": { + "type": "string" + }, + "type": "array" + }, + "slots": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "nodeGroupID": { + "type": "string" + }, + "snapshotCreateTime": { + "format": "date-time", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "numCacheNodes": { + "description": "The number of cache nodes in the source cluster. \n For clusters running Redis, this value must be 1. For clusters running Memcached, this value must be between 1 and 40.", + "format": "int64", + "type": "integer" + }, + "numNodeGroups": { + "description": "The number of node groups (shards) in this snapshot. When restoring from a snapshot, the number of node groups (shards) in the snapshot and in the restored replication group must be the same.", + "format": "int64", + "type": "integer" + }, + "port": { + "description": "The port number used by each cache nodes in the source cluster.", + "format": "int64", + "type": "integer" + }, + "preferredAvailabilityZone": { + "description": "The name of the Availability Zone in which the source cluster is located.", + "type": "string" + }, + "preferredMaintenanceWindow": { + "description": "Specifies the weekly time range during which maintenance on the cluster is performed. It is specified as a range in the format ddd:hh24:mi-ddd:hh24:mi (24H Clock UTC). The minimum maintenance window is a 60 minute period. \n Valid values for ddd are: \n * sun \n * mon \n * tue \n * wed \n * thu \n * fri \n * sat \n Example: sun:23:00-mon:01:30", + "type": "string" + }, + "preferredOutpostARN": { + "description": "The ARN (Amazon Resource Name) of the preferred outpost.", + "type": "string" + }, + "replicationGroupDescription": { + "description": "A description of the source replication group.", + "type": "string" + }, + "snapshotRetentionLimit": { + "description": "For an automatic snapshot, the number of days for which ElastiCache retains the snapshot before deleting it. \n For manual snapshots, this field reflects the SnapshotRetentionLimit for the source cluster when the snapshot was created. This field is otherwise ignored: Manual snapshots do not expire, and can only be deleted using the DeleteSnapshot operation. \n Important If the value of SnapshotRetentionLimit is set to zero (0), backups are turned off.", + "format": "int64", + "type": "integer" + }, + "snapshotSource": { + "description": "Indicates whether the snapshot is from an automatic backup (automated) or was created manually (manual).", + "type": "string" + }, + "snapshotStatus": { + "description": "The status of the snapshot. Valid values: creating | available | restoring | copying | deleting.", + "type": "string" + }, + "snapshotWindow": { + "description": "The daily time range during which ElastiCache takes daily snapshots of the source cluster.", + "type": "string" + }, + "topicARN": { + "description": "The Amazon Resource Name (ARN) for the topic used by the source cluster for publishing notifications.", + "type": "string" + }, + "vpcID": { + "description": "The Amazon Virtual Private Cloud identifier (VPC ID) of the cache subnet group for the source cluster.", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/elasticache.services.k8s.aws/user_v1alpha1.json b/elasticache.services.k8s.aws/user_v1alpha1.json new file mode 100644 index 00000000..86d552e7 --- /dev/null +++ b/elasticache.services.k8s.aws/user_v1alpha1.json @@ -0,0 +1,196 @@ +{ + "description": "User is the Schema for the Users API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "properties": { + "accessString": { + "description": "Access permissions string used for this user.", + "type": "string" + }, + "engine": { + "description": "The current supported value is Redis.", + "type": "string" + }, + "noPasswordRequired": { + "description": "Indicates a password is not required for this user.", + "type": "boolean" + }, + "passwords": { + "description": "Passwords used for this user. You can create up to two passwords for each user.", + "items": { + "description": "SecretKeyReference combines a k8s corev1.SecretReference with a specific key within the referred-to Secret", + "properties": { + "key": { + "description": "Key is the key within the secret", + "type": "string" + }, + "name": { + "description": "name is unique within a namespace to reference a secret resource.", + "type": "string" + }, + "namespace": { + "description": "namespace defines the space within which the secret name must be unique.", + "type": "string" + } + }, + "required": [ + "key" + ], + "type": "object", + "x-kubernetes-map-type": "atomic", + "additionalProperties": false + }, + "type": "array" + }, + "tags": { + "description": "A list of tags to be added to this resource. A tag is a key-value pair. A tag key must be accompanied by a tag value, although null is accepted.", + "items": { + "description": "A tag that can be added to an ElastiCache cluster or replication group. Tags are composed of a Key/Value pair. You can use tags to categorize and track all your ElastiCache resources, with the exception of global replication group. When you add or remove tags on replication groups, those actions will be replicated to all nodes in the replication group. A tag with a null Value is permitted.", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "userID": { + "description": "The ID of the user.", + "type": "string" + }, + "userName": { + "description": "The username of the user.", + "type": "string" + } + }, + "required": [ + "accessString", + "engine", + "userID", + "userName" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "UserStatus defines the observed state of User", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "authentication": { + "description": "Denotes whether the user requires a password to authenticate.", + "properties": { + "passwordCount": { + "format": "int64", + "type": "integer" + }, + "type_": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "expandedAccessString": { + "description": "Access permissions string used for this user.", + "type": "string" + }, + "lastRequestedAccessString": { + "description": "Access permissions string used for this user.", + "type": "string" + }, + "minimumEngineVersion": { + "description": "The minimum engine version required, which is Redis 6.0", + "type": "string" + }, + "status": { + "description": "Indicates the user status. Can be \"active\", \"modifying\" or \"deleting\".", + "type": "string" + }, + "userGroupIDs": { + "description": "Returns a list of the user group IDs the user belongs to.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/elasticache.services.k8s.aws/usergroup_v1alpha1.json b/elasticache.services.k8s.aws/usergroup_v1alpha1.json new file mode 100644 index 00000000..fc673917 --- /dev/null +++ b/elasticache.services.k8s.aws/usergroup_v1alpha1.json @@ -0,0 +1,159 @@ +{ + "description": "UserGroup is the Schema for the UserGroups API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "properties": { + "engine": { + "description": "The current supported value is Redis.", + "type": "string" + }, + "tags": { + "description": "A list of tags to be added to this resource. A tag is a key-value pair. A tag key must be accompanied by a tag value, although null is accepted.", + "items": { + "description": "A tag that can be added to an ElastiCache cluster or replication group. Tags are composed of a Key/Value pair. You can use tags to categorize and track all your ElastiCache resources, with the exception of global replication group. When you add or remove tags on replication groups, those actions will be replicated to all nodes in the replication group. A tag with a null Value is permitted.", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "userGroupID": { + "description": "The ID of the user group.", + "type": "string" + }, + "userIDs": { + "description": "The list of user IDs that belong to the user group.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "engine", + "userGroupID" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "UserGroupStatus defines the observed state of UserGroup", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "minimumEngineVersion": { + "description": "The minimum engine version required, which is Redis 6.0", + "type": "string" + }, + "pendingChanges": { + "description": "A list of updates being applied to the user group.", + "properties": { + "userIDsToAdd": { + "items": { + "type": "string" + }, + "type": "array" + }, + "userIDsToRemove": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "replicationGroups": { + "description": "A list of replication groups that the user group can access.", + "items": { + "type": "string" + }, + "type": "array" + }, + "status": { + "description": "Indicates user group status. Can be \"creating\", \"active\", \"modifying\", \"deleting\".", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/emrcontainers.services.k8s.aws/jobrun_v1alpha1.json b/emrcontainers.services.k8s.aws/jobrun_v1alpha1.json new file mode 100644 index 00000000..25e70011 --- /dev/null +++ b/emrcontainers.services.k8s.aws/jobrun_v1alpha1.json @@ -0,0 +1,172 @@ +{ + "description": "JobRun is the Schema for the JobRuns API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "JobRunSpec defines the desired state of JobRun. \n This entity describes a job run. A job run is a unit of work, such as a Spark jar, PySpark script, or SparkSQL query, that you submit to Amazon EMR on EKS.", + "properties": { + "configurationOverrides": { + "type": "string" + }, + "executionRoleARN": { + "description": "The execution role ARN for the job run.", + "type": "string" + }, + "jobDriver": { + "description": "The job driver for the job run.", + "properties": { + "sparkSubmitJobDriver": { + "description": "The information about job driver for Spark submit.", + "properties": { + "entryPoint": { + "type": "string" + }, + "entryPointArguments": { + "items": { + "type": "string" + }, + "type": "array" + }, + "sparkSubmitParameters": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "name": { + "description": "The name of the job run.", + "type": "string" + }, + "releaseLabel": { + "description": "The Amazon EMR release version to use for the job run.", + "type": "string" + }, + "tags": { + "additionalProperties": { + "type": "string" + }, + "description": "The tags assigned to job runs.", + "type": "object" + }, + "virtualClusterID": { + "description": "The virtual cluster ID for which the job run request is submitted.", + "type": "string" + }, + "virtualClusterRef": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + } + }, + "required": [ + "executionRoleARN", + "jobDriver", + "releaseLabel" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "JobRunStatus defines the observed state of JobRun", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "id": { + "description": "This output displays the started job run ID.", + "type": "string" + }, + "state": { + "description": "The state of the job run.", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/emrcontainers.services.k8s.aws/virtualcluster_v1alpha1.json b/emrcontainers.services.k8s.aws/virtualcluster_v1alpha1.json new file mode 100644 index 00000000..f270aa31 --- /dev/null +++ b/emrcontainers.services.k8s.aws/virtualcluster_v1alpha1.json @@ -0,0 +1,139 @@ +{ + "description": "VirtualCluster is the Schema for the VirtualClusters API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "VirtualClusterSpec defines the desired state of VirtualCluster. \n This entity describes a virtual cluster. A virtual cluster is a Kubernetes namespace that Amazon EMR is registered with. Amazon EMR uses virtual clusters to run jobs and host endpoints. Multiple virtual clusters can be backed by the same physical cluster. However, each virtual cluster maps to one namespace on an EKS cluster. Virtual clusters do not create any active resources that contribute to your bill or that require lifecycle management outside the service.", + "properties": { + "containerProvider": { + "description": "The container provider of the virtual cluster.", + "properties": { + "id": { + "type": "string" + }, + "info": { + "description": "The information about the container used for a job run or a managed endpoint.", + "properties": { + "eksInfo": { + "description": "The information about the EKS cluster.", + "properties": { + "namespace": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "type_": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "name": { + "description": "The specified name of the virtual cluster.", + "type": "string" + }, + "tags": { + "additionalProperties": { + "type": "string" + }, + "description": "The tags assigned to the virtual cluster.", + "type": "object" + } + }, + "required": [ + "containerProvider", + "name" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "VirtualClusterStatus defines the observed state of VirtualCluster", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "id": { + "description": "This output contains the virtual cluster ID.", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/eventbridge.services.k8s.aws/archive_v1alpha1.json b/eventbridge.services.k8s.aws/archive_v1alpha1.json new file mode 100644 index 00000000..2a86cb76 --- /dev/null +++ b/eventbridge.services.k8s.aws/archive_v1alpha1.json @@ -0,0 +1,144 @@ +{ + "description": "Archive is the Schema for the Archives API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "ArchiveSpec defines the desired state of Archive. \n An Archive object that contains details about an archive.", + "properties": { + "description": { + "description": "A description for the archive.", + "type": "string" + }, + "eventPattern": { + "description": "An event pattern to use to filter events sent to the archive.", + "type": "string" + }, + "eventSourceARN": { + "description": "The ARN of the event bus that sends events to the archive.", + "type": "string" + }, + "eventSourceRef": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "name": { + "description": "The name for the archive to create.", + "type": "string" + }, + "retentionDays": { + "description": "The number of days to retain events for. Default value is 0. If set to 0, events are retained indefinitely", + "format": "int64", + "type": "integer" + } + }, + "required": [ + "name" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "ArchiveStatus defines the observed state of Archive", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "creationTime": { + "description": "The time at which the archive was created.", + "format": "date-time", + "type": "string" + }, + "state": { + "description": "The state of the archive that was created.", + "type": "string" + }, + "stateReason": { + "description": "The reason that the archive is in the state.", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/eventbridge.services.k8s.aws/endpoint_v1alpha1.json b/eventbridge.services.k8s.aws/endpoint_v1alpha1.json new file mode 100644 index 00000000..7c94c0ad --- /dev/null +++ b/eventbridge.services.k8s.aws/endpoint_v1alpha1.json @@ -0,0 +1,173 @@ +{ + "description": "Endpoint is the Schema for the Endpoints API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "EndpointSpec defines the desired state of Endpoint. \n An global endpoint used to improve your application's availability by making it regional-fault tolerant. For more information about global endpoints, see Making applications Regional-fault tolerant with global endpoints and event replication (https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-global-endpoints.html) in the Amazon EventBridge User Guide..", + "properties": { + "description": { + "description": "A description of the global endpoint.", + "type": "string" + }, + "eventBuses": { + "description": "Define the event buses used. \n The names of the event buses must be identical in each Region.", + "items": { + "description": "The event buses the endpoint is associated with.", + "properties": { + "eventBusARN": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "name": { + "description": "The name of the global endpoint. For example, \"Name\":\"us-east-2-custom_bus_A-endpoint\".", + "type": "string" + }, + "replicationConfig": { + "description": "Enable or disable event replication.", + "properties": { + "state": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "roleARN": { + "description": "The ARN of the role used for replication.", + "type": "string" + }, + "routingConfig": { + "description": "Configure the routing policy, including the health check and secondary Region..", + "properties": { + "failoverConfig": { + "description": "The failover configuration for an endpoint. This includes what triggers failover and what happens when it's triggered.", + "properties": { + "primary": { + "description": "The primary Region of the endpoint.", + "properties": { + "healthCheck": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "secondary": { + "description": "The secondary Region that processes events when failover is triggered or replication is enabled.", + "properties": { + "route": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + } + }, + "required": [ + "eventBuses", + "name", + "routingConfig" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "EndpointStatus defines the observed state of Endpoint", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "state": { + "description": "The state of the endpoint that was created by this request.", + "type": "string" + }, + "stateReason": { + "description": "The reason the endpoint you asked for information about is in its current state.", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/eventbridge.services.k8s.aws/eventbus_v1alpha1.json b/eventbridge.services.k8s.aws/eventbus_v1alpha1.json new file mode 100644 index 00000000..8e1778f1 --- /dev/null +++ b/eventbridge.services.k8s.aws/eventbus_v1alpha1.json @@ -0,0 +1,118 @@ +{ + "description": "EventBus is the Schema for the EventBuses API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "EventBusSpec defines the desired state of EventBus. \n An event bus receives events from a source and routes them to rules associated with that event bus. Your account's default event bus receives events from Amazon Web Services services. A custom event bus can receive events from your custom applications and services. A partner event bus receives events from an event source created by an SaaS partner. These events come from the partners services or applications.", + "properties": { + "eventSourceName": { + "description": "If you are creating a partner event bus, this specifies the partner event source that the new event bus will be matched with.", + "type": "string" + }, + "name": { + "description": "The name of the new event bus. \n Event bus names cannot contain the / character. You can't use the name default for a custom event bus, as this name is already used for your account's default event bus. \n If this is a partner event bus, the name must exactly match the name of the partner event source that this event bus is matched to.", + "type": "string" + }, + "tags": { + "description": "Tags to associate with the event bus.", + "items": { + "description": "A key-value pair associated with an Amazon Web Services resource. In EventBridge, rules and event buses support tagging.", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "required": [ + "name" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "EventBusStatus defines the observed state of EventBus", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/eventbridge.services.k8s.aws/rule_v1alpha1.json b/eventbridge.services.k8s.aws/rule_v1alpha1.json new file mode 100644 index 00000000..48dda4a7 --- /dev/null +++ b/eventbridge.services.k8s.aws/rule_v1alpha1.json @@ -0,0 +1,508 @@ +{ + "description": "Rule is the Schema for the Rules API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "RuleSpec defines the desired state of Rule. \n Contains information about a rule in Amazon EventBridge.", + "properties": { + "description": { + "description": "A description of the rule.", + "type": "string" + }, + "eventBusName": { + "description": "The name or ARN of the event bus to associate with this rule. If you omit this, the default event bus is used.", + "type": "string" + }, + "eventBusRef": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "eventPattern": { + "description": "The event pattern. For more information, see EventBridge event patterns (https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-event-patterns.html.html) in the Amazon EventBridge User Guide.", + "type": "string" + }, + "name": { + "description": "The name of the rule that you are creating or updating.", + "type": "string" + }, + "roleARN": { + "description": "The Amazon Resource Name (ARN) of the IAM role associated with the rule. \n If you're setting an event bus in another account as the target and that account granted permission to your account through an organization instead of directly by the account ID, you must specify a RoleArn with proper permissions in the Target structure, instead of here in this parameter.", + "type": "string" + }, + "scheduleExpression": { + "description": "The scheduling expression. For example, \"cron(0 20 * * ? *)\" or \"rate(5 minutes)\".", + "type": "string" + }, + "state": { + "description": "Indicates whether the rule is enabled or disabled.", + "type": "string" + }, + "tags": { + "description": "The list of key-value pairs to associate with the rule.", + "items": { + "description": "A key-value pair associated with an Amazon Web Services resource. In EventBridge, rules and event buses support tagging.", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "targets": { + "items": { + "description": "Targets are the resources to be invoked when a rule is triggered. For a complete list of services and resources that can be set as a target, see PutTargets (https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_PutTargets.html). \n If you are setting the event bus of another account as the target, and that account granted permission to your account through an organization instead of directly by the account ID, then you must specify a RoleArn with proper permissions in the Target structure. For more information, see Sending and Receiving Events Between Amazon Web Services Accounts (https://docs.aws.amazon.com/eventbridge/latest/userguide/eventbridge-cross-account-event-delivery.html) in the Amazon EventBridge User Guide.", + "properties": { + "arn": { + "type": "string" + }, + "batchParameters": { + "description": "The custom parameters to be used when the target is an Batch job.", + "properties": { + "arrayProperties": { + "description": "The array properties for the submitted job, such as the size of the array. The array size can be between 2 and 10,000. If you specify array properties for a job, it becomes an array job. This parameter is used only if the target is an Batch job.", + "properties": { + "size": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + }, + "jobDefinition": { + "type": "string" + }, + "jobName": { + "type": "string" + }, + "retryStrategy": { + "description": "The retry strategy to use for failed jobs, if the target is an Batch job. If you specify a retry strategy here, it overrides the retry strategy defined in the job definition.", + "properties": { + "attempts": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "deadLetterConfig": { + "description": "A DeadLetterConfig object that contains information about a dead-letter queue configuration.", + "properties": { + "arn": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "ecsParameters": { + "description": "The custom parameters to be used when the target is an Amazon ECS task.", + "properties": { + "capacityProviderStrategy": { + "items": { + "description": "The details of a capacity provider strategy. To learn more, see CapacityProviderStrategyItem (https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_CapacityProviderStrategyItem.html) in the Amazon ECS API Reference.", + "properties": { + "base": { + "format": "int64", + "type": "integer" + }, + "capacityProvider": { + "type": "string" + }, + "weight": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "enableECSManagedTags": { + "type": "boolean" + }, + "enableExecuteCommand": { + "type": "boolean" + }, + "group": { + "type": "string" + }, + "launchType": { + "type": "string" + }, + "networkConfiguration": { + "description": "This structure specifies the network configuration for an ECS task.", + "properties": { + "awsVPCConfiguration": { + "description": "This structure specifies the VPC subnets and security groups for the task, and whether a public IP address is to be used. This structure is relevant only for ECS tasks that use the awsvpc network mode.", + "properties": { + "assignPublicIP": { + "type": "string" + }, + "securityGroups": { + "items": { + "type": "string" + }, + "type": "array" + }, + "subnets": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "placementConstraints": { + "items": { + "description": "An object representing a constraint on task placement. To learn more, see Task Placement Constraints (https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-placement-constraints.html) in the Amazon Elastic Container Service Developer Guide.", + "properties": { + "expression": { + "type": "string" + }, + "type_": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "placementStrategy": { + "items": { + "description": "The task placement strategy for a task or service. To learn more, see Task Placement Strategies (https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-placement-strategies.html) in the Amazon Elastic Container Service Service Developer Guide.", + "properties": { + "field": { + "type": "string" + }, + "type_": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "platformVersion": { + "type": "string" + }, + "propagateTags": { + "type": "string" + }, + "referenceID": { + "type": "string" + }, + "tags": { + "items": { + "description": "A key-value pair associated with an Amazon Web Services resource. In EventBridge, rules and event buses support tagging.", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "taskCount": { + "format": "int64", + "type": "integer" + }, + "taskDefinitionARN": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "httpParameters": { + "description": "These are custom parameter to be used when the target is an API Gateway REST APIs or EventBridge ApiDestinations. In the latter case, these are merged with any InvocationParameters specified on the Connection, with any values from the Connection taking precedence.", + "properties": { + "headerParameters": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "pathParameterValues": { + "items": { + "type": "string" + }, + "type": "array" + }, + "queryStringParameters": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object", + "additionalProperties": false + }, + "id": { + "type": "string" + }, + "input": { + "type": "string" + }, + "inputPath": { + "type": "string" + }, + "inputTransformer": { + "description": "Contains the parameters needed for you to provide custom input to a target based on one or more pieces of data extracted from the event.", + "properties": { + "inputPathsMap": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "inputTemplate": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "kinesisParameters": { + "description": "This object enables you to specify a JSON path to extract from the event and use as the partition key for the Amazon Kinesis data stream, so that you can control the shard to which the event goes. If you do not include this parameter, the default is to use the eventId as the partition key.", + "properties": { + "partitionKeyPath": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "redshiftDataParameters": { + "description": "These are custom parameters to be used when the target is a Amazon Redshift cluster to invoke the Amazon Redshift Data API ExecuteStatement based on EventBridge events.", + "properties": { + "database": { + "type": "string" + }, + "dbUser": { + "type": "string" + }, + "secretManagerARN": { + "type": "string" + }, + "sql": { + "type": "string" + }, + "statementName": { + "type": "string" + }, + "withEvent": { + "type": "boolean" + } + }, + "type": "object", + "additionalProperties": false + }, + "retryPolicy": { + "description": "A RetryPolicy object that includes information about the retry policy settings.", + "properties": { + "maximumEventAgeInSeconds": { + "format": "int64", + "type": "integer" + }, + "maximumRetryAttempts": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + }, + "roleARN": { + "type": "string" + }, + "runCommandParameters": { + "description": "This parameter contains the criteria (either InstanceIds or a tag) used to specify which EC2 instances are to be sent the command.", + "properties": { + "runCommandTargets": { + "items": { + "description": "Information about the EC2 instances that are to be sent the command, specified as key-value pairs. Each RunCommandTarget block can include only one key, but this key may specify multiple values.", + "properties": { + "key": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "sageMakerPipelineParameters": { + "description": "These are custom parameters to use when the target is a SageMaker Model Building Pipeline that starts based on EventBridge events.", + "properties": { + "pipelineParameterList": { + "items": { + "description": "Name/Value pair of a parameter to start execution of a SageMaker Model Building Pipeline.", + "properties": { + "name": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "sqsParameters": { + "description": "This structure includes the custom parameter to be used when the target is an SQS FIFO queue.", + "properties": { + "messageGroupID": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "required": [ + "name" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "RuleStatus defines the observed state of Rule", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/iam.services.k8s.aws/group_v1alpha1.json b/iam.services.k8s.aws/group_v1alpha1.json new file mode 100644 index 00000000..8d27b9df --- /dev/null +++ b/iam.services.k8s.aws/group_v1alpha1.json @@ -0,0 +1,142 @@ +{ + "description": "Group is the Schema for the Groups API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "GroupSpec defines the desired state of Group. \n Contains information about an IAM group entity. \n This data type is used as a response element in the following operations: \n - CreateGroup \n - GetGroup \n - ListGroups", + "properties": { + "inlinePolicies": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "name": { + "description": "The name of the group to create. Do not include the path in this value. \n IAM user, group, role, and policy names must be unique within the account. Names are not distinguished by case. For example, you cannot create resources named both \"MyResource\" and \"myresource\".", + "type": "string" + }, + "path": { + "description": "The path to the group. For more information about paths, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the IAM User Guide. \n This parameter is optional. If it is not included, it defaults to a slash (/). \n This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex)) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! (\\u0021) through the DEL character (\\u007F), including most punctuation characters, digits, and upper and lowercased letters.", + "type": "string" + }, + "policies": { + "items": { + "type": "string" + }, + "type": "array" + }, + "policyRefs": { + "items": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "required": [ + "name" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "GroupStatus defines the observed state of Group", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "createDate": { + "description": "The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601), when the group was created.", + "format": "date-time", + "type": "string" + }, + "groupID": { + "description": "The stable and unique string identifying the group. For more information about IDs, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the IAM User Guide.", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/iam.services.k8s.aws/openidconnectprovider_v1alpha1.json b/iam.services.k8s.aws/openidconnectprovider_v1alpha1.json new file mode 100644 index 00000000..20c7fb65 --- /dev/null +++ b/iam.services.k8s.aws/openidconnectprovider_v1alpha1.json @@ -0,0 +1,129 @@ +{ + "description": "OpenIDConnectProvider is the Schema for the OpenIDConnectProviders API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "OpenIDConnectProviderSpec defines the desired state of OpenIDConnectProvider.", + "properties": { + "clientIDs": { + "description": "Provides a list of client IDs, also known as audiences. When a mobile or web app registers with an OpenID Connect provider, they establish a value that identifies the application. This is the value that's sent as the client_id parameter on OAuth requests. \n You can register multiple client IDs with the same provider. For example, you might have multiple applications that use the same OIDC provider. You cannot register more than 100 client IDs with a single IAM OIDC provider. \n There is no defined format for a client ID. The CreateOpenIDConnectProviderRequest operation accepts client IDs up to 255 characters long.", + "items": { + "type": "string" + }, + "type": "array" + }, + "tags": { + "description": "A list of tags that you want to attach to the new IAM OpenID Connect (OIDC) provider. Each tag consists of a key name and an associated value. For more information about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the IAM User Guide. \n If any one of the tags is invalid or if you exceed the allowed maximum number of tags, then the entire request fails and the resource is not created.", + "items": { + "description": "A structure that represents user-provided metadata that can be associated with an IAM resource. For more information about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the IAM User Guide.", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "thumbprints": { + "description": "A list of server certificate thumbprints for the OpenID Connect (OIDC) identity provider's server certificates. Typically this list includes only one entry. However, IAM lets you have up to five thumbprints for an OIDC provider. This lets you maintain multiple thumbprints if the identity provider is rotating certificates. \n The server certificate thumbprint is the hex-encoded SHA-1 hash value of the X.509 certificate used by the domain where the OpenID Connect provider makes its keys available. It is always a 40-character string. \n You must provide at least one thumbprint when creating an IAM OIDC provider. For example, assume that the OIDC provider is server.example.com and the provider stores its keys at https://keys.server.example.com/openid-connect. In that case, the thumbprint string would be the hex-encoded SHA-1 hash value of the certificate used by https://keys.server.example.com. \n For more information about obtaining the OIDC provider thumbprint, see Obtaining the thumbprint for an OpenID Connect provider (https://docs.aws.amazon.com/IAM/latest/UserGuide/identity-providers-oidc-obtain-thumbprint.html) in the IAM User Guide.", + "items": { + "type": "string" + }, + "type": "array" + }, + "url": { + "description": "The URL of the identity provider. The URL must begin with https:// and should correspond to the iss claim in the provider's OpenID Connect ID tokens. Per the OIDC standard, path components are allowed but query parameters are not. Typically the URL consists of only a hostname, like https://server.example.org or https://example.com. The URL should not contain a port number. \n You cannot register the same provider multiple times in a single Amazon Web Services account. If you try to submit a URL that has already been used for an OpenID Connect provider in the Amazon Web Services account, you will get an error.", + "type": "string" + } + }, + "required": [ + "thumbprints", + "url" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "OpenIDConnectProviderStatus defines the observed state of OpenIDConnectProvider", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/iam.services.k8s.aws/policy_v1alpha1.json b/iam.services.k8s.aws/policy_v1alpha1.json new file mode 100644 index 00000000..5ff316ba --- /dev/null +++ b/iam.services.k8s.aws/policy_v1alpha1.json @@ -0,0 +1,159 @@ +{ + "description": "Policy is the Schema for the Policies API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "PolicySpec defines the desired state of Policy. \n Contains information about a managed policy. \n This data type is used as a response element in the CreatePolicy, GetPolicy, and ListPolicies operations. \n For more information about managed policies, refer to Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.", + "properties": { + "description": { + "description": "A friendly description of the policy. \n Typically used to store information about the permissions defined in the policy. For example, \"Grants access to production DynamoDB tables.\" \n The policy description is immutable. After a value is assigned, it cannot be changed.", + "type": "string" + }, + "name": { + "description": "The friendly name of the policy. \n IAM user, group, role, and policy names must be unique within the account. Names are not distinguished by case. For example, you cannot create resources named both \"MyResource\" and \"myresource\".", + "type": "string" + }, + "path": { + "description": "The path for the policy. \n For more information about paths, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the IAM User Guide. \n This parameter is optional. If it is not included, it defaults to a slash (/). \n This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex)) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! (\\u0021) through the DEL character (\\u007F), including most punctuation characters, digits, and upper and lowercased letters. \n You cannot use an asterisk (*) in the path name.", + "type": "string" + }, + "policyDocument": { + "description": "The JSON policy document that you want to use as the content for the new policy. \n You must provide policies in JSON format in IAM. However, for CloudFormation templates formatted in YAML, you can provide the policy in JSON or YAML format. CloudFormation always converts a YAML policy to JSON format before submitting it to IAM. \n The maximum length of the policy document that you can pass in this operation, including whitespace, is listed below. To view the maximum character counts of a managed policy with no whitespaces, see IAM and STS character quotas (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-quotas-entity-length). \n To learn more about JSON policy grammar, see Grammar of the IAM JSON policy language (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_grammar.html) in the IAM User Guide. \n The regex pattern (http://wikipedia.org/wiki/regex) used to validate this parameter is a string of characters consisting of the following: \n - Any printable ASCII character ranging from the space character (\\u0020) through the end of the ASCII character range \n - The printable characters in the Basic Latin and Latin-1 Supplement character set (through \\u00FF) \n - The special characters tab (\\u0009), line feed (\\u000A), and carriage return (\\u000D)", + "type": "string" + }, + "tags": { + "description": "A list of tags that you want to attach to the new IAM customer managed policy. Each tag consists of a key name and an associated value. For more information about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the IAM User Guide. \n If any one of the tags is invalid or if you exceed the allowed maximum number of tags, then the entire request fails and the resource is not created.", + "items": { + "description": "A structure that represents user-provided metadata that can be associated with an IAM resource. For more information about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the IAM User Guide.", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "required": [ + "name", + "policyDocument" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "PolicyStatus defines the observed state of Policy", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "attachmentCount": { + "description": "The number of entities (users, groups, and roles) that the policy is attached to.", + "format": "int64", + "type": "integer" + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "createDate": { + "description": "The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601), when the policy was created.", + "format": "date-time", + "type": "string" + }, + "defaultVersionID": { + "description": "The identifier for the version of the policy that is set as the default version.", + "type": "string" + }, + "isAttachable": { + "description": "Specifies whether the policy can be attached to an IAM user, group, or role.", + "type": "boolean" + }, + "permissionsBoundaryUsageCount": { + "description": "The number of entities (users and roles) for which the policy is used to set the permissions boundary. \n For more information about permissions boundaries, see Permissions boundaries for IAM identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html) in the IAM User Guide.", + "format": "int64", + "type": "integer" + }, + "policyID": { + "description": "The stable and unique string identifying the policy. \n For more information about IDs, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the IAM User Guide.", + "type": "string" + }, + "updateDate": { + "description": "The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601), when the policy was last updated. \n When a policy has only one version, this field contains the date and time when the policy was created. When a policy has more than one version, this field contains the date and time when the most recent policy version was created.", + "format": "date-time", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/iam.services.k8s.aws/role_v1alpha1.json b/iam.services.k8s.aws/role_v1alpha1.json new file mode 100644 index 00000000..8e5db202 --- /dev/null +++ b/iam.services.k8s.aws/role_v1alpha1.json @@ -0,0 +1,208 @@ +{ + "description": "Role is the Schema for the Roles API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "RoleSpec defines the desired state of Role. \n Contains information about an IAM role. This structure is returned as a response element in several API operations that interact with roles.", + "properties": { + "assumeRolePolicyDocument": { + "description": "The trust relationship policy document that grants an entity permission to assume the role. \n In IAM, you must provide a JSON policy that has been converted to a string. However, for CloudFormation templates formatted in YAML, you can provide the policy in JSON or YAML format. CloudFormation always converts a YAML policy to JSON format before submitting it to IAM. \n The regex pattern (http://wikipedia.org/wiki/regex) used to validate this parameter is a string of characters consisting of the following: \n - Any printable ASCII character ranging from the space character (\\u0020) through the end of the ASCII character range \n - The printable characters in the Basic Latin and Latin-1 Supplement character set (through \\u00FF) \n - The special characters tab (\\u0009), line feed (\\u000A), and carriage return (\\u000D) \n Upon success, the response includes the same trust policy in JSON format.", + "type": "string" + }, + "description": { + "description": "A description of the role.", + "type": "string" + }, + "inlinePolicies": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "maxSessionDuration": { + "description": "The maximum session duration (in seconds) that you want to set for the specified role. If you do not specify a value for this setting, the default value of one hour is applied. This setting can have a value from 1 hour to 12 hours. \n Anyone who assumes the role from the or API can use the DurationSeconds API parameter or the duration-seconds CLI parameter to request a longer session. The MaxSessionDuration setting determines the maximum duration that can be requested using the DurationSeconds parameter. If users don't specify a value for the DurationSeconds parameter, their security credentials are valid for one hour by default. This applies when you use the AssumeRole* API operations or the assume-role* CLI operations but does not apply when you use those operations to create a console URL. For more information, see Using IAM roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html) in the IAM User Guide.", + "format": "int64", + "type": "integer" + }, + "name": { + "description": "The name of the role to create. \n IAM user, group, role, and policy names must be unique within the account. Names are not distinguished by case. For example, you cannot create resources named both \"MyResource\" and \"myresource\".", + "type": "string" + }, + "path": { + "description": "The path to the role. For more information about paths, see IAM Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the IAM User Guide. \n This parameter is optional. If it is not included, it defaults to a slash (/). \n This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex)) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! (\\u0021) through the DEL character (\\u007F), including most punctuation characters, digits, and upper and lowercased letters.", + "type": "string" + }, + "permissionsBoundary": { + "description": "The ARN of the policy that is used to set the permissions boundary for the role.", + "type": "string" + }, + "permissionsBoundaryRef": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "policies": { + "items": { + "type": "string" + }, + "type": "array" + }, + "policyRefs": { + "items": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "tags": { + "description": "A list of tags that you want to attach to the new role. Each tag consists of a key name and an associated value. For more information about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the IAM User Guide. \n If any one of the tags is invalid or if you exceed the allowed maximum number of tags, then the entire request fails and the resource is not created.", + "items": { + "description": "A structure that represents user-provided metadata that can be associated with an IAM resource. For more information about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the IAM User Guide.", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "required": [ + "assumeRolePolicyDocument", + "name" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "RoleStatus defines the observed state of Role", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "createDate": { + "description": "The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601), when the role was created.", + "format": "date-time", + "type": "string" + }, + "roleID": { + "description": "The stable and unique string identifying the role. For more information about IDs, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the IAM User Guide.", + "type": "string" + }, + "roleLastUsed": { + "description": "Contains information about the last time that an IAM role was used. This includes the date and time and the Region in which the role was last used. Activity is only reported for the trailing 400 days. This period can be shorter if your Region began supporting these features within the last year. The role might have been used more than 400 days ago. For more information, see Regions where data is tracked (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#access-advisor_tracking-period) in the IAM User Guide.", + "properties": { + "lastUsedDate": { + "format": "date-time", + "type": "string" + }, + "region": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/iam.services.k8s.aws/user_v1alpha1.json b/iam.services.k8s.aws/user_v1alpha1.json new file mode 100644 index 00000000..487889fb --- /dev/null +++ b/iam.services.k8s.aws/user_v1alpha1.json @@ -0,0 +1,185 @@ +{ + "description": "User is the Schema for the Users API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "UserSpec defines the desired state of User. \n Contains information about an IAM user entity. \n This data type is used as a response element in the following operations: \n - CreateUser \n - GetUser \n - ListUsers", + "properties": { + "inlinePolicies": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "name": { + "description": "The name of the user to create. \n IAM user, group, role, and policy names must be unique within the account. Names are not distinguished by case. For example, you cannot create resources named both \"MyResource\" and \"myresource\".", + "type": "string" + }, + "path": { + "description": "The path for the user name. For more information about paths, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the IAM User Guide. \n This parameter is optional. If it is not included, it defaults to a slash (/). \n This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex)) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! (\\u0021) through the DEL character (\\u007F), including most punctuation characters, digits, and upper and lowercased letters.", + "type": "string" + }, + "permissionsBoundary": { + "description": "The ARN of the policy that is used to set the permissions boundary for the user.", + "type": "string" + }, + "permissionsBoundaryRef": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "policies": { + "items": { + "type": "string" + }, + "type": "array" + }, + "policyRefs": { + "items": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "tags": { + "description": "A list of tags that you want to attach to the new user. Each tag consists of a key name and an associated value. For more information about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the IAM User Guide. \n If any one of the tags is invalid or if you exceed the allowed maximum number of tags, then the entire request fails and the resource is not created.", + "items": { + "description": "A structure that represents user-provided metadata that can be associated with an IAM resource. For more information about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the IAM User Guide.", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "required": [ + "name" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "UserStatus defines the observed state of User", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "createDate": { + "description": "The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601), when the user was created.", + "format": "date-time", + "type": "string" + }, + "passwordLastUsed": { + "description": "The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601), when the user's password was last used to sign in to an Amazon Web Services website. For a list of Amazon Web Services websites that capture a user's last sign-in time, see the Credential reports (https://docs.aws.amazon.com/IAM/latest/UserGuide/credential-reports.html) topic in the IAM User Guide. If a password is used more than once in a five-minute span, only the first use is returned in this field. If the field is null (no value), then it indicates that they never signed in with a password. This can be because: \n * The user never had a password. \n * A password exists but has not been used since IAM started tracking this information on October 20, 2014. \n A null value does not mean that the user never had a password. Also, if the user does not currently have a password but had one in the past, then this field contains the date and time the most recent password was used. \n This value is returned only in the GetUser and ListUsers operations.", + "format": "date-time", + "type": "string" + }, + "userID": { + "description": "The stable and unique string identifying the user. For more information about IDs, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the IAM User Guide.", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/kafka.services.k8s.aws/cluster_v1alpha1.json b/kafka.services.k8s.aws/cluster_v1alpha1.json new file mode 100644 index 00000000..768c549c --- /dev/null +++ b/kafka.services.k8s.aws/cluster_v1alpha1.json @@ -0,0 +1,395 @@ +{ + "description": "Cluster is the Schema for the Clusters API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "ClusterSpec defines the desired state of Cluster. \n Returns information about a cluster of either the provisioned or the serverless type.", + "properties": { + "brokerNodeGroupInfo": { + "description": "Information about the brokers.", + "properties": { + "brokerAZDistribution": { + "description": "The distribution of broker nodes across Availability Zones. By default, broker nodes are distributed among the Availability Zones of your Region. Currently, the only supported value is DEFAULT. You can either specify this value explicitly or leave it out.", + "type": "string" + }, + "clientSubnets": { + "items": { + "type": "string" + }, + "type": "array" + }, + "connectivityInfo": { + "description": "Information about the broker access configuration.", + "properties": { + "publicAccess": { + "description": "Broker public access control.", + "properties": { + "type_": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "instanceType": { + "type": "string" + }, + "securityGroups": { + "items": { + "type": "string" + }, + "type": "array" + }, + "storageInfo": { + "description": "Contains information about storage volumes attached to MSK broker nodes.", + "properties": { + "ebsStorageInfo": { + "description": "Contains information about the EBS storage volumes attached to Apache Kafka broker nodes.", + "properties": { + "provisionedThroughput": { + "description": "Contains information about provisioned throughput for EBS storage volumes attached to kafka broker nodes.", + "properties": { + "enabled": { + "type": "boolean" + }, + "volumeThroughput": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + }, + "volumeSize": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "clientAuthentication": { + "description": "Includes all client authentication related information.", + "properties": { + "sasl": { + "properties": { + "iam": { + "properties": { + "enabled": { + "type": "boolean" + } + }, + "type": "object", + "additionalProperties": false + }, + "scram": { + "properties": { + "enabled": { + "type": "boolean" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "tls": { + "description": "Details for client authentication using TLS.", + "properties": { + "certificateAuthorityARNList": { + "items": { + "type": "string" + }, + "type": "array" + }, + "enabled": { + "type": "boolean" + } + }, + "type": "object", + "additionalProperties": false + }, + "unauthenticated": { + "description": "Contains information about unauthenticated traffic to the cluster.", + "properties": { + "enabled": { + "type": "boolean" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "configurationInfo": { + "description": "Represents the configuration that you want MSK to use for the cluster.", + "properties": { + "arn": { + "type": "string" + }, + "revision": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + }, + "encryptionInfo": { + "description": "Includes all encryption-related information.", + "properties": { + "encryptionAtRest": { + "description": "The data-volume encryption details.", + "properties": { + "dataVolumeKMSKeyID": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "encryptionInTransit": { + "description": "The settings for encrypting data in transit.", + "properties": { + "clientBroker": { + "description": "Client-broker encryption in transit setting.", + "type": "string" + }, + "inCluster": { + "type": "boolean" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "enhancedMonitoring": { + "description": "Specifies the level of monitoring for the MSK cluster. The possible values are DEFAULT, PER_BROKER, PER_TOPIC_PER_BROKER, and PER_TOPIC_PER_PARTITION.", + "type": "string" + }, + "kafkaVersion": { + "description": "The version of Apache Kafka.", + "type": "string" + }, + "loggingInfo": { + "description": "LoggingInfo details.", + "properties": { + "brokerLogs": { + "description": "The broker logs configuration for this MSK cluster.", + "properties": { + "cloudWatchLogs": { + "description": "Details of the CloudWatch Logs destination for broker logs.", + "properties": { + "enabled": { + "type": "boolean" + }, + "logGroup": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "firehose": { + "description": "Firehose details for BrokerLogs.", + "properties": { + "deliveryStream": { + "type": "string" + }, + "enabled": { + "type": "boolean" + } + }, + "type": "object", + "additionalProperties": false + }, + "s3": { + "description": "The details of the Amazon S3 destination for broker logs.", + "properties": { + "bucket": { + "type": "string" + }, + "enabled": { + "type": "boolean" + }, + "prefix": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "name": { + "description": "The name of the cluster.", + "type": "string" + }, + "numberOfBrokerNodes": { + "description": "The number of Apache Kafka broker nodes in the Amazon MSK cluster.", + "format": "int64", + "type": "integer" + }, + "openMonitoring": { + "description": "The settings for open monitoring.", + "properties": { + "prometheus": { + "description": "Prometheus settings.", + "properties": { + "jmxExporter": { + "description": "Indicates whether you want to enable or disable the JMX Exporter.", + "properties": { + "enabledInBroker": { + "type": "boolean" + } + }, + "type": "object", + "additionalProperties": false + }, + "nodeExporter": { + "description": "Indicates whether you want to enable or disable the Node Exporter.", + "properties": { + "enabledInBroker": { + "type": "boolean" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "storageMode": { + "description": "This controls storage mode for supported storage tiers.", + "type": "string" + }, + "tags": { + "additionalProperties": { + "type": "string" + }, + "description": "Create tags when creating the cluster.", + "type": "object" + } + }, + "required": [ + "brokerNodeGroupInfo", + "kafkaVersion", + "name", + "numberOfBrokerNodes" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "ClusterStatus defines the observed state of Cluster", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "state": { + "description": "The state of the cluster. The possible states are ACTIVE, CREATING, DELETING, FAILED, HEALING, MAINTENANCE, REBOOTING_BROKER, and UPDATING.", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/kinesis.services.k8s.aws/stream_v1alpha1.json b/kinesis.services.k8s.aws/stream_v1alpha1.json new file mode 100644 index 00000000..d741747e --- /dev/null +++ b/kinesis.services.k8s.aws/stream_v1alpha1.json @@ -0,0 +1,161 @@ +{ + "description": "Stream is the Schema for the Streams API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "StreamSpec defines the desired state of Stream.", + "properties": { + "name": { + "description": "A name to identify the stream. The stream name is scoped to the Amazon Web Services account used by the application that creates the stream. It is also scoped by Amazon Web Services Region. That is, two streams in two different Amazon Web Services accounts can have the same name. Two streams in the same Amazon Web Services account but in two different Regions can also have the same name.", + "type": "string" + }, + "shardCount": { + "description": "The number of shards that the stream will use. The throughput of the stream is a function of the number of shards; more shards are required for greater provisioned throughput.", + "format": "int64", + "type": "integer" + }, + "streamModeDetails": { + "description": "Indicates the capacity mode of the data stream. Currently, in Kinesis Data Streams, you can choose between an on-demand capacity mode and a provisioned capacity mode for your data streams.", + "properties": { + "streamMode": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "required": [ + "name" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "StreamStatus defines the observed state of Stream", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "consumerCount": { + "description": "The number of enhanced fan-out consumers registered with the stream.", + "format": "int64", + "type": "integer" + }, + "encryptionType": { + "description": "The encryption type used. This value is one of the following: \n * KMS \n * NONE", + "type": "string" + }, + "enhancedMonitoring": { + "description": "Represents the current enhanced monitoring settings of the stream.", + "items": { + "description": "Represents enhanced metrics types.", + "properties": { + "shardLevelMetrics": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "keyID": { + "description": "The GUID for the customer-managed Amazon Web Services KMS key to use for encryption. This value can be a globally unique identifier, a fully specified ARN to either an alias or a key, or an alias name prefixed by \"alias/\".You can also use a master key owned by Kinesis Data Streams by specifying the alias aws/kinesis. \n * Key ARN example: arn:aws:kms:us-east-1:123456789012:key/12345678-1234-1234-1234-123456789012 \n * Alias ARN example: arn:aws:kms:us-east-1:123456789012:alias/MyAliasName \n * Globally unique key ID example: 12345678-1234-1234-1234-123456789012 \n * Alias name example: alias/MyAliasName \n * Master key owned by Kinesis Data Streams: alias/aws/kinesis", + "type": "string" + }, + "openShardCount": { + "description": "The number of open shards in the stream.", + "format": "int64", + "type": "integer" + }, + "retentionPeriodHours": { + "description": "The current retention period, in hours.", + "format": "int64", + "type": "integer" + }, + "streamCreationTimestamp": { + "description": "The approximate time that the stream was created.", + "format": "date-time", + "type": "string" + }, + "streamStatus": { + "description": "The current status of the stream being described. The stream status is one of the following states: \n * CREATING - The stream is being created. Kinesis Data Streams immediately returns and sets StreamStatus to CREATING. \n * DELETING - The stream is being deleted. The specified stream is in the DELETING state until Kinesis Data Streams completes the deletion. \n * ACTIVE - The stream exists and is ready for read and write operations or deletion. You should perform read and write operations only on an ACTIVE stream. \n * UPDATING - Shards in the stream are being merged or split. Read and write operations continue to work while the stream is in the UPDATING state.", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/kms.services.k8s.aws/alias_v1alpha1.json b/kms.services.k8s.aws/alias_v1alpha1.json new file mode 100644 index 00000000..0ed422e9 --- /dev/null +++ b/kms.services.k8s.aws/alias_v1alpha1.json @@ -0,0 +1,118 @@ +{ + "description": "Alias is the Schema for the Aliases API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "AliasSpec defines the desired state of Alias.", + "properties": { + "name": { + "description": "Specifies the alias name. This value must begin with alias/ followed by a name, such as alias/ExampleAlias. \n The AliasName value must be string of 1-256 characters. It can contain only alphanumeric characters, forward slashes (/), underscores (_), and dashes (-). The alias name cannot begin with alias/aws/. The alias/aws/ prefix is reserved for Amazon Web Services managed keys (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk).", + "type": "string" + }, + "targetKeyID": { + "description": "Associates the alias with the specified customer managed key (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk). The KMS key must be in the same Amazon Web Services Region. \n A valid key ID is required. If you supply a null or empty string value, this operation returns an error. \n For help finding the key ID and ARN, see Finding the Key ID and ARN (https://docs.aws.amazon.com/kms/latest/developerguide/viewing-keys.html#find-cmk-id-arn) in the Key Management Service Developer Guide . \n Specify the key ID or key ARN of the KMS key. \n For example: \n - Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab \n - Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab \n To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.", + "type": "string" + }, + "targetKeyRef": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + } + }, + "required": [ + "name" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "AliasStatus defines the observed state of Alias", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/kms.services.k8s.aws/grant_v1alpha1.json b/kms.services.k8s.aws/grant_v1alpha1.json new file mode 100644 index 00000000..bc23fcdc --- /dev/null +++ b/kms.services.k8s.aws/grant_v1alpha1.json @@ -0,0 +1,168 @@ +{ + "description": "Grant is the Schema for the Grants API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "GrantSpec defines the desired state of Grant.", + "properties": { + "constraints": { + "description": "Specifies a grant constraint. \n KMS supports the EncryptionContextEquals and EncryptionContextSubset grant constraints. Each constraint value can include up to 8 encryption context pairs. The encryption context value in each constraint cannot exceed 384 characters. For information about grant constraints, see Using grant constraints (https://docs.aws.amazon.com/kms/latest/developerguide/create-grant-overview.html#grant-constraints) in the Key Management Service Developer Guide. For more information about encryption context, see Encryption context (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#encrypt_context) in the Key Management Service Developer Guide . \n The encryption context grant constraints allow the permissions in the grant only when the encryption context in the request matches (EncryptionContextEquals) or includes (EncryptionContextSubset) the encryption context specified in this structure. \n The encryption context grant constraints are supported only on grant operations (https://docs.aws.amazon.com/kms/latest/developerguide/grants.html#terms-grant-operations) that include an EncryptionContext parameter, such as cryptographic operations on symmetric encryption KMS keys. Grants with grant constraints can include the DescribeKey and RetireGrant operations, but the constraint doesn't apply to these operations. If a grant with a grant constraint includes the CreateGrant operation, the constraint requires that any grants created with the CreateGrant permission have an equally strict or stricter encryption context constraint. \n You cannot use an encryption context grant constraint for cryptographic operations with asymmetric KMS keys or HMAC KMS keys. These keys don't support an encryption context.", + "properties": { + "encryptionContextEquals": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "encryptionContextSubset": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object", + "additionalProperties": false + }, + "grantTokens": { + "description": "A list of grant tokens. \n Use a grant token when your permission to call this operation comes from a new grant that has not yet achieved eventual consistency. For more information, see Grant token (https://docs.aws.amazon.com/kms/latest/developerguide/grants.html#grant_token) and Using a grant token (https://docs.aws.amazon.com/kms/latest/developerguide/grant-manage.html#using-grant-token) in the Key Management Service Developer Guide.", + "items": { + "type": "string" + }, + "type": "array" + }, + "granteePrincipal": { + "description": "The identity that gets the permissions specified in the grant. \n To specify the principal, use the Amazon Resource Name (ARN) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) of an Amazon Web Services principal. Valid Amazon Web Services principals include Amazon Web Services accounts (root), IAM users, IAM roles, federated users, and assumed role users. For examples of the ARN syntax to use for specifying a principal, see Amazon Web Services Identity and Access Management (IAM) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#arn-syntax-iam) in the Example ARNs section of the Amazon Web Services General Reference.", + "type": "string" + }, + "keyID": { + "description": "Identifies the KMS key for the grant. The grant gives principals permission to use this KMS key. \n Specify the key ID or key ARN of the KMS key. To specify a KMS key in a different Amazon Web Services account, you must use the key ARN. \n For example: \n - Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab \n - Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab \n To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.", + "type": "string" + }, + "keyRef": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "name": { + "description": "A friendly name for the grant. Use this value to prevent the unintended creation of duplicate grants when retrying this request. \n When this value is absent, all CreateGrant requests result in a new grant with a unique GrantId even if all the supplied parameters are identical. This can result in unintended duplicates when you retry the CreateGrant request. \n When this value is present, you can retry a CreateGrant request with identical parameters; if the grant already exists, the original GrantId is returned without creating a new grant. Note that the returned grant token is unique with every CreateGrant request, even when a duplicate GrantId is returned. All grant tokens for the same grant ID can be used interchangeably.", + "type": "string" + }, + "operations": { + "description": "A list of operations that the grant permits. \n This list must include only operations that are permitted in a grant. Also, the operation must be supported on the KMS key. For example, you cannot create a grant for a symmetric encryption KMS key that allows the Sign operation, or a grant for an asymmetric KMS key that allows the GenerateDataKey operation. If you try, KMS returns a ValidationError exception. For details, see Grant operations (https://docs.aws.amazon.com/kms/latest/developerguide/grants.html#terms-grant-operations) in the Key Management Service Developer Guide.", + "items": { + "type": "string" + }, + "type": "array" + }, + "retiringPrincipal": { + "description": "The principal that has permission to use the RetireGrant operation to retire the grant. \n To specify the principal, use the Amazon Resource Name (ARN) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) of an Amazon Web Services principal. Valid Amazon Web Services principals include Amazon Web Services accounts (root), IAM users, federated users, and assumed role users. For examples of the ARN syntax to use for specifying a principal, see Amazon Web Services Identity and Access Management (IAM) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#arn-syntax-iam) in the Example ARNs section of the Amazon Web Services General Reference. \n The grant determines the retiring principal. Other principals might have permission to retire the grant or revoke the grant. For details, see RevokeGrant and Retiring and revoking grants (https://docs.aws.amazon.com/kms/latest/developerguide/grant-manage.html#grant-delete) in the Key Management Service Developer Guide.", + "type": "string" + } + }, + "required": [ + "granteePrincipal", + "operations" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "GrantStatus defines the observed state of Grant", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "grantID": { + "description": "The unique identifier for the grant. \n You can use the GrantId in a ListGrants, RetireGrant, or RevokeGrant operation.", + "type": "string" + }, + "grantToken": { + "description": "The grant token. \n Use a grant token when your permission to call this operation comes from a new grant that has not yet achieved eventual consistency. For more information, see Grant token (https://docs.aws.amazon.com/kms/latest/developerguide/grants.html#grant_token) and Using a grant token (https://docs.aws.amazon.com/kms/latest/developerguide/grant-manage.html#using-grant-token) in the Key Management Service Developer Guide.", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/kms.services.k8s.aws/key_v1alpha1.json b/kms.services.k8s.aws/key_v1alpha1.json new file mode 100644 index 00000000..f4d767d0 --- /dev/null +++ b/kms.services.k8s.aws/key_v1alpha1.json @@ -0,0 +1,250 @@ +{ + "description": "Key is the Schema for the Keys API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "KeySpec defines the desired state of Key.", + "properties": { + "bypassPolicyLockoutSafetyCheck": { + "description": "A flag to indicate whether to bypass the key policy lockout safety check. \n Setting this value to true increases the risk that the KMS key becomes unmanageable. Do not set this value to true indiscriminately. \n For more information, refer to the scenario in the Default Key Policy (https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam) section in the Key Management Service Developer Guide . \n Use this parameter only when you include a policy in the request and you intend to prevent the principal that is making the request from making a subsequent PutKeyPolicy request on the KMS key. \n The default value is false.", + "type": "boolean" + }, + "customKeyStoreID": { + "description": "Creates the KMS key in the specified custom key store (https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html) and the key material in its associated CloudHSM cluster. To create a KMS key in a custom key store, you must also specify the Origin parameter with a value of AWS_CLOUDHSM. The CloudHSM cluster that is associated with the custom key store must have at least two active HSMs, each in a different Availability Zone in the Region. \n This parameter is valid only for symmetric encryption KMS keys in a single Region. You cannot create any other type of KMS key in a custom key store. \n To find the ID of a custom key store, use the DescribeCustomKeyStores operation. \n The response includes the custom key store ID and the ID of the CloudHSM cluster. \n This operation is part of the custom key store feature (https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html) feature in KMS, which combines the convenience and extensive integration of KMS with the isolation and control of a single-tenant key store.", + "type": "string" + }, + "description": { + "description": "A description of the KMS key. \n Use a description that helps you decide whether the KMS key is appropriate for a task. The default value is an empty string (no description). \n To set or change the description after the key is created, use UpdateKeyDescription.", + "type": "string" + }, + "enableKeyRotation": { + "type": "boolean" + }, + "keySpec": { + "description": "Specifies the type of KMS key to create. The default value, SYMMETRIC_DEFAULT, creates a KMS key with a 256-bit AES-GCM key that is used for encryption and decryption, except in China Regions, where it creates a 128-bit symmetric key that uses SM4 encryption. For help choosing a key spec for your KMS key, see Choosing a KMS key type (https://docs.aws.amazon.com/kms/latest/developerguide/key-types.html#symm-asymm-choose) in the Key Management Service Developer Guide . \n The KeySpec determines whether the KMS key contains a symmetric key or an asymmetric key pair. It also determines the cryptographic algorithms that the KMS key supports. You can't change the KeySpec after the KMS key is created. To further restrict the algorithms that can be used with the KMS key, use a condition key in its key policy or IAM policy. For more information, see kms:EncryptionAlgorithm (https://docs.aws.amazon.com/kms/latest/developerguide/policy-conditions.html#conditions-kms-encryption-algorithm), kms:MacAlgorithm (https://docs.aws.amazon.com/kms/latest/developerguide/policy-conditions.html#conditions-kms-mac-algorithm) or kms:Signing Algorithm (https://docs.aws.amazon.com/kms/latest/developerguide/policy-conditions.html#conditions-kms-signing-algorithm) in the Key Management Service Developer Guide . \n Amazon Web Services services that are integrated with KMS (http://aws.amazon.com/kms/features/#AWS_Service_Integration) use symmetric encryption KMS keys to protect your data. These services do not support asymmetric KMS keys or HMAC KMS keys. \n KMS supports the following key specs for KMS keys: \n - Symmetric encryption key (default) SYMMETRIC_DEFAULT \n - HMAC keys (symmetric) HMAC_224 HMAC_256 HMAC_384 HMAC_512 \n - Asymmetric RSA key pairs RSA_2048 RSA_3072 RSA_4096 \n - Asymmetric NIST-recommended elliptic curve key pairs ECC_NIST_P256 (secp256r1) ECC_NIST_P384 (secp384r1) ECC_NIST_P521 (secp521r1) \n - Other asymmetric elliptic curve key pairs ECC_SECG_P256K1 (secp256k1), commonly used for cryptocurrencies. \n - SM2 key pairs (China Regions only) SM2", + "type": "string" + }, + "keyUsage": { + "description": "Determines the cryptographic operations (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations) for which you can use the KMS key. The default value is ENCRYPT_DECRYPT. This parameter is optional when you are creating a symmetric encryption KMS key; otherwise, it is required. You can't change the KeyUsage value after the KMS key is created. \n Select only one valid value. \n - For symmetric encryption KMS keys, omit the parameter or specify ENCRYPT_DECRYPT. \n - For HMAC KMS keys (symmetric), specify GENERATE_VERIFY_MAC. \n - For asymmetric KMS keys with RSA key material, specify ENCRYPT_DECRYPT or SIGN_VERIFY. \n - For asymmetric KMS keys with ECC key material, specify SIGN_VERIFY. \n - For asymmetric KMS keys with SM2 key material (China Regions only), specify ENCRYPT_DECRYPT or SIGN_VERIFY.", + "type": "string" + }, + "multiRegion": { + "description": "Creates a multi-Region primary key that you can replicate into other Amazon Web Services Regions. You cannot change this value after you create the KMS key. \n For a multi-Region key, set this parameter to True. For a single-Region KMS key, omit this parameter or set it to False. The default value is False. \n This operation supports multi-Region keys, an KMS feature that lets you create multiple interoperable KMS keys in different Amazon Web Services Regions. Because these KMS keys have the same key ID, key material, and other metadata, you can use them interchangeably to encrypt data in one Amazon Web Services Region and decrypt it in a different Amazon Web Services Region without re-encrypting the data or making a cross-Region call. For more information about multi-Region keys, see Multi-Region keys in KMS (https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html) in the Key Management Service Developer Guide. \n This value creates a primary key, not a replica. To create a replica key, use the ReplicateKey operation. \n You can create a multi-Region version of a symmetric encryption KMS key, an HMAC KMS key, an asymmetric KMS key, or a KMS key with imported key material. However, you cannot create a multi-Region key in a custom key store.", + "type": "boolean" + }, + "origin": { + "description": "The source of the key material for the KMS key. You cannot change the origin after you create the KMS key. The default is AWS_KMS, which means that KMS creates the key material. \n To create a KMS key with no key material (for imported key material), set the value to EXTERNAL. For more information about importing key material into KMS, see Importing Key Material (https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html) in the Key Management Service Developer Guide. This value is valid only for symmetric encryption KMS keys. \n To create a KMS key in an KMS custom key store (https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html) and create its key material in the associated CloudHSM cluster, set this value to AWS_CLOUDHSM. You must also use the CustomKeyStoreId parameter to identify the custom key store. This value is valid only for symmetric encryption KMS keys.", + "type": "string" + }, + "policy": { + "description": "The key policy to attach to the KMS key. If you do not specify a key policy, KMS attaches a default key policy to the KMS key. For more information, see Default key policy (https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default) in the Key Management Service Developer Guide. \n If you provide a key policy, it must meet the following criteria: \n - If you don't set BypassPolicyLockoutSafetyCheck to True, the key policy must allow the principal that is making the CreateKey request to make a subsequent PutKeyPolicy request on the KMS key. This reduces the risk that the KMS key becomes unmanageable. For more information, refer to the scenario in the Default Key Policy (https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam) section of the Key Management Service Developer Guide . \n - Each statement in the key policy must contain one or more principals. The principals in the key policy must exist and be visible to KMS. When you create a new Amazon Web Services principal (for example, an IAM user or role), you might need to enforce a delay before including the new principal in a key policy because the new principal might not be immediately visible to KMS. For more information, see Changes that I make are not always immediately visible (https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_eventual-consistency) in the Amazon Web Services Identity and Access Management User Guide. \n A key policy document can include only the following characters: \n - Printable ASCII characters from the space character (\\u0020) through the end of the ASCII character range. \n - Printable characters in the Basic Latin and Latin-1 Supplement character set (through \\u00FF). \n - The tab (\\u0009), line feed (\\u000A), and carriage return (\\u000D) special characters \n For information about key policies, see Key policies in KMS (https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html) in the Key Management Service Developer Guide. For help writing and formatting a JSON policy document, see the IAM JSON Policy Reference (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies.html) in the Identity and Access Management User Guide .", + "type": "string" + }, + "tags": { + "description": "Assigns one or more tags to the KMS key. Use this parameter to tag the KMS key when it is created. To tag an existing KMS key, use the TagResource operation. \n Tagging or untagging a KMS key can allow or deny permission to the KMS key. For details, see ABAC in KMS (https://docs.aws.amazon.com/kms/latest/developerguide/abac.html) in the Key Management Service Developer Guide. \n To use this parameter, you must have kms:TagResource (https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html) permission in an IAM policy. \n Each tag consists of a tag key and a tag value. Both the tag key and the tag value are required, but the tag value can be an empty (null) string. You cannot have more than one tag on a KMS key with the same tag key. If you specify an existing tag key with a different tag value, KMS replaces the current tag value with the specified one. \n When you add tags to an Amazon Web Services resource, Amazon Web Services generates a cost allocation report with usage and costs aggregated by tags. Tags can also be used to control access to a KMS key. For details, see Tagging Keys (https://docs.aws.amazon.com/kms/latest/developerguide/tagging-keys.html).", + "items": { + "description": "A key-value pair. A tag consists of a tag key and a tag value. Tag keys and tag values are both required, but tag values can be empty (null) strings. \n For information about the rules that apply to tag keys and tag values, see User-Defined Tag Restrictions (https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/allocation-tag-restrictions.html) in the Amazon Web Services Billing and Cost Management User Guide.", + "properties": { + "tagKey": { + "type": "string" + }, + "tagValue": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "KeyStatus defines the observed state of Key", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "awsAccountID": { + "description": "The twelve-digit account ID of the Amazon Web Services account that owns the KMS key.", + "type": "string" + }, + "cloudHsmClusterID": { + "description": "The cluster ID of the CloudHSM cluster that contains the key material for the KMS key. When you create a KMS key in a custom key store (https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html), KMS creates the key material for the KMS key in the associated CloudHSM cluster. This value is present only when the KMS key is created in a custom key store.", + "type": "string" + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "creationDate": { + "description": "The date and time when the KMS key was created.", + "format": "date-time", + "type": "string" + }, + "deletionDate": { + "description": "The date and time after which KMS deletes this KMS key. This value is present only when the KMS key is scheduled for deletion, that is, when its KeyState is PendingDeletion. \n When the primary key in a multi-Region key is scheduled for deletion but still has replica keys, its key state is PendingReplicaDeletion and the length of its waiting period is displayed in the PendingDeletionWindowInDays field.", + "format": "date-time", + "type": "string" + }, + "enabled": { + "description": "Specifies whether the KMS key is enabled. When KeyState is Enabled this value is true, otherwise it is false.", + "type": "boolean" + }, + "encryptionAlgorithms": { + "description": "The encryption algorithms that the KMS key supports. You cannot use the KMS key with other encryption algorithms within KMS. \n This value is present only when the KeyUsage of the KMS key is ENCRYPT_DECRYPT.", + "items": { + "type": "string" + }, + "type": "array" + }, + "expirationModel": { + "description": "Specifies whether the KMS key's key material expires. This value is present only when Origin is EXTERNAL, otherwise this value is omitted.", + "type": "string" + }, + "keyID": { + "description": "The globally unique identifier for the KMS key.", + "type": "string" + }, + "keyManager": { + "description": "The manager of the KMS key. KMS keys in your Amazon Web Services account are either customer managed or Amazon Web Services managed. For more information about the difference, see KMS keys (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#kms_keys) in the Key Management Service Developer Guide.", + "type": "string" + }, + "keyState": { + "description": "The current status of the KMS key. \n For more information about how key state affects the use of a KMS key, see Key states of KMS keys (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) in the Key Management Service Developer Guide.", + "type": "string" + }, + "macAlgorithms": { + "description": "The message authentication code (MAC) algorithm that the HMAC KMS key supports. \n This value is present only when the KeyUsage of the KMS key is GENERATE_VERIFY_MAC.", + "items": { + "type": "string" + }, + "type": "array" + }, + "multiRegionConfiguration": { + "description": "Lists the primary and replica keys in same multi-Region key. This field is present only when the value of the MultiRegion field is True. \n For more information about any listed KMS key, use the DescribeKey operation. \n * MultiRegionKeyType indicates whether the KMS key is a PRIMARY or REPLICA key. \n * PrimaryKey displays the key ARN and Region of the primary key. This field displays the current KMS key if it is the primary key. \n * ReplicaKeys displays the key ARNs and Regions of all replica keys. This field includes the current KMS key if it is a replica key.", + "properties": { + "multiRegionKeyType": { + "type": "string" + }, + "primaryKey": { + "description": "Describes the primary or replica key in a multi-Region key.", + "properties": { + "arn": { + "type": "string" + }, + "region": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "replicaKeys": { + "items": { + "description": "Describes the primary or replica key in a multi-Region key.", + "properties": { + "arn": { + "type": "string" + }, + "region": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "pendingDeletionWindowInDays": { + "description": "The waiting period before the primary key in a multi-Region key is deleted. This waiting period begins when the last of its replica keys is deleted. This value is present only when the KeyState of the KMS key is PendingReplicaDeletion. That indicates that the KMS key is the primary key in a multi-Region key, it is scheduled for deletion, and it still has existing replica keys. \n When a single-Region KMS key or a multi-Region replica key is scheduled for deletion, its deletion date is displayed in the DeletionDate field. However, when the primary key in a multi-Region key is scheduled for deletion, its waiting period doesn't begin until all of its replica keys are deleted. This value displays that waiting period. When the last replica key in the multi-Region key is deleted, the KeyState of the scheduled primary key changes from PendingReplicaDeletion to PendingDeletion and the deletion date appears in the DeletionDate field.", + "format": "int64", + "type": "integer" + }, + "signingAlgorithms": { + "description": "The signing algorithms that the KMS key supports. You cannot use the KMS key with other signing algorithms within KMS. \n This field appears only when the KeyUsage of the KMS key is SIGN_VERIFY.", + "items": { + "type": "string" + }, + "type": "array" + }, + "validTo": { + "description": "The time at which the imported key material expires. When the key material expires, KMS deletes the key material and the KMS key becomes unusable. This value is present only for KMS keys whose Origin is EXTERNAL and whose ExpirationModel is KEY_MATERIAL_EXPIRES, otherwise this value is omitted.", + "format": "date-time", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/lambda.services.k8s.aws/alias_v1alpha1.json b/lambda.services.k8s.aws/alias_v1alpha1.json new file mode 100644 index 00000000..c359f69a --- /dev/null +++ b/lambda.services.k8s.aws/alias_v1alpha1.json @@ -0,0 +1,143 @@ +{ + "description": "Alias is the Schema for the Aliases API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "properties": { + "description": { + "description": "A description of the alias.", + "type": "string" + }, + "functionName": { + "description": "The name of the Lambda function. \n Name formats \n - Function name - MyFunction. \n - Function ARN - arn:aws:lambda:us-west-2:123456789012:function:MyFunction. \n - Partial ARN - 123456789012:function:MyFunction. \n The length constraint applies only to the full ARN. If you specify only the function name, it is limited to 64 characters in length.", + "type": "string" + }, + "functionRef": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "functionVersion": { + "description": "The function version that the alias invokes.", + "type": "string" + }, + "name": { + "description": "The name of the alias.", + "type": "string" + }, + "routingConfig": { + "description": "The routing configuration (https://docs.aws.amazon.com/lambda/latest/dg/configuration-aliases.html#configuring-alias-routing) of the alias.", + "properties": { + "additionalVersionWeights": { + "additionalProperties": { + "type": "number" + }, + "type": "object" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "required": [ + "functionVersion", + "name" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "AliasStatus defines the observed state of Alias", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "revisionID": { + "description": "A unique identifier that changes when you update the alias.", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/lambda.services.k8s.aws/codesigningconfig_v1alpha1.json b/lambda.services.k8s.aws/codesigningconfig_v1alpha1.json new file mode 100644 index 00000000..f1036dad --- /dev/null +++ b/lambda.services.k8s.aws/codesigningconfig_v1alpha1.json @@ -0,0 +1,128 @@ +{ + "description": "CodeSigningConfig is the Schema for the CodeSigningConfigs API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "CodeSigningConfigSpec defines the desired state of CodeSigningConfig. \n Details about a Code signing configuration (https://docs.aws.amazon.com/lambda/latest/dg/configuration-codesigning.html).", + "properties": { + "allowedPublishers": { + "description": "Signing profiles for this code signing configuration.", + "properties": { + "signingProfileVersionARNs": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "codeSigningPolicies": { + "description": "The code signing policies define the actions to take if the validation checks fail.", + "properties": { + "untrustedArtifactOnDeployment": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "description": { + "description": "Descriptive name for this code signing configuration.", + "type": "string" + } + }, + "required": [ + "allowedPublishers" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "CodeSigningConfigStatus defines the observed state of CodeSigningConfig", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "codeSigningConfigID": { + "description": "Unique identifer for the Code signing configuration.", + "type": "string" + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "lastModified": { + "description": "The date and time that the Code signing configuration was last modified, in ISO-8601 format (YYYY-MM-DDThh:mm:ss.sTZD).", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/lambda.services.k8s.aws/eventsourcemapping_v1alpha1.json b/lambda.services.k8s.aws/eventsourcemapping_v1alpha1.json new file mode 100644 index 00000000..3b2aaa8c --- /dev/null +++ b/lambda.services.k8s.aws/eventsourcemapping_v1alpha1.json @@ -0,0 +1,339 @@ +{ + "description": "EventSourceMapping is the Schema for the EventSourceMappings API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "EventSourceMappingSpec defines the desired state of EventSourceMapping.", + "properties": { + "amazonManagedKafkaEventSourceConfig": { + "description": "Specific configuration settings for an Amazon Managed Streaming for Apache Kafka (Amazon MSK) event source.", + "properties": { + "consumerGroupID": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "batchSize": { + "description": "The maximum number of records in each batch that Lambda pulls from your stream or queue and sends to your function. Lambda passes all of the records in the batch to the function in a single call, up to the payload limit for synchronous invocation (6 MB). \n - Amazon Kinesis \u2013 Default 100. Max 10,000. \n - Amazon DynamoDB Streams \u2013 Default 100. Max 10,000. \n - Amazon Simple Queue Service \u2013 Default 10. For standard queues the max is 10,000. For FIFO queues the max is 10. \n - Amazon Managed Streaming for Apache Kafka \u2013 Default 100. Max 10,000. \n - Self-managed Apache Kafka \u2013 Default 100. Max 10,000. \n - Amazon MQ (ActiveMQ and RabbitMQ) \u2013 Default 100. Max 10,000.", + "format": "int64", + "type": "integer" + }, + "bisectBatchOnFunctionError": { + "description": "(Streams only) If the function returns an error, split the batch in two and retry.", + "type": "boolean" + }, + "destinationConfig": { + "description": "(Streams only) An Amazon SQS queue or Amazon SNS topic destination for discarded records.", + "properties": { + "onFailure": { + "description": "A destination for events that failed processing.", + "properties": { + "destination": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "onSuccess": { + "description": "A destination for events that were processed successfully.", + "properties": { + "destination": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "enabled": { + "description": "When true, the event source mapping is active. When false, Lambda pauses polling and invocation. \n Default: True", + "type": "boolean" + }, + "eventSourceARN": { + "description": "The Amazon Resource Name (ARN) of the event source. \n - Amazon Kinesis \u2013 The ARN of the data stream or a stream consumer. \n - Amazon DynamoDB Streams \u2013 The ARN of the stream. \n - Amazon Simple Queue Service \u2013 The ARN of the queue. \n - Amazon Managed Streaming for Apache Kafka \u2013 The ARN of the cluster. \n - Amazon MQ \u2013 The ARN of the broker.", + "type": "string" + }, + "filterCriteria": { + "description": "An object that defines the filter criteria that determine whether Lambda should process an event. For more information, see Lambda event filtering (https://docs.aws.amazon.com/lambda/latest/dg/invocation-eventfiltering.html).", + "properties": { + "filters": { + "items": { + "description": "A structure within a FilterCriteria object that defines an event filtering pattern.", + "properties": { + "pattern": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "functionName": { + "description": "The name of the Lambda function. \n Name formats \n - Function name \u2013 MyFunction. \n - Function ARN \u2013 arn:aws:lambda:us-west-2:123456789012:function:MyFunction. \n - Version or Alias ARN \u2013 arn:aws:lambda:us-west-2:123456789012:function:MyFunction:PROD. \n - Partial ARN \u2013 123456789012:function:MyFunction. \n The length constraint applies only to the full ARN. If you specify only the function name, it's limited to 64 characters in length.", + "type": "string" + }, + "functionRef": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "functionResponseTypes": { + "description": "(Streams and Amazon SQS) A list of current response type enums applied to the event source mapping.", + "items": { + "type": "string" + }, + "type": "array" + }, + "maximumBatchingWindowInSeconds": { + "description": "The maximum amount of time, in seconds, that Lambda spends gathering records before invoking the function. You can configure MaximumBatchingWindowInSeconds to any value from 0 seconds to 300 seconds in increments of seconds. \n For streams and Amazon SQS event sources, the default batching window is 0 seconds. For Amazon MSK, Self-managed Apache Kafka, and Amazon MQ event sources, the default batching window is 500 ms. Note that because you can only change MaximumBatchingWindowInSeconds in increments of seconds, you cannot revert back to the 500 ms default batching window after you have changed it. To restore the default batching window, you must create a new event source mapping. \n Related setting: For streams and Amazon SQS event sources, when you set BatchSize to a value greater than 10, you must set MaximumBatchingWindowInSeconds to at least 1.", + "format": "int64", + "type": "integer" + }, + "maximumRecordAgeInSeconds": { + "description": "(Streams only) Discard records older than the specified age. The default value is infinite (-1).", + "format": "int64", + "type": "integer" + }, + "maximumRetryAttempts": { + "description": "(Streams only) Discard records after the specified number of retries. The default value is infinite (-1). When set to infinite (-1), failed records are retried until the record expires.", + "format": "int64", + "type": "integer" + }, + "parallelizationFactor": { + "description": "(Streams only) The number of batches to process from each shard concurrently.", + "format": "int64", + "type": "integer" + }, + "queueRefs": { + "items": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "queues": { + "description": "(MQ) The name of the Amazon MQ broker destination queue to consume.", + "items": { + "type": "string" + }, + "type": "array" + }, + "scalingConfig": { + "description": "(Amazon SQS only) The scaling configuration for the event source. For more information, see Configuring maximum concurrency for Amazon SQS event sources (https://docs.aws.amazon.com/lambda/latest/dg/with-sqs.html#events-sqs-max-concurrency).", + "properties": { + "maximumConcurrency": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + }, + "selfManagedEventSource": { + "description": "The self-managed Apache Kafka cluster to receive records from.", + "properties": { + "endpoints": { + "additionalProperties": { + "items": { + "type": "string" + }, + "type": "array" + }, + "type": "object" + } + }, + "type": "object", + "additionalProperties": false + }, + "selfManagedKafkaEventSourceConfig": { + "description": "Specific configuration settings for a self-managed Apache Kafka event source.", + "properties": { + "consumerGroupID": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "sourceAccessConfigurations": { + "description": "An array of authentication protocols or VPC components required to secure your event source.", + "items": { + "description": "To secure and define access to your event source, you can specify the authentication protocol, VPC components, or virtual host.", + "properties": { + "type_": { + "type": "string" + }, + "uRI": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "startingPosition": { + "description": "The position in a stream from which to start reading. Required for Amazon Kinesis, Amazon DynamoDB, and Amazon MSK Streams sources. AT_TIMESTAMP is supported only for Amazon Kinesis streams.", + "type": "string" + }, + "startingPositionTimestamp": { + "description": "With StartingPosition set to AT_TIMESTAMP, the time from which to start reading.", + "format": "date-time", + "type": "string" + }, + "topics": { + "description": "The name of the Kafka topic.", + "items": { + "type": "string" + }, + "type": "array" + }, + "tumblingWindowInSeconds": { + "description": "(Streams only) The duration in seconds of a processing window. The range is between 1 second and 900 seconds.", + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "EventSourceMappingStatus defines the observed state of EventSourceMapping", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "functionARN": { + "description": "The ARN of the Lambda function.", + "type": "string" + }, + "lastModified": { + "description": "The date that the event source mapping was last updated or that its state changed.", + "format": "date-time", + "type": "string" + }, + "lastProcessingResult": { + "description": "The result of the last Lambda invocation of your function.", + "type": "string" + }, + "state": { + "description": "The state of the event source mapping. It can be one of the following: Creating, Enabling, Enabled, Disabling, Disabled, Updating, or Deleting.", + "type": "string" + }, + "stateTransitionReason": { + "description": "Indicates whether a user or Lambda made the last change to the event source mapping.", + "type": "string" + }, + "uuid": { + "description": "The identifier of the event source mapping.", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/lambda.services.k8s.aws/function_v1alpha1.json b/lambda.services.k8s.aws/function_v1alpha1.json new file mode 100644 index 00000000..e76bde7c --- /dev/null +++ b/lambda.services.k8s.aws/function_v1alpha1.json @@ -0,0 +1,548 @@ +{ + "description": "Function is the Schema for the Functions API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "FunctionSpec defines the desired state of Function.", + "properties": { + "architectures": { + "description": "The instruction set architecture that the function supports. Enter a string array with one of the valid values (arm64 or x86_64). The default value is x86_64.", + "items": { + "type": "string" + }, + "type": "array" + }, + "code": { + "description": "The code for the function.", + "properties": { + "imageURI": { + "type": "string" + }, + "s3Bucket": { + "type": "string" + }, + "s3BucketRef": { + "description": "Reference field for S3Bucket", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "s3Key": { + "type": "string" + }, + "s3ObjectVersion": { + "type": "string" + }, + "zipFile": { + "format": "byte", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "codeSigningConfigARN": { + "description": "To enable code signing for this function, specify the ARN of a code-signing configuration. A code-signing configuration includes a set of signing profiles, which define the trusted publishers for this function.", + "type": "string" + }, + "deadLetterConfig": { + "description": "A dead-letter queue configuration that specifies the queue or topic where Lambda sends asynchronous events when they fail processing. For more information, see Dead-letter queues (https://docs.aws.amazon.com/lambda/latest/dg/invocation-async.html#invocation-dlq).", + "properties": { + "targetARN": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "description": { + "description": "A description of the function.", + "type": "string" + }, + "environment": { + "description": "Environment variables that are accessible from function code during execution.", + "properties": { + "variables": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object", + "additionalProperties": false + }, + "ephemeralStorage": { + "description": "The size of the function's /tmp directory in MB. The default value is 512, but can be any whole number between 512 and 10,240 MB.", + "properties": { + "size": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + }, + "fileSystemConfigs": { + "description": "Connection settings for an Amazon EFS file system.", + "items": { + "description": "Details about the connection between a Lambda function and an Amazon EFS file system (https://docs.aws.amazon.com/lambda/latest/dg/configuration-filesystem.html).", + "properties": { + "arn": { + "type": "string" + }, + "localMountPath": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "functionEventInvokeConfig": { + "properties": { + "destinationConfig": { + "description": "A configuration object that specifies the destination of an event after Lambda processes it.", + "properties": { + "onFailure": { + "description": "A destination for events that failed processing.", + "properties": { + "destination": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "onSuccess": { + "description": "A destination for events that were processed successfully.", + "properties": { + "destination": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "functionName": { + "type": "string" + }, + "maximumEventAgeInSeconds": { + "format": "int64", + "type": "integer" + }, + "maximumRetryAttempts": { + "format": "int64", + "type": "integer" + }, + "qualifier": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "handler": { + "description": "The name of the method within your code that Lambda calls to run your function. Handler is required if the deployment package is a .zip file archive. The format includes the file name. It can also include namespaces and other qualifiers, depending on the runtime. For more information, see Lambda programming model (https://docs.aws.amazon.com/lambda/latest/dg/foundation-progmodel.html).", + "type": "string" + }, + "imageConfig": { + "description": "Container image configuration values (https://docs.aws.amazon.com/lambda/latest/dg/configuration-images.html#configuration-images-settings) that override the values in the container image Dockerfile.", + "properties": { + "command": { + "items": { + "type": "string" + }, + "type": "array" + }, + "entryPoint": { + "items": { + "type": "string" + }, + "type": "array" + }, + "workingDirectory": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "kmsKeyARN": { + "description": "The ARN of the Key Management Service (KMS) key that's used to encrypt your function's environment variables. If it's not provided, Lambda uses a default service key.", + "type": "string" + }, + "kmsKeyRef": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "layers": { + "description": "A list of function layers (https://docs.aws.amazon.com/lambda/latest/dg/configuration-layers.html) to add to the function's execution environment. Specify each layer by its ARN, including the version.", + "items": { + "type": "string" + }, + "type": "array" + }, + "memorySize": { + "description": "The amount of memory available to the function (https://docs.aws.amazon.com/lambda/latest/dg/configuration-function-common.html#configuration-memory-console) at runtime. Increasing the function memory also increases its CPU allocation. The default value is 128 MB. The value can be any multiple of 1 MB.", + "format": "int64", + "type": "integer" + }, + "name": { + "description": "The name of the Lambda function. \n Name formats \n - Function name \u2013 my-function. \n - Function ARN \u2013 arn:aws:lambda:us-west-2:123456789012:function:my-function. \n - Partial ARN \u2013 123456789012:function:my-function. \n The length constraint applies only to the full ARN. If you specify only the function name, it is limited to 64 characters in length.", + "type": "string" + }, + "packageType": { + "description": "The type of deployment package. Set to Image for container image and set to Zip for .zip file archive.", + "type": "string" + }, + "publish": { + "description": "Set to true to publish the first version of the function during creation.", + "type": "boolean" + }, + "reservedConcurrentExecutions": { + "description": "The number of simultaneous executions to reserve for the function.", + "format": "int64", + "type": "integer" + }, + "role": { + "description": "The Amazon Resource Name (ARN) of the function's execution role.", + "type": "string" + }, + "runtime": { + "description": "The identifier of the function's runtime (https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html). Runtime is required if the deployment package is a .zip file archive.", + "type": "string" + }, + "snapStart": { + "description": "The function's SnapStart (https://docs.aws.amazon.com/lambda/latest/dg/snapstart.html) setting.", + "properties": { + "applyOn": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "tags": { + "additionalProperties": { + "type": "string" + }, + "description": "A list of tags (https://docs.aws.amazon.com/lambda/latest/dg/tagging.html) to apply to the function.", + "type": "object" + }, + "timeout": { + "description": "The amount of time (in seconds) that Lambda allows a function to run before stopping it. The default is 3 seconds. The maximum allowed value is 900 seconds. For more information, see Lambda execution environment (https://docs.aws.amazon.com/lambda/latest/dg/runtimes-context.html).", + "format": "int64", + "type": "integer" + }, + "tracingConfig": { + "description": "Set Mode to Active to sample and trace a subset of incoming requests with X-Ray (https://docs.aws.amazon.com/lambda/latest/dg/services-xray.html).", + "properties": { + "mode": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "vpcConfig": { + "description": "For network connectivity to Amazon Web Services resources in a VPC, specify a list of security groups and subnets in the VPC. When you connect a function to a VPC, it can access resources and the internet only through that VPC. For more information, see Configuring a Lambda function to access resources in a VPC (https://docs.aws.amazon.com/lambda/latest/dg/configuration-vpc.html).", + "properties": { + "securityGroupIDs": { + "items": { + "type": "string" + }, + "type": "array" + }, + "securityGroupRefs": { + "description": "Reference field for SecurityGroupIDs", + "items": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "subnetIDs": { + "items": { + "type": "string" + }, + "type": "array" + }, + "subnetRefs": { + "description": "Reference field for SubnetIDs", + "items": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "required": [ + "code", + "name", + "role" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "FunctionStatus defines the observed state of Function", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "codeSHA256": { + "description": "The SHA256 hash of the function's deployment package.", + "type": "string" + }, + "codeSize": { + "description": "The size of the function's deployment package, in bytes.", + "format": "int64", + "type": "integer" + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "imageConfigResponse": { + "description": "The function's image configuration values.", + "properties": { + "error": { + "description": "Error response to GetFunctionConfiguration.", + "properties": { + "errorCode": { + "type": "string" + }, + "message": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "imageConfig": { + "description": "Configuration values that override the container image Dockerfile settings. For more information, see Container image settings (https://docs.aws.amazon.com/lambda/latest/dg/images-create.html#images-parms).", + "properties": { + "command": { + "items": { + "type": "string" + }, + "type": "array" + }, + "entryPoint": { + "items": { + "type": "string" + }, + "type": "array" + }, + "workingDirectory": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "lastModified": { + "description": "The date and time that the function was last updated, in ISO-8601 format (https://www.w3.org/TR/NOTE-datetime) (YYYY-MM-DDThh:mm:ss.sTZD).", + "type": "string" + }, + "lastUpdateStatus": { + "description": "The status of the last update that was performed on the function. This is first set to Successful after function creation completes.", + "type": "string" + }, + "lastUpdateStatusReason": { + "description": "The reason for the last update that was performed on the function.", + "type": "string" + }, + "lastUpdateStatusReasonCode": { + "description": "The reason code for the last update that was performed on the function.", + "type": "string" + }, + "layerStatuses": { + "description": "The function's layers (https://docs.aws.amazon.com/lambda/latest/dg/configuration-layers.html).", + "items": { + "description": "An Lambda layer (https://docs.aws.amazon.com/lambda/latest/dg/configuration-layers.html).", + "properties": { + "arn": { + "type": "string" + }, + "codeSize": { + "format": "int64", + "type": "integer" + }, + "signingJobARN": { + "type": "string" + }, + "signingProfileVersionARN": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "masterARN": { + "description": "For Lambda@Edge functions, the ARN of the main function.", + "type": "string" + }, + "revisionID": { + "description": "The latest updated revision of the function or alias.", + "type": "string" + }, + "signingJobARN": { + "description": "The ARN of the signing job.", + "type": "string" + }, + "signingProfileVersionARN": { + "description": "The ARN of the signing profile version.", + "type": "string" + }, + "state": { + "description": "The current state of the function. When the state is Inactive, you can reactivate the function by invoking it.", + "type": "string" + }, + "stateReason": { + "description": "The reason for the function's current state.", + "type": "string" + }, + "stateReasonCode": { + "description": "The reason code for the function's current state. When the code is Creating, you can't invoke or modify the function.", + "type": "string" + }, + "version": { + "description": "The version of the Lambda function.", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/lambda.services.k8s.aws/functionurlconfig_v1alpha1.json b/lambda.services.k8s.aws/functionurlconfig_v1alpha1.json new file mode 100644 index 00000000..95c30e3d --- /dev/null +++ b/lambda.services.k8s.aws/functionurlconfig_v1alpha1.json @@ -0,0 +1,172 @@ +{ + "description": "FunctionURLConfig is the Schema for the FunctionURLConfigs API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "FunctionUrlConfigSpec defines the desired state of FunctionUrlConfig. \n Details about a Lambda function URL.", + "properties": { + "authType": { + "description": "The type of authentication that your function URL uses. Set to AWS_IAM if you want to restrict access to authenticated IAM users only. Set to NONE if you want to bypass IAM authentication to create a public endpoint. For more information, see Security and auth model for Lambda function URLs (https://docs.aws.amazon.com/lambda/latest/dg/urls-auth.html).", + "type": "string" + }, + "cors": { + "description": "The cross-origin resource sharing (CORS) (https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS) settings for your function URL.", + "properties": { + "allowCredentials": { + "type": "boolean" + }, + "allowHeaders": { + "items": { + "type": "string" + }, + "type": "array" + }, + "allowMethods": { + "items": { + "type": "string" + }, + "type": "array" + }, + "allowOrigins": { + "items": { + "type": "string" + }, + "type": "array" + }, + "exposeHeaders": { + "items": { + "type": "string" + }, + "type": "array" + }, + "maxAge": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + }, + "functionName": { + "description": "The name of the Lambda function. \n Name formats \n - Function name \u2013 my-function. \n - Function ARN \u2013 arn:aws:lambda:us-west-2:123456789012:function:my-function. \n - Partial ARN \u2013 123456789012:function:my-function. \n The length constraint applies only to the full ARN. If you specify only the function name, it is limited to 64 characters in length.", + "type": "string" + }, + "functionRef": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "qualifier": { + "description": "The alias name.", + "type": "string" + } + }, + "required": [ + "authType" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "FunctionURLConfigStatus defines the observed state of FunctionURLConfig", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "creationTime": { + "description": "When the function URL was created, in ISO-8601 format (https://www.w3.org/TR/NOTE-datetime) (YYYY-MM-DDThh:mm:ss.sTZD).", + "type": "string" + }, + "functionARN": { + "description": "The Amazon Resource Name (ARN) of your function.", + "type": "string" + }, + "functionURL": { + "description": "The HTTP URL endpoint for your function.", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/lambda.services.k8s.aws/layerversion_v1alpha1.json b/lambda.services.k8s.aws/layerversion_v1alpha1.json new file mode 100644 index 00000000..2d42ccee --- /dev/null +++ b/lambda.services.k8s.aws/layerversion_v1alpha1.json @@ -0,0 +1,153 @@ +{ + "description": "LayerVersion is the Schema for the LayerVersions API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "LayerVersionSpec defines the desired state of LayerVersion.", + "properties": { + "compatibleArchitectures": { + "description": "A list of compatible instruction set architectures (https://docs.aws.amazon.com/lambda/latest/dg/foundation-arch.html).", + "items": { + "type": "string" + }, + "type": "array" + }, + "compatibleRuntimes": { + "description": "A list of compatible function runtimes (https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html). Used for filtering with ListLayers and ListLayerVersions.", + "items": { + "type": "string" + }, + "type": "array" + }, + "content": { + "description": "The function layer archive.", + "properties": { + "s3Bucket": { + "type": "string" + }, + "s3Key": { + "type": "string" + }, + "s3ObjectVersion": { + "type": "string" + }, + "zipFile": { + "format": "byte", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "description": { + "description": "The description of the version.", + "type": "string" + }, + "layerName": { + "description": "The name or Amazon Resource Name (ARN) of the layer.", + "type": "string" + }, + "licenseInfo": { + "description": "The layer's software license. It can be any of the following: \n - An SPDX license identifier (https://spdx.org/licenses/). For example, MIT. \n - The URL of a license hosted on the internet. For example, https://opensource.org/licenses/MIT. \n - The full text of the license.", + "type": "string" + } + }, + "required": [ + "content", + "layerName" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "LayerVersionStatus defines the observed state of LayerVersion", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "createdDate": { + "description": "The date that the layer version was created, in ISO-8601 format (https://www.w3.org/TR/NOTE-datetime) (YYYY-MM-DDThh:mm:ss.sTZD).", + "type": "string" + }, + "layerARN": { + "description": "The ARN of the layer.", + "type": "string" + }, + "versionNumber": { + "description": "The version number.", + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/memorydb.services.k8s.aws/acl_v1alpha1.json b/memorydb.services.k8s.aws/acl_v1alpha1.json new file mode 100644 index 00000000..956865aa --- /dev/null +++ b/memorydb.services.k8s.aws/acl_v1alpha1.json @@ -0,0 +1,199 @@ +{ + "description": "ACL is the Schema for the ACLS API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "ACLSpec defines the desired state of ACL. \n An Access Control List. You can authenticate users with Access Contol Lists. ACLs enable you to control cluster access by grouping users. These Access control lists are designed as a way to organize access to clusters.", + "properties": { + "name": { + "description": "The name of the Access Control List.", + "type": "string" + }, + "tags": { + "description": "A list of tags to be added to this resource. A tag is a key-value pair. A tag key must be accompanied by a tag value, although null is accepted.", + "items": { + "description": "A tag that can be added to an MemoryDB resource. Tags are composed of a Key/Value pair. You can use tags to categorize and track all your MemoryDB resources. When you add or remove tags on clusters, those actions will be replicated to all nodes in the cluster. A tag with a null Value is permitted. For more information, see Tagging your MemoryDB resources (https://docs.aws.amazon.com/MemoryDB/latest/devguide/tagging-resources.html)", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "userNames": { + "description": "The list of users that belong to the Access Control List.", + "items": { + "type": "string" + }, + "type": "array" + }, + "userRefs": { + "items": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "required": [ + "name" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "ACLStatus defines the observed state of ACL", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "clusters": { + "description": "A list of clusters associated with the ACL.", + "items": { + "type": "string" + }, + "type": "array" + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "events": { + "description": "A list of events. Each element in the list contains detailed information about one event.", + "items": { + "description": "Represents a single occurrence of something interesting within the system. Some examples of events are creating a cluster or adding or removing a node.", + "properties": { + "date": { + "format": "date-time", + "type": "string" + }, + "message": { + "type": "string" + }, + "sourceName": { + "type": "string" + }, + "sourceType": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "minimumEngineVersion": { + "description": "The minimum engine version supported for the ACL", + "type": "string" + }, + "pendingChanges": { + "description": "A list of updates being applied to the ACL.", + "properties": { + "userNamesToAdd": { + "items": { + "type": "string" + }, + "type": "array" + }, + "userNamesToRemove": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "Indicates ACL status. Can be \"creating\", \"active\", \"modifying\", \"deleting\".", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/memorydb.services.k8s.aws/cluster_v1alpha1.json b/memorydb.services.k8s.aws/cluster_v1alpha1.json new file mode 100644 index 00000000..c41612cc --- /dev/null +++ b/memorydb.services.k8s.aws/cluster_v1alpha1.json @@ -0,0 +1,511 @@ +{ + "description": "Cluster is the Schema for the Clusters API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "ClusterSpec defines the desired state of Cluster. \n Contains all of the attributes of a specific cluster.", + "properties": { + "aclName": { + "description": "The name of the Access Control List to associate with the cluster.", + "type": "string" + }, + "aclRef": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "autoMinorVersionUpgrade": { + "description": "When set to true, the cluster will automatically receive minor engine version upgrades after launch.", + "type": "boolean" + }, + "description": { + "description": "An optional description of the cluster.", + "type": "string" + }, + "engineVersion": { + "description": "The version number of the Redis engine to be used for the cluster.", + "type": "string" + }, + "kmsKeyID": { + "description": "The ID of the KMS key used to encrypt the cluster.", + "type": "string" + }, + "maintenanceWindow": { + "description": "Specifies the weekly time range during which maintenance on the cluster is performed. It is specified as a range in the format ddd:hh24:mi-ddd:hh24:mi (24H Clock UTC). The minimum maintenance window is a 60 minute period.", + "type": "string" + }, + "name": { + "description": "The name of the cluster. This value must be unique as it also serves as the cluster identifier.", + "type": "string" + }, + "nodeType": { + "description": "The compute and memory capacity of the nodes in the cluster.", + "type": "string" + }, + "numReplicasPerShard": { + "description": "The number of replicas to apply to each shard. The default value is 1. The maximum is 5.", + "format": "int64", + "type": "integer" + }, + "numShards": { + "description": "The number of shards the cluster will contain. The default value is 1.", + "format": "int64", + "type": "integer" + }, + "parameterGroupName": { + "description": "The name of the parameter group associated with the cluster.", + "type": "string" + }, + "parameterGroupRef": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "port": { + "description": "The port number on which each of the nodes accepts connections.", + "format": "int64", + "type": "integer" + }, + "securityGroupIDs": { + "description": "A list of security group names to associate with this cluster.", + "items": { + "type": "string" + }, + "type": "array" + }, + "securityGroupRefs": { + "items": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "snapshotARNs": { + "description": "A list of Amazon Resource Names (ARN) that uniquely identify the RDB snapshot files stored in Amazon S3. The snapshot files are used to populate the new cluster. The Amazon S3 object name in the ARN cannot contain any commas.", + "items": { + "type": "string" + }, + "type": "array" + }, + "snapshotName": { + "description": "The name of a snapshot from which to restore data into the new cluster. The snapshot status changes to restoring while the new cluster is being created.", + "type": "string" + }, + "snapshotRef": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "snapshotRetentionLimit": { + "description": "The number of days for which MemoryDB retains automatic snapshots before deleting them. For example, if you set SnapshotRetentionLimit to 5, a snapshot that was taken today is retained for 5 days before being deleted.", + "format": "int64", + "type": "integer" + }, + "snapshotWindow": { + "description": "The daily time range (in UTC) during which MemoryDB begins taking a daily snapshot of your shard. \n Example: 05:00-09:00 \n If you do not specify this parameter, MemoryDB automatically chooses an appropriate time range.", + "type": "string" + }, + "snsTopicARN": { + "description": "The Amazon Resource Name (ARN) of the Amazon Simple Notification Service (SNS) topic to which notifications are sent.", + "type": "string" + }, + "snsTopicRef": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "subnetGroupName": { + "description": "The name of the subnet group to be used for the cluster.", + "type": "string" + }, + "subnetGroupRef": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "tags": { + "description": "A list of tags to be added to this resource. Tags are comma-separated key,value pairs (e.g. Key=myKey, Value=myKeyValue. You can include multiple tags as shown following: Key=myKey, Value=myKeyValue Key=mySecondKey, Value=mySecondKeyValue.", + "items": { + "description": "A tag that can be added to an MemoryDB resource. Tags are composed of a Key/Value pair. You can use tags to categorize and track all your MemoryDB resources. When you add or remove tags on clusters, those actions will be replicated to all nodes in the cluster. A tag with a null Value is permitted. For more information, see Tagging your MemoryDB resources (https://docs.aws.amazon.com/MemoryDB/latest/devguide/tagging-resources.html)", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "tlsEnabled": { + "description": "A flag to enable in-transit encryption on the cluster.", + "type": "boolean" + } + }, + "required": [ + "name", + "nodeType" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "ClusterStatus defines the observed state of Cluster", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "allowedScaleDownNodeTypes": { + "description": "A list node types which you can use to scale down your cluster.", + "items": { + "type": "string" + }, + "type": "array" + }, + "allowedScaleUpNodeTypes": { + "description": "A list node types which you can use to scale up your cluster.", + "items": { + "type": "string" + }, + "type": "array" + }, + "availabilityMode": { + "description": "Indicates if the cluster has a Multi-AZ configuration (multiaz) or not (singleaz).", + "type": "string" + }, + "clusterEndpoint": { + "description": "The cluster's configuration endpoint", + "properties": { + "address": { + "type": "string" + }, + "port": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "enginePatchVersion": { + "description": "The Redis engine patch version used by the cluster", + "type": "string" + }, + "events": { + "description": "A list of events. Each element in the list contains detailed information about one event.", + "items": { + "description": "Represents a single occurrence of something interesting within the system. Some examples of events are creating a cluster or adding or removing a node.", + "properties": { + "date": { + "format": "date-time", + "type": "string" + }, + "message": { + "type": "string" + }, + "sourceName": { + "type": "string" + }, + "sourceType": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "numberOfShards": { + "description": "The number of shards in the cluster", + "format": "int64", + "type": "integer" + }, + "parameterGroupStatus": { + "description": "The status of the parameter group used by the cluster, for example 'active' or 'applying'.", + "type": "string" + }, + "pendingUpdates": { + "description": "A group of settings that are currently being applied.", + "properties": { + "acls": { + "description": "The status of the ACL update", + "properties": { + "aclToApply": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "resharding": { + "description": "The status of the online resharding", + "properties": { + "slotMigration": { + "description": "Represents the progress of an online resharding operation.", + "properties": { + "progressPercentage": { + "type": "number" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "serviceUpdates": { + "items": { + "description": "Update action that has yet to be processed for the corresponding apply/stop request", + "properties": { + "serviceUpdateName": { + "type": "string" + }, + "status": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "securityGroups": { + "description": "A list of security groups used by the cluster", + "items": { + "description": "Represents a single security group and its status.", + "properties": { + "securityGroupID": { + "type": "string" + }, + "status": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "shards": { + "description": "A list of shards that are members of the cluster.", + "items": { + "description": "Represents a collection of nodes in a cluster. One node in the node group is the read/write primary node. All the other nodes are read-only Replica nodes.", + "properties": { + "name": { + "type": "string" + }, + "nodes": { + "items": { + "description": "Represents an individual node within a cluster. Each node runs its own instance of the cluster's protocol-compliant caching software.", + "properties": { + "availabilityZone": { + "type": "string" + }, + "createTime": { + "format": "date-time", + "type": "string" + }, + "endpoint": { + "description": "Represents the information required for client programs to connect to the cluster and its nodes.", + "properties": { + "address": { + "type": "string" + }, + "port": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + }, + "name": { + "type": "string" + }, + "status": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "numberOfNodes": { + "format": "int64", + "type": "integer" + }, + "slots": { + "type": "string" + }, + "status": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "snsTopicStatus": { + "description": "The SNS topic must be in Active status to receive notifications", + "type": "string" + }, + "status": { + "description": "The status of the cluster. For example, Available, Updating, Creating.", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/memorydb.services.k8s.aws/parametergroup_v1alpha1.json b/memorydb.services.k8s.aws/parametergroup_v1alpha1.json new file mode 100644 index 00000000..6895ac72 --- /dev/null +++ b/memorydb.services.k8s.aws/parametergroup_v1alpha1.json @@ -0,0 +1,169 @@ +{ + "description": "ParameterGroup is the Schema for the ParameterGroups API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "ParameterGroupSpec defines the desired state of ParameterGroup. \n Represents the output of a CreateParameterGroup operation. A parameter group represents a combination of specific values for the parameters that are passed to the engine software during startup.", + "properties": { + "description": { + "description": "An optional description of the parameter group.", + "type": "string" + }, + "family": { + "description": "The name of the parameter group family that the parameter group can be used with.", + "type": "string" + }, + "name": { + "description": "The name of the parameter group.", + "type": "string" + }, + "parameterNameValues": { + "description": "An array of parameter names and values for the parameter update. You must supply at least one parameter name and value; subsequent arguments are optional. A maximum of 20 parameters may be updated per request.", + "items": { + "description": "Describes a name-value pair that is used to update the value of a parameter.", + "properties": { + "parameterName": { + "type": "string" + }, + "parameterValue": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "tags": { + "description": "A list of tags to be added to this resource. A tag is a key-value pair. A tag key must be accompanied by a tag value, although null is accepted.", + "items": { + "description": "A tag that can be added to an MemoryDB resource. Tags are composed of a Key/Value pair. You can use tags to categorize and track all your MemoryDB resources. When you add or remove tags on clusters, those actions will be replicated to all nodes in the cluster. A tag with a null Value is permitted. For more information, see Tagging your MemoryDB resources (https://docs.aws.amazon.com/MemoryDB/latest/devguide/tagging-resources.html)", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "required": [ + "family", + "name" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "ParameterGroupStatus defines the observed state of ParameterGroup", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "parameters": { + "description": "A list of parameters specific to a particular parameter group. Each element in the list contains detailed information about one parameter.", + "items": { + "description": "Describes an individual setting that controls some aspect of MemoryDB behavior.", + "properties": { + "allowedValues": { + "type": "string" + }, + "dataType": { + "type": "string" + }, + "description": { + "type": "string" + }, + "minimumEngineVersion": { + "type": "string" + }, + "name": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/memorydb.services.k8s.aws/snapshot_v1alpha1.json b/memorydb.services.k8s.aws/snapshot_v1alpha1.json new file mode 100644 index 00000000..a03bfceb --- /dev/null +++ b/memorydb.services.k8s.aws/snapshot_v1alpha1.json @@ -0,0 +1,251 @@ +{ + "description": "Snapshot is the Schema for the Snapshots API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "SnapshotSpec defines the desired state of Snapshot. \n Represents a copy of an entire cluster as of the time when the snapshot was taken.", + "properties": { + "clusterName": { + "description": "The snapshot is created from this cluster.", + "type": "string" + }, + "clusterRef": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "kmsKeyID": { + "description": "The ID of the KMS key used to encrypt the snapshot.", + "type": "string" + }, + "kmsKeyRef": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "name": { + "description": "A name for the snapshot being created.", + "type": "string" + }, + "sourceSnapshotName": { + "description": "The name of an existing snapshot from which to make a copy.", + "type": "string" + }, + "tags": { + "description": "A list of tags to be added to this resource. A tag is a key-value pair. A tag key must be accompanied by a tag value, although null is accepted.", + "items": { + "description": "A tag that can be added to an MemoryDB resource. Tags are composed of a Key/Value pair. You can use tags to categorize and track all your MemoryDB resources. When you add or remove tags on clusters, those actions will be replicated to all nodes in the cluster. A tag with a null Value is permitted. For more information, see Tagging your MemoryDB resources (https://docs.aws.amazon.com/MemoryDB/latest/devguide/tagging-resources.html)", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "required": [ + "name" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "SnapshotStatus defines the observed state of Snapshot", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "clusterConfiguration": { + "description": "The configuration of the cluster from which the snapshot was taken", + "properties": { + "description": { + "type": "string" + }, + "engineVersion": { + "type": "string" + }, + "maintenanceWindow": { + "type": "string" + }, + "name": { + "type": "string" + }, + "nodeType": { + "type": "string" + }, + "numShards": { + "format": "int64", + "type": "integer" + }, + "parameterGroupName": { + "type": "string" + }, + "port": { + "format": "int64", + "type": "integer" + }, + "shards": { + "items": { + "description": "Provides details of a shard in a snapshot", + "properties": { + "configuration": { + "description": "Shard configuration options. Each shard configuration has the following: Slots and ReplicaCount.", + "properties": { + "replicaCount": { + "format": "int64", + "type": "integer" + }, + "slots": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "name": { + "type": "string" + }, + "size": { + "type": "string" + }, + "snapshotCreationTime": { + "format": "date-time", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "snapshotRetentionLimit": { + "format": "int64", + "type": "integer" + }, + "snapshotWindow": { + "type": "string" + }, + "subnetGroupName": { + "type": "string" + }, + "topicARN": { + "type": "string" + }, + "vpcID": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "source": { + "description": "Indicates whether the snapshot is from an automatic backup (automated) or was created manually (manual).", + "type": "string" + }, + "status": { + "description": "The status of the snapshot. Valid values: creating | available | restoring | copying | deleting.", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/memorydb.services.k8s.aws/subnetgroup_v1alpha1.json b/memorydb.services.k8s.aws/subnetgroup_v1alpha1.json new file mode 100644 index 00000000..35e190f0 --- /dev/null +++ b/memorydb.services.k8s.aws/subnetgroup_v1alpha1.json @@ -0,0 +1,173 @@ +{ + "description": "SubnetGroup is the Schema for the SubnetGroups API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "SubnetGroupSpec defines the desired state of SubnetGroup. \n Represents the output of one of the following operations: \n - CreateSubnetGroup \n - UpdateSubnetGroup \n A subnet group is a collection of subnets (typically private) that you can designate for your clusters running in an Amazon Virtual Private Cloud (VPC) environment.", + "properties": { + "description": { + "description": "A description for the subnet group.", + "type": "string" + }, + "name": { + "description": "The name of the subnet group.", + "type": "string" + }, + "subnetIDs": { + "description": "A list of VPC subnet IDs for the subnet group.", + "items": { + "type": "string" + }, + "type": "array" + }, + "subnetRefs": { + "items": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "tags": { + "description": "A list of tags to be added to this resource. A tag is a key-value pair. A tag key must be accompanied by a tag value, although null is accepted.", + "items": { + "description": "A tag that can be added to an MemoryDB resource. Tags are composed of a Key/Value pair. You can use tags to categorize and track all your MemoryDB resources. When you add or remove tags on clusters, those actions will be replicated to all nodes in the cluster. A tag with a null Value is permitted. For more information, see Tagging your MemoryDB resources (https://docs.aws.amazon.com/MemoryDB/latest/devguide/tagging-resources.html)", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "required": [ + "name" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "SubnetGroupStatus defines the observed state of SubnetGroup", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "subnets": { + "description": "A list of subnets associated with the subnet group.", + "items": { + "description": "Represents the subnet associated with a cluster. This parameter refers to subnets defined in Amazon Virtual Private Cloud (Amazon VPC) and used with MemoryDB.", + "properties": { + "availabilityZone": { + "description": "Indicates if the cluster has a Multi-AZ configuration (multiaz) or not (singleaz).", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "identifier": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "vpcID": { + "description": "The Amazon Virtual Private Cloud identifier (VPC ID) of the subnet group.", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/memorydb.services.k8s.aws/user_v1alpha1.json b/memorydb.services.k8s.aws/user_v1alpha1.json new file mode 100644 index 00000000..5de18b4a --- /dev/null +++ b/memorydb.services.k8s.aws/user_v1alpha1.json @@ -0,0 +1,209 @@ +{ + "description": "User is the Schema for the Users API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "UserSpec defines the desired state of User. \n You create users and assign them specific permissions by using an access string. You assign the users to Access Control Lists aligned with a specific role (administrators, human resources) that are then deployed to one or more MemoryDB clusters.", + "properties": { + "accessString": { + "description": "Access permissions string used for this user.", + "type": "string" + }, + "authenticationMode": { + "description": "Denotes the user's authentication properties, such as whether it requires a password to authenticate.", + "properties": { + "passwords": { + "items": { + "description": "SecretKeyReference combines a k8s corev1.SecretReference with a specific key within the referred-to Secret", + "properties": { + "key": { + "description": "Key is the key within the secret", + "type": "string" + }, + "name": { + "description": "name is unique within a namespace to reference a secret resource.", + "type": "string" + }, + "namespace": { + "description": "namespace defines the space within which the secret name must be unique.", + "type": "string" + } + }, + "required": [ + "key" + ], + "type": "object", + "x-kubernetes-map-type": "atomic", + "additionalProperties": false + }, + "type": "array" + }, + "type_": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "name": { + "description": "The name of the user. This value must be unique as it also serves as the user identifier.", + "type": "string" + }, + "tags": { + "description": "A list of tags to be added to this resource. A tag is a key-value pair. A tag key must be accompanied by a tag value, although null is accepted.", + "items": { + "description": "A tag that can be added to an MemoryDB resource. Tags are composed of a Key/Value pair. You can use tags to categorize and track all your MemoryDB resources. When you add or remove tags on clusters, those actions will be replicated to all nodes in the cluster. A tag with a null Value is permitted. For more information, see Tagging your MemoryDB resources (https://docs.aws.amazon.com/MemoryDB/latest/devguide/tagging-resources.html)", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "required": [ + "accessString", + "authenticationMode", + "name" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "UserStatus defines the observed state of User", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "aclNames": { + "description": "The names of the Access Control Lists to which the user belongs", + "items": { + "type": "string" + }, + "type": "array" + }, + "authentication": { + "description": "Denotes whether the user requires a password to authenticate.", + "properties": { + "passwordCount": { + "format": "int64", + "type": "integer" + }, + "type_": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "events": { + "description": "A list of events. Each element in the list contains detailed information about one event.", + "items": { + "description": "Represents a single occurrence of something interesting within the system. Some examples of events are creating a cluster or adding or removing a node.", + "properties": { + "date": { + "format": "date-time", + "type": "string" + }, + "message": { + "type": "string" + }, + "sourceName": { + "type": "string" + }, + "sourceType": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "minimumEngineVersion": { + "description": "The minimum engine version supported for the user", + "type": "string" + }, + "status": { + "description": "Indicates the user status. Can be \"active\", \"modifying\" or \"deleting\".", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/mq.services.k8s.aws/broker_v1alpha1.json b/mq.services.k8s.aws/broker_v1alpha1.json new file mode 100644 index 00000000..44b4bda1 --- /dev/null +++ b/mq.services.k8s.aws/broker_v1alpha1.json @@ -0,0 +1,360 @@ +{ + "description": "Broker is the Schema for the Brokers API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "BrokerSpec defines the desired state of Broker.", + "properties": { + "authenticationStrategy": { + "type": "string" + }, + "autoMinorVersionUpgrade": { + "type": "boolean" + }, + "configuration": { + "description": "A list of information about the configuration. \n Does not apply to RabbitMQ brokers.", + "properties": { + "id": { + "type": "string" + }, + "revision": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + }, + "creatorRequestID": { + "type": "string" + }, + "deploymentMode": { + "type": "string" + }, + "encryptionOptions": { + "description": "Does not apply to RabbitMQ brokers. \n Encryption options for the broker.", + "properties": { + "kmsKeyID": { + "type": "string" + }, + "useAWSOwnedKey": { + "type": "boolean" + } + }, + "type": "object", + "additionalProperties": false + }, + "engineType": { + "type": "string" + }, + "engineVersion": { + "type": "string" + }, + "hostInstanceType": { + "type": "string" + }, + "ldapServerMetadata": { + "description": "Optional. The metadata of the LDAP server used to authenticate and authorize connections to the broker. \n Does not apply to RabbitMQ brokers.", + "properties": { + "hosts": { + "items": { + "type": "string" + }, + "type": "array" + }, + "roleBase": { + "type": "string" + }, + "roleName": { + "type": "string" + }, + "roleSearchMatching": { + "type": "string" + }, + "roleSearchSubtree": { + "type": "boolean" + }, + "serviceAccountPassword": { + "type": "string" + }, + "serviceAccountUsername": { + "type": "string" + }, + "userBase": { + "type": "string" + }, + "userRoleName": { + "type": "string" + }, + "userSearchMatching": { + "type": "string" + }, + "userSearchSubtree": { + "type": "boolean" + } + }, + "type": "object", + "additionalProperties": false + }, + "logs": { + "description": "The list of information about logs to be enabled for the specified broker.", + "properties": { + "audit": { + "type": "boolean" + }, + "general": { + "type": "boolean" + } + }, + "type": "object", + "additionalProperties": false + }, + "maintenanceWindowStartTime": { + "description": "The scheduled time period relative to UTC during which Amazon MQ begins to apply pending updates or patches to the broker.", + "properties": { + "dayOfWeek": { + "type": "string" + }, + "timeOfDay": { + "type": "string" + }, + "timeZone": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "name": { + "type": "string" + }, + "publiclyAccessible": { + "type": "boolean" + }, + "securityGroupRefs": { + "items": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "securityGroups": { + "items": { + "type": "string" + }, + "type": "array" + }, + "storageType": { + "type": "string" + }, + "subnetIDs": { + "items": { + "type": "string" + }, + "type": "array" + }, + "subnetRefs": { + "items": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "tags": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "users": { + "items": { + "description": "A user associated with the broker. For RabbitMQ brokers, one and only one administrative user is accepted and created when a broker is first provisioned. All subsequent broker users are created by making RabbitMQ API calls directly to brokers or via the RabbitMQ web console.", + "properties": { + "consoleAccess": { + "type": "boolean" + }, + "groups": { + "items": { + "type": "string" + }, + "type": "array" + }, + "password": { + "description": "SecretKeyReference combines a k8s corev1.SecretReference with a specific key within the referred-to Secret", + "properties": { + "key": { + "description": "Key is the key within the secret", + "type": "string" + }, + "name": { + "description": "name is unique within a namespace to reference a secret resource.", + "type": "string" + }, + "namespace": { + "description": "namespace defines the space within which the secret name must be unique.", + "type": "string" + } + }, + "required": [ + "key" + ], + "type": "object", + "x-kubernetes-map-type": "atomic", + "additionalProperties": false + }, + "username": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "required": [ + "autoMinorVersionUpgrade", + "deploymentMode", + "engineType", + "engineVersion", + "hostInstanceType", + "name", + "publiclyAccessible", + "users" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "BrokerStatus defines the observed state of Broker", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "brokerID": { + "type": "string" + }, + "brokerInstances": { + "items": { + "description": "Returns information about all brokers.", + "properties": { + "consoleURL": { + "type": "string" + }, + "endpoints": { + "items": { + "type": "string" + }, + "type": "array" + }, + "ipAddress": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "brokerState": { + "type": "string" + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/networkfirewall.services.k8s.aws/firewall_v1alpha1.json b/networkfirewall.services.k8s.aws/firewall_v1alpha1.json new file mode 100644 index 00000000..f808fd7c --- /dev/null +++ b/networkfirewall.services.k8s.aws/firewall_v1alpha1.json @@ -0,0 +1,335 @@ +{ + "description": "Firewall is the Schema for the Firewalls API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "FirewallSpec defines the desired state of Firewall. \n The firewall defines the configuration settings for an Network Firewall firewall. These settings include the firewall policy, the subnets in your VPC to use for the firewall endpoints, and any tags that are attached to the firewall Amazon Web Services resource. \n The status of the firewall, for example whether it's ready to filter network traffic, is provided in the corresponding FirewallStatus. You can retrieve both objects by calling DescribeFirewall.", + "properties": { + "deleteProtection": { + "description": "A flag indicating whether it is possible to delete the firewall. A setting of TRUE indicates that the firewall is protected against deletion. Use this setting to protect against accidentally deleting a firewall that is in use. When you create a firewall, the operation initializes this flag to TRUE.", + "type": "boolean" + }, + "description": { + "description": "A description of the firewall.", + "type": "string" + }, + "encryptionConfiguration": { + "description": "A complex type that contains settings for encryption of your firewall resources.", + "properties": { + "keyID": { + "type": "string" + }, + "type_": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "firewallName": { + "description": "The descriptive name of the firewall. You can't change the name of a firewall after you create it.", + "type": "string" + }, + "firewallPolicyARN": { + "description": "The Amazon Resource Name (ARN) of the FirewallPolicy that you want to use for the firewall.", + "type": "string" + }, + "firewallPolicyChangeProtection": { + "description": "A setting indicating whether the firewall is protected against a change to the firewall policy association. Use this setting to protect against accidentally modifying the firewall policy for a firewall that is in use. When you create a firewall, the operation initializes this setting to TRUE.", + "type": "boolean" + }, + "subnetChangeProtection": { + "description": "A setting indicating whether the firewall is protected against changes to the subnet associations. Use this setting to protect against accidentally modifying the subnet associations for a firewall that is in use. When you create a firewall, the operation initializes this setting to TRUE.", + "type": "boolean" + }, + "subnetMappings": { + "description": "The public subnets to use for your Network Firewall firewalls. Each subnet must belong to a different Availability Zone in the VPC. Network Firewall creates a firewall endpoint in each subnet.", + "items": { + "description": "The ID for a subnet that you want to associate with the firewall. This is used with CreateFirewall and AssociateSubnets. Network Firewall creates an instance of the associated firewall in each subnet that you specify, to filter traffic in the subnet's Availability Zone.", + "properties": { + "subnetID": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "tags": { + "description": "The key:value pairs to associate with the resource.", + "items": { + "description": "A key:value pair associated with an Amazon Web Services resource. The key:value pair can be anything you define. Typically, the tag key represents a category (such as \"environment\") and the tag value represents a specific value within that category (such as \"test,\" \"development,\" or \"production\"). You can add up to 50 tags to each Amazon Web Services resource.", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "vpcID": { + "description": "The unique identifier of the VPC where Network Firewall should create the firewall. \n You can't change this setting after you create the firewall.", + "type": "string" + } + }, + "required": [ + "firewallName", + "firewallPolicyARN", + "subnetMappings", + "vpcID" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "FirewallStatus defines the observed state of Firewall", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "firewall": { + "description": "The configuration settings for the firewall. These settings include the firewall policy and the subnets in your VPC to use for the firewall endpoints.", + "properties": { + "deleteProtection": { + "type": "boolean" + }, + "description": { + "type": "string" + }, + "encryptionConfiguration": { + "description": "A complex type that contains optional Amazon Web Services Key Management Service (KMS) encryption settings for your Network Firewall resources. Your data is encrypted by default with an Amazon Web Services owned key that Amazon Web Services owns and manages for you. You can use either the Amazon Web Services owned key, or provide your own customer managed key. To learn more about KMS encryption of your Network Firewall resources, see Encryption at rest with Amazon Web Services Key Managment Service (https://docs.aws.amazon.com/kms/latest/developerguide/kms-encryption-at-rest.html) in the Network Firewall Developer Guide.", + "properties": { + "keyID": { + "type": "string" + }, + "type_": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "firewallARN": { + "type": "string" + }, + "firewallID": { + "type": "string" + }, + "firewallName": { + "type": "string" + }, + "firewallPolicyARN": { + "type": "string" + }, + "firewallPolicyChangeProtection": { + "type": "boolean" + }, + "subnetChangeProtection": { + "type": "boolean" + }, + "subnetMappings": { + "items": { + "description": "The ID for a subnet that you want to associate with the firewall. This is used with CreateFirewall and AssociateSubnets. Network Firewall creates an instance of the associated firewall in each subnet that you specify, to filter traffic in the subnet's Availability Zone.", + "properties": { + "subnetID": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "tags": { + "items": { + "description": "A key:value pair associated with an Amazon Web Services resource. The key:value pair can be anything you define. Typically, the tag key represents a category (such as \"environment\") and the tag value represents a specific value within that category (such as \"test,\" \"development,\" or \"production\"). You can add up to 50 tags to each Amazon Web Services resource.", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "vpcID": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "firewallStatus": { + "description": "Detailed information about the current status of a Firewall. You can retrieve this for a firewall by calling DescribeFirewall and providing the firewall name and ARN.", + "properties": { + "capacityUsageSummary": { + "description": "The capacity usage summary of the resources used by the ReferenceSets in a firewall.", + "properties": { + "cidrs": { + "description": "Summarizes the CIDR blocks used by the IP set references in a firewall. Network Firewall calculates the number of CIDRs by taking an aggregated count of all CIDRs used by the IP sets you are referencing.", + "properties": { + "availableCIDRCount": { + "format": "int64", + "type": "integer" + }, + "iPSetReferences": { + "additionalProperties": { + "description": "General information about the IP set.", + "properties": { + "resolvedCIDRCount": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "object" + }, + "utilizedCIDRCount": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "configurationSyncStateSummary": { + "type": "string" + }, + "status": { + "type": "string" + }, + "syncStates": { + "additionalProperties": { + "description": "The status of the firewall endpoint and firewall policy configuration for a single VPC subnet. \n For each VPC subnet that you associate with a firewall, Network Firewall does the following: \n - Instantiates a firewall endpoint in the subnet, ready to take traffic. \n - Configures the endpoint with the current firewall policy settings, to provide the filtering behavior for the endpoint. \n When you update a firewall, for example to add a subnet association or change a rule group in the firewall policy, the affected sync states reflect out-of-sync or not ready status until the changes are complete.", + "properties": { + "attachment": { + "description": "The configuration and status for a single subnet that you've specified for use by the Network Firewall firewall. This is part of the FirewallStatus.", + "properties": { + "endpointID": { + "type": "string" + }, + "status": { + "type": "string" + }, + "subnetID": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "config": { + "additionalProperties": { + "description": "Provides configuration status for a single policy or rule group that is used for a firewall endpoint. Network Firewall provides each endpoint with the rules that are configured in the firewall policy. Each time you add a subnet or modify the associated firewall policy, Network Firewall synchronizes the rules in the endpoint, so it can properly filter network traffic. This is part of a SyncState for a firewall.", + "properties": { + "syncStatus": { + "type": "string" + }, + "updateToken": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "object" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "object" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/networkfirewall.services.k8s.aws/firewallpolicy_v1alpha1.json b/networkfirewall.services.k8s.aws/firewallpolicy_v1alpha1.json new file mode 100644 index 00000000..8ecf9916 --- /dev/null +++ b/networkfirewall.services.k8s.aws/firewallpolicy_v1alpha1.json @@ -0,0 +1,322 @@ +{ + "description": "FirewallPolicy is the Schema for the FirewallPolicies API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "FirewallPolicySpec defines the desired state of FirewallPolicy. \n The firewall policy defines the behavior of a firewall using a collection of stateless and stateful rule groups and other settings. You can use one firewall policy for multiple firewalls. \n This, along with FirewallPolicyResponse, define the policy. You can retrieve all objects for a firewall policy by calling DescribeFirewallPolicy.", + "properties": { + "description": { + "description": "A description of the firewall policy.", + "type": "string" + }, + "encryptionConfiguration": { + "description": "A complex type that contains settings for encryption of your firewall policy resources.", + "properties": { + "keyID": { + "type": "string" + }, + "type_": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "firewallPolicy": { + "description": "The rule groups and policy actions to use in the firewall policy.", + "properties": { + "statefulDefaultActions": { + "items": { + "type": "string" + }, + "type": "array" + }, + "statefulEngineOptions": { + "description": "Configuration settings for the handling of the stateful rule groups in a firewall policy.", + "properties": { + "ruleOrder": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "statefulRuleGroupReferences": { + "items": { + "description": "Identifier for a single stateful rule group, used in a firewall policy to refer to a rule group.", + "properties": { + "override": { + "description": "The setting that allows the policy owner to change the behavior of the rule group within a policy.", + "properties": { + "action": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "priority": { + "format": "int64", + "type": "integer" + }, + "resourceARN": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "statelessCustomActions": { + "items": { + "description": "An optional, non-standard action to use for stateless packet handling. You can define this in addition to the standard action that you must specify. \n You define and name the custom actions that you want to be able to use, and then you reference them by name in your actions settings. \n You can use custom actions in the following places: \n - In a rule group's StatelessRulesAndCustomActions specification. The custom actions are available for use by name inside the StatelessRulesAndCustomActions where you define them. You can use them for your stateless rule actions to specify what to do with a packet that matches the rule's match attributes. \n - In a FirewallPolicy specification, in StatelessCustomActions. The custom actions are available for use inside the policy where you define them. You can use them for the policy's default stateless actions settings to specify what to do with packets that don't match any of the policy's stateless rules.", + "properties": { + "actionDefinition": { + "description": "A custom action to use in stateless rule actions settings. This is used in CustomAction.", + "properties": { + "publishMetricAction": { + "description": "Stateless inspection criteria that publishes the specified metrics to Amazon CloudWatch for the matching packet. This setting defines a CloudWatch dimension value to be published.", + "properties": { + "dimensions": { + "items": { + "description": "The value to use in an Amazon CloudWatch custom metric dimension. This is used in the PublishMetrics CustomAction. A CloudWatch custom metric dimension is a name/value pair that's part of the identity of a metric. \n Network Firewall sets the dimension name to CustomAction and you provide the dimension value. \n For more information about CloudWatch custom metric dimensions, see Publishing Custom Metrics (https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/publishingMetrics.html#usingDimensions) in the Amazon CloudWatch User Guide (https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/WhatIsCloudWatch.html).", + "properties": { + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "actionName": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "statelessDefaultActions": { + "items": { + "type": "string" + }, + "type": "array" + }, + "statelessFragmentDefaultActions": { + "items": { + "type": "string" + }, + "type": "array" + }, + "statelessRuleGroupReferences": { + "items": { + "description": "Identifier for a single stateless rule group, used in a firewall policy to refer to the rule group.", + "properties": { + "priority": { + "format": "int64", + "type": "integer" + }, + "resourceARN": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "firewallPolicyName": { + "description": "The descriptive name of the firewall policy. You can't change the name of a firewall policy after you create it.", + "type": "string" + }, + "tags": { + "description": "The key:value pairs to associate with the resource.", + "items": { + "description": "A key:value pair associated with an Amazon Web Services resource. The key:value pair can be anything you define. Typically, the tag key represents a category (such as \"environment\") and the tag value represents a specific value within that category (such as \"test,\" \"development,\" or \"production\"). You can add up to 50 tags to each Amazon Web Services resource.", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "required": [ + "firewallPolicy", + "firewallPolicyName" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "FirewallPolicyStatus defines the observed state of FirewallPolicy", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "firewallPolicyResponse": { + "description": "The high-level properties of a firewall policy. This, along with the FirewallPolicy, define the policy. You can retrieve all objects for a firewall policy by calling DescribeFirewallPolicy.", + "properties": { + "consumedStatefulRuleCapacity": { + "format": "int64", + "type": "integer" + }, + "consumedStatelessRuleCapacity": { + "format": "int64", + "type": "integer" + }, + "description": { + "type": "string" + }, + "encryptionConfiguration": { + "description": "A complex type that contains optional Amazon Web Services Key Management Service (KMS) encryption settings for your Network Firewall resources. Your data is encrypted by default with an Amazon Web Services owned key that Amazon Web Services owns and manages for you. You can use either the Amazon Web Services owned key, or provide your own customer managed key. To learn more about KMS encryption of your Network Firewall resources, see Encryption at rest with Amazon Web Services Key Managment Service (https://docs.aws.amazon.com/kms/latest/developerguide/kms-encryption-at-rest.html) in the Network Firewall Developer Guide.", + "properties": { + "keyID": { + "type": "string" + }, + "type_": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "firewallPolicyARN": { + "type": "string" + }, + "firewallPolicyID": { + "type": "string" + }, + "firewallPolicyName": { + "type": "string" + }, + "firewallPolicyStatus": { + "type": "string" + }, + "lastModifiedTime": { + "format": "date-time", + "type": "string" + }, + "numberOfAssociations": { + "format": "int64", + "type": "integer" + }, + "tags": { + "items": { + "description": "A key:value pair associated with an Amazon Web Services resource. The key:value pair can be anything you define. Typically, the tag key represents a category (such as \"environment\") and the tag value represents a specific value within that category (such as \"test,\" \"development,\" or \"production\"). You can add up to 50 tags to each Amazon Web Services resource.", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "updateToken": { + "description": "A token used for optimistic locking. Network Firewall returns a token to your requests that access the firewall policy. The token marks the state of the policy resource at the time of the request. \n To make changes to the policy, you provide the token in your request. Network Firewall uses the token to ensure that the policy hasn't changed since you last retrieved it. If it has changed, the operation fails with an InvalidTokenException. If this happens, retrieve the firewall policy again to get a current copy of it with current token. Reapply your changes as needed, then try the operation again using the new token.", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/networkfirewall.services.k8s.aws/rulegroup_v1alpha1.json b/networkfirewall.services.k8s.aws/rulegroup_v1alpha1.json new file mode 100644 index 00000000..20371216 --- /dev/null +++ b/networkfirewall.services.k8s.aws/rulegroup_v1alpha1.json @@ -0,0 +1,590 @@ +{ + "description": "RuleGroup is the Schema for the RuleGroups API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "RuleGroupSpec defines the desired state of RuleGroup. \n The object that defines the rules in a rule group. This, along with RuleGroupResponse, define the rule group. You can retrieve all objects for a rule group by calling DescribeRuleGroup. \n Network Firewall uses a rule group to inspect and control network traffic. You define stateless rule groups to inspect individual packets and you define stateful rule groups to inspect packets in the context of their traffic flow. \n To use a rule group, you include it by reference in an Network Firewall firewall policy, then you use the policy in a firewall. You can reference a rule group from more than one firewall policy, and you can use a firewall policy in more than one firewall.", + "properties": { + "capacity": { + "description": "The maximum operating resources that this rule group can use. Rule group capacity is fixed at creation. When you update a rule group, you are limited to this capacity. When you reference a rule group from a firewall policy, Network Firewall reserves this capacity for the rule group. \n You can retrieve the capacity that would be required for a rule group before you create the rule group by calling CreateRuleGroup with DryRun set to TRUE. \n You can't change or exceed this capacity when you update the rule group, so leave room for your rule group to grow. \n # Capacity for a stateless rule group \n For a stateless rule group, the capacity required is the sum of the capacity requirements of the individual rules that you expect to have in the rule group. \n To calculate the capacity requirement of a single rule, multiply the capacity requirement values of each of the rule's match settings: \n - A match setting with no criteria specified has a value of 1. \n - A match setting with Any specified has a value of 1. \n - All other match settings have a value equal to the number of elements provided in the setting. For example, a protocol setting [\"UDP\"] and a source setting [\"10.0.0.0/24\"] each have a value of 1. A protocol setting [\"UDP\",\"TCP\"] has a value of 2. A source setting [\"10.0.0.0/24\",\"10.0.0.1/24\",\"10.0.0.2/24\"] has a value of 3. \n A rule with no criteria specified in any of its match settings has a capacity requirement of 1. A rule with protocol setting [\"UDP\",\"TCP\"], source setting [\"10.0.0.0/24\",\"10.0.0.1/24\",\"10.0.0.2/24\"], and a single specification or no specification for each of the other match settings has a capacity requirement of 6. \n # Capacity for a stateful rule group \n For a stateful rule group, the minimum capacity required is the number of individual rules that you expect to have in the rule group.", + "format": "int64", + "type": "integer" + }, + "description": { + "description": "A description of the rule group.", + "type": "string" + }, + "dryRun": { + "description": "Indicates whether you want Network Firewall to just check the validity of the request, rather than run the request. \n If set to TRUE, Network Firewall checks whether the request can run successfully, but doesn't actually make the requested changes. The call returns the value that the request would return if you ran it with dry run set to FALSE, but doesn't make additions or changes to your resources. This option allows you to make sure that you have the required permissions to run the request and that your request parameters are valid. \n If set to FALSE, Network Firewall makes the requested changes to your resources.", + "type": "boolean" + }, + "encryptionConfiguration": { + "description": "A complex type that contains settings for encryption of your rule group resources.", + "properties": { + "keyID": { + "type": "string" + }, + "type_": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "ruleGroup": { + "description": "An object that defines the rule group rules. \n You must provide either this rule group setting or a Rules setting, but not both.", + "properties": { + "referenceSets": { + "description": "Contains a set of IP set references.", + "properties": { + "iPSetReferences": { + "additionalProperties": { + "description": "Configures one or more IP set references for a Suricata-compatible rule group. This is used in CreateRuleGroup or UpdateRuleGroup. An IP set reference is a rule variable that references a resource that you create and manage in another Amazon Web Services service, such as an Amazon VPC prefix list. Network Firewall IP set references enable you to dynamically update the contents of your rules. When you create, update, or delete the IP set you are referencing in your rule, Network Firewall automatically updates the rule's content with the changes. For more information about IP set references in Network Firewall, see Using IP set references (https://docs.aws.amazon.com/network-firewall/latest/developerguide/rule-groups-ip-set-references) in the Network Firewall Developer Guide. \n Network Firewall currently supports only Amazon VPC prefix lists (https://docs.aws.amazon.com/vpc/latest/userguide/managed-prefix-lists.html) as IP set references.", + "properties": { + "referenceARN": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "object" + } + }, + "type": "object", + "additionalProperties": false + }, + "ruleVariables": { + "description": "Settings that are available for use in the rules in the RuleGroup where this is defined.", + "properties": { + "iPSets": { + "additionalProperties": { + "description": "A list of IP addresses and address ranges, in CIDR notation. This is part of a RuleVariables.", + "properties": { + "definition": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "object" + }, + "portSets": { + "additionalProperties": { + "description": "A set of port ranges for use in the rules in a rule group.", + "properties": { + "definition": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "object" + } + }, + "type": "object", + "additionalProperties": false + }, + "rulesSource": { + "description": "The stateless or stateful rules definitions for use in a single rule group. Each rule group requires a single RulesSource. You can use an instance of this for either stateless rules or stateful rules.", + "properties": { + "rulesSourceList": { + "description": "Stateful inspection criteria for a domain list rule group. \n For HTTPS traffic, domain filtering is SNI-based. It uses the server name indicator extension of the TLS handshake. \n By default, Network Firewall domain list inspection only includes traffic coming from the VPC where you deploy the firewall. To inspect traffic from IP addresses outside of the deployment VPC, you set the HOME_NET rule variable to include the CIDR range of the deployment VPC plus the other CIDR ranges. For more information, see RuleVariables in this guide and Stateful domain list rule groups in Network Firewall (https://docs.aws.amazon.com/network-firewall/latest/developerguide/stateful-rule-groups-domain-names.html) in the Network Firewall Developer Guide.", + "properties": { + "generatedRulesType": { + "type": "string" + }, + "targetTypes": { + "items": { + "type": "string" + }, + "type": "array" + }, + "targets": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "rulesString": { + "type": "string" + }, + "statefulRules": { + "items": { + "description": "A single Suricata rules specification, for use in a stateful rule group. Use this option to specify a simple Suricata rule with protocol, source and destination, ports, direction, and rule options. For information about the Suricata Rules format, see Rules Format (https://suricata.readthedocs.io/en/suricata-5.0.0/rules/intro.html#).", + "properties": { + "action": { + "type": "string" + }, + "header": { + "description": "The basic rule criteria for Network Firewall to use to inspect packet headers in stateful traffic flow inspection. Traffic flows that match the criteria are a match for the corresponding StatefulRule.", + "properties": { + "destination": { + "type": "string" + }, + "destinationPort": { + "type": "string" + }, + "direction": { + "type": "string" + }, + "protocol": { + "type": "string" + }, + "source": { + "type": "string" + }, + "sourcePort": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "ruleOptions": { + "items": { + "description": "Additional settings for a stateful rule. This is part of the StatefulRule configuration.", + "properties": { + "keyword": { + "type": "string" + }, + "settings": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "statelessRulesAndCustomActions": { + "description": "Stateless inspection criteria. Each stateless rule group uses exactly one of these data types to define its stateless rules.", + "properties": { + "customActions": { + "items": { + "description": "An optional, non-standard action to use for stateless packet handling. You can define this in addition to the standard action that you must specify. \n You define and name the custom actions that you want to be able to use, and then you reference them by name in your actions settings. \n You can use custom actions in the following places: \n - In a rule group's StatelessRulesAndCustomActions specification. The custom actions are available for use by name inside the StatelessRulesAndCustomActions where you define them. You can use them for your stateless rule actions to specify what to do with a packet that matches the rule's match attributes. \n - In a FirewallPolicy specification, in StatelessCustomActions. The custom actions are available for use inside the policy where you define them. You can use them for the policy's default stateless actions settings to specify what to do with packets that don't match any of the policy's stateless rules.", + "properties": { + "actionDefinition": { + "description": "A custom action to use in stateless rule actions settings. This is used in CustomAction.", + "properties": { + "publishMetricAction": { + "description": "Stateless inspection criteria that publishes the specified metrics to Amazon CloudWatch for the matching packet. This setting defines a CloudWatch dimension value to be published.", + "properties": { + "dimensions": { + "items": { + "description": "The value to use in an Amazon CloudWatch custom metric dimension. This is used in the PublishMetrics CustomAction. A CloudWatch custom metric dimension is a name/value pair that's part of the identity of a metric. \n Network Firewall sets the dimension name to CustomAction and you provide the dimension value. \n For more information about CloudWatch custom metric dimensions, see Publishing Custom Metrics (https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/publishingMetrics.html#usingDimensions) in the Amazon CloudWatch User Guide (https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/WhatIsCloudWatch.html).", + "properties": { + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "actionName": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "statelessRules": { + "items": { + "description": "A single stateless rule. This is used in StatelessRulesAndCustomActions.", + "properties": { + "priority": { + "format": "int64", + "type": "integer" + }, + "ruleDefinition": { + "description": "The inspection criteria and action for a single stateless rule. Network Firewall inspects each packet for the specified matching criteria. When a packet matches the criteria, Network Firewall performs the rule's actions on the packet.", + "properties": { + "actions": { + "items": { + "type": "string" + }, + "type": "array" + }, + "matchAttributes": { + "description": "Criteria for Network Firewall to use to inspect an individual packet in stateless rule inspection. Each match attributes set can include one or more items such as IP address, CIDR range, port number, protocol, and TCP flags.", + "properties": { + "destinationPorts": { + "items": { + "description": "A single port range specification. This is used for source and destination port ranges in the stateless rule MatchAttributes, SourcePorts, and DestinationPorts settings.", + "properties": { + "fromPort": { + "format": "int64", + "type": "integer" + }, + "toPort": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "destinations": { + "items": { + "description": "A single IP address specification. This is used in the MatchAttributes source and destination specifications.", + "properties": { + "addressDefinition": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "protocols": { + "items": { + "format": "int64", + "type": "integer" + }, + "type": "array" + }, + "sourcePorts": { + "items": { + "description": "A single port range specification. This is used for source and destination port ranges in the stateless rule MatchAttributes, SourcePorts, and DestinationPorts settings.", + "properties": { + "fromPort": { + "format": "int64", + "type": "integer" + }, + "toPort": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "sources": { + "items": { + "description": "A single IP address specification. This is used in the MatchAttributes source and destination specifications.", + "properties": { + "addressDefinition": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "tcpFlags": { + "items": { + "description": "TCP flags and masks to inspect packets for, used in stateless rules MatchAttributes settings.", + "properties": { + "flags": { + "items": { + "type": "string" + }, + "type": "array" + }, + "masks": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "statefulRuleOptions": { + "description": "Additional options governing how Network Firewall handles the rule group. You can only use these for stateful rule groups.", + "properties": { + "ruleOrder": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "ruleGroupName": { + "description": "The descriptive name of the rule group. You can't change the name of a rule group after you create it.", + "type": "string" + }, + "rules": { + "description": "A string containing stateful rule group rules specifications in Suricata flat format, with one rule per line. Use this to import your existing Suricata compatible rule groups. \n You must provide either this rules setting or a populated RuleGroup setting, but not both. \n You can provide your rule group specification in Suricata flat format through this setting when you create or update your rule group. The call response returns a RuleGroup object that Network Firewall has populated from your string.", + "type": "string" + }, + "sourceMetadata": { + "description": "A complex type that contains metadata about the rule group that your own rule group is copied from. You can use the metadata to keep track of updates made to the originating rule group.", + "properties": { + "sourceARN": { + "type": "string" + }, + "sourceUpdateToken": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "tags": { + "description": "The key:value pairs to associate with the resource.", + "items": { + "description": "A key:value pair associated with an Amazon Web Services resource. The key:value pair can be anything you define. Typically, the tag key represents a category (such as \"environment\") and the tag value represents a specific value within that category (such as \"test,\" \"development,\" or \"production\"). You can add up to 50 tags to each Amazon Web Services resource.", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "type_": { + "description": "Indicates whether the rule group is stateless or stateful. If the rule group is stateless, it contains stateless rules. If it is stateful, it contains stateful rules.", + "type": "string" + } + }, + "required": [ + "capacity", + "ruleGroupName", + "type_" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "RuleGroupStatus defines the observed state of RuleGroup", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "ruleGroupResponse": { + "description": "The high-level properties of a rule group. This, along with the RuleGroup, define the rule group. You can retrieve all objects for a rule group by calling DescribeRuleGroup.", + "properties": { + "capacity": { + "format": "int64", + "type": "integer" + }, + "consumedCapacity": { + "format": "int64", + "type": "integer" + }, + "description": { + "type": "string" + }, + "encryptionConfiguration": { + "description": "A complex type that contains optional Amazon Web Services Key Management Service (KMS) encryption settings for your Network Firewall resources. Your data is encrypted by default with an Amazon Web Services owned key that Amazon Web Services owns and manages for you. You can use either the Amazon Web Services owned key, or provide your own customer managed key. To learn more about KMS encryption of your Network Firewall resources, see Encryption at rest with Amazon Web Services Key Managment Service (https://docs.aws.amazon.com/kms/latest/developerguide/kms-encryption-at-rest.html) in the Network Firewall Developer Guide.", + "properties": { + "keyID": { + "type": "string" + }, + "type_": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "lastModifiedTime": { + "format": "date-time", + "type": "string" + }, + "numberOfAssociations": { + "format": "int64", + "type": "integer" + }, + "ruleGroupARN": { + "type": "string" + }, + "ruleGroupID": { + "type": "string" + }, + "ruleGroupName": { + "type": "string" + }, + "ruleGroupStatus": { + "type": "string" + }, + "snsTopic": { + "type": "string" + }, + "sourceMetadata": { + "description": "High-level information about the managed rule group that your own rule group is copied from. You can use the the metadata to track version updates made to the originating rule group. You can retrieve all objects for a rule group by calling DescribeRuleGroup (https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DescribeRuleGroup.html).", + "properties": { + "sourceARN": { + "type": "string" + }, + "sourceUpdateToken": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "tags": { + "items": { + "description": "A key:value pair associated with an Amazon Web Services resource. The key:value pair can be anything you define. Typically, the tag key represents a category (such as \"environment\") and the tag value represents a specific value within that category (such as \"test,\" \"development,\" or \"production\"). You can add up to 50 tags to each Amazon Web Services resource.", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "type_": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "updateToken": { + "description": "A token used for optimistic locking. Network Firewall returns a token to your requests that access the rule group. The token marks the state of the rule group resource at the time of the request. \n To make changes to the rule group, you provide the token in your request. Network Firewall uses the token to ensure that the rule group hasn't changed since you last retrieved it. If it has changed, the operation fails with an InvalidTokenException. If this happens, retrieve the rule group again to get a current copy of it with a current token. Reapply your changes as needed, then try the operation again using the new token.", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/opensearchservice.services.k8s.aws/domain_v1alpha1.json b/opensearchservice.services.k8s.aws/domain_v1alpha1.json new file mode 100644 index 00000000..5e2405b0 --- /dev/null +++ b/opensearchservice.services.k8s.aws/domain_v1alpha1.json @@ -0,0 +1,540 @@ +{ + "description": "Domain is the Schema for the Domains API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "DomainSpec defines the desired state of Domain.", + "properties": { + "accessPolicies": { + "description": "IAM access policy as a JSON-formatted string.", + "type": "string" + }, + "advancedOptions": { + "additionalProperties": { + "type": "string" + }, + "description": "Option to allow references to indices in an HTTP request body. Must be false when configuring access to individual sub-resources. By default, the value is true. See Advanced cluster parameters (http://docs.aws.amazon.com/opensearch-service/latest/developerguide/createupdatedomains.html#createdomain-configure-advanced-options) for more information.", + "type": "object" + }, + "advancedSecurityOptions": { + "description": "Specifies advanced security options.", + "properties": { + "anonymousAuthEnabled": { + "type": "boolean" + }, + "enabled": { + "type": "boolean" + }, + "internalUserDatabaseEnabled": { + "type": "boolean" + }, + "masterUserOptions": { + "description": "Credentials for the master user: username and password, ARN, or both.", + "properties": { + "masterUserARN": { + "description": "The Amazon Resource Name (ARN) of the domain. See Identifiers for IAM Entities (http://docs.aws.amazon.com/IAM/latest/UserGuide/index.html) in Using AWS Identity and Access Management for more information.", + "type": "string" + }, + "masterUserName": { + "type": "string" + }, + "masterUserPassword": { + "description": "SecretKeyReference combines a k8s corev1.SecretReference with a specific key within the referred-to Secret", + "properties": { + "key": { + "description": "Key is the key within the secret", + "type": "string" + }, + "name": { + "description": "name is unique within a namespace to reference a secret resource.", + "type": "string" + }, + "namespace": { + "description": "namespace defines the space within which the secret name must be unique.", + "type": "string" + } + }, + "required": [ + "key" + ], + "type": "object", + "x-kubernetes-map-type": "atomic", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "sAMLOptions": { + "description": "The SAML application configuration for the domain.", + "properties": { + "enabled": { + "type": "boolean" + }, + "idp": { + "description": "The SAML identity povider's information.", + "properties": { + "entityID": { + "type": "string" + }, + "metadataContent": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "masterBackendRole": { + "type": "string" + }, + "masterUserName": { + "type": "string" + }, + "rolesKey": { + "type": "string" + }, + "sessionTimeoutMinutes": { + "format": "int64", + "type": "integer" + }, + "subjectKey": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "autoTuneOptions": { + "description": "Specifies Auto-Tune options.", + "properties": { + "desiredState": { + "description": "The Auto-Tune desired state. Valid values are ENABLED and DISABLED.", + "type": "string" + }, + "maintenanceSchedules": { + "items": { + "description": "Specifies the Auto-Tune maintenance schedule. See Auto-Tune for Amazon OpenSearch Service (https://docs.aws.amazon.com/opensearch-service/latest/developerguide/auto-tune.html) for more information.", + "properties": { + "cronExpressionForRecurrence": { + "type": "string" + }, + "duration": { + "description": "The maintenance schedule duration: duration value and duration unit. See Auto-Tune for Amazon OpenSearch Service (https://docs.aws.amazon.com/opensearch-service/latest/developerguide/auto-tune.html) for more information.", + "properties": { + "unit": { + "description": "The unit of a maintenance schedule duration. Valid value is HOUR. See Auto-Tune for Amazon OpenSearch Service (https://docs.aws.amazon.com/opensearch-service/latest/developerguide/auto-tune.html) for more information.", + "type": "string" + }, + "value": { + "description": "Integer to specify the value of a maintenance schedule duration. See Auto-Tune for Amazon OpenSearch Service (https://docs.aws.amazon.com/opensearch-service/latest/developerguide/auto-tune.html) for more information.", + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + }, + "startAt": { + "format": "date-time", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "clusterConfig": { + "description": "Configuration options for a domain. Specifies the instance type and number of instances in the domain.", + "properties": { + "coldStorageOptions": { + "description": "Specifies the configuration for cold storage options such as enabled", + "properties": { + "enabled": { + "type": "boolean" + } + }, + "type": "object", + "additionalProperties": false + }, + "dedicatedMasterCount": { + "format": "int64", + "type": "integer" + }, + "dedicatedMasterEnabled": { + "type": "boolean" + }, + "dedicatedMasterType": { + "type": "string" + }, + "instanceCount": { + "format": "int64", + "type": "integer" + }, + "instanceType": { + "type": "string" + }, + "warmCount": { + "format": "int64", + "type": "integer" + }, + "warmEnabled": { + "type": "boolean" + }, + "warmType": { + "type": "string" + }, + "zoneAwarenessConfig": { + "description": "The zone awareness configuration for the domain cluster, such as the number of availability zones.", + "properties": { + "availabilityZoneCount": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + }, + "zoneAwarenessEnabled": { + "type": "boolean" + } + }, + "type": "object", + "additionalProperties": false + }, + "cognitoOptions": { + "description": "Options to specify the Cognito user and identity pools for OpenSearch Dashboards authentication. For more information, see Configuring Amazon Cognito authentication for OpenSearch Dashboards (http://docs.aws.amazon.com/opensearch-service/latest/developerguide/cognito-auth.html).", + "properties": { + "enabled": { + "type": "boolean" + }, + "identityPoolID": { + "type": "string" + }, + "roleARN": { + "type": "string" + }, + "userPoolID": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "domainEndpointOptions": { + "description": "Options to specify configurations that will be applied to the domain endpoint.", + "properties": { + "customEndpoint": { + "type": "string" + }, + "customEndpointCertificateARN": { + "description": "The Amazon Resource Name (ARN) of the domain. See Identifiers for IAM Entities (http://docs.aws.amazon.com/IAM/latest/UserGuide/index.html) in Using AWS Identity and Access Management for more information.", + "type": "string" + }, + "customEndpointEnabled": { + "type": "boolean" + }, + "enforceHTTPS": { + "type": "boolean" + }, + "tlsSecurityPolicy": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "ebsOptions": { + "description": "Options to enable, disable, and specify the type and size of EBS storage volumes.", + "properties": { + "ebsEnabled": { + "type": "boolean" + }, + "iops": { + "format": "int64", + "type": "integer" + }, + "throughput": { + "format": "int64", + "type": "integer" + }, + "volumeSize": { + "format": "int64", + "type": "integer" + }, + "volumeType": { + "description": "The type of EBS volume, standard, gp2, gp3 or io1. See Configuring EBS-based Storage (http://docs.aws.amazon.com/opensearch-service/latest/developerguide/opensearch-createupdatedomains.html#opensearch-createdomain-configure-ebs) for more information.", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "encryptionAtRestOptions": { + "description": "Options for encryption of data at rest.", + "properties": { + "enabled": { + "type": "boolean" + }, + "kmsKeyID": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "engineVersion": { + "description": "String of format Elasticsearch_X.Y or OpenSearch_X.Y to specify the engine version for the Amazon OpenSearch Service domain. For example, \"OpenSearch_1.0\" or \"Elasticsearch_7.9\". For more information, see Creating and managing Amazon OpenSearch Service domains (http://docs.aws.amazon.com/opensearch-service/latest/developerguide/createupdatedomains.html#createdomains).", + "type": "string" + }, + "logPublishingOptions": { + "additionalProperties": { + "description": "Log Publishing option that is set for a given domain. Attributes and their details: \n - CloudWatchLogsLogGroupArn: ARN of the Cloudwatch log group to publish logs to. \n - Enabled: Whether the log publishing for a given log type is enabled or not.", + "properties": { + "cloudWatchLogsLogGroupARN": { + "description": "ARN of the Cloudwatch log group to publish logs to.", + "type": "string" + }, + "enabled": { + "type": "boolean" + } + }, + "type": "object", + "additionalProperties": false + }, + "description": "Map of LogType and LogPublishingOption, each containing options to publish a given type of OpenSearch log.", + "type": "object" + }, + "name": { + "description": "The name of the Amazon OpenSearch Service domain you're creating. Domain names are unique across the domains owned by an account within an AWS region. Domain names must start with a lowercase letter and can contain the following characters: a-z (lowercase), 0-9, and - (hyphen).", + "type": "string" + }, + "nodeToNodeEncryptionOptions": { + "description": "Node-to-node encryption options.", + "properties": { + "enabled": { + "type": "boolean" + } + }, + "type": "object", + "additionalProperties": false + }, + "tags": { + "description": "A list of Tag added during domain creation.", + "items": { + "description": "A key value pair for a resource tag.", + "properties": { + "key": { + "description": "A string of length from 1 to 128 characters that specifies the key for a tag. Tag keys must be unique for the domain to which they're attached.", + "type": "string" + }, + "value": { + "description": "A string of length from 0 to 256 characters that specifies the value for a tag. Tag values can be null and don't have to be unique in a tag set.", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "vpcOptions": { + "description": "Options to specify the subnets and security groups for a VPC endpoint. For more information, see Launching your Amazon OpenSearch Service domains using a VPC (http://docs.aws.amazon.com/opensearch-service/latest/developerguide/vpc.html).", + "properties": { + "securityGroupIDs": { + "items": { + "type": "string" + }, + "type": "array" + }, + "subnetIDs": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "required": [ + "name" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "DomainStatus defines the observed state of Domain", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "changeProgressDetails": { + "description": "Specifies change details of the domain configuration change.", + "properties": { + "changeID": { + "type": "string" + }, + "message": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "created": { + "description": "The domain creation status. True if the creation of a domain is complete. False if domain creation is still in progress.", + "type": "boolean" + }, + "deleted": { + "description": "The domain deletion status. True if a delete request has been received for the domain but resource cleanup is still in progress. False if the domain has not been deleted. Once domain deletion is complete, the status of the domain is no longer returned.", + "type": "boolean" + }, + "domainID": { + "description": "The unique identifier for the specified domain.", + "type": "string" + }, + "endpoint": { + "description": "The domain endpoint that you use to submit index and search requests.", + "type": "string" + }, + "endpoints": { + "additionalProperties": { + "type": "string" + }, + "description": "Map containing the domain endpoints used to submit index and search requests. Example key, value: 'vpc','vpc-endpoint-h2dsd34efgyghrtguk5gt6j2foh4.us-east-1.es.amazonaws.com'.", + "type": "object" + }, + "processing": { + "description": "The status of the domain configuration. True if Amazon OpenSearch Service is processing configuration changes. False if the configuration is active.", + "type": "boolean" + }, + "serviceSoftwareOptions": { + "description": "The current status of the domain's service software.", + "properties": { + "automatedUpdateDate": { + "format": "date-time", + "type": "string" + }, + "cancellable": { + "type": "boolean" + }, + "currentVersion": { + "type": "string" + }, + "description": { + "type": "string" + }, + "newVersion": { + "type": "string" + }, + "optionalDeployment": { + "type": "boolean" + }, + "updateAvailable": { + "type": "boolean" + }, + "updateStatus": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "snapshotOptions": { + "description": "The status of the SnapshotOptions.", + "properties": { + "automatedSnapshotStartHour": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + }, + "upgradeProcessing": { + "description": "The status of a domain version upgrade. True if Amazon OpenSearch Service is undergoing a version upgrade. False if the configuration is active.", + "type": "boolean" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/organizations.services.k8s.aws/organizationalunit_v1alpha1.json b/organizations.services.k8s.aws/organizationalunit_v1alpha1.json new file mode 100644 index 00000000..9347b7cb --- /dev/null +++ b/organizations.services.k8s.aws/organizationalunit_v1alpha1.json @@ -0,0 +1,123 @@ +{ + "description": "OrganizationalUnit is the Schema for the OrganizationalUnits API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "OrganizationalUnitSpec defines the desired state of OrganizationalUnit. \n Contains details about an organizational unit (OU). An OU is a container of Amazon Web Services accounts within a root of an organization. Policies that are attached to an OU apply to all accounts contained in that OU and in any child OUs.", + "properties": { + "name": { + "description": "The friendly name to assign to the new OU.", + "type": "string" + }, + "parentID": { + "description": "The unique identifier (ID) of the parent root or OU that you want to create the new OU in. \n The regex pattern (http://wikipedia.org/wiki/regex) for a parent ID string requires one of the following: \n * Root - A string that begins with \"r-\" followed by from 4 to 32 lowercase letters or digits. \n * Organizational unit (OU) - A string that begins with \"ou-\" followed by from 4 to 32 lowercase letters or digits (the ID of the root that the OU is in). This string is followed by a second \"-\" dash and from 8 to 32 additional lowercase letters or digits.", + "type": "string" + }, + "tags": { + "description": "A list of tags that you want to attach to the newly created OU. For each tag in the list, you must specify both a tag key and a value. You can set the value to an empty string, but you can't set it to null. For more information about tagging, see Tagging Organizations resources (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_tagging.html) in the Organizations User Guide. \n If any one of the tags is invalid or if you exceed the allowed number of tags for an OU, then the entire request fails and the OU is not created.", + "items": { + "description": "A custom key-value pair associated with a resource within your organization. \n You can attach tags to any of the following organization resources. \n * Amazon Web Services account \n * Organizational unit (OU) \n * Organization root \n * Policy", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "required": [ + "name", + "parentID" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "OrganizationalUnitStatus defines the observed state of OrganizationalUnit", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "id": { + "description": "The unique identifier (ID) associated with this OU. \n The regex pattern (http://wikipedia.org/wiki/regex) for an organizational unit ID string requires \"ou-\" followed by from 4 to 32 lowercase letters or digits (the ID of the root that contains the OU). This string is followed by a second \"-\" dash and from 8 to 32 additional lowercase letters or digits.", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/pipes.services.k8s.aws/pipe_v1alpha1.json b/pipes.services.k8s.aws/pipe_v1alpha1.json new file mode 100644 index 00000000..04374e19 --- /dev/null +++ b/pipes.services.k8s.aws/pipe_v1alpha1.json @@ -0,0 +1,1029 @@ +{ + "description": "Pipe is the Schema for the Pipes API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "PipeSpec defines the desired state of Pipe. \n An object that represents a pipe. Amazon EventBridgePipes connect event sources to targets and reduces the need for specialized knowledge and integration code.", + "properties": { + "description": { + "description": "A description of the pipe.", + "type": "string" + }, + "desiredState": { + "description": "The state the pipe should be in.", + "type": "string" + }, + "enrichment": { + "description": "The ARN of the enrichment resource.", + "type": "string" + }, + "enrichmentParameters": { + "description": "The parameters required to set up enrichment on your pipe.", + "properties": { + "httpParameters": { + "description": "These are custom parameter to be used when the target is an API Gateway REST APIs or EventBridge ApiDestinations. In the latter case, these are merged with any InvocationParameters specified on the Connection, with any values from the Connection taking precedence.", + "properties": { + "headerParameters": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "pathParameterValues": { + "items": { + "type": "string" + }, + "type": "array" + }, + "queryStringParameters": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object", + "additionalProperties": false + }, + "inputTemplate": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "name": { + "description": "The name of the pipe.", + "type": "string" + }, + "roleARN": { + "description": "The ARN of the role that allows the pipe to send data to the target.", + "type": "string" + }, + "source": { + "description": "The ARN of the source resource.", + "type": "string" + }, + "sourceParameters": { + "description": "The parameters required to set up a source for your pipe.", + "properties": { + "activeMQBrokerParameters": { + "description": "The parameters for using an Active MQ broker as a source.", + "properties": { + "batchSize": { + "format": "int64", + "type": "integer" + }, + "credentials": { + "description": "The Secrets Manager secret that stores your broker credentials.", + "properties": { + "basicAuth": { + "description": "// Optional SecretManager ARN which stores the database credentials", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "maximumBatchingWindowInSeconds": { + "format": "int64", + "type": "integer" + }, + "queueName": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "dynamoDBStreamParameters": { + "description": "The parameters for using a DynamoDB stream as a source.", + "properties": { + "batchSize": { + "format": "int64", + "type": "integer" + }, + "deadLetterConfig": { + "description": "A DeadLetterConfig object that contains information about a dead-letter queue configuration.", + "properties": { + "arn": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "maximumBatchingWindowInSeconds": { + "format": "int64", + "type": "integer" + }, + "maximumRecordAgeInSeconds": { + "format": "int64", + "type": "integer" + }, + "maximumRetryAttempts": { + "format": "int64", + "type": "integer" + }, + "onPartialBatchItemFailure": { + "type": "string" + }, + "parallelizationFactor": { + "format": "int64", + "type": "integer" + }, + "startingPosition": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "filterCriteria": { + "description": "The collection of event patterns used to filter events. For more information, see Events and Event Patterns (https://docs.aws.amazon.com/eventbridge/latest/userguide/eventbridge-and-event-patterns.html) in the Amazon EventBridge User Guide.", + "properties": { + "filters": { + "items": { + "description": "Filter events using an event pattern. For more information, see Events and Event Patterns (https://docs.aws.amazon.com/eventbridge/latest/userguide/eventbridge-and-event-patterns.html) in the Amazon EventBridge User Guide.", + "properties": { + "pattern": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "kinesisStreamParameters": { + "description": "The parameters for using a Kinesis stream as a source.", + "properties": { + "batchSize": { + "format": "int64", + "type": "integer" + }, + "deadLetterConfig": { + "description": "A DeadLetterConfig object that contains information about a dead-letter queue configuration.", + "properties": { + "arn": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "maximumBatchingWindowInSeconds": { + "format": "int64", + "type": "integer" + }, + "maximumRecordAgeInSeconds": { + "format": "int64", + "type": "integer" + }, + "maximumRetryAttempts": { + "format": "int64", + "type": "integer" + }, + "onPartialBatchItemFailure": { + "type": "string" + }, + "parallelizationFactor": { + "format": "int64", + "type": "integer" + }, + "startingPosition": { + "type": "string" + }, + "startingPositionTimestamp": { + "format": "date-time", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "managedStreamingKafkaParameters": { + "description": "The parameters for using an MSK stream as a source.", + "properties": { + "batchSize": { + "format": "int64", + "type": "integer" + }, + "consumerGroupID": { + "type": "string" + }, + "credentials": { + "description": "The Secrets Manager secret that stores your stream credentials.", + "properties": { + "clientCertificateTLSAuth": { + "description": "// Optional SecretManager ARN which stores the database credentials", + "type": "string" + }, + "saslSCRAM512Auth": { + "description": "// Optional SecretManager ARN which stores the database credentials", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "maximumBatchingWindowInSeconds": { + "format": "int64", + "type": "integer" + }, + "startingPosition": { + "type": "string" + }, + "topicName": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "rabbitMQBrokerParameters": { + "description": "The parameters for using a Rabbit MQ broker as a source.", + "properties": { + "batchSize": { + "format": "int64", + "type": "integer" + }, + "credentials": { + "description": "The Secrets Manager secret that stores your broker credentials.", + "properties": { + "basicAuth": { + "description": "// Optional SecretManager ARN which stores the database credentials", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "maximumBatchingWindowInSeconds": { + "format": "int64", + "type": "integer" + }, + "queueName": { + "type": "string" + }, + "virtualHost": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "selfManagedKafkaParameters": { + "description": "The parameters for using a self-managed Apache Kafka stream as a source.", + "properties": { + "additionalBootstrapServers": { + "items": { + "type": "string" + }, + "type": "array" + }, + "batchSize": { + "format": "int64", + "type": "integer" + }, + "consumerGroupID": { + "type": "string" + }, + "credentials": { + "description": "The Secrets Manager secret that stores your stream credentials.", + "properties": { + "basicAuth": { + "description": "// Optional SecretManager ARN which stores the database credentials", + "type": "string" + }, + "clientCertificateTLSAuth": { + "description": "// Optional SecretManager ARN which stores the database credentials", + "type": "string" + }, + "saslSCRAM256Auth": { + "description": "// Optional SecretManager ARN which stores the database credentials", + "type": "string" + }, + "saslSCRAM512Auth": { + "description": "// Optional SecretManager ARN which stores the database credentials", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "maximumBatchingWindowInSeconds": { + "format": "int64", + "type": "integer" + }, + "serverRootCaCertificate": { + "description": "// Optional SecretManager ARN which stores the database credentials", + "type": "string" + }, + "startingPosition": { + "type": "string" + }, + "topicName": { + "type": "string" + }, + "vpc": { + "description": "This structure specifies the VPC subnets and security groups for the stream, and whether a public IP address is to be used.", + "properties": { + "securityGroup": { + "description": "List of SecurityGroupId.", + "items": { + "type": "string" + }, + "type": "array" + }, + "subnets": { + "description": "List of SubnetId.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "sqsQueueParameters": { + "description": "The parameters for using a Amazon SQS stream as a source.", + "properties": { + "batchSize": { + "format": "int64", + "type": "integer" + }, + "maximumBatchingWindowInSeconds": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "tags": { + "additionalProperties": { + "type": "string" + }, + "description": "The list of key-value pairs to associate with the pipe.", + "type": "object" + }, + "target": { + "description": "The ARN of the target resource.", + "type": "string" + }, + "targetParameters": { + "description": "The parameters required to set up a target for your pipe.", + "properties": { + "batchJobParameters": { + "description": "The parameters for using an Batch job as a target.", + "properties": { + "arrayProperties": { + "description": "The array properties for the submitted job, such as the size of the array. The array size can be between 2 and 10,000. If you specify array properties for a job, it becomes an array job. This parameter is used only if the target is an Batch job.", + "properties": { + "size": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + }, + "containerOverrides": { + "description": "The overrides that are sent to a container.", + "properties": { + "command": { + "items": { + "type": "string" + }, + "type": "array" + }, + "environment": { + "items": { + "description": "The environment variables to send to the container. You can add new environment variables, which are added to the container at launch, or you can override the existing environment variables from the Docker image or the task definition. \n Environment variables cannot start with \"Batch\". This naming convention is reserved for variables that Batch sets.", + "properties": { + "name": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "instanceType": { + "type": "string" + }, + "resourceRequirements": { + "items": { + "description": "The type and amount of a resource to assign to a container. The supported resources include GPU, MEMORY, and VCPU.", + "properties": { + "type_": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "dependsOn": { + "items": { + "description": "An object that represents an Batch job dependency.", + "properties": { + "jobID": { + "type": "string" + }, + "type_": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "jobDefinition": { + "type": "string" + }, + "jobName": { + "type": "string" + }, + "parameters": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "retryStrategy": { + "description": "The retry strategy that's associated with a job. For more information, see Automated job retries (https://docs.aws.amazon.com/batch/latest/userguide/job_retries.html) in the Batch User Guide.", + "properties": { + "attempts": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "cloudWatchLogsParameters": { + "description": "The parameters for using an CloudWatch Logs log stream as a target.", + "properties": { + "logStreamName": { + "type": "string" + }, + "timestamp": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "ecsTaskParameters": { + "description": "The parameters for using an Amazon ECS task as a target.", + "properties": { + "capacityProviderStrategy": { + "items": { + "description": "The details of a capacity provider strategy. To learn more, see CapacityProviderStrategyItem (https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_CapacityProviderStrategyItem.html) in the Amazon ECS API Reference.", + "properties": { + "base": { + "format": "int64", + "type": "integer" + }, + "capacityProvider": { + "type": "string" + }, + "weight": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "enableECSManagedTags": { + "type": "boolean" + }, + "enableExecuteCommand": { + "type": "boolean" + }, + "group": { + "type": "string" + }, + "launchType": { + "type": "string" + }, + "networkConfiguration": { + "description": "This structure specifies the network configuration for an Amazon ECS task.", + "properties": { + "awsVPCConfiguration": { + "description": "This structure specifies the VPC subnets and security groups for the task, and whether a public IP address is to be used. This structure is relevant only for ECS tasks that use the awsvpc network mode.", + "properties": { + "assignPublicIP": { + "type": "string" + }, + "securityGroups": { + "items": { + "type": "string" + }, + "type": "array" + }, + "subnets": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "overrides": { + "description": "The overrides that are associated with a task.", + "properties": { + "containerOverrides": { + "items": { + "description": "The overrides that are sent to a container. An empty container override can be passed in. An example of an empty container override is {\"containerOverrides\": [ ] }. If a non-empty container override is specified, the name parameter must be included.", + "properties": { + "command": { + "items": { + "type": "string" + }, + "type": "array" + }, + "cpu": { + "format": "int64", + "type": "integer" + }, + "environment": { + "items": { + "description": "The environment variables to send to the container. You can add new environment variables, which are added to the container at launch, or you can override the existing environment variables from the Docker image or the task definition. You must also specify a container name.", + "properties": { + "name": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "environmentFiles": { + "items": { + "description": "A list of files containing the environment variables to pass to a container. You can specify up to ten environment files. The file must have a .env file extension. Each line in an environment file should contain an environment variable in VARIABLE=VALUE format. Lines beginning with # are treated as comments and are ignored. For more information about the environment variable file syntax, see Declare default environment variables in file (https://docs.docker.com/compose/env-file/). \n If there are environment variables specified using the environment parameter in a container definition, they take precedence over the variables contained within an environment file. If multiple environment files are specified that contain the same variable, they're processed from the top down. We recommend that you use unique variable names. For more information, see Specifying environment variables (https://docs.aws.amazon.com/AmazonECS/latest/developerguide/taskdef-envfiles.html) in the Amazon Elastic Container Service Developer Guide. \n This parameter is only supported for tasks hosted on Fargate using the following platform versions: \n - Linux platform version 1.4.0 or later. \n - Windows platform version 1.0.0 or later.", + "properties": { + "type_": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "memory": { + "format": "int64", + "type": "integer" + }, + "memoryReservation": { + "format": "int64", + "type": "integer" + }, + "name": { + "type": "string" + }, + "resourceRequirements": { + "items": { + "description": "The type and amount of a resource to assign to a container. The supported resource types are GPUs and Elastic Inference accelerators. For more information, see Working with GPUs on Amazon ECS (https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-gpu.html) or Working with Amazon Elastic Inference on Amazon ECS (https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-inference.html) in the Amazon Elastic Container Service Developer Guide", + "properties": { + "type_": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "cpu": { + "type": "string" + }, + "ephemeralStorage": { + "description": "The amount of ephemeral storage to allocate for the task. This parameter is used to expand the total amount of ephemeral storage available, beyond the default amount, for tasks hosted on Fargate. For more information, see Fargate task storage (https://docs.aws.amazon.com/AmazonECS/latest/userguide/using_data_volumes.html) in the Amazon ECS User Guide for Fargate. \n This parameter is only supported for tasks hosted on Fargate using Linux platform version 1.4.0 or later. This parameter is not supported for Windows containers on Fargate.", + "properties": { + "sizeInGiB": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + }, + "executionRoleARN": { + "type": "string" + }, + "inferenceAcceleratorOverrides": { + "items": { + "description": "Details on an Elastic Inference accelerator task override. This parameter is used to override the Elastic Inference accelerator specified in the task definition. For more information, see Working with Amazon Elastic Inference on Amazon ECS (https://docs.aws.amazon.com/AmazonECS/latest/userguide/ecs-inference.html) in the Amazon Elastic Container Service Developer Guide.", + "properties": { + "deviceName": { + "type": "string" + }, + "deviceType": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "memory": { + "type": "string" + }, + "taskRoleARN": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "placementConstraints": { + "items": { + "description": "An object representing a constraint on task placement. To learn more, see Task Placement Constraints (https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-placement-constraints.html) in the Amazon Elastic Container Service Developer Guide.", + "properties": { + "expression": { + "type": "string" + }, + "type_": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "placementStrategy": { + "items": { + "description": "The task placement strategy for a task or service. To learn more, see Task Placement Strategies (https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-placement-strategies.html) in the Amazon Elastic Container Service Service Developer Guide.", + "properties": { + "field": { + "type": "string" + }, + "type_": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "platformVersion": { + "type": "string" + }, + "propagateTags": { + "type": "string" + }, + "referenceID": { + "type": "string" + }, + "tags": { + "items": { + "description": "A key-value pair associated with an Amazon Web Services resource. In EventBridge, rules and event buses support tagging.", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "taskCount": { + "format": "int64", + "type": "integer" + }, + "taskDefinitionARN": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "eventBridgeEventBusParameters": { + "description": "The parameters for using an EventBridge event bus as a target.", + "properties": { + "detailType": { + "type": "string" + }, + "endpointID": { + "type": "string" + }, + "resources": { + "items": { + "type": "string" + }, + "type": "array" + }, + "source": { + "type": "string" + }, + "time": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "httpParameters": { + "description": "These are custom parameter to be used when the target is an API Gateway REST APIs or EventBridge ApiDestinations.", + "properties": { + "headerParameters": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "pathParameterValues": { + "items": { + "type": "string" + }, + "type": "array" + }, + "queryStringParameters": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object", + "additionalProperties": false + }, + "inputTemplate": { + "type": "string" + }, + "kinesisStreamParameters": { + "description": "The parameters for using a Kinesis stream as a source.", + "properties": { + "partitionKey": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "lambdaFunctionParameters": { + "description": "The parameters for using a Lambda function as a target.", + "properties": { + "invocationType": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "redshiftDataParameters": { + "description": "These are custom parameters to be used when the target is a Amazon Redshift cluster to invoke the Amazon Redshift Data API ExecuteStatement.", + "properties": { + "database": { + "description": "// Redshift Database", + "type": "string" + }, + "dbUser": { + "description": "// Database user name", + "type": "string" + }, + "secretManagerARN": { + "description": "// For targets, can either specify an ARN or a jsonpath pointing to the ARN.", + "type": "string" + }, + "sqls": { + "description": "// A list of SQLs.", + "items": { + "type": "string" + }, + "type": "array" + }, + "statementName": { + "description": "// A name for Redshift DataAPI statement which can be used as filter of // ListStatement.", + "type": "string" + }, + "withEvent": { + "type": "boolean" + } + }, + "type": "object", + "additionalProperties": false + }, + "sageMakerPipelineParameters": { + "description": "The parameters for using a SageMaker pipeline as a target.", + "properties": { + "pipelineParameterList": { + "items": { + "description": "Name/Value pair of a parameter to start execution of a SageMaker Model Building Pipeline.", + "properties": { + "name": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "sqsQueueParameters": { + "description": "The parameters for using a Amazon SQS stream as a source.", + "properties": { + "messageDeduplicationID": { + "type": "string" + }, + "messageGroupID": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "stepFunctionStateMachineParameters": { + "description": "The parameters for using a Step Functions state machine as a target.", + "properties": { + "invocationType": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + } + }, + "required": [ + "name", + "roleARN", + "source", + "target" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "PipeStatus defines the observed state of Pipe", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "creationTime": { + "description": "The time the pipe was created.", + "format": "date-time", + "type": "string" + }, + "currentState": { + "description": "The state the pipe is in.", + "type": "string" + }, + "lastModifiedTime": { + "description": "When the pipe was last updated, in ISO-8601 format (https://www.w3.org/TR/NOTE-datetime) (YYYY-MM-DDThh:mm:ss.sTZD).", + "format": "date-time", + "type": "string" + }, + "stateReason": { + "description": "The reason the pipe is in its current state.", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/prometheusservice.services.k8s.aws/alertmanagerdefinition_v1alpha1.json b/prometheusservice.services.k8s.aws/alertmanagerdefinition_v1alpha1.json new file mode 100644 index 00000000..392ad431 --- /dev/null +++ b/prometheusservice.services.k8s.aws/alertmanagerdefinition_v1alpha1.json @@ -0,0 +1,125 @@ +{ + "description": "AlertManagerDefinition is the Schema for the AlertManagerDefinitions API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "AlertManagerDefinitionSpec defines the desired state of AlertManagerDefinition.", + "properties": { + "configuration": { + "type": "string" + }, + "workspaceID": { + "description": "The ID of the workspace in which to create the alert manager definition.", + "type": "string" + }, + "workspaceRef": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + } + }, + "required": [ + "configuration" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "AlertManagerDefinitionStatus defines the observed state of AlertManagerDefinition", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "statusCode": { + "description": "Status code of this definition.", + "type": "string" + }, + "statusReason": { + "description": "The reason for failure if any.", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/prometheusservice.services.k8s.aws/loggingconfiguration_v1alpha1.json b/prometheusservice.services.k8s.aws/loggingconfiguration_v1alpha1.json new file mode 100644 index 00000000..73d054d9 --- /dev/null +++ b/prometheusservice.services.k8s.aws/loggingconfiguration_v1alpha1.json @@ -0,0 +1,126 @@ +{ + "description": "LoggingConfiguration is the Schema for the LoggingConfigurations API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "LoggingConfigurationSpec defines the desired state of LoggingConfiguration.", + "properties": { + "logGroupARN": { + "description": "The ARN of the CW log group to which the vended log data will be published.", + "type": "string" + }, + "workspaceID": { + "description": "The ID of the workspace to vend logs to.", + "type": "string" + }, + "workspaceRef": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + } + }, + "required": [ + "logGroupARN" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "LoggingConfigurationStatus defines the observed state of LoggingConfiguration", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "statusCode": { + "description": "Status code of the logging configuration.", + "type": "string" + }, + "statusReason": { + "description": "The reason for failure if any.", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/prometheusservice.services.k8s.aws/rulegroupsnamespace_v1alpha1.json b/prometheusservice.services.k8s.aws/rulegroupsnamespace_v1alpha1.json new file mode 100644 index 00000000..03c26538 --- /dev/null +++ b/prometheusservice.services.k8s.aws/rulegroupsnamespace_v1alpha1.json @@ -0,0 +1,143 @@ +{ + "description": "RuleGroupsNamespace is the Schema for the RuleGroupsNamespaces API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "RuleGroupsNamespaceSpec defines the desired state of RuleGroupsNamespace.", + "properties": { + "configuration": { + "type": "string" + }, + "name": { + "description": "The rule groups namespace name.", + "type": "string" + }, + "tags": { + "additionalProperties": { + "type": "string" + }, + "description": "Optional, user-provided tags for this rule groups namespace.", + "type": "object" + }, + "workspaceID": { + "description": "The ID of the workspace in which to create the rule group namespace.", + "type": "string" + }, + "workspaceRef": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + } + }, + "required": [ + "configuration", + "name" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "RuleGroupsNamespaceStatus defines the observed state of RuleGroupsNamespace", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "status": { + "description": "The status of rule groups namespace.", + "properties": { + "statusCode": { + "description": "State of a namespace.", + "type": "string" + }, + "statusReason": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/prometheusservice.services.k8s.aws/workspace_v1alpha1.json b/prometheusservice.services.k8s.aws/workspace_v1alpha1.json new file mode 100644 index 00000000..92ab3a1d --- /dev/null +++ b/prometheusservice.services.k8s.aws/workspace_v1alpha1.json @@ -0,0 +1,116 @@ +{ + "description": "Workspace is the Schema for the Workspaces API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "WorkspaceSpec defines the desired state of Workspace.", + "properties": { + "alias": { + "description": "An optional user-assigned alias for this workspace. This alias is for user reference and does not need to be unique.", + "type": "string" + }, + "tags": { + "additionalProperties": { + "type": "string" + }, + "description": "Optional, user-provided tags for this workspace.", + "type": "object" + } + }, + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "WorkspaceStatus defines the observed state of Workspace", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "status": { + "description": "The status of the workspace that was just created (usually CREATING).", + "properties": { + "statusCode": { + "description": "State of a workspace.", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "workspaceID": { + "description": "The generated ID of the workspace that was just created.", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/rds.services.k8s.aws/dbcluster_v1alpha1.json b/rds.services.k8s.aws/dbcluster_v1alpha1.json new file mode 100644 index 00000000..fd7bbbe1 --- /dev/null +++ b/rds.services.k8s.aws/dbcluster_v1alpha1.json @@ -0,0 +1,791 @@ +{ + "description": "DBCluster is the Schema for the DBClusters API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "DBClusterSpec defines the desired state of DBCluster. \n Contains the details of an Amazon Aurora DB cluster or Multi-AZ DB cluster. \n For an Amazon Aurora DB cluster, this data type is used as a response element in the operations CreateDBCluster, DeleteDBCluster, DescribeDBClusters, FailoverDBCluster, ModifyDBCluster, PromoteReadReplicaDBCluster, RestoreDBClusterFromS3, RestoreDBClusterFromSnapshot, RestoreDBClusterToPointInTime, StartDBCluster, and StopDBCluster. \n For a Multi-AZ DB cluster, this data type is used as a response element in the operations CreateDBCluster, DeleteDBCluster, DescribeDBClusters, FailoverDBCluster, ModifyDBCluster, RebootDBCluster, RestoreDBClusterFromSnapshot, and RestoreDBClusterToPointInTime. \n For more information on Amazon Aurora DB clusters, see What is Amazon Aurora? (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/CHAP_AuroraOverview.html) in the Amazon Aurora User Guide. \n For more information on Multi-AZ DB clusters, see Multi-AZ deployments with two readable standby DB instances (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/multi-az-db-clusters-concepts.html) in the Amazon RDS User Guide.", + "properties": { + "allocatedStorage": { + "description": "The amount of storage in gibibytes (GiB) to allocate to each DB instance in the Multi-AZ DB cluster. \n This setting is required to create a Multi-AZ DB cluster. \n Valid for: Multi-AZ DB clusters only", + "format": "int64", + "type": "integer" + }, + "autoMinorVersionUpgrade": { + "description": "A value that indicates whether minor engine upgrades are applied automatically to the DB cluster during the maintenance window. By default, minor engine upgrades are applied automatically. \n Valid for: Multi-AZ DB clusters only", + "type": "boolean" + }, + "availabilityZones": { + "description": "A list of Availability Zones (AZs) where DB instances in the DB cluster can be created. \n For information on Amazon Web Services Regions and Availability Zones, see Choosing the Regions and Availability Zones (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Concepts.RegionsAndAvailabilityZones.html) in the Amazon Aurora User Guide. \n Valid for: Aurora DB clusters only", + "items": { + "type": "string" + }, + "type": "array" + }, + "backtrackWindow": { + "description": "The target backtrack window, in seconds. To disable backtracking, set this value to 0. \n Default: 0 \n Constraints: \n - If specified, this value must be set to a number from 0 to 259,200 (72 hours). \n Valid for: Aurora MySQL DB clusters only", + "format": "int64", + "type": "integer" + }, + "backupRetentionPeriod": { + "description": "The number of days for which automated backups are retained. \n Default: 1 \n Constraints: \n - Must be a value from 1 to 35 \n Valid for: Aurora DB clusters and Multi-AZ DB clusters", + "format": "int64", + "type": "integer" + }, + "characterSetName": { + "description": "A value that indicates that the DB cluster should be associated with the specified CharacterSet. \n Valid for: Aurora DB clusters only", + "type": "string" + }, + "copyTagsToSnapshot": { + "description": "A value that indicates whether to copy all tags from the DB cluster to snapshots of the DB cluster. The default is not to copy them. \n Valid for: Aurora DB clusters and Multi-AZ DB clusters", + "type": "boolean" + }, + "databaseName": { + "description": "The name for your database of up to 64 alphanumeric characters. If you do not provide a name, Amazon RDS doesn't create a database in the DB cluster you are creating. \n Valid for: Aurora DB clusters and Multi-AZ DB clusters", + "type": "string" + }, + "dbClusterIdentifier": { + "description": "The DB cluster identifier. This parameter is stored as a lowercase string. \n Constraints: \n - Must contain from 1 to 63 letters, numbers, or hyphens. \n - First character must be a letter. \n - Can't end with a hyphen or contain two consecutive hyphens. \n Example: my-cluster1 \n Valid for: Aurora DB clusters and Multi-AZ DB clusters", + "type": "string" + }, + "dbClusterInstanceClass": { + "description": "The compute and memory capacity of each DB instance in the Multi-AZ DB cluster, for example db.m6gd.xlarge. Not all DB instance classes are available in all Amazon Web Services Regions, or for all database engines. \n For the full list of DB instance classes and availability for your engine, see DB instance class (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html) in the Amazon RDS User Guide. \n This setting is required to create a Multi-AZ DB cluster. \n Valid for: Multi-AZ DB clusters only", + "type": "string" + }, + "dbClusterParameterGroupName": { + "description": "The name of the DB cluster parameter group to associate with this DB cluster. If you do not specify a value, then the default DB cluster parameter group for the specified DB engine and version is used. \n Constraints: \n - If supplied, must match the name of an existing DB cluster parameter group. \n Valid for: Aurora DB clusters and Multi-AZ DB clusters", + "type": "string" + }, + "dbClusterParameterGroupRef": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "dbSubnetGroupName": { + "description": "A DB subnet group to associate with this DB cluster. \n This setting is required to create a Multi-AZ DB cluster. \n Constraints: Must match the name of an existing DBSubnetGroup. Must not be default. \n Example: mydbsubnetgroup \n Valid for: Aurora DB clusters and Multi-AZ DB clusters", + "type": "string" + }, + "dbSubnetGroupRef": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "dbSystemID": { + "description": "Reserved for future use.", + "type": "string" + }, + "deletionProtection": { + "description": "A value that indicates whether the DB cluster has deletion protection enabled. The database can't be deleted when deletion protection is enabled. By default, deletion protection isn't enabled. \n Valid for: Aurora DB clusters and Multi-AZ DB clusters", + "type": "boolean" + }, + "destinationRegion": { + "description": "DestinationRegion is used for presigning the request to a given region.", + "type": "string" + }, + "domain": { + "description": "The Active Directory directory ID to create the DB cluster in. \n For Amazon Aurora DB clusters, Amazon RDS can use Kerberos authentication to authenticate users that connect to the DB cluster. \n For more information, see Kerberos authentication (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/kerberos-authentication.html) in the Amazon Aurora User Guide. \n Valid for: Aurora DB clusters only", + "type": "string" + }, + "domainIAMRoleName": { + "description": "Specify the name of the IAM role to be used when making API calls to the Directory Service. \n Valid for: Aurora DB clusters only", + "type": "string" + }, + "enableCloudwatchLogsExports": { + "description": "The list of log types that need to be enabled for exporting to CloudWatch Logs. The values in the list depend on the DB engine being used. \n # RDS for MySQL \n Possible values are error, general, and slowquery. \n # RDS for PostgreSQL \n Possible values are postgresql and upgrade. \n # Aurora MySQL \n Possible values are audit, error, general, and slowquery. \n # Aurora PostgreSQL \n Possible value is postgresql. \n For more information about exporting CloudWatch Logs for Amazon RDS, see Publishing Database Logs to Amazon CloudWatch Logs (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_LogAccess.html#USER_LogAccess.Procedural.UploadtoCloudWatch) in the Amazon RDS User Guide. \n For more information about exporting CloudWatch Logs for Amazon Aurora, see Publishing Database Logs to Amazon CloudWatch Logs (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_LogAccess.html#USER_LogAccess.Procedural.UploadtoCloudWatch) in the Amazon Aurora User Guide. \n Valid for: Aurora DB clusters and Multi-AZ DB clusters", + "items": { + "type": "string" + }, + "type": "array" + }, + "enableGlobalWriteForwarding": { + "description": "A value that indicates whether to enable this DB cluster to forward write operations to the primary cluster of an Aurora global database (GlobalCluster). By default, write operations are not allowed on Aurora DB clusters that are secondary clusters in an Aurora global database. \n You can set this value only on Aurora DB clusters that are members of an Aurora global database. With this parameter enabled, a secondary cluster can forward writes to the current primary cluster and the resulting changes are replicated back to this cluster. For the primary DB cluster of an Aurora global database, this value is used immediately if the primary is demoted by the FailoverGlobalCluster API operation, but it does nothing until then. \n Valid for: Aurora DB clusters only", + "type": "boolean" + }, + "enableHTTPEndpoint": { + "description": "A value that indicates whether to enable the HTTP endpoint for an Aurora Serverless v1 DB cluster. By default, the HTTP endpoint is disabled. \n When enabled, the HTTP endpoint provides a connectionless web service API for running SQL queries on the Aurora Serverless v1 DB cluster. You can also query your database from inside the RDS console with the query editor. \n For more information, see Using the Data API for Aurora Serverless v1 (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/data-api.html) in the Amazon Aurora User Guide. \n Valid for: Aurora DB clusters only", + "type": "boolean" + }, + "enableIAMDatabaseAuthentication": { + "description": "A value that indicates whether to enable mapping of Amazon Web Services Identity and Access Management (IAM) accounts to database accounts. By default, mapping isn't enabled. \n For more information, see IAM Database Authentication (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.IAMDBAuth.html) in the Amazon Aurora User Guide. \n Valid for: Aurora DB clusters only", + "type": "boolean" + }, + "enablePerformanceInsights": { + "description": "A value that indicates whether to turn on Performance Insights for the DB cluster. \n For more information, see Using Amazon Performance Insights (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PerfInsights.html) in the Amazon RDS User Guide. \n Valid for: Multi-AZ DB clusters only", + "type": "boolean" + }, + "engine": { + "description": "The name of the database engine to be used for this DB cluster. \n Valid Values: \n - aurora-mysql \n - aurora-postgresql \n - mysql \n - postgres \n Valid for: Aurora DB clusters and Multi-AZ DB clusters", + "type": "string" + }, + "engineMode": { + "description": "The DB engine mode of the DB cluster, either provisioned or serverless. \n The serverless engine mode only applies for Aurora Serverless v1 DB clusters. \n Limitations and requirements apply to some DB engine modes. For more information, see the following sections in the Amazon Aurora User Guide: \n - Limitations of Aurora Serverless v1 (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless.html#aurora-serverless.limitations) \n - Requirements for Aurora Serverless v2 (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless-v2.requirements.html) \n - Limitations of parallel query (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-mysql-parallel-query.html#aurora-mysql-parallel-query-limitations) \n - Limitations of Aurora global databases (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-global-database.html#aurora-global-database.limitations) \n Valid for: Aurora DB clusters only", + "type": "string" + }, + "engineVersion": { + "description": "The version number of the database engine to use. \n To list all of the available engine versions for Aurora MySQL version 2 (5.7-compatible) and version 3 (MySQL 8.0-compatible), use the following command: \n aws rds describe-db-engine-versions --engine aurora-mysql --query \"DBEngineVersions[].EngineVersion\" \n You can supply either 5.7 or 8.0 to use the default engine version for Aurora MySQL version 2 or version 3, respectively. \n To list all of the available engine versions for Aurora PostgreSQL, use the following command: \n aws rds describe-db-engine-versions --engine aurora-postgresql --query \"DBEngineVersions[].EngineVersion\" \n To list all of the available engine versions for RDS for MySQL, use the following command: \n aws rds describe-db-engine-versions --engine mysql --query \"DBEngineVersions[].EngineVersion\" \n To list all of the available engine versions for RDS for PostgreSQL, use the following command: \n aws rds describe-db-engine-versions --engine postgres --query \"DBEngineVersions[].EngineVersion\" \n # Aurora MySQL \n For information, see Database engine updates for Amazon Aurora MySQL (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraMySQL.Updates.html) in the Amazon Aurora User Guide. \n # Aurora PostgreSQL \n For information, see Amazon Aurora PostgreSQL releases and engine versions (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraPostgreSQL.Updates.20180305.html) in the Amazon Aurora User Guide. \n # MySQL \n For information, see Amazon RDS for MySQL (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MySQL.html#MySQL.Concepts.VersionMgmt) in the Amazon RDS User Guide. \n # PostgreSQL \n For information, see Amazon RDS for PostgreSQL (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_PostgreSQL.html#PostgreSQL.Concepts) in the Amazon RDS User Guide. \n Valid for: Aurora DB clusters and Multi-AZ DB clusters", + "type": "string" + }, + "globalClusterIdentifier": { + "description": "The global cluster ID of an Aurora cluster that becomes the primary cluster in the new global database cluster. \n Valid for: Aurora DB clusters only", + "type": "string" + }, + "iops": { + "description": "The amount of Provisioned IOPS (input/output operations per second) to be initially allocated for each DB instance in the Multi-AZ DB cluster. \n For information about valid IOPS values, see Provisioned IOPS storage (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Storage.html#USER_PIOPS) in the Amazon RDS User Guide. \n This setting is required to create a Multi-AZ DB cluster. \n Constraints: Must be a multiple between .5 and 50 of the storage amount for the DB cluster. \n Valid for: Multi-AZ DB clusters only", + "format": "int64", + "type": "integer" + }, + "kmsKeyID": { + "description": "The Amazon Web Services KMS key identifier for an encrypted DB cluster. \n The Amazon Web Services KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key. To use a KMS key in a different Amazon Web Services account, specify the key ARN or alias ARN. \n When a KMS key isn't specified in KmsKeyId: \n - If ReplicationSourceIdentifier identifies an encrypted source, then Amazon RDS will use the KMS key used to encrypt the source. Otherwise, Amazon RDS will use your default KMS key. \n - If the StorageEncrypted parameter is enabled and ReplicationSourceIdentifier isn't specified, then Amazon RDS will use your default KMS key. \n There is a default KMS key for your Amazon Web Services account. Your Amazon Web Services account has a different default KMS key for each Amazon Web Services Region. \n If you create a read replica of an encrypted DB cluster in another Amazon Web Services Region, you must set KmsKeyId to a KMS key identifier that is valid in the destination Amazon Web Services Region. This KMS key is used to encrypt the read replica in that Amazon Web Services Region. \n Valid for: Aurora DB clusters and Multi-AZ DB clusters", + "type": "string" + }, + "kmsKeyRef": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "manageMasterUserPassword": { + "description": "A value that indicates whether to manage the master user password with Amazon Web Services Secrets Manager. \n For more information, see Password management with Amazon Web Services Secrets Manager (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) in the Amazon RDS User Guide and Password management with Amazon Web Services Secrets Manager (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/rds-secrets-manager.html) in the Amazon Aurora User Guide. \n Constraints: \n - Can't manage the master user password with Amazon Web Services Secrets Manager if MasterUserPassword is specified. \n Valid for: Aurora DB clusters and Multi-AZ DB clusters", + "type": "boolean" + }, + "masterUserPassword": { + "description": "The password for the master database user. This password can contain any printable ASCII character except \"/\", \"\"\", or \"@\". \n Constraints: \n - Must contain from 8 to 41 characters. \n - Can't be specified if ManageMasterUserPassword is turned on. \n Valid for: Aurora DB clusters and Multi-AZ DB clusters", + "properties": { + "key": { + "description": "Key is the key within the secret", + "type": "string" + }, + "name": { + "description": "name is unique within a namespace to reference a secret resource.", + "type": "string" + }, + "namespace": { + "description": "namespace defines the space within which the secret name must be unique.", + "type": "string" + } + }, + "required": [ + "key" + ], + "type": "object", + "x-kubernetes-map-type": "atomic", + "additionalProperties": false + }, + "masterUserSecretKMSKeyID": { + "description": "The Amazon Web Services KMS key identifier to encrypt a secret that is automatically generated and managed in Amazon Web Services Secrets Manager. \n This setting is valid only if the master user password is managed by RDS in Amazon Web Services Secrets Manager for the DB cluster. \n The Amazon Web Services KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key. To use a KMS key in a different Amazon Web Services account, specify the key ARN or alias ARN. \n If you don't specify MasterUserSecretKmsKeyId, then the aws/secretsmanager KMS key is used to encrypt the secret. If the secret is in a different Amazon Web Services account, then you can't use the aws/secretsmanager KMS key to encrypt the secret, and you must use a customer managed KMS key. \n There is a default KMS key for your Amazon Web Services account. Your Amazon Web Services account has a different default KMS key for each Amazon Web Services Region. \n Valid for: Aurora DB clusters and Multi-AZ DB clusters", + "type": "string" + }, + "masterUserSecretKMSKeyRef": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "masterUsername": { + "description": "The name of the master user for the DB cluster. \n Constraints: \n - Must be 1 to 16 letters or numbers. \n - First character must be a letter. \n - Can't be a reserved word for the chosen database engine. \n Valid for: Aurora DB clusters and Multi-AZ DB clusters", + "type": "string" + }, + "monitoringInterval": { + "description": "The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB cluster. To turn off collecting Enhanced Monitoring metrics, specify 0. The default is 0. \n If MonitoringRoleArn is specified, also set MonitoringInterval to a value other than 0. \n Valid Values: 0, 1, 5, 10, 15, 30, 60 \n Valid for: Multi-AZ DB clusters only", + "format": "int64", + "type": "integer" + }, + "monitoringRoleARN": { + "description": "The Amazon Resource Name (ARN) for the IAM role that permits RDS to send Enhanced Monitoring metrics to Amazon CloudWatch Logs. An example is arn:aws:iam:123456789012:role/emaccess. For information on creating a monitoring role, see Setting up and enabling Enhanced Monitoring (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Monitoring.OS.html#USER_Monitoring.OS.Enabling) in the Amazon RDS User Guide. \n If MonitoringInterval is set to a value other than 0, supply a MonitoringRoleArn value. \n Valid for: Multi-AZ DB clusters only", + "type": "string" + }, + "networkType": { + "description": "The network type of the DB cluster. \n Valid values: \n - IPV4 \n - DUAL \n The network type is determined by the DBSubnetGroup specified for the DB cluster. A DBSubnetGroup can support only the IPv4 protocol or the IPv4 and the IPv6 protocols (DUAL). \n For more information, see Working with a DB instance in a VPC (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_VPC.WorkingWithRDSInstanceinaVPC.html) in the Amazon Aurora User Guide. \n Valid for: Aurora DB clusters only", + "type": "string" + }, + "optionGroupName": { + "description": "A value that indicates that the DB cluster should be associated with the specified option group. \n DB clusters are associated with a default option group that can't be modified.", + "type": "string" + }, + "performanceInsightsKMSKeyID": { + "description": "The Amazon Web Services KMS key identifier for encryption of Performance Insights data. \n The Amazon Web Services KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key. \n If you don't specify a value for PerformanceInsightsKMSKeyId, then Amazon RDS uses your default KMS key. There is a default KMS key for your Amazon Web Services account. Your Amazon Web Services account has a different default KMS key for each Amazon Web Services Region. \n Valid for: Multi-AZ DB clusters only", + "type": "string" + }, + "performanceInsightsRetentionPeriod": { + "description": "The number of days to retain Performance Insights data. The default is 7 days. The following values are valid: \n - 7 \n - month * 31, where month is a number of months from 1-23 \n - 731 \n For example, the following values are valid: \n - 93 (3 months * 31) \n - 341 (11 months * 31) \n - 589 (19 months * 31) \n - 731 \n If you specify a retention period such as 94, which isn't a valid value, RDS issues an error. \n Valid for: Multi-AZ DB clusters only", + "format": "int64", + "type": "integer" + }, + "port": { + "description": "The port number on which the instances in the DB cluster accept connections. \n # RDS for MySQL and Aurora MySQL \n Default: 3306 \n Valid values: 1150-65535 \n # RDS for PostgreSQL and Aurora PostgreSQL \n Default: 5432 \n Valid values: 1150-65535 \n Valid for: Aurora DB clusters and Multi-AZ DB clusters", + "format": "int64", + "type": "integer" + }, + "preSignedURL": { + "description": "When you are replicating a DB cluster from one Amazon Web Services GovCloud (US) Region to another, an URL that contains a Signature Version 4 signed request for the CreateDBCluster operation to be called in the source Amazon Web Services Region where the DB cluster is replicated from. Specify PreSignedUrl only when you are performing cross-Region replication from an encrypted DB cluster. \n The presigned URL must be a valid request for the CreateDBCluster API operation that can run in the source Amazon Web Services Region that contains the encrypted DB cluster to copy. \n The presigned URL request must contain the following parameter values: \n - KmsKeyId - The KMS key identifier for the KMS key to use to encrypt the copy of the DB cluster in the destination Amazon Web Services Region. This should refer to the same KMS key for both the CreateDBCluster operation that is called in the destination Amazon Web Services Region, and the operation contained in the presigned URL. \n - DestinationRegion - The name of the Amazon Web Services Region that Aurora read replica will be created in. \n - ReplicationSourceIdentifier - The DB cluster identifier for the encrypted DB cluster to be copied. This identifier must be in the Amazon Resource Name (ARN) format for the source Amazon Web Services Region. For example, if you are copying an encrypted DB cluster from the us-west-2 Amazon Web Services Region, then your ReplicationSourceIdentifier would look like Example: arn:aws:rds:us-west-2:123456789012:cluster:aurora-cluster1. \n To learn how to generate a Signature Version 4 signed request, see Authenticating Requests: Using Query Parameters (Amazon Web Services Signature Version 4) (https://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-query-string-auth.html) and Signature Version 4 Signing Process (https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html). \n If you are using an Amazon Web Services SDK tool or the CLI, you can specify SourceRegion (or --source-region for the CLI) instead of specifying PreSignedUrl manually. Specifying SourceRegion autogenerates a presigned URL that is a valid request for the operation that can run in the source Amazon Web Services Region. \n Valid for: Aurora DB clusters only", + "type": "string" + }, + "preferredBackupWindow": { + "description": "The daily time range during which automated backups are created if automated backups are enabled using the BackupRetentionPeriod parameter. \n The default is a 30-minute window selected at random from an 8-hour block of time for each Amazon Web Services Region. To view the time blocks available, see Backup window (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.Managing.Backups.html#Aurora.Managing.Backups.BackupWindow) in the Amazon Aurora User Guide. \n Constraints: \n - Must be in the format hh24:mi-hh24:mi. \n - Must be in Universal Coordinated Time (UTC). \n - Must not conflict with the preferred maintenance window. \n - Must be at least 30 minutes. \n Valid for: Aurora DB clusters and Multi-AZ DB clusters", + "type": "string" + }, + "preferredMaintenanceWindow": { + "description": "The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC). \n Format: ddd:hh24:mi-ddd:hh24:mi \n The default is a 30-minute window selected at random from an 8-hour block of time for each Amazon Web Services Region, occurring on a random day of the week. To see the time blocks available, see Adjusting the Preferred DB Cluster Maintenance Window (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_UpgradeDBInstance.Maintenance.html#AdjustingTheMaintenanceWindow.Aurora) in the Amazon Aurora User Guide. \n Valid Days: Mon, Tue, Wed, Thu, Fri, Sat, Sun. \n Constraints: Minimum 30-minute window. \n Valid for: Aurora DB clusters and Multi-AZ DB clusters", + "type": "string" + }, + "publiclyAccessible": { + "description": "A value that indicates whether the DB cluster is publicly accessible. \n When the DB cluster is publicly accessible, its Domain Name System (DNS) endpoint resolves to the private IP address from within the DB cluster's virtual private cloud (VPC). It resolves to the public IP address from outside of the DB cluster's VPC. Access to the DB cluster is ultimately controlled by the security group it uses. That public access isn't permitted if the security group assigned to the DB cluster doesn't permit it. \n When the DB cluster isn't publicly accessible, it is an internal DB cluster with a DNS name that resolves to a private IP address. \n Default: The default behavior varies depending on whether DBSubnetGroupName is specified. \n If DBSubnetGroupName isn't specified, and PubliclyAccessible isn't specified, the following applies: \n - If the default VPC in the target Region doesn\u2019t have an internet gateway attached to it, the DB cluster is private. \n - If the default VPC in the target Region has an internet gateway attached to it, the DB cluster is public. \n If DBSubnetGroupName is specified, and PubliclyAccessible isn't specified, the following applies: \n - If the subnets are part of a VPC that doesn\u2019t have an internet gateway attached to it, the DB cluster is private. \n - If the subnets are part of a VPC that has an internet gateway attached to it, the DB cluster is public. \n Valid for: Multi-AZ DB clusters only", + "type": "boolean" + }, + "replicationSourceIdentifier": { + "description": "The Amazon Resource Name (ARN) of the source DB instance or DB cluster if this DB cluster is created as a read replica. \n Valid for: Aurora DB clusters and Multi-AZ DB clusters", + "type": "string" + }, + "scalingConfiguration": { + "description": "For DB clusters in serverless DB engine mode, the scaling properties of the DB cluster. \n Valid for: Aurora DB clusters only", + "properties": { + "autoPause": { + "type": "boolean" + }, + "maxCapacity": { + "format": "int64", + "type": "integer" + }, + "minCapacity": { + "format": "int64", + "type": "integer" + }, + "secondsBeforeTimeout": { + "format": "int64", + "type": "integer" + }, + "secondsUntilAutoPause": { + "format": "int64", + "type": "integer" + }, + "timeoutAction": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "serverlessV2ScalingConfiguration": { + "description": "Contains the scaling configuration of an Aurora Serverless v2 DB cluster. \n For more information, see Using Amazon Aurora Serverless v2 (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless-v2.html) in the Amazon Aurora User Guide.", + "properties": { + "maxCapacity": { + "type": "number" + }, + "minCapacity": { + "type": "number" + } + }, + "type": "object", + "additionalProperties": false + }, + "snapshotIdentifier": { + "description": "The identifier for the DB snapshot or DB cluster snapshot to restore from. \n You can use either the name or the Amazon Resource Name (ARN) to specify a DB cluster snapshot. However, you can use only the ARN to specify a DB snapshot. \n Constraints: \n - Must match the identifier of an existing Snapshot. \n Valid for: Aurora DB clusters and Multi-AZ DB clusters", + "type": "string" + }, + "sourceRegion": { + "description": "SourceRegion is the source region where the resource exists. This is not sent over the wire and is only used for presigning. This value should always have the same region as the source ARN.", + "type": "string" + }, + "storageEncrypted": { + "description": "A value that indicates whether the DB cluster is encrypted. \n Valid for: Aurora DB clusters and Multi-AZ DB clusters", + "type": "boolean" + }, + "storageType": { + "description": "Specifies the storage type to be associated with the DB cluster. \n This setting is required to create a Multi-AZ DB cluster. \n Valid values: io1 \n When specified, a value for the Iops parameter is required. \n Default: io1 \n Valid for: Multi-AZ DB clusters only", + "type": "string" + }, + "tags": { + "description": "Tags to assign to the DB cluster. \n Valid for: Aurora DB clusters and Multi-AZ DB clusters", + "items": { + "description": "Metadata assigned to an Amazon RDS resource consisting of a key-value pair. \n For more information, see Tagging Amazon RDS Resources (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html) in the Amazon RDS User Guide.", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "vpcSecurityGroupIDs": { + "description": "A list of EC2 VPC security groups to associate with this DB cluster. \n Valid for: Aurora DB clusters and Multi-AZ DB clusters", + "items": { + "type": "string" + }, + "type": "array" + }, + "vpcSecurityGroupRefs": { + "items": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "required": [ + "dbClusterIdentifier", + "engine" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "DBClusterStatus defines the observed state of DBCluster", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "activityStreamKMSKeyID": { + "description": "The Amazon Web Services KMS key identifier used for encrypting messages in the database activity stream. \n The Amazon Web Services KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key.", + "type": "string" + }, + "activityStreamKinesisStreamName": { + "description": "The name of the Amazon Kinesis data stream used for the database activity stream.", + "type": "string" + }, + "activityStreamMode": { + "description": "The mode of the database activity stream. Database events such as a change or access generate an activity stream event. The database session can handle these events either synchronously or asynchronously.", + "type": "string" + }, + "activityStreamStatus": { + "description": "The status of the database activity stream.", + "type": "string" + }, + "associatedRoles": { + "description": "Provides a list of the Amazon Web Services Identity and Access Management (IAM) roles that are associated with the DB cluster. IAM roles that are associated with a DB cluster grant permission for the DB cluster to access other Amazon Web Services on your behalf.", + "items": { + "description": "Describes an Amazon Web Services Identity and Access Management (IAM) role that is associated with a DB cluster.", + "properties": { + "featureName": { + "type": "string" + }, + "roleARN": { + "type": "string" + }, + "status": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "automaticRestartTime": { + "description": "The time when a stopped DB cluster is restarted automatically.", + "format": "date-time", + "type": "string" + }, + "backtrackConsumedChangeRecords": { + "description": "The number of change records stored for Backtrack.", + "format": "int64", + "type": "integer" + }, + "capacity": { + "description": "The current capacity of an Aurora Serverless v1 DB cluster. The capacity is 0 (zero) when the cluster is paused. \n For more information about Aurora Serverless v1, see Using Amazon Aurora Serverless v1 (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless.html) in the Amazon Aurora User Guide.", + "format": "int64", + "type": "integer" + }, + "cloneGroupID": { + "description": "Identifies the clone group to which the DB cluster is associated.", + "type": "string" + }, + "clusterCreateTime": { + "description": "Specifies the time when the DB cluster was created, in Universal Coordinated Time (UTC).", + "format": "date-time", + "type": "string" + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "crossAccountClone": { + "description": "Specifies whether the DB cluster is a clone of a DB cluster owned by a different Amazon Web Services account.", + "type": "boolean" + }, + "customEndpoints": { + "description": "Identifies all custom endpoints associated with the cluster.", + "items": { + "type": "string" + }, + "type": "array" + }, + "dbClusterMembers": { + "description": "Provides the list of instances that make up the DB cluster.", + "items": { + "description": "Contains information about an instance that is part of a DB cluster.", + "properties": { + "dbClusterParameterGroupStatus": { + "type": "string" + }, + "dbInstanceIdentifier": { + "type": "string" + }, + "isClusterWriter": { + "type": "boolean" + }, + "promotionTier": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "dbClusterOptionGroupMemberships": { + "description": "Provides the list of option group memberships for this DB cluster.", + "items": { + "description": "Contains status information for a DB cluster option group.", + "properties": { + "dbClusterOptionGroupName": { + "type": "string" + }, + "status": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "dbClusterParameterGroup": { + "description": "Specifies the name of the DB cluster parameter group for the DB cluster.", + "type": "string" + }, + "dbClusterResourceID": { + "description": "The Amazon Web Services Region-unique, immutable identifier for the DB cluster. This identifier is found in Amazon Web Services CloudTrail log entries whenever the KMS key for the DB cluster is accessed.", + "type": "string" + }, + "dbSubnetGroup": { + "description": "Specifies information on the subnet group associated with the DB cluster, including the name, description, and subnets in the subnet group.", + "type": "string" + }, + "domainMemberships": { + "description": "The Active Directory Domain membership records associated with the DB cluster.", + "items": { + "description": "An Active Directory Domain membership record associated with the DB instance or cluster.", + "properties": { + "domain": { + "type": "string" + }, + "fQDN": { + "type": "string" + }, + "iamRoleName": { + "type": "string" + }, + "status": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "earliestBacktrackTime": { + "description": "The earliest time to which a DB cluster can be backtracked.", + "format": "date-time", + "type": "string" + }, + "earliestRestorableTime": { + "description": "The earliest time to which a database can be restored with point-in-time restore.", + "format": "date-time", + "type": "string" + }, + "enabledCloudwatchLogsExports": { + "description": "A list of log types that this DB cluster is configured to export to CloudWatch Logs. \n Log types vary by DB engine. For information about the log types for each DB engine, see Amazon RDS Database Log Files (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_LogAccess.html) in the Amazon Aurora User Guide.", + "items": { + "type": "string" + }, + "type": "array" + }, + "endpoint": { + "description": "Specifies the connection endpoint for the primary instance of the DB cluster.", + "type": "string" + }, + "globalWriteForwardingRequested": { + "description": "Specifies whether you have requested to enable write forwarding for a secondary cluster in an Aurora global database. Because write forwarding takes time to enable, check the value of GlobalWriteForwardingStatus to confirm that the request has completed before using the write forwarding feature for this cluster.", + "type": "boolean" + }, + "globalWriteForwardingStatus": { + "description": "Specifies whether a secondary cluster in an Aurora global database has write forwarding enabled, not enabled, or is in the process of enabling it.", + "type": "string" + }, + "hostedZoneID": { + "description": "Specifies the ID that Amazon Route 53 assigns when you create a hosted zone.", + "type": "string" + }, + "httpEndpointEnabled": { + "description": "A value that indicates whether the HTTP endpoint for an Aurora Serverless v1 DB cluster is enabled. \n When enabled, the HTTP endpoint provides a connectionless web service API for running SQL queries on the Aurora Serverless v1 DB cluster. You can also query your database from inside the RDS console with the query editor. \n For more information, see Using the Data API for Aurora Serverless v1 (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/data-api.html) in the Amazon Aurora User Guide.", + "type": "boolean" + }, + "iamDatabaseAuthenticationEnabled": { + "description": "A value that indicates whether the mapping of Amazon Web Services Identity and Access Management (IAM) accounts to database accounts is enabled.", + "type": "boolean" + }, + "latestRestorableTime": { + "description": "Specifies the latest time to which a database can be restored with point-in-time restore.", + "format": "date-time", + "type": "string" + }, + "masterUserSecret": { + "description": "Contains the secret managed by RDS in Amazon Web Services Secrets Manager for the master user password. \n For more information, see Password management with Amazon Web Services Secrets Manager (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) in the Amazon RDS User Guide and Password management with Amazon Web Services Secrets Manager (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/rds-secrets-manager.html) in the Amazon Aurora User Guide.", + "properties": { + "kmsKeyID": { + "type": "string" + }, + "secretARN": { + "type": "string" + }, + "secretStatus": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "multiAZ": { + "description": "Specifies whether the DB cluster has instances in multiple Availability Zones.", + "type": "boolean" + }, + "pendingModifiedValues": { + "description": "A value that specifies that changes to the DB cluster are pending. This element is only included when changes are pending. Specific changes are identified by subelements.", + "properties": { + "allocatedStorage": { + "format": "int64", + "type": "integer" + }, + "backupRetentionPeriod": { + "format": "int64", + "type": "integer" + }, + "dbClusterIdentifier": { + "type": "string" + }, + "engineVersion": { + "type": "string" + }, + "iamDatabaseAuthenticationEnabled": { + "type": "boolean" + }, + "iops": { + "format": "int64", + "type": "integer" + }, + "masterUserPassword": { + "type": "string" + }, + "pendingCloudwatchLogsExports": { + "description": "A list of the log types whose configuration is still pending. In other words, these log types are in the process of being activated or deactivated.", + "properties": { + "logTypesToDisable": { + "items": { + "type": "string" + }, + "type": "array" + }, + "logTypesToEnable": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "percentProgress": { + "description": "Specifies the progress of the operation as a percentage.", + "type": "string" + }, + "performanceInsightsEnabled": { + "description": "True if Performance Insights is enabled for the DB cluster, and otherwise false. \n This setting is only for non-Aurora Multi-AZ DB clusters.", + "type": "boolean" + }, + "readReplicaIdentifiers": { + "description": "Contains one or more identifiers of the read replicas associated with this DB cluster.", + "items": { + "type": "string" + }, + "type": "array" + }, + "readerEndpoint": { + "description": "The reader endpoint for the DB cluster. The reader endpoint for a DB cluster load-balances connections across the Aurora Replicas that are available in a DB cluster. As clients request new connections to the reader endpoint, Aurora distributes the connection requests among the Aurora Replicas in the DB cluster. This functionality can help balance your read workload across multiple Aurora Replicas in your DB cluster. \n If a failover occurs, and the Aurora Replica that you are connected to is promoted to be the primary instance, your connection is dropped. To continue sending your read workload to other Aurora Replicas in the cluster, you can then reconnect to the reader endpoint.", + "type": "string" + }, + "status": { + "description": "Specifies the current state of this DB cluster.", + "type": "string" + }, + "tagList": { + "items": { + "description": "Metadata assigned to an Amazon RDS resource consisting of a key-value pair. \n For more information, see Tagging Amazon RDS Resources (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html) in the Amazon RDS User Guide.", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "vpcSecurityGroups": { + "description": "Provides a list of VPC security groups that the DB cluster belongs to.", + "items": { + "description": "This data type is used as a response element for queries on VPC security group membership.", + "properties": { + "status": { + "type": "string" + }, + "vpcSecurityGroupID": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/rds.services.k8s.aws/dbclusterparametergroup_v1alpha1.json b/rds.services.k8s.aws/dbclusterparametergroup_v1alpha1.json new file mode 100644 index 00000000..b83b39a0 --- /dev/null +++ b/rds.services.k8s.aws/dbclusterparametergroup_v1alpha1.json @@ -0,0 +1,225 @@ +{ + "description": "DBClusterParameterGroup is the Schema for the DBClusterParameterGroups API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "DBClusterParameterGroupSpec defines the desired state of DBClusterParameterGroup. \n Contains the details of an Amazon RDS DB cluster parameter group. \n This data type is used as a response element in the DescribeDBClusterParameterGroups action.", + "properties": { + "description": { + "description": "The description for the DB cluster parameter group.", + "type": "string" + }, + "family": { + "description": "The DB cluster parameter group family name. A DB cluster parameter group can be associated with one and only one DB cluster parameter group family, and can be applied only to a DB cluster running a database engine and engine version compatible with that DB cluster parameter group family. \n # Aurora MySQL \n Example: aurora5.6, aurora-mysql5.7, aurora-mysql8.0 \n # Aurora PostgreSQL \n Example: aurora-postgresql9.6 \n # RDS for MySQL \n Example: mysql8.0 \n # RDS for PostgreSQL \n Example: postgres12 \n To list all of the available parameter group families for a DB engine, use the following command: \n aws rds describe-db-engine-versions --query \"DBEngineVersions[].DBParameterGroupFamily\" --engine \n For example, to list all of the available parameter group families for the Aurora PostgreSQL DB engine, use the following command: \n aws rds describe-db-engine-versions --query \"DBEngineVersions[].DBParameterGroupFamily\" --engine aurora-postgresql \n The output contains duplicates. \n The following are the valid DB engine values: \n - aurora (for MySQL 5.6-compatible Aurora) \n - aurora-mysql (for MySQL 5.7-compatible and MySQL 8.0-compatible Aurora) \n - aurora-postgresql \n - mysql \n - postgres", + "type": "string" + }, + "name": { + "description": "The name of the DB cluster parameter group. \n Constraints: \n - Must not match the name of an existing DB cluster parameter group. \n This value is stored as a lowercase string.", + "type": "string" + }, + "parameterOverrides": { + "additionalProperties": { + "type": "string" + }, + "description": "These are ONLY user-defined parameter overrides for the DB cluster parameter group. This does not contain default or system parameters.", + "type": "object" + }, + "parameters": { + "description": "A list of parameters in the DB cluster parameter group to modify. \n Valid Values (for the application method): immediate | pending-reboot \n You can use the immediate value with dynamic parameters only. You can use the pending-reboot value for both dynamic and static parameters. \n When the application method is immediate, changes to dynamic parameters are applied immediately to the DB clusters associated with the parameter group. When the application method is pending-reboot, changes to dynamic and static parameters are applied after a reboot without failover to the DB clusters associated with the parameter group. \n DEPRECATED - do not use. Prefer ParameterOverrides instead.", + "items": { + "description": "This data type is used as a request parameter in the ModifyDBParameterGroup and ResetDBParameterGroup actions. \n This data type is used as a response element in the DescribeEngineDefaultParameters and DescribeDBParameters actions.", + "properties": { + "allowedValues": { + "type": "string" + }, + "applyMethod": { + "type": "string" + }, + "applyType": { + "type": "string" + }, + "dataType": { + "type": "string" + }, + "description": { + "type": "string" + }, + "isModifiable": { + "type": "boolean" + }, + "minimumEngineVersion": { + "type": "string" + }, + "parameterName": { + "type": "string" + }, + "parameterValue": { + "type": "string" + }, + "source": { + "type": "string" + }, + "supportedEngineModes": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "tags": { + "description": "Tags to assign to the DB cluster parameter group.", + "items": { + "description": "Metadata assigned to an Amazon RDS resource consisting of a key-value pair. \n For more information, see Tagging Amazon RDS Resources (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html) in the Amazon RDS User Guide.", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "required": [ + "description", + "family", + "name" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "DBClusterParameterGroupStatus defines the observed state of DBClusterParameterGroup", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "parameterOverrideStatuses": { + "description": "Provides a list of parameters for the DB cluster parameter group.", + "items": { + "description": "This data type is used as a request parameter in the ModifyDBParameterGroup and ResetDBParameterGroup actions. \n This data type is used as a response element in the DescribeEngineDefaultParameters and DescribeDBParameters actions.", + "properties": { + "allowedValues": { + "type": "string" + }, + "applyMethod": { + "type": "string" + }, + "applyType": { + "type": "string" + }, + "dataType": { + "type": "string" + }, + "description": { + "type": "string" + }, + "isModifiable": { + "type": "boolean" + }, + "minimumEngineVersion": { + "type": "string" + }, + "parameterName": { + "type": "string" + }, + "parameterValue": { + "type": "string" + }, + "source": { + "type": "string" + }, + "supportedEngineModes": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/rds.services.k8s.aws/dbinstance_v1alpha1.json b/rds.services.k8s.aws/dbinstance_v1alpha1.json new file mode 100644 index 00000000..e900a776 --- /dev/null +++ b/rds.services.k8s.aws/dbinstance_v1alpha1.json @@ -0,0 +1,963 @@ +{ + "description": "DBInstance is the Schema for the DBInstances API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "DBInstanceSpec defines the desired state of DBInstance. \n Contains the details of an Amazon RDS DB instance. \n This data type is used as a response element in the operations CreateDBInstance, CreateDBInstanceReadReplica, DeleteDBInstance, DescribeDBInstances, ModifyDBInstance, PromoteReadReplica, RebootDBInstance, RestoreDBInstanceFromDBSnapshot, RestoreDBInstanceFromS3, RestoreDBInstanceToPointInTime, StartDBInstance, and StopDBInstance.", + "properties": { + "allocatedStorage": { + "description": "The amount of storage in gibibytes (GiB) to allocate for the DB instance. \n Type: Integer \n # Amazon Aurora \n Not applicable. Aurora cluster volumes automatically grow as the amount of data in your database increases, though you are only charged for the space that you use in an Aurora cluster volume. \n # Amazon RDS Custom \n Constraints to the amount of storage for each storage type are the following: \n - General Purpose (SSD) storage (gp2, gp3): Must be an integer from 40 to 65536 for RDS Custom for Oracle, 16384 for RDS Custom for SQL Server. \n - Provisioned IOPS storage (io1): Must be an integer from 40 to 65536 for RDS Custom for Oracle, 16384 for RDS Custom for SQL Server. \n # MySQL \n Constraints to the amount of storage for each storage type are the following: \n - General Purpose (SSD) storage (gp2, gp3): Must be an integer from 20 to 65536. \n - Provisioned IOPS storage (io1): Must be an integer from 100 to 65536. \n - Magnetic storage (standard): Must be an integer from 5 to 3072. \n # MariaDB \n Constraints to the amount of storage for each storage type are the following: \n - General Purpose (SSD) storage (gp2, gp3): Must be an integer from 20 to 65536. \n - Provisioned IOPS storage (io1): Must be an integer from 100 to 65536. \n - Magnetic storage (standard): Must be an integer from 5 to 3072. \n # PostgreSQL \n Constraints to the amount of storage for each storage type are the following: \n - General Purpose (SSD) storage (gp2, gp3): Must be an integer from 20 to 65536. \n - Provisioned IOPS storage (io1): Must be an integer from 100 to 65536. \n - Magnetic storage (standard): Must be an integer from 5 to 3072. \n # Oracle \n Constraints to the amount of storage for each storage type are the following: \n - General Purpose (SSD) storage (gp2, gp3): Must be an integer from 20 to 65536. \n - Provisioned IOPS storage (io1): Must be an integer from 100 to 65536. \n - Magnetic storage (standard): Must be an integer from 10 to 3072. \n # SQL Server \n Constraints to the amount of storage for each storage type are the following: \n - General Purpose (SSD) storage (gp2, gp3): Enterprise and Standard editions: Must be an integer from 20 to 16384. Web and Express editions: Must be an integer from 20 to 16384. \n - Provisioned IOPS storage (io1): Enterprise and Standard editions: Must be an integer from 100 to 16384. Web and Express editions: Must be an integer from 100 to 16384. \n - Magnetic storage (standard): Enterprise and Standard editions: Must be an integer from 20 to 1024. Web and Express editions: Must be an integer from 20 to 1024.", + "format": "int64", + "type": "integer" + }, + "autoMinorVersionUpgrade": { + "description": "A value that indicates whether minor engine upgrades are applied automatically to the DB instance during the maintenance window. By default, minor engine upgrades are applied automatically. \n If you create an RDS Custom DB instance, you must set AutoMinorVersionUpgrade to false.", + "type": "boolean" + }, + "availabilityZone": { + "description": "The Availability Zone (AZ) where the database will be created. For information on Amazon Web Services Regions and Availability Zones, see Regions and Availability Zones (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.RegionsAndAvailabilityZones.html). \n # Amazon Aurora \n Each Aurora DB cluster hosts copies of its storage in three separate Availability Zones. Specify one of these Availability Zones. Aurora automatically chooses an appropriate Availability Zone if you don't specify one. \n Default: A random, system-chosen Availability Zone in the endpoint's Amazon Web Services Region. \n Example: us-east-1d \n Constraint: The AvailabilityZone parameter can't be specified if the DB instance is a Multi-AZ deployment. The specified Availability Zone must be in the same Amazon Web Services Region as the current endpoint.", + "type": "string" + }, + "backupRetentionPeriod": { + "description": "The number of days for which automated backups are retained. Setting this parameter to a positive number enables backups. Setting this parameter to 0 disables automated backups. \n # Amazon Aurora \n Not applicable. The retention period for automated backups is managed by the DB cluster. \n Default: 1 \n Constraints: \n - Must be a value from 0 to 35 \n - Can't be set to 0 if the DB instance is a source to read replicas \n - Can't be set to 0 for an RDS Custom for Oracle DB instance", + "format": "int64", + "type": "integer" + }, + "backupTarget": { + "description": "Specifies where automated backups and manual snapshots are stored. \n Possible values are outposts (Amazon Web Services Outposts) and region (Amazon Web Services Region). The default is region. \n For more information, see Working with Amazon RDS on Amazon Web Services Outposts (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-on-outposts.html) in the Amazon RDS User Guide.", + "type": "string" + }, + "caCertificateIdentifier": { + "description": "Specifies the CA certificate identifier to use for the DB instance\u2019s server certificate. \n This setting doesn't apply to RDS Custom. \n For more information, see Using SSL/TLS to encrypt a connection to a DB instance (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL.html) in the Amazon RDS User Guide and Using SSL/TLS to encrypt a connection to a DB cluster (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.SSL.html) in the Amazon Aurora User Guide.", + "type": "string" + }, + "characterSetName": { + "description": "For supported engines, this value indicates that the DB instance should be associated with the specified CharacterSet. \n This setting doesn't apply to RDS Custom. However, if you need to change the character set, you can change it on the database itself. \n # Amazon Aurora \n Not applicable. The character set is managed by the DB cluster. For more information, see CreateDBCluster.", + "type": "string" + }, + "copyTagsToSnapshot": { + "description": "A value that indicates whether to copy tags from the DB instance to snapshots of the DB instance. By default, tags are not copied. \n # Amazon Aurora \n Not applicable. Copying tags to snapshots is managed by the DB cluster. Setting this value for an Aurora DB instance has no effect on the DB cluster setting.", + "type": "boolean" + }, + "customIAMInstanceProfile": { + "description": "The instance profile associated with the underlying Amazon EC2 instance of an RDS Custom DB instance. The instance profile must meet the following requirements: \n - The profile must exist in your account. \n - The profile must have an IAM role that Amazon EC2 has permissions to assume. \n - The instance profile name and the associated IAM role name must start with the prefix AWSRDSCustom. \n For the list of permissions required for the IAM role, see Configure IAM and your VPC (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/custom-setup-orcl.html#custom-setup-orcl.iam-vpc) in the Amazon RDS User Guide. \n This setting is required for RDS Custom.", + "type": "string" + }, + "dbClusterIdentifier": { + "description": "The identifier of the DB cluster that the instance will belong to. \n This setting doesn't apply to RDS Custom.", + "type": "string" + }, + "dbClusterSnapshotIdentifier": { + "description": "The identifier for the RDS for MySQL Multi-AZ DB cluster snapshot to restore from. \n For more information on Multi-AZ DB clusters, see Multi-AZ DB cluster deployments (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/multi-az-db-clusters-concepts.html) in the Amazon RDS User Guide. \n Constraints: \n - Must match the identifier of an existing Multi-AZ DB cluster snapshot. \n - Can't be specified when DBSnapshotIdentifier is specified. \n - Must be specified when DBSnapshotIdentifier isn't specified. \n - If you are restoring from a shared manual Multi-AZ DB cluster snapshot, the DBClusterSnapshotIdentifier must be the ARN of the shared snapshot. \n - Can't be the identifier of an Aurora DB cluster snapshot. \n - Can't be the identifier of an RDS for PostgreSQL Multi-AZ DB cluster snapshot.", + "type": "string" + }, + "dbInstanceClass": { + "description": "The compute and memory capacity of the DB instance, for example db.m5.large. Not all DB instance classes are available in all Amazon Web Services Regions, or for all database engines. For the full list of DB instance classes, and availability for your engine, see DB instance classes (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html) in the Amazon RDS User Guide or Aurora DB instance classes (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Concepts.DBInstanceClass.html) in the Amazon Aurora User Guide.", + "type": "string" + }, + "dbInstanceIdentifier": { + "description": "The DB instance identifier. This parameter is stored as a lowercase string. \n Constraints: \n - Must contain from 1 to 63 letters, numbers, or hyphens. \n - First character must be a letter. \n - Can't end with a hyphen or contain two consecutive hyphens. \n Example: mydbinstance", + "type": "string" + }, + "dbName": { + "description": "The meaning of this parameter differs according to the database engine you use. \n # MySQL \n The name of the database to create when the DB instance is created. If this parameter isn't specified, no database is created in the DB instance. \n Constraints: \n - Must contain 1 to 64 letters or numbers. \n - Must begin with a letter. Subsequent characters can be letters, underscores, or digits (0-9). \n - Can't be a word reserved by the specified database engine \n # MariaDB \n The name of the database to create when the DB instance is created. If this parameter isn't specified, no database is created in the DB instance. \n Constraints: \n - Must contain 1 to 64 letters or numbers. \n - Must begin with a letter. Subsequent characters can be letters, underscores, or digits (0-9). \n - Can't be a word reserved by the specified database engine \n # PostgreSQL \n The name of the database to create when the DB instance is created. If this parameter isn't specified, a database named postgres is created in the DB instance. \n Constraints: \n - Must contain 1 to 63 letters, numbers, or underscores. \n - Must begin with a letter. Subsequent characters can be letters, underscores, or digits (0-9). \n - Can't be a word reserved by the specified database engine \n # Oracle \n The Oracle System ID (SID) of the created DB instance. If you specify null, the default value ORCL is used. You can't specify the string NULL, or any other reserved word, for DBName. \n Default: ORCL \n Constraints: \n - Can't be longer than 8 characters \n # Amazon RDS Custom for Oracle \n The Oracle System ID (SID) of the created RDS Custom DB instance. If you don't specify a value, the default value is ORCL. \n Default: ORCL \n Constraints: \n - It must contain 1 to 8 alphanumeric characters. \n - It must contain a letter. \n - It can't be a word reserved by the database engine. \n # Amazon RDS Custom for SQL Server \n Not applicable. Must be null. \n # SQL Server \n Not applicable. Must be null. \n # Amazon Aurora MySQL \n The name of the database to create when the primary DB instance of the Aurora MySQL DB cluster is created. If this parameter isn't specified for an Aurora MySQL DB cluster, no database is created in the DB cluster. \n Constraints: \n - It must contain 1 to 64 alphanumeric characters. \n - It can't be a word reserved by the database engine. \n # Amazon Aurora PostgreSQL \n The name of the database to create when the primary DB instance of the Aurora PostgreSQL DB cluster is created. If this parameter isn't specified for an Aurora PostgreSQL DB cluster, a database named postgres is created in the DB cluster. \n Constraints: \n - It must contain 1 to 63 alphanumeric characters. \n - It must begin with a letter. Subsequent characters can be letters, underscores, or digits (0 to 9). \n - It can't be a word reserved by the database engine.", + "type": "string" + }, + "dbParameterGroupName": { + "description": "The name of the DB parameter group to associate with this DB instance. If you do not specify a value, then the default DB parameter group for the specified DB engine and version is used. \n This setting doesn't apply to RDS Custom. \n Constraints: \n - It must be 1 to 255 letters, numbers, or hyphens. \n - The first character must be a letter. \n - It can't end with a hyphen or contain two consecutive hyphens.", + "type": "string" + }, + "dbParameterGroupRef": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "dbSnapshotIdentifier": { + "description": "The identifier for the DB snapshot to restore from. \n Constraints: \n - Must match the identifier of an existing DBSnapshot. \n - Can't be specified when DBClusterSnapshotIdentifier is specified. \n - Must be specified when DBClusterSnapshotIdentifier isn't specified. \n - If you are restoring from a shared manual DB snapshot, the DBSnapshotIdentifier must be the ARN of the shared DB snapshot.", + "type": "string" + }, + "dbSubnetGroupName": { + "description": "A DB subnet group to associate with this DB instance. \n Constraints: Must match the name of an existing DBSubnetGroup. Must not be default. \n Example: mydbsubnetgroup", + "type": "string" + }, + "dbSubnetGroupRef": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "deletionProtection": { + "description": "A value that indicates whether the DB instance has deletion protection enabled. The database can't be deleted when deletion protection is enabled. By default, deletion protection isn't enabled. For more information, see Deleting a DB Instance (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_DeleteInstance.html). \n # Amazon Aurora \n Not applicable. You can enable or disable deletion protection for the DB cluster. For more information, see CreateDBCluster. DB instances in a DB cluster can be deleted even when deletion protection is enabled for the DB cluster.", + "type": "boolean" + }, + "destinationRegion": { + "description": "DestinationRegion is used for presigning the request to a given region.", + "type": "string" + }, + "domain": { + "description": "The Active Directory directory ID to create the DB instance in. Currently, only MySQL, Microsoft SQL Server, Oracle, and PostgreSQL DB instances can be created in an Active Directory Domain. \n For more information, see Kerberos Authentication (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/kerberos-authentication.html) in the Amazon RDS User Guide. \n This setting doesn't apply to RDS Custom. \n # Amazon Aurora \n Not applicable. The domain is managed by the DB cluster.", + "type": "string" + }, + "domainIAMRoleName": { + "description": "Specify the name of the IAM role to be used when making API calls to the Directory Service. \n This setting doesn't apply to RDS Custom. \n # Amazon Aurora \n Not applicable. The domain is managed by the DB cluster.", + "type": "string" + }, + "enableCloudwatchLogsExports": { + "description": "The list of log types that need to be enabled for exporting to CloudWatch Logs. The values in the list depend on the DB engine. For more information, see Publishing Database Logs to Amazon CloudWatch Logs (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_LogAccess.html#USER_LogAccess.Procedural.UploadtoCloudWatch) in the Amazon RDS User Guide. \n # Amazon Aurora \n Not applicable. CloudWatch Logs exports are managed by the DB cluster. \n # RDS Custom \n Not applicable. \n # MariaDB \n Possible values are audit, error, general, and slowquery. \n # Microsoft SQL Server \n Possible values are agent and error. \n # MySQL \n Possible values are audit, error, general, and slowquery. \n # Oracle \n Possible values are alert, audit, listener, trace, and oemagent. \n # PostgreSQL \n Possible values are postgresql and upgrade.", + "items": { + "type": "string" + }, + "type": "array" + }, + "enableCustomerOwnedIP": { + "description": "A value that indicates whether to enable a customer-owned IP address (CoIP) for an RDS on Outposts DB instance. \n A CoIP provides local or external connectivity to resources in your Outpost subnets through your on-premises network. For some use cases, a CoIP can provide lower latency for connections to the DB instance from outside of its virtual private cloud (VPC) on your local network. \n For more information about RDS on Outposts, see Working with Amazon RDS on Amazon Web Services Outposts (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-on-outposts.html) in the Amazon RDS User Guide. \n For more information about CoIPs, see Customer-owned IP addresses (https://docs.aws.amazon.com/outposts/latest/userguide/routing.html#ip-addressing) in the Amazon Web Services Outposts User Guide.", + "type": "boolean" + }, + "enableIAMDatabaseAuthentication": { + "description": "A value that indicates whether to enable mapping of Amazon Web Services Identity and Access Management (IAM) accounts to database accounts. By default, mapping isn't enabled. \n For more information, see IAM Database Authentication for MySQL and PostgreSQL (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.IAMDBAuth.html) in the Amazon RDS User Guide. \n This setting doesn't apply to RDS Custom. \n # Amazon Aurora \n Not applicable. Mapping Amazon Web Services IAM accounts to database accounts is managed by the DB cluster.", + "type": "boolean" + }, + "engine": { + "description": "The name of the database engine to be used for this instance. \n Not every database engine is available for every Amazon Web Services Region. \n Valid Values: \n - aurora (for MySQL 5.6-compatible Aurora) \n - aurora-mysql (for MySQL 5.7-compatible and MySQL 8.0-compatible Aurora) \n - aurora-postgresql \n - custom-oracle-ee (for RDS Custom for Oracle instances) \n - custom-sqlserver-ee (for RDS Custom for SQL Server instances) \n - custom-sqlserver-se (for RDS Custom for SQL Server instances) \n - custom-sqlserver-web (for RDS Custom for SQL Server instances) \n - mariadb \n - mysql \n - oracle-ee \n - oracle-ee-cdb \n - oracle-se2 \n - oracle-se2-cdb \n - postgres \n - sqlserver-ee \n - sqlserver-se \n - sqlserver-ex \n - sqlserver-web", + "type": "string" + }, + "engineVersion": { + "description": "The version number of the database engine to use. \n For a list of valid engine versions, use the DescribeDBEngineVersions operation. \n The following are the database engines and links to information about the major and minor versions that are available with Amazon RDS. Not every database engine is available for every Amazon Web Services Region. \n # Amazon Aurora \n Not applicable. The version number of the database engine to be used by the DB instance is managed by the DB cluster. \n # Amazon RDS Custom for Oracle \n A custom engine version (CEV) that you have previously created. This setting is required for RDS Custom for Oracle. The CEV name has the following format: 19.customized_string. A valid CEV name is 19.my_cev1. For more information, see Creating an RDS Custom for Oracle DB instance (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/custom-creating.html#custom-creating.create) in the Amazon RDS User Guide. \n # Amazon RDS Custom for SQL Server \n See RDS Custom for SQL Server general requirements (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/custom-reqs-limits-MS.html) in the Amazon RDS User Guide. \n # MariaDB \n For information, see MariaDB on Amazon RDS Versions (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MariaDB.html#MariaDB.Concepts.VersionMgmt) in the Amazon RDS User Guide. \n # Microsoft SQL Server \n For information, see Microsoft SQL Server Versions on Amazon RDS (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_SQLServer.html#SQLServer.Concepts.General.VersionSupport) in the Amazon RDS User Guide. \n # MySQL \n For information, see MySQL on Amazon RDS Versions (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MySQL.html#MySQL.Concepts.VersionMgmt) in the Amazon RDS User Guide. \n # Oracle \n For information, see Oracle Database Engine Release Notes (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Appendix.Oracle.PatchComposition.html) in the Amazon RDS User Guide. \n # PostgreSQL \n For information, see Amazon RDS for PostgreSQL versions and extensions (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_PostgreSQL.html#PostgreSQL.Concepts) in the Amazon RDS User Guide.", + "type": "string" + }, + "iops": { + "description": "The amount of Provisioned IOPS (input/output operations per second) to be initially allocated for the DB instance. For information about valid IOPS values, see Amazon RDS DB instance storage (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Storage.html) in the Amazon RDS User Guide. \n Constraints: For MariaDB, MySQL, Oracle, and PostgreSQL DB instances, must be a multiple between .5 and 50 of the storage amount for the DB instance. For SQL Server DB instances, must be a multiple between 1 and 50 of the storage amount for the DB instance. \n # Amazon Aurora \n Not applicable. Storage is managed by the DB cluster.", + "format": "int64", + "type": "integer" + }, + "kmsKeyID": { + "description": "The Amazon Web Services KMS key identifier for an encrypted DB instance. \n The Amazon Web Services KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key. To use a KMS key in a different Amazon Web Services account, specify the key ARN or alias ARN. \n # Amazon Aurora \n Not applicable. The Amazon Web Services KMS key identifier is managed by the DB cluster. For more information, see CreateDBCluster. \n If StorageEncrypted is enabled, and you do not specify a value for the KmsKeyId parameter, then Amazon RDS uses your default KMS key. There is a default KMS key for your Amazon Web Services account. Your Amazon Web Services account has a different default KMS key for each Amazon Web Services Region. \n # Amazon RDS Custom \n A KMS key is required for RDS Custom instances. For most RDS engines, if you leave this parameter empty while enabling StorageEncrypted, the engine uses the default KMS key. However, RDS Custom doesn't use the default key when this parameter is empty. You must explicitly specify a key.", + "type": "string" + }, + "kmsKeyRef": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "licenseModel": { + "description": "License model information for this DB instance. \n Valid values: license-included | bring-your-own-license | general-public-license \n This setting doesn't apply to RDS Custom. \n # Amazon Aurora \n Not applicable.", + "type": "string" + }, + "manageMasterUserPassword": { + "description": "A value that indicates whether to manage the master user password with Amazon Web Services Secrets Manager. \n For more information, see Password management with Amazon Web Services Secrets Manager (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) in the Amazon RDS User Guide. \n Constraints: \n - Can't manage the master user password with Amazon Web Services Secrets Manager if MasterUserPassword is specified.", + "type": "boolean" + }, + "masterUserPassword": { + "description": "The password for the master user. The password can include any printable ASCII character except \"/\", \"\"\", or \"@\". \n # Amazon Aurora \n Not applicable. The password for the master user is managed by the DB cluster. \n Constraints: Can't be specified if ManageMasterUserPassword is turned on. \n # MariaDB \n Constraints: Must contain from 8 to 41 characters. \n # Microsoft SQL Server \n Constraints: Must contain from 8 to 128 characters. \n # MySQL \n Constraints: Must contain from 8 to 41 characters. \n # Oracle \n Constraints: Must contain from 8 to 30 characters. \n # PostgreSQL \n Constraints: Must contain from 8 to 128 characters.", + "properties": { + "key": { + "description": "Key is the key within the secret", + "type": "string" + }, + "name": { + "description": "name is unique within a namespace to reference a secret resource.", + "type": "string" + }, + "namespace": { + "description": "namespace defines the space within which the secret name must be unique.", + "type": "string" + } + }, + "required": [ + "key" + ], + "type": "object", + "x-kubernetes-map-type": "atomic", + "additionalProperties": false + }, + "masterUserSecretKMSKeyID": { + "description": "The Amazon Web Services KMS key identifier to encrypt a secret that is automatically generated and managed in Amazon Web Services Secrets Manager. \n This setting is valid only if the master user password is managed by RDS in Amazon Web Services Secrets Manager for the DB instance. \n The Amazon Web Services KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key. To use a KMS key in a different Amazon Web Services account, specify the key ARN or alias ARN. \n If you don't specify MasterUserSecretKmsKeyId, then the aws/secretsmanager KMS key is used to encrypt the secret. If the secret is in a different Amazon Web Services account, then you can't use the aws/secretsmanager KMS key to encrypt the secret, and you must use a customer managed KMS key. \n There is a default KMS key for your Amazon Web Services account. Your Amazon Web Services account has a different default KMS key for each Amazon Web Services Region.", + "type": "string" + }, + "masterUserSecretKMSKeyRef": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "masterUsername": { + "description": "The name for the master user. \n # Amazon Aurora \n Not applicable. The name for the master user is managed by the DB cluster. \n # Amazon RDS \n Constraints: \n - Required. \n - Must be 1 to 16 letters, numbers, or underscores. \n - First character must be a letter. \n - Can't be a reserved word for the chosen database engine.", + "type": "string" + }, + "maxAllocatedStorage": { + "description": "The upper limit in gibibytes (GiB) to which Amazon RDS can automatically scale the storage of the DB instance. \n For more information about this setting, including limitations that apply to it, see Managing capacity automatically with Amazon RDS storage autoscaling (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PIOPS.StorageTypes.html#USER_PIOPS.Autoscaling) in the Amazon RDS User Guide. \n This setting doesn't apply to RDS Custom. \n # Amazon Aurora \n Not applicable. Storage is managed by the DB cluster.", + "format": "int64", + "type": "integer" + }, + "monitoringInterval": { + "description": "The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB instance. To disable collection of Enhanced Monitoring metrics, specify 0. The default is 0. \n If MonitoringRoleArn is specified, then you must set MonitoringInterval to a value other than 0. \n This setting doesn't apply to RDS Custom. \n Valid Values: 0, 1, 5, 10, 15, 30, 60", + "format": "int64", + "type": "integer" + }, + "monitoringRoleARN": { + "description": "The ARN for the IAM role that permits RDS to send enhanced monitoring metrics to Amazon CloudWatch Logs. For example, arn:aws:iam:123456789012:role/emaccess. For information on creating a monitoring role, see Setting Up and Enabling Enhanced Monitoring (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Monitoring.OS.html#USER_Monitoring.OS.Enabling) in the Amazon RDS User Guide. \n If MonitoringInterval is set to a value other than 0, then you must supply a MonitoringRoleArn value. \n This setting doesn't apply to RDS Custom.", + "type": "string" + }, + "multiAZ": { + "description": "A value that indicates whether the DB instance is a Multi-AZ deployment. You can't set the AvailabilityZone parameter if the DB instance is a Multi-AZ deployment. \n This setting doesn't apply to RDS Custom. \n # Amazon Aurora \n Not applicable. DB instance Availability Zones (AZs) are managed by the DB cluster.", + "type": "boolean" + }, + "ncharCharacterSetName": { + "description": "The name of the NCHAR character set for the Oracle DB instance. \n This parameter doesn't apply to RDS Custom.", + "type": "string" + }, + "networkType": { + "description": "The network type of the DB instance. \n Valid values: \n - IPV4 \n - DUAL \n The network type is determined by the DBSubnetGroup specified for the DB instance. A DBSubnetGroup can support only the IPv4 protocol or the IPv4 and the IPv6 protocols (DUAL). \n For more information, see Working with a DB instance in a VPC (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.WorkingWithRDSInstanceinaVPC.html) in the Amazon RDS User Guide.", + "type": "string" + }, + "optionGroupName": { + "description": "A value that indicates that the DB instance should be associated with the specified option group. \n Permanent options, such as the TDE option for Oracle Advanced Security TDE, can't be removed from an option group. Also, that option group can't be removed from a DB instance after it is associated with a DB instance. \n This setting doesn't apply to RDS Custom. \n # Amazon Aurora \n Not applicable.", + "type": "string" + }, + "performanceInsightsEnabled": { + "description": "A value that indicates whether to enable Performance Insights for the DB instance. For more information, see Using Amazon Performance Insights (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PerfInsights.html) in the Amazon RDS User Guide. \n This setting doesn't apply to RDS Custom.", + "type": "boolean" + }, + "performanceInsightsKMSKeyID": { + "description": "The Amazon Web Services KMS key identifier for encryption of Performance Insights data. \n The Amazon Web Services KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key. \n If you do not specify a value for PerformanceInsightsKMSKeyId, then Amazon RDS uses your default KMS key. There is a default KMS key for your Amazon Web Services account. Your Amazon Web Services account has a different default KMS key for each Amazon Web Services Region. \n This setting doesn't apply to RDS Custom.", + "type": "string" + }, + "performanceInsightsRetentionPeriod": { + "description": "The number of days to retain Performance Insights data. The default is 7 days. The following values are valid: \n - 7 \n - month * 31, where month is a number of months from 1-23 \n - 731 \n For example, the following values are valid: \n - 93 (3 months * 31) \n - 341 (11 months * 31) \n - 589 (19 months * 31) \n - 731 \n If you specify a retention period such as 94, which isn't a valid value, RDS issues an error. \n This setting doesn't apply to RDS Custom.", + "format": "int64", + "type": "integer" + }, + "port": { + "description": "The port number on which the database accepts connections. \n # MySQL \n Default: 3306 \n Valid values: 1150-65535 \n Type: Integer \n # MariaDB \n Default: 3306 \n Valid values: 1150-65535 \n Type: Integer \n # PostgreSQL \n Default: 5432 \n Valid values: 1150-65535 \n Type: Integer \n # Oracle \n Default: 1521 \n Valid values: 1150-65535 \n # SQL Server \n Default: 1433 \n Valid values: 1150-65535 except 1234, 1434, 3260, 3343, 3389, 47001, and 49152-49156. \n # Amazon Aurora \n Default: 3306 \n Valid values: 1150-65535 \n Type: Integer", + "format": "int64", + "type": "integer" + }, + "preSignedURL": { + "description": "When you are creating a read replica from one Amazon Web Services GovCloud (US) Region to another or from one China Amazon Web Services Region to another, the URL that contains a Signature Version 4 signed request for the CreateDBInstanceReadReplica API operation in the source Amazon Web Services Region that contains the source DB instance. \n This setting applies only to Amazon Web Services GovCloud (US) Regions and China Amazon Web Services Regions. It's ignored in other Amazon Web Services Regions. \n This setting applies only when replicating from a source DB instance. Source DB clusters aren't supported in Amazon Web Services GovCloud (US) Regions and China Amazon Web Services Regions. \n You must specify this parameter when you create an encrypted read replica from another Amazon Web Services Region by using the Amazon RDS API. Don't specify PreSignedUrl when you are creating an encrypted read replica in the same Amazon Web Services Region. \n The presigned URL must be a valid request for the CreateDBInstanceReadReplica API operation that can run in the source Amazon Web Services Region that contains the encrypted source DB instance. The presigned URL request must contain the following parameter values: \n - DestinationRegion - The Amazon Web Services Region that the encrypted read replica is created in. This Amazon Web Services Region is the same one where the CreateDBInstanceReadReplica operation is called that contains this presigned URL. For example, if you create an encrypted DB instance in the us-west-1 Amazon Web Services Region, from a source DB instance in the us-east-2 Amazon Web Services Region, then you call the CreateDBInstanceReadReplica operation in the us-east-1 Amazon Web Services Region and provide a presigned URL that contains a call to the CreateDBInstanceReadReplica operation in the us-west-2 Amazon Web Services Region. For this example, the DestinationRegion in the presigned URL must be set to the us-east-1 Amazon Web Services Region. \n - KmsKeyId - The KMS key identifier for the key to use to encrypt the read replica in the destination Amazon Web Services Region. This is the same identifier for both the CreateDBInstanceReadReplica operation that is called in the destination Amazon Web Services Region, and the operation contained in the presigned URL. \n - SourceDBInstanceIdentifier - The DB instance identifier for the encrypted DB instance to be replicated. This identifier must be in the Amazon Resource Name (ARN) format for the source Amazon Web Services Region. For example, if you are creating an encrypted read replica from a DB instance in the us-west-2 Amazon Web Services Region, then your SourceDBInstanceIdentifier looks like the following example: arn:aws:rds:us-west-2:123456789012:instance:mysql-instance1-20161115. \n To learn how to generate a Signature Version 4 signed request, see Authenticating Requests: Using Query Parameters (Amazon Web Services Signature Version 4) (https://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-query-string-auth.html) and Signature Version 4 Signing Process (https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html). \n If you are using an Amazon Web Services SDK tool or the CLI, you can specify SourceRegion (or --source-region for the CLI) instead of specifying PreSignedUrl manually. Specifying SourceRegion autogenerates a presigned URL that is a valid request for the operation that can run in the source Amazon Web Services Region. \n SourceRegion isn't supported for SQL Server, because Amazon RDS for SQL Server doesn't support cross-Region read replicas. \n This setting doesn't apply to RDS Custom.", + "type": "string" + }, + "preferredBackupWindow": { + "description": "The daily time range during which automated backups are created if automated backups are enabled, using the BackupRetentionPeriod parameter. The default is a 30-minute window selected at random from an 8-hour block of time for each Amazon Web Services Region. For more information, see Backup window (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_WorkingWithAutomatedBackups.html#USER_WorkingWithAutomatedBackups.BackupWindow) in the Amazon RDS User Guide. \n # Amazon Aurora \n Not applicable. The daily time range for creating automated backups is managed by the DB cluster. \n Constraints: \n - Must be in the format hh24:mi-hh24:mi. \n - Must be in Universal Coordinated Time (UTC). \n - Must not conflict with the preferred maintenance window. \n - Must be at least 30 minutes.", + "type": "string" + }, + "preferredMaintenanceWindow": { + "description": "The time range each week during which system maintenance can occur, in Universal Coordinated Time (UTC). For more information, see Amazon RDS Maintenance Window (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_UpgradeDBInstance.Maintenance.html#Concepts.DBMaintenance). \n Format: ddd:hh24:mi-ddd:hh24:mi \n The default is a 30-minute window selected at random from an 8-hour block of time for each Amazon Web Services Region, occurring on a random day of the week. \n Valid Days: Mon, Tue, Wed, Thu, Fri, Sat, Sun. \n Constraints: Minimum 30-minute window.", + "type": "string" + }, + "processorFeatures": { + "description": "The number of CPU cores and the number of threads per core for the DB instance class of the DB instance. \n This setting doesn't apply to RDS Custom. \n # Amazon Aurora \n Not applicable.", + "items": { + "description": "Contains the processor features of a DB instance class. \n To specify the number of CPU cores, use the coreCount feature name for the Name parameter. To specify the number of threads per core, use the threadsPerCore feature name for the Name parameter. \n You can set the processor features of the DB instance class for a DB instance when you call one of the following actions: \n - CreateDBInstance \n - ModifyDBInstance \n - RestoreDBInstanceFromDBSnapshot \n - RestoreDBInstanceFromS3 \n - RestoreDBInstanceToPointInTime \n You can view the valid processor values for a particular instance class by calling the DescribeOrderableDBInstanceOptions action and specifying the instance class for the DBInstanceClass parameter. \n In addition, you can use the following actions for DB instance class processor information: \n - DescribeDBInstances \n - DescribeDBSnapshots \n - DescribeValidDBInstanceModifications \n If you call DescribeDBInstances, ProcessorFeature returns non-null values only if the following conditions are met: \n - You are accessing an Oracle DB instance. \n - Your Oracle DB instance class supports configuring the number of CPU cores and threads per core. \n - The current number CPU cores and threads is set to a non-default value. \n For more information, see Configuring the Processor of the DB Instance Class (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html#USER_ConfigureProcessor) in the Amazon RDS User Guide.", + "properties": { + "name": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "promotionTier": { + "description": "A value that specifies the order in which an Aurora Replica is promoted to the primary instance after a failure of the existing primary instance. For more information, see Fault Tolerance for an Aurora DB Cluster (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.Managing.Backups.html#Aurora.Managing.FaultTolerance) in the Amazon Aurora User Guide. \n This setting doesn't apply to RDS Custom. \n Default: 1 \n Valid Values: 0 - 15", + "format": "int64", + "type": "integer" + }, + "publiclyAccessible": { + "description": "A value that indicates whether the DB instance is publicly accessible. \n When the DB instance is publicly accessible, its Domain Name System (DNS) endpoint resolves to the private IP address from within the DB instance's virtual private cloud (VPC). It resolves to the public IP address from outside of the DB instance's VPC. Access to the DB instance is ultimately controlled by the security group it uses. That public access is not permitted if the security group assigned to the DB instance doesn't permit it. \n When the DB instance isn't publicly accessible, it is an internal DB instance with a DNS name that resolves to a private IP address. \n Default: The default behavior varies depending on whether DBSubnetGroupName is specified. \n If DBSubnetGroupName isn't specified, and PubliclyAccessible isn't specified, the following applies: \n - If the default VPC in the target Region doesn\u2019t have an internet gateway attached to it, the DB instance is private. \n - If the default VPC in the target Region has an internet gateway attached to it, the DB instance is public. \n If DBSubnetGroupName is specified, and PubliclyAccessible isn't specified, the following applies: \n - If the subnets are part of a VPC that doesn\u2019t have an internet gateway attached to it, the DB instance is private. \n - If the subnets are part of a VPC that has an internet gateway attached to it, the DB instance is public.", + "type": "boolean" + }, + "replicaMode": { + "description": "The open mode of the replica database: mounted or read-only. \n This parameter is only supported for Oracle DB instances. \n Mounted DB replicas are included in Oracle Database Enterprise Edition. The main use case for mounted replicas is cross-Region disaster recovery. The primary database doesn't use Active Data Guard to transmit information to the mounted replica. Because it doesn't accept user connections, a mounted replica can't serve a read-only workload. \n You can create a combination of mounted and read-only DB replicas for the same primary DB instance. For more information, see Working with Oracle Read Replicas for Amazon RDS (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/oracle-read-replicas.html) in the Amazon RDS User Guide. \n For RDS Custom, you must specify this parameter and set it to mounted. The value won't be set by default. After replica creation, you can manage the open mode manually.", + "type": "string" + }, + "sourceDBInstanceIdentifier": { + "description": "The identifier of the DB instance that will act as the source for the read replica. Each DB instance can have up to 15 read replicas, with the exception of Oracle and SQL Server, which can have up to five. \n Constraints: \n - Must be the identifier of an existing MySQL, MariaDB, Oracle, PostgreSQL, or SQL Server DB instance. \n - Can't be specified if the SourceDBClusterIdentifier parameter is also specified. \n - For the limitations of Oracle read replicas, see Version and licensing considerations for RDS for Oracle replicas (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/oracle-read-replicas.limitations.html#oracle-read-replicas.limitations.versions-and-licenses) in the Amazon RDS User Guide. \n - For the limitations of SQL Server read replicas, see Read replica limitations with SQL Server (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/SQLServer.ReadReplicas.html#SQLServer.ReadReplicas.Limitations) in the Amazon RDS User Guide. \n - The specified DB instance must have automatic backups enabled, that is, its backup retention period must be greater than 0. \n - If the source DB instance is in the same Amazon Web Services Region as the read replica, specify a valid DB instance identifier. \n - If the source DB instance is in a different Amazon Web Services Region from the read replica, specify a valid DB instance ARN. For more information, see Constructing an ARN for Amazon RDS (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.ARN.html#USER_Tagging.ARN.Constructing) in the Amazon RDS User Guide. This doesn't apply to SQL Server or RDS Custom, which don't support cross-Region replicas.", + "type": "string" + }, + "sourceRegion": { + "description": "SourceRegion is the source region where the resource exists. This is not sent over the wire and is only used for presigning. This value should always have the same region as the source ARN.", + "type": "string" + }, + "storageEncrypted": { + "description": "A value that indicates whether the DB instance is encrypted. By default, it isn't encrypted. \n For RDS Custom instances, either set this parameter to true or leave it unset. If you set this parameter to false, RDS reports an error. \n # Amazon Aurora \n Not applicable. The encryption for DB instances is managed by the DB cluster.", + "type": "boolean" + }, + "storageThroughput": { + "description": "Specifies the storage throughput value for the DB instance. \n This setting applies only to the gp3 storage type. \n This setting doesn't apply to RDS Custom or Amazon Aurora.", + "format": "int64", + "type": "integer" + }, + "storageType": { + "description": "Specifies the storage type to be associated with the DB instance. \n Valid values: gp2 | gp3 | io1 | standard \n If you specify io1 or gp3, you must also include a value for the Iops parameter. \n Default: io1 if the Iops parameter is specified, otherwise gp2 \n # Amazon Aurora \n Not applicable. Storage is managed by the DB cluster.", + "type": "string" + }, + "tags": { + "description": "Tags to assign to the DB instance.", + "items": { + "description": "Metadata assigned to an Amazon RDS resource consisting of a key-value pair. \n For more information, see Tagging Amazon RDS Resources (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html) in the Amazon RDS User Guide.", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "tdeCredentialARN": { + "description": "The ARN from the key store with which to associate the instance for TDE encryption. \n This setting doesn't apply to RDS Custom. \n # Amazon Aurora \n Not applicable.", + "type": "string" + }, + "tdeCredentialPassword": { + "description": "The password for the given ARN from the key store in order to access the device. \n This setting doesn't apply to RDS Custom.", + "type": "string" + }, + "timezone": { + "description": "The time zone of the DB instance. The time zone parameter is currently supported only by Microsoft SQL Server (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_SQLServer.html#SQLServer.Concepts.General.TimeZone).", + "type": "string" + }, + "useDefaultProcessorFeatures": { + "description": "A value that indicates whether the DB instance class of the DB instance uses its default processor features. \n This setting doesn't apply to RDS Custom.", + "type": "boolean" + }, + "vpcSecurityGroupIDs": { + "description": "A list of Amazon EC2 VPC security groups to associate with this DB instance. \n # Amazon Aurora \n Not applicable. The associated list of EC2 VPC security groups is managed by the DB cluster. \n Default: The default EC2 VPC security group for the DB subnet group's VPC.", + "items": { + "type": "string" + }, + "type": "array" + }, + "vpcSecurityGroupRefs": { + "items": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "required": [ + "dbInstanceClass", + "dbInstanceIdentifier", + "engine" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "DBInstanceStatus defines the observed state of DBInstance", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "activityStreamEngineNativeAuditFieldsIncluded": { + "description": "Indicates whether engine-native audit fields are included in the database activity stream.", + "type": "boolean" + }, + "activityStreamKMSKeyID": { + "description": "The Amazon Web Services KMS key identifier used for encrypting messages in the database activity stream. The Amazon Web Services KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key.", + "type": "string" + }, + "activityStreamKinesisStreamName": { + "description": "The name of the Amazon Kinesis data stream used for the database activity stream.", + "type": "string" + }, + "activityStreamMode": { + "description": "The mode of the database activity stream. Database events such as a change or access generate an activity stream event. RDS for Oracle always handles these events asynchronously.", + "type": "string" + }, + "activityStreamPolicyStatus": { + "description": "The status of the policy state of the activity stream.", + "type": "string" + }, + "activityStreamStatus": { + "description": "The status of the database activity stream.", + "type": "string" + }, + "associatedRoles": { + "description": "The Amazon Web Services Identity and Access Management (IAM) roles associated with the DB instance.", + "items": { + "description": "Describes an Amazon Web Services Identity and Access Management (IAM) role that is associated with a DB instance.", + "properties": { + "featureName": { + "type": "string" + }, + "roleARN": { + "type": "string" + }, + "status": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "automaticRestartTime": { + "description": "The time when a stopped DB instance is restarted automatically.", + "format": "date-time", + "type": "string" + }, + "automationMode": { + "description": "The automation mode of the RDS Custom DB instance: full or all paused. If full, the DB instance automates monitoring and instance recovery. If all paused, the instance pauses automation for the duration set by --resume-full-automation-mode-minutes.", + "type": "string" + }, + "awsBackupRecoveryPointARN": { + "description": "The Amazon Resource Name (ARN) of the recovery point in Amazon Web Services Backup.", + "type": "string" + }, + "certificateDetails": { + "description": "The details of the DB instance's server certificate.", + "properties": { + "cAIdentifier": { + "type": "string" + }, + "validTill": { + "format": "date-time", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "customerOwnedIPEnabled": { + "description": "Specifies whether a customer-owned IP address (CoIP) is enabled for an RDS on Outposts DB instance. \n A CoIP provides local or external connectivity to resources in your Outpost subnets through your on-premises network. For some use cases, a CoIP can provide lower latency for connections to the DB instance from outside of its virtual private cloud (VPC) on your local network. \n For more information about RDS on Outposts, see Working with Amazon RDS on Amazon Web Services Outposts (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-on-outposts.html) in the Amazon RDS User Guide. \n For more information about CoIPs, see Customer-owned IP addresses (https://docs.aws.amazon.com/outposts/latest/userguide/routing.html#ip-addressing) in the Amazon Web Services Outposts User Guide.", + "type": "boolean" + }, + "dbInstanceAutomatedBackupsReplications": { + "description": "The list of replicated automated backups associated with the DB instance.", + "items": { + "description": "Automated backups of a DB instance replicated to another Amazon Web Services Region. They consist of system backups, transaction logs, and database instance properties.", + "properties": { + "dbInstanceAutomatedBackupsARN": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "dbInstancePort": { + "description": "Specifies the port that the DB instance listens on. If the DB instance is part of a DB cluster, this can be a different port than the DB cluster port.", + "format": "int64", + "type": "integer" + }, + "dbInstanceStatus": { + "description": "Specifies the current state of this database. \n For information about DB instance statuses, see Viewing DB instance status (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/accessing-monitoring.html#Overview.DBInstance.Status) in the Amazon RDS User Guide.", + "type": "string" + }, + "dbParameterGroups": { + "description": "Provides the list of DB parameter groups applied to this DB instance.", + "items": { + "description": "The status of the DB parameter group. \n This data type is used as a response element in the following actions: \n - CreateDBInstance \n - CreateDBInstanceReadReplica \n - DeleteDBInstance \n - ModifyDBInstance \n - RebootDBInstance \n - RestoreDBInstanceFromDBSnapshot", + "properties": { + "dbParameterGroupName": { + "type": "string" + }, + "parameterApplyStatus": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "dbSubnetGroup": { + "description": "Specifies information on the subnet group associated with the DB instance, including the name, description, and subnets in the subnet group.", + "properties": { + "dbSubnetGroupARN": { + "type": "string" + }, + "dbSubnetGroupDescription": { + "type": "string" + }, + "dbSubnetGroupName": { + "type": "string" + }, + "subnetGroupStatus": { + "type": "string" + }, + "subnets": { + "items": { + "description": "This data type is used as a response element for the DescribeDBSubnetGroups operation.", + "properties": { + "subnetAvailabilityZone": { + "description": "Contains Availability Zone information. \n This data type is used as an element in the OrderableDBInstanceOption data type.", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "subnetIdentifier": { + "type": "string" + }, + "subnetOutpost": { + "description": "A data type that represents an Outpost. \n For more information about RDS on Outposts, see Amazon RDS on Amazon Web Services Outposts (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-on-outposts.html) in the Amazon RDS User Guide.", + "properties": { + "arn": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "subnetStatus": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "supportedNetworkTypes": { + "items": { + "type": "string" + }, + "type": "array" + }, + "vpcID": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "dbSystemID": { + "description": "The Oracle system ID (Oracle SID) for a container database (CDB). The Oracle SID is also the name of the CDB. This setting is valid for RDS Custom only.", + "type": "string" + }, + "dbiResourceID": { + "description": "The Amazon Web Services Region-unique, immutable identifier for the DB instance. This identifier is found in Amazon Web Services CloudTrail log entries whenever the Amazon Web Services KMS key for the DB instance is accessed.", + "type": "string" + }, + "domainMemberships": { + "description": "The Active Directory Domain membership records associated with the DB instance.", + "items": { + "description": "An Active Directory Domain membership record associated with the DB instance or cluster.", + "properties": { + "domain": { + "type": "string" + }, + "fQDN": { + "type": "string" + }, + "iamRoleName": { + "type": "string" + }, + "status": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "enabledCloudwatchLogsExports": { + "description": "A list of log types that this DB instance is configured to export to CloudWatch Logs. \n Log types vary by DB engine. For information about the log types for each DB engine, see Amazon RDS Database Log Files (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_LogAccess.html) in the Amazon RDS User Guide.", + "items": { + "type": "string" + }, + "type": "array" + }, + "endpoint": { + "description": "Specifies the connection endpoint. \n The endpoint might not be shown for instances whose status is creating.", + "properties": { + "address": { + "type": "string" + }, + "hostedZoneID": { + "type": "string" + }, + "port": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + }, + "enhancedMonitoringResourceARN": { + "description": "The Amazon Resource Name (ARN) of the Amazon CloudWatch Logs log stream that receives the Enhanced Monitoring metrics data for the DB instance.", + "type": "string" + }, + "iamDatabaseAuthenticationEnabled": { + "description": "True if mapping of Amazon Web Services Identity and Access Management (IAM) accounts to database accounts is enabled, and otherwise false. \n IAM database authentication can be enabled for the following database engines \n * For MySQL 5.6, minor version 5.6.34 or higher \n * For MySQL 5.7, minor version 5.7.16 or higher \n * Aurora 5.6 or higher. To enable IAM database authentication for Aurora, see DBCluster Type.", + "type": "boolean" + }, + "instanceCreateTime": { + "description": "Provides the date and time the DB instance was created.", + "format": "date-time", + "type": "string" + }, + "latestRestorableTime": { + "description": "Specifies the latest time to which a database can be restored with point-in-time restore.", + "format": "date-time", + "type": "string" + }, + "listenerEndpoint": { + "description": "Specifies the listener connection endpoint for SQL Server Always On.", + "properties": { + "address": { + "type": "string" + }, + "hostedZoneID": { + "type": "string" + }, + "port": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + }, + "masterUserSecret": { + "description": "Contains the secret managed by RDS in Amazon Web Services Secrets Manager for the master user password. \n For more information, see Password management with Amazon Web Services Secrets Manager (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) in the Amazon RDS User Guide.", + "properties": { + "kmsKeyID": { + "type": "string" + }, + "secretARN": { + "type": "string" + }, + "secretStatus": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "optionGroupMemberships": { + "description": "Provides the list of option group memberships for this DB instance.", + "items": { + "description": "Provides information on the option groups the DB instance is a member of.", + "properties": { + "optionGroupName": { + "type": "string" + }, + "status": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "pendingModifiedValues": { + "description": "A value that specifies that changes to the DB instance are pending. This element is only included when changes are pending. Specific changes are identified by subelements.", + "properties": { + "allocatedStorage": { + "format": "int64", + "type": "integer" + }, + "automationMode": { + "type": "string" + }, + "backupRetentionPeriod": { + "format": "int64", + "type": "integer" + }, + "caCertificateIdentifier": { + "type": "string" + }, + "dbInstanceClass": { + "type": "string" + }, + "dbInstanceIdentifier": { + "type": "string" + }, + "dbSubnetGroupName": { + "type": "string" + }, + "engineVersion": { + "type": "string" + }, + "iamDatabaseAuthenticationEnabled": { + "type": "boolean" + }, + "iops": { + "format": "int64", + "type": "integer" + }, + "licenseModel": { + "type": "string" + }, + "masterUserPassword": { + "type": "string" + }, + "multiAZ": { + "type": "boolean" + }, + "pendingCloudwatchLogsExports": { + "description": "A list of the log types whose configuration is still pending. In other words, these log types are in the process of being activated or deactivated.", + "properties": { + "logTypesToDisable": { + "items": { + "type": "string" + }, + "type": "array" + }, + "logTypesToEnable": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "port": { + "format": "int64", + "type": "integer" + }, + "processorFeatures": { + "items": { + "description": "Contains the processor features of a DB instance class. \n To specify the number of CPU cores, use the coreCount feature name for the Name parameter. To specify the number of threads per core, use the threadsPerCore feature name for the Name parameter. \n You can set the processor features of the DB instance class for a DB instance when you call one of the following actions: \n - CreateDBInstance \n - ModifyDBInstance \n - RestoreDBInstanceFromDBSnapshot \n - RestoreDBInstanceFromS3 \n - RestoreDBInstanceToPointInTime \n You can view the valid processor values for a particular instance class by calling the DescribeOrderableDBInstanceOptions action and specifying the instance class for the DBInstanceClass parameter. \n In addition, you can use the following actions for DB instance class processor information: \n - DescribeDBInstances \n - DescribeDBSnapshots \n - DescribeValidDBInstanceModifications \n If you call DescribeDBInstances, ProcessorFeature returns non-null values only if the following conditions are met: \n - You are accessing an Oracle DB instance. \n - Your Oracle DB instance class supports configuring the number of CPU cores and threads per core. \n - The current number CPU cores and threads is set to a non-default value. \n For more information, see Configuring the Processor of the DB Instance Class (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html#USER_ConfigureProcessor) in the Amazon RDS User Guide.", + "properties": { + "name": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "resumeFullAutomationModeTime": { + "format": "date-time", + "type": "string" + }, + "storageThroughput": { + "format": "int64", + "type": "integer" + }, + "storageType": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "readReplicaDBClusterIdentifiers": { + "description": "Contains one or more identifiers of Aurora DB clusters to which the RDS DB instance is replicated as a read replica. For example, when you create an Aurora read replica of an RDS for MySQL DB instance, the Aurora MySQL DB cluster for the Aurora read replica is shown. This output doesn't contain information about cross-Region Aurora read replicas. \n Currently, each RDS DB instance can have only one Aurora read replica.", + "items": { + "type": "string" + }, + "type": "array" + }, + "readReplicaDBInstanceIdentifiers": { + "description": "Contains one or more identifiers of the read replicas associated with this DB instance.", + "items": { + "type": "string" + }, + "type": "array" + }, + "readReplicaSourceDBClusterIdentifier": { + "description": "Contains the identifier of the source DB cluster if this DB instance is a read replica.", + "type": "string" + }, + "readReplicaSourceDBInstanceIdentifier": { + "description": "Contains the identifier of the source DB instance if this DB instance is a read replica.", + "type": "string" + }, + "resumeFullAutomationModeTime": { + "description": "The number of minutes to pause the automation. When the time period ends, RDS Custom resumes full automation. The minimum value is 60 (default). The maximum value is 1,440.", + "format": "date-time", + "type": "string" + }, + "secondaryAvailabilityZone": { + "description": "If present, specifies the name of the secondary Availability Zone for a DB instance with multi-AZ support.", + "type": "string" + }, + "statusInfos": { + "description": "The status of a read replica. If the instance isn't a read replica, this is blank.", + "items": { + "description": "Provides a list of status information for a DB instance.", + "properties": { + "message": { + "type": "string" + }, + "normal": { + "type": "boolean" + }, + "status": { + "type": "string" + }, + "statusType": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "vpcSecurityGroups": { + "description": "Provides a list of VPC security group elements that the DB instance belongs to.", + "items": { + "description": "This data type is used as a response element for queries on VPC security group membership.", + "properties": { + "status": { + "type": "string" + }, + "vpcSecurityGroupID": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/rds.services.k8s.aws/dbparametergroup_v1alpha1.json b/rds.services.k8s.aws/dbparametergroup_v1alpha1.json new file mode 100644 index 00000000..a5ca1984 --- /dev/null +++ b/rds.services.k8s.aws/dbparametergroup_v1alpha1.json @@ -0,0 +1,178 @@ +{ + "description": "DBParameterGroup is the Schema for the DBParameterGroups API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "DBParameterGroupSpec defines the desired state of DBParameterGroup. \n Contains the details of an Amazon RDS DB parameter group. \n This data type is used as a response element in the DescribeDBParameterGroups action.", + "properties": { + "description": { + "description": "The description for the DB parameter group.", + "type": "string" + }, + "family": { + "description": "The DB parameter group family name. A DB parameter group can be associated with one and only one DB parameter group family, and can be applied only to a DB instance running a database engine and engine version compatible with that DB parameter group family. \n To list all of the available parameter group families for a DB engine, use the following command: \n aws rds describe-db-engine-versions --query \"DBEngineVersions[].DBParameterGroupFamily\" --engine \n For example, to list all of the available parameter group families for the MySQL DB engine, use the following command: \n aws rds describe-db-engine-versions --query \"DBEngineVersions[].DBParameterGroupFamily\" --engine mysql \n The output contains duplicates. \n The following are the valid DB engine values: \n - aurora (for MySQL 5.6-compatible Aurora) \n - aurora-mysql (for MySQL 5.7-compatible and MySQL 8.0-compatible Aurora) \n - aurora-postgresql \n - mariadb \n - mysql \n - oracle-ee \n - oracle-ee-cdb \n - oracle-se2 \n - oracle-se2-cdb \n - postgres \n - sqlserver-ee \n - sqlserver-se \n - sqlserver-ex \n - sqlserver-web", + "type": "string" + }, + "name": { + "description": "The name of the DB parameter group. \n Constraints: \n - Must be 1 to 255 letters, numbers, or hyphens. \n - First character must be a letter \n - Can't end with a hyphen or contain two consecutive hyphens \n This value is stored as a lowercase string.", + "type": "string" + }, + "parameterOverrides": { + "additionalProperties": { + "type": "string" + }, + "description": "These are ONLY user-defined parameter overrides for the DB parameter group. This does not contain default or system parameters.", + "type": "object" + }, + "tags": { + "description": "Tags to assign to the DB parameter group.", + "items": { + "description": "Metadata assigned to an Amazon RDS resource consisting of a key-value pair. \n For more information, see Tagging Amazon RDS Resources (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html) in the Amazon RDS User Guide.", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "required": [ + "description", + "family", + "name" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "DBParameterGroupStatus defines the observed state of DBParameterGroup", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "parameterOverrideStatuses": { + "description": "A list of Parameter values.", + "items": { + "description": "This data type is used as a request parameter in the ModifyDBParameterGroup and ResetDBParameterGroup actions. \n This data type is used as a response element in the DescribeEngineDefaultParameters and DescribeDBParameters actions.", + "properties": { + "allowedValues": { + "type": "string" + }, + "applyMethod": { + "type": "string" + }, + "applyType": { + "type": "string" + }, + "dataType": { + "type": "string" + }, + "description": { + "type": "string" + }, + "isModifiable": { + "type": "boolean" + }, + "minimumEngineVersion": { + "type": "string" + }, + "parameterName": { + "type": "string" + }, + "parameterValue": { + "type": "string" + }, + "source": { + "type": "string" + }, + "supportedEngineModes": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/rds.services.k8s.aws/dbproxy_v1alpha1.json b/rds.services.k8s.aws/dbproxy_v1alpha1.json new file mode 100644 index 00000000..a8f915a4 --- /dev/null +++ b/rds.services.k8s.aws/dbproxy_v1alpha1.json @@ -0,0 +1,204 @@ +{ + "description": "DBProxy is the Schema for the DBProxies API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "DBProxySpec defines the desired state of DBProxy. \n The data structure representing a proxy managed by the RDS Proxy. \n This data type is used as a response element in the DescribeDBProxies action.", + "properties": { + "auth": { + "description": "The authorization mechanism that the proxy uses.", + "items": { + "description": "Specifies the details of authentication used by a proxy to log in as a specific database user.", + "properties": { + "authScheme": { + "type": "string" + }, + "clientPasswordAuthType": { + "type": "string" + }, + "description": { + "type": "string" + }, + "iamAuth": { + "type": "string" + }, + "secretARN": { + "type": "string" + }, + "userName": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "debugLogging": { + "description": "Whether the proxy includes detailed information about SQL statements in its logs. This information helps you to debug issues involving SQL behavior or the performance and scalability of the proxy connections. The debug information includes the text of SQL statements that you submit through the proxy. Thus, only enable this setting when needed for debugging, and only when you have security measures in place to safeguard any sensitive information that appears in the logs.", + "type": "boolean" + }, + "engineFamily": { + "description": "The kinds of databases that the proxy can connect to. This value determines which database network protocol the proxy recognizes when it interprets network traffic to and from the database. For Aurora MySQL, RDS for MariaDB, and RDS for MySQL databases, specify MYSQL. For Aurora PostgreSQL and RDS for PostgreSQL databases, specify POSTGRESQL. For RDS for Microsoft SQL Server, specify SQLSERVER.", + "type": "string" + }, + "idleClientTimeout": { + "description": "The number of seconds that a connection to the proxy can be inactive before the proxy disconnects it. You can set this value higher or lower than the connection timeout limit for the associated database.", + "format": "int64", + "type": "integer" + }, + "name": { + "description": "The identifier for the proxy. This name must be unique for all proxies owned by your Amazon Web Services account in the specified Amazon Web Services Region. An identifier must begin with a letter and must contain only ASCII letters, digits, and hyphens; it can't end with a hyphen or contain two consecutive hyphens.", + "type": "string" + }, + "requireTLS": { + "description": "A Boolean parameter that specifies whether Transport Layer Security (TLS) encryption is required for connections to the proxy. By enabling this setting, you can enforce encrypted TLS connections to the proxy.", + "type": "boolean" + }, + "roleARN": { + "description": "The Amazon Resource Name (ARN) of the IAM role that the proxy uses to access secrets in Amazon Web Services Secrets Manager.", + "type": "string" + }, + "tags": { + "description": "An optional set of key-value pairs to associate arbitrary data of your choosing with the proxy.", + "items": { + "description": "Metadata assigned to an Amazon RDS resource consisting of a key-value pair. \n For more information, see Tagging Amazon RDS Resources (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html) in the Amazon RDS User Guide.", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "vpcSecurityGroupIDs": { + "description": "One or more VPC security group IDs to associate with the new proxy.", + "items": { + "type": "string" + }, + "type": "array" + }, + "vpcSubnetIDs": { + "description": "One or more VPC subnet IDs to associate with the new proxy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "auth", + "engineFamily", + "name", + "roleARN", + "vpcSubnetIDs" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "DBProxyStatus defines the observed state of DBProxy", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "createdDate": { + "description": "The date and time when the proxy was first created.", + "format": "date-time", + "type": "string" + }, + "endpoint": { + "description": "The endpoint that you can use to connect to the DB proxy. You include the endpoint value in the connection string for a database client application.", + "type": "string" + }, + "status": { + "description": "The current status of this proxy. A status of available means the proxy is ready to handle requests. Other values indicate that you must wait for the proxy to be ready, or take some action to resolve an issue.", + "type": "string" + }, + "updatedDate": { + "description": "The date and time when the proxy was last updated.", + "format": "date-time", + "type": "string" + }, + "vpcID": { + "description": "Provides the VPC ID of the DB proxy.", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/rds.services.k8s.aws/dbsubnetgroup_v1alpha1.json b/rds.services.k8s.aws/dbsubnetgroup_v1alpha1.json new file mode 100644 index 00000000..e642aa30 --- /dev/null +++ b/rds.services.k8s.aws/dbsubnetgroup_v1alpha1.json @@ -0,0 +1,198 @@ +{ + "description": "DBSubnetGroup is the Schema for the DBSubnetGroups API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "DBSubnetGroupSpec defines the desired state of DBSubnetGroup. \n Contains the details of an Amazon RDS DB subnet group. \n This data type is used as a response element in the DescribeDBSubnetGroups action.", + "properties": { + "description": { + "description": "The description for the DB subnet group.", + "type": "string" + }, + "name": { + "description": "The name for the DB subnet group. This value is stored as a lowercase string. \n Constraints: \n - Must contain no more than 255 letters, numbers, periods, underscores, spaces, or hyphens. \n - Must not be default. \n - First character must be a letter. \n Example: mydbsubnetgroup", + "type": "string" + }, + "subnetIDs": { + "description": "The EC2 Subnet IDs for the DB subnet group.", + "items": { + "type": "string" + }, + "type": "array" + }, + "subnetRefs": { + "items": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "tags": { + "description": "Tags to assign to the DB subnet group.", + "items": { + "description": "Metadata assigned to an Amazon RDS resource consisting of a key-value pair. \n For more information, see Tagging Amazon RDS Resources (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html) in the Amazon RDS User Guide.", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "required": [ + "description", + "name" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "DBSubnetGroupStatus defines the observed state of DBSubnetGroup", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "subnetGroupStatus": { + "description": "Provides the status of the DB subnet group.", + "type": "string" + }, + "subnets": { + "description": "Contains a list of Subnet elements.", + "items": { + "description": "This data type is used as a response element for the DescribeDBSubnetGroups operation.", + "properties": { + "subnetAvailabilityZone": { + "description": "Contains Availability Zone information. \n This data type is used as an element in the OrderableDBInstanceOption data type.", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "subnetIdentifier": { + "type": "string" + }, + "subnetOutpost": { + "description": "A data type that represents an Outpost. \n For more information about RDS on Outposts, see Amazon RDS on Amazon Web Services Outposts (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-on-outposts.html) in the Amazon RDS User Guide.", + "properties": { + "arn": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "subnetStatus": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "supportedNetworkTypes": { + "description": "The network type of the DB subnet group. \n Valid values: \n * IPV4 \n * DUAL \n A DBSubnetGroup can support only the IPv4 protocol or the IPv4 and the IPv6 protocols (DUAL). \n For more information, see Working with a DB instance in a VPC (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.WorkingWithRDSInstanceinaVPC.html) in the Amazon RDS User Guide.", + "items": { + "type": "string" + }, + "type": "array" + }, + "vpcID": { + "description": "Provides the VpcId of the DB subnet group.", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/rds.services.k8s.aws/globalcluster_v1alpha1.json b/rds.services.k8s.aws/globalcluster_v1alpha1.json new file mode 100644 index 00000000..c7e9875b --- /dev/null +++ b/rds.services.k8s.aws/globalcluster_v1alpha1.json @@ -0,0 +1,168 @@ +{ + "description": "GlobalCluster is the Schema for the GlobalClusters API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "GlobalClusterSpec defines the desired state of GlobalCluster. \n A data type representing an Aurora global database.", + "properties": { + "databaseName": { + "description": "The name for your database of up to 64 alphanumeric characters. If you do not provide a name, Amazon Aurora will not create a database in the global database cluster you are creating.", + "type": "string" + }, + "deletionProtection": { + "description": "The deletion protection setting for the new global database. The global database can't be deleted when deletion protection is enabled.", + "type": "boolean" + }, + "engine": { + "description": "The name of the database engine to be used for this DB cluster.", + "type": "string" + }, + "engineVersion": { + "description": "The engine version of the Aurora global database.", + "type": "string" + }, + "globalClusterIdentifier": { + "description": "The cluster identifier of the new global database cluster.", + "type": "string" + }, + "sourceDBClusterIdentifier": { + "description": "The Amazon Resource Name (ARN) to use as the primary cluster of the global database. This parameter is optional.", + "type": "string" + }, + "storageEncrypted": { + "description": "The storage encryption setting for the new global database cluster.", + "type": "boolean" + } + }, + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "GlobalClusterStatus defines the observed state of GlobalCluster", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "failoverState": { + "description": "A data object containing all properties for the current state of an in-process or pending failover process for this Aurora global database. This object is empty unless the FailoverGlobalCluster API operation has been called on this Aurora global database (GlobalCluster).", + "properties": { + "fromDBClusterARN": { + "type": "string" + }, + "status": { + "type": "string" + }, + "toDBClusterARN": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "globalClusterMembers": { + "description": "The list of primary and secondary clusters within the global database cluster.", + "items": { + "description": "A data structure with information about any primary and secondary clusters associated with an Aurora global database.", + "properties": { + "dbClusterARN": { + "type": "string" + }, + "globalWriteForwardingStatus": { + "type": "string" + }, + "isWriter": { + "type": "boolean" + }, + "readers": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "globalClusterResourceID": { + "description": "The Amazon Web Services Region-unique, immutable identifier for the global database cluster. This identifier is found in Amazon Web Services CloudTrail log entries whenever the Amazon Web Services KMS key for the DB cluster is accessed.", + "type": "string" + }, + "status": { + "description": "Specifies the current state of this global database cluster.", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/route53.services.k8s.aws/hostedzone_v1alpha1.json b/route53.services.k8s.aws/hostedzone_v1alpha1.json new file mode 100644 index 00000000..c20c2c34 --- /dev/null +++ b/route53.services.k8s.aws/hostedzone_v1alpha1.json @@ -0,0 +1,167 @@ +{ + "description": "HostedZone is the Schema for the HostedZones API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "HostedZoneSpec defines the desired state of HostedZone. \n A complex type that contains general information about the hosted zone.", + "properties": { + "delegationSetID": { + "description": "If you want to associate a reusable delegation set with this hosted zone, the ID that Amazon Route 53 assigned to the reusable delegation set when you created it. For more information about reusable delegation sets, see CreateReusableDelegationSet (https://docs.aws.amazon.com/Route53/latest/APIReference/API_CreateReusableDelegationSet.html).", + "type": "string" + }, + "hostedZoneConfig": { + "description": "(Optional) A complex type that contains the following optional values: \n - For public and private hosted zones, an optional comment \n - For private hosted zones, an optional PrivateZone element \n If you don't specify a comment or the PrivateZone element, omit HostedZoneConfig and the other elements.", + "properties": { + "comment": { + "type": "string" + }, + "privateZone": { + "type": "boolean" + } + }, + "type": "object", + "additionalProperties": false + }, + "name": { + "description": "The name of the domain. Specify a fully qualified domain name, for example, www.example.com. The trailing dot is optional; Amazon Route 53 assumes that the domain name is fully qualified. This means that Route 53 treats www.example.com (without a trailing dot) and www.example.com. (with a trailing dot) as identical. \n If you're creating a public hosted zone, this is the name you have registered with your DNS registrar. If your domain name is registered with a registrar other than Route 53, change the name servers for your domain to the set of NameServers that CreateHostedZone returns in DelegationSet.", + "type": "string" + }, + "vpc": { + "description": "(Private hosted zones only) A complex type that contains information about the Amazon VPC that you're associating with this hosted zone. \n You can specify only one Amazon VPC when you create a private hosted zone. If you are associating a VPC with a hosted zone with this request, the paramaters VPCId and VPCRegion are also required. \n To associate additional Amazon VPCs with the hosted zone, use AssociateVPCWithHostedZone (https://docs.aws.amazon.com/Route53/latest/APIReference/API_AssociateVPCWithHostedZone.html) after you create a hosted zone.", + "properties": { + "vpcID": { + "description": "(Private hosted zones only) The ID of an Amazon VPC.", + "type": "string" + }, + "vpcRegion": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "required": [ + "name" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "HostedZoneStatus defines the observed state of HostedZone", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "callerReference": { + "description": "The value that you specified for CallerReference when you created the hosted zone.", + "type": "string" + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "config": { + "description": "A complex type that includes the Comment and PrivateZone elements. If you omitted the HostedZoneConfig and Comment elements from the request, the Config and Comment elements don't appear in the response.", + "properties": { + "comment": { + "type": "string" + }, + "privateZone": { + "type": "boolean" + } + }, + "type": "object", + "additionalProperties": false + }, + "id": { + "description": "The ID that Amazon Route 53 assigned to the hosted zone when you created it.", + "type": "string" + }, + "linkedService": { + "description": "If the hosted zone was created by another service, the service that created the hosted zone. When a hosted zone is created by another service, you can't edit or delete it using Route 53.", + "properties": { + "description": { + "type": "string" + }, + "servicePrincipal": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "resourceRecordSetCount": { + "description": "The number of resource record sets in the hosted zone.", + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/s3.services.k8s.aws/bucket_v1alpha1.json b/s3.services.k8s.aws/bucket_v1alpha1.json new file mode 100644 index 00000000..d24bc67a --- /dev/null +++ b/s3.services.k8s.aws/bucket_v1alpha1.json @@ -0,0 +1,1356 @@ +{ + "description": "Bucket is the Schema for the Buckets API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "BucketSpec defines the desired state of Bucket. \n In terms of implementation, a Bucket is a resource. An Amazon S3 bucket name is globally unique, and the namespace is shared by all Amazon Web Services accounts.", + "properties": { + "accelerate": { + "description": "Container for setting the transfer acceleration state.", + "properties": { + "status": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "acl": { + "description": "The canned ACL to apply to the bucket.", + "type": "string" + }, + "analytics": { + "items": { + "description": "Specifies the configuration and any analyses for the analytics filter of an Amazon S3 bucket.", + "properties": { + "filter": { + "description": "The filter used to describe a set of objects for analyses. A filter must have exactly one prefix, one tag, or one conjunction (AnalyticsAndOperator). If no filter is provided, all objects will be considered in any analysis.", + "properties": { + "and": { + "description": "A conjunction (logical AND) of predicates, which is used in evaluating a metrics filter. The operator must have at least two predicates in any combination, and an object must match all of the predicates for the filter to apply.", + "properties": { + "prefix": { + "type": "string" + }, + "tags": { + "items": { + "description": "A container of a key value name pair.", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "prefix": { + "type": "string" + }, + "tag": { + "description": "A container of a key value name pair.", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "id": { + "type": "string" + }, + "storageClassAnalysis": { + "description": "Specifies data related to access patterns to be collected and made available to analyze the tradeoffs between different storage classes for an Amazon S3 bucket.", + "properties": { + "dataExport": { + "description": "Container for data related to the storage class analysis for an Amazon S3 bucket for export.", + "properties": { + "destination": { + "description": "Where to publish the analytics results.", + "properties": { + "s3BucketDestination": { + "description": "Contains information about where to publish the analytics results.", + "properties": { + "bucket": { + "type": "string" + }, + "bucketAccountID": { + "type": "string" + }, + "format": { + "type": "string" + }, + "prefix": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "outputSchemaVersion": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "cors": { + "description": "Describes the cross-origin access configuration for objects in an Amazon S3 bucket. For more information, see Enabling Cross-Origin Resource Sharing (https://docs.aws.amazon.com/AmazonS3/latest/dev/cors.html) in the Amazon S3 User Guide.", + "properties": { + "corsRules": { + "items": { + "description": "Specifies a cross-origin access rule for an Amazon S3 bucket.", + "properties": { + "allowedHeaders": { + "items": { + "type": "string" + }, + "type": "array" + }, + "allowedMethods": { + "items": { + "type": "string" + }, + "type": "array" + }, + "allowedOrigins": { + "items": { + "type": "string" + }, + "type": "array" + }, + "exposeHeaders": { + "items": { + "type": "string" + }, + "type": "array" + }, + "id": { + "type": "string" + }, + "maxAgeSeconds": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "createBucketConfiguration": { + "description": "The configuration information for the bucket.", + "properties": { + "locationConstraint": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "encryption": { + "description": "Specifies the default server-side-encryption configuration.", + "properties": { + "rules": { + "items": { + "description": "Specifies the default server-side encryption configuration.", + "properties": { + "applyServerSideEncryptionByDefault": { + "description": "Describes the default server-side encryption to apply to new objects in the bucket. If a PUT Object request doesn't specify any server-side encryption, this default encryption will be applied. If you don't specify a customer managed key at configuration, Amazon S3 automatically creates an Amazon Web Services KMS key in your Amazon Web Services account the first time that you add an object encrypted with SSE-KMS to a bucket. By default, Amazon S3 uses this KMS key for SSE-KMS. For more information, see PUT Bucket encryption (https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTencryption.html) in the Amazon S3 API Reference.", + "properties": { + "kmsMasterKeyID": { + "type": "string" + }, + "sseAlgorithm": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "bucketKeyEnabled": { + "type": "boolean" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "grantFullControl": { + "description": "Allows grantee the read, write, read ACP, and write ACP permissions on the bucket.", + "type": "string" + }, + "grantRead": { + "description": "Allows grantee to list the objects in the bucket.", + "type": "string" + }, + "grantReadACP": { + "description": "Allows grantee to read the bucket ACL.", + "type": "string" + }, + "grantWrite": { + "description": "Allows grantee to create new objects in the bucket. \n For the bucket and object owners of existing objects, also allows deletions and overwrites of those objects.", + "type": "string" + }, + "grantWriteACP": { + "description": "Allows grantee to write the ACL for the applicable bucket.", + "type": "string" + }, + "intelligentTiering": { + "items": { + "description": "Specifies the S3 Intelligent-Tiering configuration for an Amazon S3 bucket. \n For information about the S3 Intelligent-Tiering storage class, see Storage class for automatically optimizing frequently and infrequently accessed objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html#sc-dynamic-data-access).", + "properties": { + "filter": { + "description": "The Filter is used to identify objects that the S3 Intelligent-Tiering configuration applies to.", + "properties": { + "and": { + "description": "A container for specifying S3 Intelligent-Tiering filters. The filters determine the subset of objects to which the rule applies.", + "properties": { + "prefix": { + "type": "string" + }, + "tags": { + "items": { + "description": "A container of a key value name pair.", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "prefix": { + "type": "string" + }, + "tag": { + "description": "A container of a key value name pair.", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "id": { + "type": "string" + }, + "status": { + "type": "string" + }, + "tierings": { + "items": { + "description": "The S3 Intelligent-Tiering storage class is designed to optimize storage costs by automatically moving data to the most cost-effective storage access tier, without additional operational overhead.", + "properties": { + "accessTier": { + "type": "string" + }, + "days": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "inventory": { + "items": { + "description": "Specifies the inventory configuration for an Amazon S3 bucket. For more information, see GET Bucket inventory (https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketGETInventoryConfig.html) in the Amazon S3 API Reference.", + "properties": { + "destination": { + "description": "Specifies the inventory configuration for an Amazon S3 bucket.", + "properties": { + "s3BucketDestination": { + "description": "Contains the bucket name, file format, bucket owner (optional), and prefix (optional) where inventory results are published.", + "properties": { + "accountID": { + "type": "string" + }, + "bucket": { + "type": "string" + }, + "encryption": { + "description": "Contains the type of server-side encryption used to encrypt the inventory results.", + "properties": { + "sseKMS": { + "description": "Specifies the use of SSE-KMS to encrypt delivered inventory reports.", + "properties": { + "keyID": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "format": { + "type": "string" + }, + "prefix": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "filter": { + "description": "Specifies an inventory filter. The inventory only includes objects that meet the filter's criteria.", + "properties": { + "prefix": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "id": { + "type": "string" + }, + "includedObjectVersions": { + "type": "string" + }, + "isEnabled": { + "type": "boolean" + }, + "optionalFields": { + "items": { + "type": "string" + }, + "type": "array" + }, + "schedule": { + "description": "Specifies the schedule for generating inventory results.", + "properties": { + "frequency": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "lifecycle": { + "description": "Container for lifecycle rules. You can add as many as 1,000 rules.", + "properties": { + "rules": { + "items": { + "description": "A lifecycle rule for individual objects in an Amazon S3 bucket.", + "properties": { + "abortIncompleteMultipartUpload": { + "description": "Specifies the days since the initiation of an incomplete multipart upload that Amazon S3 will wait before permanently removing all parts of the upload. For more information, see Aborting Incomplete Multipart Uploads Using a Bucket Lifecycle Policy (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html#mpu-abort-incomplete-mpu-lifecycle-config) in the Amazon S3 User Guide.", + "properties": { + "daysAfterInitiation": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + }, + "expiration": { + "description": "Container for the expiration for the lifecycle of the object.", + "properties": { + "date": { + "format": "date-time", + "type": "string" + }, + "days": { + "format": "int64", + "type": "integer" + }, + "expiredObjectDeleteMarker": { + "type": "boolean" + } + }, + "type": "object", + "additionalProperties": false + }, + "filter": { + "description": "The Filter is used to identify objects that a Lifecycle Rule applies to. A Filter must have exactly one of Prefix, Tag, or And specified.", + "properties": { + "and": { + "description": "This is used in a Lifecycle Rule Filter to apply a logical AND to two or more predicates. The Lifecycle Rule will apply to any object matching all of the predicates configured inside the And operator.", + "properties": { + "objectSizeGreaterThan": { + "format": "int64", + "type": "integer" + }, + "objectSizeLessThan": { + "format": "int64", + "type": "integer" + }, + "prefix": { + "type": "string" + }, + "tags": { + "items": { + "description": "A container of a key value name pair.", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "objectSizeGreaterThan": { + "format": "int64", + "type": "integer" + }, + "objectSizeLessThan": { + "format": "int64", + "type": "integer" + }, + "prefix": { + "type": "string" + }, + "tag": { + "description": "A container of a key value name pair.", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "id": { + "type": "string" + }, + "noncurrentVersionExpiration": { + "description": "Specifies when noncurrent object versions expire. Upon expiration, Amazon S3 permanently deletes the noncurrent object versions. You set this lifecycle configuration action on a bucket that has versioning enabled (or suspended) to request that Amazon S3 delete noncurrent object versions at a specific period in the object's lifetime.", + "properties": { + "newerNoncurrentVersions": { + "format": "int64", + "type": "integer" + }, + "noncurrentDays": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + }, + "noncurrentVersionTransitions": { + "items": { + "description": "Container for the transition rule that describes when noncurrent objects transition to the STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER_IR, GLACIER, or DEEP_ARCHIVE storage class. If your bucket is versioning-enabled (or versioning is suspended), you can set this action to request that Amazon S3 transition noncurrent object versions to the STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER_IR, GLACIER, or DEEP_ARCHIVE storage class at a specific period in the object's lifetime.", + "properties": { + "newerNoncurrentVersions": { + "format": "int64", + "type": "integer" + }, + "noncurrentDays": { + "format": "int64", + "type": "integer" + }, + "storageClass": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "prefix": { + "type": "string" + }, + "status": { + "type": "string" + }, + "transitions": { + "items": { + "description": "Specifies when an object transitions to a specified storage class. For more information about Amazon S3 lifecycle configuration rules, see Transitioning Objects Using Amazon S3 Lifecycle (https://docs.aws.amazon.com/AmazonS3/latest/dev/lifecycle-transition-general-considerations.html) in the Amazon S3 User Guide.", + "properties": { + "date": { + "format": "date-time", + "type": "string" + }, + "days": { + "format": "int64", + "type": "integer" + }, + "storageClass": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "logging": { + "description": "Container for logging status information.", + "properties": { + "loggingEnabled": { + "description": "Describes where logs are stored and the prefix that Amazon S3 assigns to all log object keys for a bucket. For more information, see PUT Bucket logging (https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTlogging.html) in the Amazon S3 API Reference.", + "properties": { + "targetBucket": { + "type": "string" + }, + "targetGrants": { + "items": { + "description": "Container for granting information. \n Buckets that use the bucket owner enforced setting for Object Ownership don't support target grants. For more information, see Permissions server access log delivery (https://docs.aws.amazon.com/AmazonS3/latest/userguide/enable-server-access-logging.html#grant-log-delivery-permissions-general) in the Amazon S3 User Guide.", + "properties": { + "grantee": { + "description": "Container for the person being granted permissions.", + "properties": { + "displayName": { + "type": "string" + }, + "emailAddress": { + "type": "string" + }, + "id": { + "type": "string" + }, + "type_": { + "type": "string" + }, + "uRI": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "permission": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "targetPrefix": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "metrics": { + "items": { + "description": "Specifies a metrics configuration for the CloudWatch request metrics (specified by the metrics configuration ID) from an Amazon S3 bucket. If you're updating an existing metrics configuration, note that this is a full replacement of the existing metrics configuration. If you don't include the elements you want to keep, they are erased. For more information, see PutBucketMetricsConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTMetricConfiguration.html).", + "properties": { + "filter": { + "description": "Specifies a metrics configuration filter. The metrics configuration only includes objects that meet the filter's criteria. A filter must be a prefix, an object tag, an access point ARN, or a conjunction (MetricsAndOperator). For more information, see PutBucketMetricsConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketMetricsConfiguration.html).", + "properties": { + "accessPointARN": { + "type": "string" + }, + "and": { + "description": "A conjunction (logical AND) of predicates, which is used in evaluating a metrics filter. The operator must have at least two predicates, and an object must match all of the predicates in order for the filter to apply.", + "properties": { + "accessPointARN": { + "type": "string" + }, + "prefix": { + "type": "string" + }, + "tags": { + "items": { + "description": "A container of a key value name pair.", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "prefix": { + "type": "string" + }, + "tag": { + "description": "A container of a key value name pair.", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "id": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "name": { + "description": "The name of the bucket to create.", + "type": "string" + }, + "notification": { + "description": "A container for specifying the notification configuration of the bucket. If this element is empty, notifications are turned off for the bucket.", + "properties": { + "lambdaFunctionConfigurations": { + "items": { + "description": "A container for specifying the configuration for Lambda notifications.", + "properties": { + "events": { + "items": { + "type": "string" + }, + "type": "array" + }, + "filter": { + "description": "Specifies object key name filtering rules. For information about key name filtering, see Configuring Event Notifications (https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) in the Amazon S3 User Guide.", + "properties": { + "key": { + "description": "A container for object key name prefix and suffix filtering rules.", + "properties": { + "filterRules": { + "description": "A list of containers for the key-value pair that defines the criteria for the filter rule.", + "items": { + "description": "Specifies the Amazon S3 object key name to filter on and whether to filter on the suffix or prefix of the key name.", + "properties": { + "name": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "id": { + "description": "An optional unique identifier for configurations in a notification configuration. If you don't provide one, Amazon S3 will assign an ID.", + "type": "string" + }, + "lambdaFunctionARN": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "queueConfigurations": { + "items": { + "description": "Specifies the configuration for publishing messages to an Amazon Simple Queue Service (Amazon SQS) queue when Amazon S3 detects specified events.", + "properties": { + "events": { + "items": { + "type": "string" + }, + "type": "array" + }, + "filter": { + "description": "Specifies object key name filtering rules. For information about key name filtering, see Configuring Event Notifications (https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) in the Amazon S3 User Guide.", + "properties": { + "key": { + "description": "A container for object key name prefix and suffix filtering rules.", + "properties": { + "filterRules": { + "description": "A list of containers for the key-value pair that defines the criteria for the filter rule.", + "items": { + "description": "Specifies the Amazon S3 object key name to filter on and whether to filter on the suffix or prefix of the key name.", + "properties": { + "name": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "id": { + "description": "An optional unique identifier for configurations in a notification configuration. If you don't provide one, Amazon S3 will assign an ID.", + "type": "string" + }, + "queueARN": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "topicConfigurations": { + "items": { + "description": "A container for specifying the configuration for publication of messages to an Amazon Simple Notification Service (Amazon SNS) topic when Amazon S3 detects specified events.", + "properties": { + "events": { + "items": { + "type": "string" + }, + "type": "array" + }, + "filter": { + "description": "Specifies object key name filtering rules. For information about key name filtering, see Configuring Event Notifications (https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) in the Amazon S3 User Guide.", + "properties": { + "key": { + "description": "A container for object key name prefix and suffix filtering rules.", + "properties": { + "filterRules": { + "description": "A list of containers for the key-value pair that defines the criteria for the filter rule.", + "items": { + "description": "Specifies the Amazon S3 object key name to filter on and whether to filter on the suffix or prefix of the key name.", + "properties": { + "name": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "id": { + "description": "An optional unique identifier for configurations in a notification configuration. If you don't provide one, Amazon S3 will assign an ID.", + "type": "string" + }, + "topicARN": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "objectLockEnabledForBucket": { + "description": "Specifies whether you want S3 Object Lock to be enabled for the new bucket.", + "type": "boolean" + }, + "objectOwnership": { + "type": "string" + }, + "ownershipControls": { + "description": "The OwnershipControls (BucketOwnerEnforced, BucketOwnerPreferred, or ObjectWriter) that you want to apply to this Amazon S3 bucket.", + "properties": { + "rules": { + "items": { + "description": "The container element for an ownership control rule.", + "properties": { + "objectOwnership": { + "description": "The container element for object ownership for a bucket's ownership controls. \n BucketOwnerPreferred - Objects uploaded to the bucket change ownership to the bucket owner if the objects are uploaded with the bucket-owner-full-control canned ACL. \n ObjectWriter - The uploading account will own the object if the object is uploaded with the bucket-owner-full-control canned ACL. \n BucketOwnerEnforced - Access control lists (ACLs) are disabled and no longer affect permissions. The bucket owner automatically owns and has full control over every object in the bucket. The bucket only accepts PUT requests that don't specify an ACL or bucket owner full control ACLs, such as the bucket-owner-full-control canned ACL or an equivalent form of this ACL expressed in the XML format.", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "policy": { + "description": "The bucket policy as a JSON document.", + "type": "string" + }, + "publicAccessBlock": { + "description": "The PublicAccessBlock configuration that you want to apply to this Amazon S3 bucket. You can enable the configuration options in any combination. For more information about when Amazon S3 considers a bucket or object public, see The Meaning of \"Public\" (https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html#access-control-block-public-access-policy-status) in the Amazon S3 User Guide.", + "properties": { + "blockPublicACLs": { + "type": "boolean" + }, + "blockPublicPolicy": { + "type": "boolean" + }, + "ignorePublicACLs": { + "type": "boolean" + }, + "restrictPublicBuckets": { + "type": "boolean" + } + }, + "type": "object", + "additionalProperties": false + }, + "replication": { + "description": "A container for replication rules. You can add up to 1,000 rules. The maximum size of a replication configuration is 2 MB.", + "properties": { + "role": { + "type": "string" + }, + "rules": { + "items": { + "description": "Specifies which Amazon S3 objects to replicate and where to store the replicas.", + "properties": { + "deleteMarkerReplication": { + "description": "Specifies whether Amazon S3 replicates delete markers. If you specify a Filter in your replication configuration, you must also include a DeleteMarkerReplication element. If your Filter includes a Tag element, the DeleteMarkerReplication Status must be set to Disabled, because Amazon S3 does not support replicating delete markers for tag-based rules. For an example configuration, see Basic Rule Configuration (https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-add-config.html#replication-config-min-rule-config). \n For more information about delete marker replication, see Basic Rule Configuration (https://docs.aws.amazon.com/AmazonS3/latest/dev/delete-marker-replication.html). \n If you are using an earlier version of the replication configuration, Amazon S3 handles replication of delete markers differently. For more information, see Backward Compatibility (https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-add-config.html#replication-backward-compat-considerations).", + "properties": { + "status": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "destination": { + "description": "Specifies information about where to publish analysis or configuration results for an Amazon S3 bucket and S3 Replication Time Control (S3 RTC).", + "properties": { + "accessControlTranslation": { + "description": "A container for information about access control for replicas.", + "properties": { + "owner": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "account": { + "type": "string" + }, + "bucket": { + "type": "string" + }, + "encryptionConfiguration": { + "description": "Specifies encryption-related information for an Amazon S3 bucket that is a destination for replicated objects.", + "properties": { + "replicaKMSKeyID": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "metrics": { + "description": "A container specifying replication metrics-related settings enabling replication metrics and events.", + "properties": { + "eventThreshold": { + "description": "A container specifying the time value for S3 Replication Time Control (S3 RTC) and replication metrics EventThreshold.", + "properties": { + "minutes": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + }, + "status": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "replicationTime": { + "description": "A container specifying S3 Replication Time Control (S3 RTC) related information, including whether S3 RTC is enabled and the time when all objects and operations on objects must be replicated. Must be specified together with a Metrics block.", + "properties": { + "status": { + "type": "string" + }, + "time": { + "description": "A container specifying the time value for S3 Replication Time Control (S3 RTC) and replication metrics EventThreshold.", + "properties": { + "minutes": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "storageClass": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "existingObjectReplication": { + "description": "Optional configuration to replicate existing source bucket objects. For more information, see Replicating Existing Objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-what-is-isnot-replicated.html#existing-object-replication) in the Amazon S3 User Guide.", + "properties": { + "status": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "filter": { + "description": "A filter that identifies the subset of objects to which the replication rule applies. A Filter must specify exactly one Prefix, Tag, or an And child element.", + "properties": { + "and": { + "description": "A container for specifying rule filters. The filters determine the subset of objects to which the rule applies. This element is required only if you specify more than one filter. \n For example: \n * If you specify both a Prefix and a Tag filter, wrap these filters in an And tag. \n * If you specify a filter based on multiple tags, wrap the Tag elements in an And tag.", + "properties": { + "prefix": { + "type": "string" + }, + "tags": { + "items": { + "description": "A container of a key value name pair.", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "prefix": { + "type": "string" + }, + "tag": { + "description": "A container of a key value name pair.", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "id": { + "type": "string" + }, + "prefix": { + "type": "string" + }, + "priority": { + "format": "int64", + "type": "integer" + }, + "sourceSelectionCriteria": { + "description": "A container that describes additional filters for identifying the source objects that you want to replicate. You can choose to enable or disable the replication of these objects. Currently, Amazon S3 supports only the filter that you can specify for objects created with server-side encryption using a customer managed key stored in Amazon Web Services Key Management Service (SSE-KMS).", + "properties": { + "replicaModifications": { + "description": "A filter that you can specify for selection for modifications on replicas. Amazon S3 doesn't replicate replica modifications by default. In the latest version of replication configuration (when Filter is specified), you can specify this element and set the status to Enabled to replicate modifications on replicas. \n If you don't specify the Filter element, Amazon S3 assumes that the replication configuration is the earlier version, V1. In the earlier version, this element is not allowed.", + "properties": { + "status": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "sseKMSEncryptedObjects": { + "description": "A container for filter information for the selection of S3 objects encrypted with Amazon Web Services KMS.", + "properties": { + "status": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "status": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "requestPayment": { + "description": "Container for Payer.", + "properties": { + "payer": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "tagging": { + "description": "Container for the TagSet and Tag elements.", + "properties": { + "tagSet": { + "items": { + "description": "A container of a key value name pair.", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "versioning": { + "description": "Container for setting the versioning state.", + "properties": { + "status": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "website": { + "description": "Container for the request.", + "properties": { + "errorDocument": { + "description": "The error information.", + "properties": { + "key": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "indexDocument": { + "description": "Container for the Suffix element.", + "properties": { + "suffix": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "redirectAllRequestsTo": { + "description": "Specifies the redirect behavior of all requests to a website endpoint of an Amazon S3 bucket.", + "properties": { + "hostName": { + "type": "string" + }, + "protocol": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "routingRules": { + "items": { + "description": "Specifies the redirect behavior and when a redirect is applied. For more information about routing rules, see Configuring advanced conditional redirects (https://docs.aws.amazon.com/AmazonS3/latest/dev/how-to-page-redirect.html#advanced-conditional-redirects) in the Amazon S3 User Guide.", + "properties": { + "condition": { + "description": "A container for describing a condition that must be met for the specified redirect to apply. For example, 1. If request is for pages in the /docs folder, redirect to the /documents folder. 2. If request results in HTTP error 4xx, redirect request to another host where you might process the error.", + "properties": { + "httpErrorCodeReturnedEquals": { + "type": "string" + }, + "keyPrefixEquals": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "redirect": { + "description": "Specifies how requests are redirected. In the event of an error, you can specify a different error code to return.", + "properties": { + "hostName": { + "type": "string" + }, + "httpRedirectCode": { + "type": "string" + }, + "protocol": { + "type": "string" + }, + "replaceKeyPrefixWith": { + "type": "string" + }, + "replaceKeyWith": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "required": [ + "name" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "BucketStatus defines the observed state of Bucket", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "location": { + "description": "A forward slash followed by the name of the bucket.", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/sagemaker.services.k8s.aws/app_v1alpha1.json b/sagemaker.services.k8s.aws/app_v1alpha1.json new file mode 100644 index 00000000..1094ff90 --- /dev/null +++ b/sagemaker.services.k8s.aws/app_v1alpha1.json @@ -0,0 +1,151 @@ +{ + "description": "App is the Schema for the Apps API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "AppSpec defines the desired state of App.", + "properties": { + "appName": { + "description": "The name of the app.", + "type": "string" + }, + "appType": { + "description": "The type of app.", + "type": "string" + }, + "domainID": { + "description": "The domain ID.", + "type": "string" + }, + "resourceSpec": { + "description": "The instance type and the Amazon Resource Name (ARN) of the SageMaker image created on the instance. \n The value of InstanceType passed as part of the ResourceSpec in the CreateApp call overrides the value passed as part of the ResourceSpec configured for the user profile or the domain. If InstanceType is not specified in any of those three ResourceSpec values for a KernelGateway app, the CreateApp call fails with a request validation error.", + "properties": { + "instanceType": { + "type": "string" + }, + "lifecycleConfigARN": { + "type": "string" + }, + "sageMakerImageARN": { + "type": "string" + }, + "sageMakerImageVersionARN": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "tags": { + "description": "Each tag consists of a key and an optional value. Tag keys must be unique per resource.", + "items": { + "description": "A tag object that consists of a key and an optional value, used to manage metadata for SageMaker Amazon Web Services resources. \n You can add tags to notebook instances, training jobs, hyperparameter tuning jobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations, and endpoints. For more information on adding tags to SageMaker resources, see AddTags. \n For more information on adding metadata to your Amazon Web Services resources with tagging, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html). For advice on best practices for managing Amazon Web Services resources with tagging, see Tagging Best Practices: Implement an Effective Amazon Web Services Resource Tagging Strategy (https://d1.awsstatic.com/whitepapers/aws-tagging-best-practices.pdf).", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "userProfileName": { + "description": "The user profile name. If this value is not set, then SpaceName must be set.", + "type": "string" + } + }, + "required": [ + "appName", + "appType", + "domainID" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "AppStatus defines the observed state of App", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "status": { + "description": "The status.", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/sagemaker.services.k8s.aws/dataqualityjobdefinition_v1alpha1.json b/sagemaker.services.k8s.aws/dataqualityjobdefinition_v1alpha1.json new file mode 100644 index 00000000..c1a4d141 --- /dev/null +++ b/sagemaker.services.k8s.aws/dataqualityjobdefinition_v1alpha1.json @@ -0,0 +1,338 @@ +{ + "description": "DataQualityJobDefinition is the Schema for the DataQualityJobDefinitions API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "DataQualityJobDefinitionSpec defines the desired state of DataQualityJobDefinition.", + "properties": { + "dataQualityAppSpecification": { + "description": "Specifies the container that runs the monitoring job.", + "properties": { + "containerArguments": { + "items": { + "type": "string" + }, + "type": "array" + }, + "containerEntrypoint": { + "items": { + "type": "string" + }, + "type": "array" + }, + "environment": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "imageURI": { + "type": "string" + }, + "postAnalyticsProcessorSourceURI": { + "type": "string" + }, + "recordPreprocessorSourceURI": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "dataQualityBaselineConfig": { + "description": "Configures the constraints and baselines for the monitoring job.", + "properties": { + "baseliningJobName": { + "type": "string" + }, + "constraintsResource": { + "description": "The constraints resource for a monitoring job.", + "properties": { + "s3URI": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "statisticsResource": { + "description": "The statistics resource for a monitoring job.", + "properties": { + "s3URI": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "dataQualityJobInput": { + "description": "A list of inputs for the monitoring job. Currently endpoints are supported as monitoring inputs.", + "properties": { + "endpointInput": { + "description": "Input object for the endpoint", + "properties": { + "endTimeOffset": { + "type": "string" + }, + "endpointName": { + "type": "string" + }, + "featuresAttribute": { + "type": "string" + }, + "inferenceAttribute": { + "type": "string" + }, + "localPath": { + "type": "string" + }, + "probabilityAttribute": { + "type": "string" + }, + "probabilityThresholdAttribute": { + "type": "number" + }, + "s3DataDistributionType": { + "type": "string" + }, + "s3InputMode": { + "type": "string" + }, + "startTimeOffset": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "dataQualityJobOutputConfig": { + "description": "The output configuration for monitoring jobs.", + "properties": { + "kmsKeyID": { + "type": "string" + }, + "monitoringOutputs": { + "items": { + "description": "The output object for a monitoring job.", + "properties": { + "s3Output": { + "description": "Information about where and how you want to store the results of a monitoring job.", + "properties": { + "localPath": { + "type": "string" + }, + "s3URI": { + "type": "string" + }, + "s3UploadMode": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "jobDefinitionName": { + "description": "The name for the monitoring job definition.", + "type": "string" + }, + "jobResources": { + "description": "Identifies the resources to deploy for a monitoring job.", + "properties": { + "clusterConfig": { + "description": "Configuration for the cluster used to run model monitoring jobs.", + "properties": { + "instanceCount": { + "format": "int64", + "type": "integer" + }, + "instanceType": { + "type": "string" + }, + "volumeKMSKeyID": { + "type": "string" + }, + "volumeSizeInGB": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "networkConfig": { + "description": "Specifies networking configuration for the monitoring job.", + "properties": { + "enableInterContainerTrafficEncryption": { + "type": "boolean" + }, + "enableNetworkIsolation": { + "type": "boolean" + }, + "vpcConfig": { + "description": "Specifies a VPC that your training jobs and hosted models have access to. Control access to and from your training and model containers by configuring the VPC. For more information, see Protect Endpoints by Using an Amazon Virtual Private Cloud (https://docs.aws.amazon.com/sagemaker/latest/dg/host-vpc.html) and Protect Training Jobs by Using an Amazon Virtual Private Cloud (https://docs.aws.amazon.com/sagemaker/latest/dg/train-vpc.html).", + "properties": { + "securityGroupIDs": { + "items": { + "type": "string" + }, + "type": "array" + }, + "subnets": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "roleARN": { + "description": "The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker can assume to perform tasks on your behalf.", + "type": "string" + }, + "stoppingCondition": { + "description": "A time limit for how long the monitoring job is allowed to run before stopping.", + "properties": { + "maxRuntimeInSeconds": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + }, + "tags": { + "description": "(Optional) An array of key-value pairs. For more information, see Using Cost Allocation Tags (https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html#allocation-whatURL) in the Amazon Web Services Billing and Cost Management User Guide.", + "items": { + "description": "A tag object that consists of a key and an optional value, used to manage metadata for SageMaker Amazon Web Services resources. \n You can add tags to notebook instances, training jobs, hyperparameter tuning jobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations, and endpoints. For more information on adding tags to SageMaker resources, see AddTags. \n For more information on adding metadata to your Amazon Web Services resources with tagging, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html). For advice on best practices for managing Amazon Web Services resources with tagging, see Tagging Best Practices: Implement an Effective Amazon Web Services Resource Tagging Strategy (https://d1.awsstatic.com/whitepapers/aws-tagging-best-practices.pdf).", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "required": [ + "dataQualityAppSpecification", + "dataQualityJobInput", + "dataQualityJobOutputConfig", + "jobDefinitionName", + "jobResources", + "roleARN" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "DataQualityJobDefinitionStatus defines the observed state of DataQualityJobDefinition", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/sagemaker.services.k8s.aws/domain_v1alpha1.json b/sagemaker.services.k8s.aws/domain_v1alpha1.json new file mode 100644 index 00000000..da8ac675 --- /dev/null +++ b/sagemaker.services.k8s.aws/domain_v1alpha1.json @@ -0,0 +1,364 @@ +{ + "description": "Domain is the Schema for the Domains API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "DomainSpec defines the desired state of Domain.", + "properties": { + "appNetworkAccessType": { + "description": "Specifies the VPC used for non-EFS traffic. The default value is PublicInternetOnly. \n - PublicInternetOnly - Non-EFS traffic is through a VPC managed by Amazon SageMaker, which allows direct internet access \n - VpcOnly - All Studio traffic is through the specified VPC and subnets", + "type": "string" + }, + "appSecurityGroupManagement": { + "description": "The entity that creates and manages the required security groups for inter-app communication in VPCOnly mode. Required when CreateDomain.AppNetworkAccessType is VPCOnly and DomainSettings.RStudioServerProDomainSettings.DomainExecutionRoleArn is provided.", + "type": "string" + }, + "authMode": { + "description": "The mode of authentication that members use to access the domain.", + "type": "string" + }, + "defaultUserSettings": { + "description": "The default settings to use to create a user profile when UserSettings isn't specified in the call to the CreateUserProfile API. \n SecurityGroups is aggregated when specified in both calls. For all other settings in UserSettings, the values specified in CreateUserProfile take precedence over those specified in CreateDomain.", + "properties": { + "executionRole": { + "type": "string" + }, + "jupyterServerAppSettings": { + "description": "The JupyterServer app settings.", + "properties": { + "defaultResourceSpec": { + "description": "Specifies the ARN's of a SageMaker image and SageMaker image version, and the instance type that the version runs on.", + "properties": { + "instanceType": { + "type": "string" + }, + "lifecycleConfigARN": { + "type": "string" + }, + "sageMakerImageARN": { + "type": "string" + }, + "sageMakerImageVersionARN": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "lifecycleConfigARNs": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "kernelGatewayAppSettings": { + "description": "The KernelGateway app settings.", + "properties": { + "customImages": { + "items": { + "description": "A custom SageMaker image. For more information, see Bring your own SageMaker image (https://docs.aws.amazon.com/sagemaker/latest/dg/studio-byoi.html).", + "properties": { + "appImageConfigName": { + "type": "string" + }, + "imageName": { + "type": "string" + }, + "imageVersionNumber": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "defaultResourceSpec": { + "description": "Specifies the ARN's of a SageMaker image and SageMaker image version, and the instance type that the version runs on.", + "properties": { + "instanceType": { + "type": "string" + }, + "lifecycleConfigARN": { + "type": "string" + }, + "sageMakerImageARN": { + "type": "string" + }, + "sageMakerImageVersionARN": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "lifecycleConfigARNs": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "rStudioServerProAppSettings": { + "description": "A collection of settings that configure user interaction with the RStudioServerPro app. RStudioServerProAppSettings cannot be updated. The RStudioServerPro app must be deleted and a new one created to make any changes.", + "properties": { + "accessStatus": { + "type": "string" + }, + "userGroup": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "securityGroups": { + "items": { + "type": "string" + }, + "type": "array" + }, + "sharingSettings": { + "description": "Specifies options for sharing SageMaker Studio notebooks. These settings are specified as part of DefaultUserSettings when the CreateDomain API is called, and as part of UserSettings when the CreateUserProfile API is called. When SharingSettings is not specified, notebook sharing isn't allowed.", + "properties": { + "notebookOutputOption": { + "type": "string" + }, + "s3KMSKeyID": { + "type": "string" + }, + "s3OutputPath": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "tensorBoardAppSettings": { + "description": "The TensorBoard app settings.", + "properties": { + "defaultResourceSpec": { + "description": "Specifies the ARN's of a SageMaker image and SageMaker image version, and the instance type that the version runs on.", + "properties": { + "instanceType": { + "type": "string" + }, + "lifecycleConfigARN": { + "type": "string" + }, + "sageMakerImageARN": { + "type": "string" + }, + "sageMakerImageVersionARN": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "domainName": { + "description": "A name for the domain.", + "type": "string" + }, + "domainSettings": { + "description": "A collection of Domain settings.", + "properties": { + "rStudioServerProDomainSettings": { + "description": "A collection of settings that configure the RStudioServerPro Domain-level app.", + "properties": { + "defaultResourceSpec": { + "description": "Specifies the ARN's of a SageMaker image and SageMaker image version, and the instance type that the version runs on.", + "properties": { + "instanceType": { + "type": "string" + }, + "lifecycleConfigARN": { + "type": "string" + }, + "sageMakerImageARN": { + "type": "string" + }, + "sageMakerImageVersionARN": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "domainExecutionRoleARN": { + "type": "string" + }, + "rStudioConnectURL": { + "type": "string" + }, + "rStudioPackageManagerURL": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "securityGroupIDs": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "homeEFSFileSystemKMSKeyID": { + "description": "Use KmsKeyId.", + "type": "string" + }, + "kmsKeyID": { + "description": "SageMaker uses Amazon Web Services KMS to encrypt the EFS volume attached to the domain with an Amazon Web Services managed key by default. For more control, specify a customer managed key.", + "type": "string" + }, + "subnetIDs": { + "description": "The VPC subnets that Studio uses for communication.", + "items": { + "type": "string" + }, + "type": "array" + }, + "tags": { + "description": "Tags to associated with the Domain. Each tag consists of a key and an optional value. Tag keys must be unique per resource. Tags are searchable using the Search API. \n Tags that you specify for the Domain are also added to all Apps that the Domain launches.", + "items": { + "description": "A tag object that consists of a key and an optional value, used to manage metadata for SageMaker Amazon Web Services resources. \n You can add tags to notebook instances, training jobs, hyperparameter tuning jobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations, and endpoints. For more information on adding tags to SageMaker resources, see AddTags. \n For more information on adding metadata to your Amazon Web Services resources with tagging, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html). For advice on best practices for managing Amazon Web Services resources with tagging, see Tagging Best Practices: Implement an Effective Amazon Web Services Resource Tagging Strategy (https://d1.awsstatic.com/whitepapers/aws-tagging-best-practices.pdf).", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "vpcID": { + "description": "The ID of the Amazon Virtual Private Cloud (VPC) that Studio uses for communication.", + "type": "string" + } + }, + "required": [ + "authMode", + "defaultUserSettings", + "domainName", + "subnetIDs", + "vpcID" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "DomainStatus defines the observed state of Domain", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "domainID": { + "description": "The domain ID.", + "type": "string" + }, + "status": { + "description": "The status.", + "type": "string" + }, + "url": { + "description": "The URL to the created domain.", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/sagemaker.services.k8s.aws/endpoint_v1alpha1.json b/sagemaker.services.k8s.aws/endpoint_v1alpha1.json new file mode 100644 index 00000000..8c2be1fe --- /dev/null +++ b/sagemaker.services.k8s.aws/endpoint_v1alpha1.json @@ -0,0 +1,436 @@ +{ + "description": "Endpoint is the Schema for the Endpoints API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "EndpointSpec defines the desired state of Endpoint. \n A hosted endpoint for real-time inference.", + "properties": { + "deploymentConfig": { + "description": "The deployment configuration for an endpoint, which contains the desired deployment strategy and rollback configurations.", + "properties": { + "autoRollbackConfiguration": { + "description": "Automatic rollback configuration for handling endpoint deployment failures and recovery.", + "properties": { + "alarms": { + "items": { + "description": "An Amazon CloudWatch alarm configured to monitor metrics on an endpoint.", + "properties": { + "alarmName": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "blueGreenUpdatePolicy": { + "description": "Update policy for a blue/green deployment. If this update policy is specified, SageMaker creates a new fleet during the deployment while maintaining the old fleet. SageMaker flips traffic to the new fleet according to the specified traffic routing configuration. Only one update policy should be used in the deployment configuration. If no update policy is specified, SageMaker uses a blue/green deployment strategy with all at once traffic shifting by default.", + "properties": { + "maximumExecutionTimeoutInSeconds": { + "format": "int64", + "type": "integer" + }, + "terminationWaitInSeconds": { + "format": "int64", + "type": "integer" + }, + "trafficRoutingConfiguration": { + "description": "Defines the traffic routing strategy during an endpoint deployment to shift traffic from the old fleet to the new fleet.", + "properties": { + "canarySize": { + "description": "Specifies the endpoint capacity to activate for production.", + "properties": { + "type_": { + "type": "string" + }, + "value": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + }, + "linearStepSize": { + "description": "Specifies the endpoint capacity to activate for production.", + "properties": { + "type_": { + "type": "string" + }, + "value": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + }, + "type_": { + "type": "string" + }, + "waitIntervalInSeconds": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "endpointConfigName": { + "description": "The name of an endpoint configuration. For more information, see CreateEndpointConfig.", + "type": "string" + }, + "endpointName": { + "description": "The name of the endpoint.The name must be unique within an Amazon Web Services Region in your Amazon Web Services account. The name is case-insensitive in CreateEndpoint, but the case is preserved and must be matched in .", + "type": "string" + }, + "tags": { + "description": "An array of key-value pairs. You can use tags to categorize your Amazon Web Services resources in different ways, for example, by purpose, owner, or environment. For more information, see Tagging Amazon Web Services Resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html).", + "items": { + "description": "A tag object that consists of a key and an optional value, used to manage metadata for SageMaker Amazon Web Services resources. \n You can add tags to notebook instances, training jobs, hyperparameter tuning jobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations, and endpoints. For more information on adding tags to SageMaker resources, see AddTags. \n For more information on adding metadata to your Amazon Web Services resources with tagging, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html). For advice on best practices for managing Amazon Web Services resources with tagging, see Tagging Best Practices: Implement an Effective Amazon Web Services Resource Tagging Strategy (https://d1.awsstatic.com/whitepapers/aws-tagging-best-practices.pdf).", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "required": [ + "endpointConfigName", + "endpointName" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "EndpointStatus defines the observed state of Endpoint", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "creationTime": { + "description": "A timestamp that shows when the endpoint was created.", + "format": "date-time", + "type": "string" + }, + "endpointStatus": { + "description": "The status of the endpoint. \n * OutOfService: Endpoint is not available to take incoming requests. \n * Creating: CreateEndpoint is executing. \n * Updating: UpdateEndpoint or UpdateEndpointWeightsAndCapacities is executing. \n * SystemUpdating: Endpoint is undergoing maintenance and cannot be updated or deleted or re-scaled until it has completed. This maintenance operation does not change any customer-specified values such as VPC config, KMS encryption, model, instance type, or instance count. \n * RollingBack: Endpoint fails to scale up or down or change its variant weight and is in the process of rolling back to its previous configuration. Once the rollback completes, endpoint returns to an InService status. This transitional status only applies to an endpoint that has autoscaling enabled and is undergoing variant weight or capacity changes as part of an UpdateEndpointWeightsAndCapacities call or when the UpdateEndpointWeightsAndCapacities operation is called explicitly. \n * InService: Endpoint is available to process incoming requests. \n * Deleting: DeleteEndpoint is executing. \n * Failed: Endpoint could not be created, updated, or re-scaled. Use DescribeEndpointOutput$FailureReason for information about the failure. DeleteEndpoint is the only operation that can be performed on a failed endpoint.", + "type": "string" + }, + "failureReason": { + "description": "If the status of the endpoint is Failed, the reason why it failed.", + "type": "string" + }, + "lastModifiedTime": { + "description": "A timestamp that shows when the endpoint was last modified.", + "format": "date-time", + "type": "string" + }, + "pendingDeploymentSummary": { + "description": "Returns the summary of an in-progress deployment. This field is only returned when the endpoint is creating or updating with a new endpoint configuration.", + "properties": { + "endpointConfigName": { + "type": "string" + }, + "productionVariants": { + "items": { + "description": "The production variant summary for a deployment when an endpoint is creating or updating with the CreateEndpoint or UpdateEndpoint operations. Describes the VariantStatus , weight and capacity for a production variant associated with an endpoint.", + "properties": { + "acceleratorType": { + "type": "string" + }, + "currentInstanceCount": { + "format": "int64", + "type": "integer" + }, + "currentServerlessConfig": { + "description": "Specifies the serverless configuration for an endpoint variant.", + "properties": { + "maxConcurrency": { + "format": "int64", + "type": "integer" + }, + "memorySizeInMB": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + }, + "currentWeight": { + "type": "number" + }, + "deployedImages": { + "items": { + "description": "Gets the Amazon EC2 Container Registry path of the docker image of the model that is hosted in this ProductionVariant. \n If you used the registry/repository[:tag] form to specify the image path of the primary container when you created the model hosted in this ProductionVariant, the path resolves to a path of the form registry/repository[@digest]. A digest is a hash value that identifies a specific version of an image. For information about Amazon ECR paths, see Pulling an Image (https://docs.aws.amazon.com/AmazonECR/latest/userguide/docker-pull-ecr-image.html) in the Amazon ECR User Guide.", + "properties": { + "resolutionTime": { + "format": "date-time", + "type": "string" + }, + "resolvedImage": { + "type": "string" + }, + "specifiedImage": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "desiredInstanceCount": { + "format": "int64", + "type": "integer" + }, + "desiredServerlessConfig": { + "description": "Specifies the serverless configuration for an endpoint variant.", + "properties": { + "maxConcurrency": { + "format": "int64", + "type": "integer" + }, + "memorySizeInMB": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + }, + "desiredWeight": { + "type": "number" + }, + "instanceType": { + "type": "string" + }, + "variantName": { + "type": "string" + }, + "variantStatus": { + "items": { + "description": "Describes the status of the production variant.", + "properties": { + "startTime": { + "format": "date-time", + "type": "string" + }, + "status": { + "type": "string" + }, + "statusMessage": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "startTime": { + "format": "date-time", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "productionVariants": { + "description": "An array of ProductionVariantSummary objects, one for each model hosted behind this endpoint.", + "items": { + "description": "Describes weight and capacities for a production variant associated with an endpoint. If you sent a request to the UpdateEndpointWeightsAndCapacities API and the endpoint status is Updating, you get different desired and current values.", + "properties": { + "currentInstanceCount": { + "format": "int64", + "type": "integer" + }, + "currentServerlessConfig": { + "description": "Specifies the serverless configuration for an endpoint variant.", + "properties": { + "maxConcurrency": { + "format": "int64", + "type": "integer" + }, + "memorySizeInMB": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + }, + "currentWeight": { + "type": "number" + }, + "deployedImages": { + "items": { + "description": "Gets the Amazon EC2 Container Registry path of the docker image of the model that is hosted in this ProductionVariant. \n If you used the registry/repository[:tag] form to specify the image path of the primary container when you created the model hosted in this ProductionVariant, the path resolves to a path of the form registry/repository[@digest]. A digest is a hash value that identifies a specific version of an image. For information about Amazon ECR paths, see Pulling an Image (https://docs.aws.amazon.com/AmazonECR/latest/userguide/docker-pull-ecr-image.html) in the Amazon ECR User Guide.", + "properties": { + "resolutionTime": { + "format": "date-time", + "type": "string" + }, + "resolvedImage": { + "type": "string" + }, + "specifiedImage": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "desiredInstanceCount": { + "format": "int64", + "type": "integer" + }, + "desiredServerlessConfig": { + "description": "Specifies the serverless configuration for an endpoint variant.", + "properties": { + "maxConcurrency": { + "format": "int64", + "type": "integer" + }, + "memorySizeInMB": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + }, + "desiredWeight": { + "type": "number" + }, + "variantName": { + "type": "string" + }, + "variantStatus": { + "items": { + "description": "Describes the status of the production variant.", + "properties": { + "startTime": { + "format": "date-time", + "type": "string" + }, + "status": { + "type": "string" + }, + "statusMessage": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/sagemaker.services.k8s.aws/endpointconfig_v1alpha1.json b/sagemaker.services.k8s.aws/endpointconfig_v1alpha1.json new file mode 100644 index 00000000..fe07b8cf --- /dev/null +++ b/sagemaker.services.k8s.aws/endpointconfig_v1alpha1.json @@ -0,0 +1,288 @@ +{ + "description": "EndpointConfig is the Schema for the EndpointConfigs API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "EndpointConfigSpec defines the desired state of EndpointConfig.", + "properties": { + "asyncInferenceConfig": { + "description": "Specifies configuration for how an endpoint performs asynchronous inference. This is a required field in order for your Endpoint to be invoked using InvokeEndpointAsync (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_runtime_InvokeEndpointAsync.html).", + "properties": { + "clientConfig": { + "description": "Configures the behavior of the client used by SageMaker to interact with the model container during asynchronous inference.", + "properties": { + "maxConcurrentInvocationsPerInstance": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + }, + "outputConfig": { + "description": "Specifies the configuration for asynchronous inference invocation outputs.", + "properties": { + "kmsKeyID": { + "type": "string" + }, + "notificationConfig": { + "description": "Specifies the configuration for notifications of inference results for asynchronous inference.", + "properties": { + "errorTopic": { + "type": "string" + }, + "successTopic": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "s3OutputPath": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "dataCaptureConfig": { + "description": "Configuration to control how SageMaker captures inference data.", + "properties": { + "captureContentTypeHeader": { + "description": "Configuration specifying how to treat different headers. If no headers are specified SageMaker will by default base64 encode when capturing the data.", + "properties": { + "csvContentTypes": { + "items": { + "type": "string" + }, + "type": "array" + }, + "jsonContentTypes": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "captureOptions": { + "items": { + "description": "Specifies data Model Monitor will capture.", + "properties": { + "captureMode": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "destinationS3URI": { + "type": "string" + }, + "enableCapture": { + "type": "boolean" + }, + "initialSamplingPercentage": { + "format": "int64", + "type": "integer" + }, + "kmsKeyID": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "endpointConfigName": { + "description": "The name of the endpoint configuration. You specify this name in a CreateEndpoint request.", + "type": "string" + }, + "kmsKeyID": { + "description": "The Amazon Resource Name (ARN) of a Amazon Web Services Key Management Service key that SageMaker uses to encrypt data on the storage volume attached to the ML compute instance that hosts the endpoint. \n The KmsKeyId can be any of the following formats: \n - Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab \n - Key ARN: arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab \n - Alias name: alias/ExampleAlias \n - Alias name ARN: arn:aws:kms:us-west-2:111122223333:alias/ExampleAlias \n The KMS key policy must grant permission to the IAM role that you specify in your CreateEndpoint, UpdateEndpoint requests. For more information, refer to the Amazon Web Services Key Management Service section Using Key Policies in Amazon Web Services KMS (https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html) \n Certain Nitro-based instances include local storage, dependent on the instance type. Local storage volumes are encrypted using a hardware module on the instance. You can't request a KmsKeyId when using an instance type with local storage. If any of the models that you specify in the ProductionVariants parameter use nitro-based instances with local storage, do not specify a value for the KmsKeyId parameter. If you specify a value for KmsKeyId when using any nitro-based instances with local storage, the call to CreateEndpointConfig fails. \n For a list of instance types that support local instance storage, see Instance Store Volumes (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html#instance-store-volumes). \n For more information about local instance storage encryption, see SSD Instance Store Volumes (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ssd-instance-store.html).", + "type": "string" + }, + "productionVariants": { + "description": "An array of ProductionVariant objects, one for each model that you want to host at this endpoint.", + "items": { + "description": "Identifies a model that you want to host and the resources chosen to deploy for hosting it. If you are deploying multiple models, tell SageMaker how to distribute traffic among the models by specifying variant weights. For more information on production variants, check Production variants (https://docs.aws.amazon.com/sagemaker/latest/dg/model-ab-testing.html).", + "properties": { + "acceleratorType": { + "type": "string" + }, + "containerStartupHealthCheckTimeoutInSeconds": { + "format": "int64", + "type": "integer" + }, + "coreDumpConfig": { + "description": "Specifies configuration for a core dump from the model container when the process crashes.", + "properties": { + "destinationS3URI": { + "type": "string" + }, + "kmsKeyID": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "enableSSMAccess": { + "type": "boolean" + }, + "initialInstanceCount": { + "format": "int64", + "type": "integer" + }, + "initialVariantWeight": { + "type": "number" + }, + "instanceType": { + "type": "string" + }, + "modelDataDownloadTimeoutInSeconds": { + "format": "int64", + "type": "integer" + }, + "modelName": { + "type": "string" + }, + "serverlessConfig": { + "description": "Specifies the serverless configuration for an endpoint variant.", + "properties": { + "maxConcurrency": { + "format": "int64", + "type": "integer" + }, + "memorySizeInMB": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + }, + "variantName": { + "type": "string" + }, + "volumeSizeInGB": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "tags": { + "description": "An array of key-value pairs. You can use tags to categorize your Amazon Web Services resources in different ways, for example, by purpose, owner, or environment. For more information, see Tagging Amazon Web Services Resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html).", + "items": { + "description": "A tag object that consists of a key and an optional value, used to manage metadata for SageMaker Amazon Web Services resources. \n You can add tags to notebook instances, training jobs, hyperparameter tuning jobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations, and endpoints. For more information on adding tags to SageMaker resources, see AddTags. \n For more information on adding metadata to your Amazon Web Services resources with tagging, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html). For advice on best practices for managing Amazon Web Services resources with tagging, see Tagging Best Practices: Implement an Effective Amazon Web Services Resource Tagging Strategy (https://d1.awsstatic.com/whitepapers/aws-tagging-best-practices.pdf).", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "required": [ + "endpointConfigName", + "productionVariants" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "EndpointConfigStatus defines the observed state of EndpointConfig", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/sagemaker.services.k8s.aws/featuregroup_v1alpha1.json b/sagemaker.services.k8s.aws/featuregroup_v1alpha1.json new file mode 100644 index 00000000..ba10ccaa --- /dev/null +++ b/sagemaker.services.k8s.aws/featuregroup_v1alpha1.json @@ -0,0 +1,220 @@ +{ + "description": "FeatureGroup is the Schema for the FeatureGroups API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "FeatureGroupSpec defines the desired state of FeatureGroup. \n Amazon SageMaker Feature Store stores features in a collection called Feature Group. A Feature Group can be visualized as a table which has rows, with a unique identifier for each row where each column in the table is a feature. In principle, a Feature Group is composed of features and values per features.", + "properties": { + "description": { + "description": "A free-form description of a FeatureGroup.", + "type": "string" + }, + "eventTimeFeatureName": { + "description": "The name of the feature that stores the EventTime of a Record in a FeatureGroup. \n An EventTime is a point in time when a new event occurs that corresponds to the creation or update of a Record in a FeatureGroup. All Records in the FeatureGroup must have a corresponding EventTime. \n An EventTime can be a String or Fractional. \n - Fractional: EventTime feature values must be a Unix timestamp in seconds. \n - String: EventTime feature values must be an ISO-8601 string in the format. The following formats are supported yyyy-MM-dd'T'HH:mm:ssZ and yyyy-MM-dd'T'HH:mm:ss.SSSZ where yyyy, MM, and dd represent the year, month, and day respectively and HH, mm, ss, and if applicable, SSS represent the hour, month, second and milliseconds respsectively. 'T' and Z are constants.", + "type": "string" + }, + "featureDefinitions": { + "description": "A list of Feature names and types. Name and Type is compulsory per Feature. \n Valid feature FeatureTypes are Integral, Fractional and String. \n FeatureNames cannot be any of the following: is_deleted, write_time, api_invocation_time \n You can create up to 2,500 FeatureDefinitions per FeatureGroup.", + "items": { + "description": "A list of features. You must include FeatureName and FeatureType. Valid feature FeatureTypes are Integral, Fractional and String.", + "properties": { + "featureName": { + "type": "string" + }, + "featureType": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "featureGroupName": { + "description": "The name of the FeatureGroup. The name must be unique within an Amazon Web Services Region in an Amazon Web Services account. The name: \n - Must start and end with an alphanumeric character. \n - Can only contain alphanumeric character and hyphens. Spaces are not allowed.", + "type": "string" + }, + "offlineStoreConfig": { + "description": "Use this to configure an OfflineFeatureStore. This parameter allows you to specify: \n - The Amazon Simple Storage Service (Amazon S3) location of an OfflineStore. \n - A configuration for an Amazon Web Services Glue or Amazon Web Services Hive data catalog. \n - An KMS encryption key to encrypt the Amazon S3 location used for OfflineStore. If KMS encryption key is not specified, by default we encrypt all data at rest using Amazon Web Services KMS key. By defining your bucket-level key (https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucket-key.html) for SSE, you can reduce Amazon Web Services KMS requests costs by up to 99 percent. \n - Format for the offline store table. Supported formats are Glue (Default) and Apache Iceberg (https://iceberg.apache.org/). \n To learn more about this parameter, see OfflineStoreConfig.", + "properties": { + "dataCatalogConfig": { + "description": "The meta data of the Glue table which serves as data catalog for the OfflineStore.", + "properties": { + "catalog": { + "type": "string" + }, + "database": { + "type": "string" + }, + "tableName": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "disableGlueTableCreation": { + "type": "boolean" + }, + "s3StorageConfig": { + "description": "The Amazon Simple Storage (Amazon S3) location and and security configuration for OfflineStore.", + "properties": { + "kmsKeyID": { + "type": "string" + }, + "resolvedOutputS3URI": { + "type": "string" + }, + "s3URI": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "onlineStoreConfig": { + "description": "You can turn the OnlineStore on or off by specifying True for the EnableOnlineStore flag in OnlineStoreConfig; the default value is False. \n You can also include an Amazon Web Services KMS key ID (KMSKeyId) for at-rest encryption of the OnlineStore.", + "properties": { + "enableOnlineStore": { + "type": "boolean" + }, + "securityConfig": { + "description": "The security configuration for OnlineStore.", + "properties": { + "kmsKeyID": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "recordIdentifierFeatureName": { + "description": "The name of the Feature whose value uniquely identifies a Record defined in the FeatureStore. Only the latest record per identifier value will be stored in the OnlineStore. RecordIdentifierFeatureName must be one of feature definitions' names. \n You use the RecordIdentifierFeatureName to access data in a FeatureStore. \n This name: \n - Must start and end with an alphanumeric character. \n - Can only contains alphanumeric characters, hyphens, underscores. Spaces are not allowed.", + "type": "string" + }, + "roleARN": { + "description": "The Amazon Resource Name (ARN) of the IAM execution role used to persist data into the OfflineStore if an OfflineStoreConfig is provided.", + "type": "string" + }, + "tags": { + "description": "Tags used to identify Features in each FeatureGroup.", + "items": { + "description": "A tag object that consists of a key and an optional value, used to manage metadata for SageMaker Amazon Web Services resources. \n You can add tags to notebook instances, training jobs, hyperparameter tuning jobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations, and endpoints. For more information on adding tags to SageMaker resources, see AddTags. \n For more information on adding metadata to your Amazon Web Services resources with tagging, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html). For advice on best practices for managing Amazon Web Services resources with tagging, see Tagging Best Practices: Implement an Effective Amazon Web Services Resource Tagging Strategy (https://d1.awsstatic.com/whitepapers/aws-tagging-best-practices.pdf).", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "required": [ + "eventTimeFeatureName", + "featureDefinitions", + "featureGroupName", + "recordIdentifierFeatureName" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "FeatureGroupStatus defines the observed state of FeatureGroup", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "failureReason": { + "description": "The reason that the FeatureGroup failed to be replicated in the OfflineStore. This is failure can occur because: \n * The FeatureGroup could not be created in the OfflineStore. \n * The FeatureGroup could not be deleted from the OfflineStore.", + "type": "string" + }, + "featureGroupStatus": { + "description": "The status of the feature group.", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/sagemaker.services.k8s.aws/hyperparametertuningjob_v1alpha1.json b/sagemaker.services.k8s.aws/hyperparametertuningjob_v1alpha1.json new file mode 100644 index 00000000..8e099e5d --- /dev/null +++ b/sagemaker.services.k8s.aws/hyperparametertuningjob_v1alpha1.json @@ -0,0 +1,1098 @@ +{ + "description": "HyperParameterTuningJob is the Schema for the HyperParameterTuningJobs API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "HyperParameterTuningJobSpec defines the desired state of HyperParameterTuningJob.", + "properties": { + "hyperParameterTuningJobConfig": { + "description": "The HyperParameterTuningJobConfig object that describes the tuning job, including the search strategy, the objective metric used to evaluate training jobs, ranges of parameters to search, and resource limits for the tuning job. For more information, see How Hyperparameter Tuning Works (https://docs.aws.amazon.com/sagemaker/latest/dg/automatic-model-tuning-how-it-works.html).", + "properties": { + "hyperParameterTuningJobObjective": { + "description": "Defines the objective metric for a hyperparameter tuning job. Hyperparameter tuning uses the value of this metric to evaluate the training jobs it launches, and returns the training job that results in either the highest or lowest value for this metric, depending on the value you specify for the Type parameter.", + "properties": { + "metricName": { + "type": "string" + }, + "type_": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "parameterRanges": { + "description": "Specifies ranges of integer, continuous, and categorical hyperparameters that a hyperparameter tuning job searches. The hyperparameter tuning job launches training jobs with hyperparameter values within these ranges to find the combination of values that result in the training job with the best performance as measured by the objective metric of the hyperparameter tuning job. \n The maximum number of items specified for Array Members refers to the maximum number of hyperparameters for each range and also the maximum for the hyperparameter tuning job itself. That is, the sum of the number of hyperparameters for all the ranges can't exceed the maximum number specified.", + "properties": { + "categoricalParameterRanges": { + "items": { + "description": "A list of categorical hyperparameters to tune.", + "properties": { + "name": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "continuousParameterRanges": { + "items": { + "description": "A list of continuous hyperparameters to tune.", + "properties": { + "maxValue": { + "type": "string" + }, + "minValue": { + "type": "string" + }, + "name": { + "type": "string" + }, + "scalingType": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "integerParameterRanges": { + "items": { + "description": "For a hyperparameter of the integer type, specifies the range that a hyperparameter tuning job searches.", + "properties": { + "maxValue": { + "type": "string" + }, + "minValue": { + "type": "string" + }, + "name": { + "type": "string" + }, + "scalingType": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "resourceLimits": { + "description": "Specifies the maximum number of training jobs and parallel training jobs that a hyperparameter tuning job can launch.", + "properties": { + "maxNumberOfTrainingJobs": { + "format": "int64", + "type": "integer" + }, + "maxParallelTrainingJobs": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + }, + "strategy": { + "description": "The strategy hyperparameter tuning uses to find the best combination of hyperparameters for your model.", + "type": "string" + }, + "trainingJobEarlyStoppingType": { + "type": "string" + }, + "tuningJobCompletionCriteria": { + "description": "The job completion criteria.", + "properties": { + "targetObjectiveMetricValue": { + "type": "number" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "hyperParameterTuningJobName": { + "description": "The name of the tuning job. This name is the prefix for the names of all training jobs that this tuning job launches. The name must be unique within the same Amazon Web Services account and Amazon Web Services Region. The name must have 1 to 32 characters. Valid characters are a-z, A-Z, 0-9, and : + = @ _ % - (hyphen). The name is not case sensitive.", + "type": "string" + }, + "tags": { + "description": "An array of key-value pairs. You can use tags to categorize your Amazon Web Services resources in different ways, for example, by purpose, owner, or environment. For more information, see Tagging Amazon Web Services Resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html). \n Tags that you specify for the tuning job are also added to all training jobs that the tuning job launches.", + "items": { + "description": "A tag object that consists of a key and an optional value, used to manage metadata for SageMaker Amazon Web Services resources. \n You can add tags to notebook instances, training jobs, hyperparameter tuning jobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations, and endpoints. For more information on adding tags to SageMaker resources, see AddTags. \n For more information on adding metadata to your Amazon Web Services resources with tagging, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html). For advice on best practices for managing Amazon Web Services resources with tagging, see Tagging Best Practices: Implement an Effective Amazon Web Services Resource Tagging Strategy (https://d1.awsstatic.com/whitepapers/aws-tagging-best-practices.pdf).", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "trainingJobDefinition": { + "description": "The HyperParameterTrainingJobDefinition object that describes the training jobs that this tuning job launches, including static hyperparameters, input data configuration, output data configuration, resource configuration, and stopping condition.", + "properties": { + "algorithmSpecification": { + "description": "Specifies which training algorithm to use for training jobs that a hyperparameter tuning job launches and the metrics to monitor.", + "properties": { + "algorithmName": { + "type": "string" + }, + "metricDefinitions": { + "items": { + "description": "Specifies a metric that the training algorithm writes to stderr or stdout. SageMakerhyperparameter tuning captures all defined metrics. You specify one metric that a hyperparameter tuning job uses as its objective metric to choose the best training job.", + "properties": { + "name": { + "type": "string" + }, + "regex": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "trainingImage": { + "type": "string" + }, + "trainingInputMode": { + "description": "The training input mode that the algorithm supports. For more information about input modes, see Algorithms (https://docs.aws.amazon.com/sagemaker/latest/dg/algos.html). \n Pipe mode \n If an algorithm supports Pipe mode, Amazon SageMaker streams data directly from Amazon S3 to the container. \n File mode \n If an algorithm supports File mode, SageMaker downloads the training data from S3 to the provisioned ML storage volume, and mounts the directory to the Docker volume for the training container. \n You must provision the ML storage volume with sufficient capacity to accommodate the data downloaded from S3. In addition to the training data, the ML storage volume also stores the output model. The algorithm container uses the ML storage volume to also store intermediate information, if any. \n For distributed algorithms, training data is distributed uniformly. Your training duration is predictable if the input data objects sizes are approximately the same. SageMaker does not split the files any further for model training. If the object sizes are skewed, training won't be optimal as the data distribution is also skewed when one host in a training cluster is overloaded, thus becoming a bottleneck in training. \n FastFile mode \n If an algorithm supports FastFile mode, SageMaker streams data directly from S3 to the container with no code changes, and provides file system access to the data. Users can author their training script to interact with these files as if they were stored on disk. \n FastFile mode works best when the data is read sequentially. Augmented manifest files aren't supported. The startup time is lower when there are fewer files in the S3 bucket provided.", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "checkpointConfig": { + "description": "Contains information about the output location for managed spot training checkpoint data.", + "properties": { + "localPath": { + "type": "string" + }, + "s3URI": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "definitionName": { + "type": "string" + }, + "enableInterContainerTrafficEncryption": { + "type": "boolean" + }, + "enableManagedSpotTraining": { + "type": "boolean" + }, + "enableNetworkIsolation": { + "type": "boolean" + }, + "hyperParameterRanges": { + "description": "Specifies ranges of integer, continuous, and categorical hyperparameters that a hyperparameter tuning job searches. The hyperparameter tuning job launches training jobs with hyperparameter values within these ranges to find the combination of values that result in the training job with the best performance as measured by the objective metric of the hyperparameter tuning job. \n The maximum number of items specified for Array Members refers to the maximum number of hyperparameters for each range and also the maximum for the hyperparameter tuning job itself. That is, the sum of the number of hyperparameters for all the ranges can't exceed the maximum number specified.", + "properties": { + "categoricalParameterRanges": { + "items": { + "description": "A list of categorical hyperparameters to tune.", + "properties": { + "name": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "continuousParameterRanges": { + "items": { + "description": "A list of continuous hyperparameters to tune.", + "properties": { + "maxValue": { + "type": "string" + }, + "minValue": { + "type": "string" + }, + "name": { + "type": "string" + }, + "scalingType": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "integerParameterRanges": { + "items": { + "description": "For a hyperparameter of the integer type, specifies the range that a hyperparameter tuning job searches.", + "properties": { + "maxValue": { + "type": "string" + }, + "minValue": { + "type": "string" + }, + "name": { + "type": "string" + }, + "scalingType": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "inputDataConfig": { + "items": { + "description": "A channel is a named input source that training algorithms can consume.", + "properties": { + "channelName": { + "type": "string" + }, + "compressionType": { + "type": "string" + }, + "contentType": { + "type": "string" + }, + "dataSource": { + "description": "Describes the location of the channel data.", + "properties": { + "fileSystemDataSource": { + "description": "Specifies a file system data source for a channel.", + "properties": { + "directoryPath": { + "type": "string" + }, + "fileSystemAccessMode": { + "type": "string" + }, + "fileSystemID": { + "type": "string" + }, + "fileSystemType": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "s3DataSource": { + "description": "Describes the S3 data source.", + "properties": { + "attributeNames": { + "items": { + "type": "string" + }, + "type": "array" + }, + "instanceGroupNames": { + "items": { + "type": "string" + }, + "type": "array" + }, + "s3DataDistributionType": { + "type": "string" + }, + "s3DataType": { + "type": "string" + }, + "s3URI": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "inputMode": { + "description": "The training input mode that the algorithm supports. For more information about input modes, see Algorithms (https://docs.aws.amazon.com/sagemaker/latest/dg/algos.html). \n Pipe mode \n If an algorithm supports Pipe mode, Amazon SageMaker streams data directly from Amazon S3 to the container. \n File mode \n If an algorithm supports File mode, SageMaker downloads the training data from S3 to the provisioned ML storage volume, and mounts the directory to the Docker volume for the training container. \n You must provision the ML storage volume with sufficient capacity to accommodate the data downloaded from S3. In addition to the training data, the ML storage volume also stores the output model. The algorithm container uses the ML storage volume to also store intermediate information, if any. \n For distributed algorithms, training data is distributed uniformly. Your training duration is predictable if the input data objects sizes are approximately the same. SageMaker does not split the files any further for model training. If the object sizes are skewed, training won't be optimal as the data distribution is also skewed when one host in a training cluster is overloaded, thus becoming a bottleneck in training. \n FastFile mode \n If an algorithm supports FastFile mode, SageMaker streams data directly from S3 to the container with no code changes, and provides file system access to the data. Users can author their training script to interact with these files as if they were stored on disk. \n FastFile mode works best when the data is read sequentially. Augmented manifest files aren't supported. The startup time is lower when there are fewer files in the S3 bucket provided.", + "type": "string" + }, + "recordWrapperType": { + "type": "string" + }, + "shuffleConfig": { + "description": "A configuration for a shuffle option for input data in a channel. If you use S3Prefix for S3DataType, the results of the S3 key prefix matches are shuffled. If you use ManifestFile, the order of the S3 object references in the ManifestFile is shuffled. If you use AugmentedManifestFile, the order of the JSON lines in the AugmentedManifestFile is shuffled. The shuffling order is determined using the Seed value. \n For Pipe input mode, when ShuffleConfig is specified shuffling is done at the start of every epoch. With large datasets, this ensures that the order of the training data is different for each epoch, and it helps reduce bias and possible overfitting. In a multi-node training job when ShuffleConfig is combined with S3DataDistributionType of ShardedByS3Key, the data is shuffled across nodes so that the content sent to a particular node on the first epoch might be sent to a different node on the second epoch.", + "properties": { + "seed": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "outputDataConfig": { + "description": "Provides information about how to store model training results (model artifacts).", + "properties": { + "kmsKeyID": { + "type": "string" + }, + "s3OutputPath": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "resourceConfig": { + "description": "Describes the resources, including machine learning (ML) compute instances and ML storage volumes, to use for model training.", + "properties": { + "instanceCount": { + "format": "int64", + "type": "integer" + }, + "instanceGroups": { + "items": { + "description": "Defines an instance group for heterogeneous cluster training. When requesting a training job using the CreateTrainingJob (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateTrainingJob.html) API, you can configure multiple instance groups .", + "properties": { + "instanceCount": { + "format": "int64", + "type": "integer" + }, + "instanceGroupName": { + "type": "string" + }, + "instanceType": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "instanceType": { + "type": "string" + }, + "keepAlivePeriodInSeconds": { + "format": "int64", + "type": "integer" + }, + "volumeKMSKeyID": { + "type": "string" + }, + "volumeSizeInGB": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + }, + "retryStrategy": { + "description": "The retry strategy to use when a training job fails due to an InternalServerError. RetryStrategy is specified as part of the CreateTrainingJob and CreateHyperParameterTuningJob requests. You can add the StoppingCondition parameter to the request to limit the training time for the complete job.", + "properties": { + "maximumRetryAttempts": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + }, + "roleARN": { + "type": "string" + }, + "staticHyperParameters": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "stoppingCondition": { + "description": "Specifies a limit to how long a model training job or model compilation job can run. It also specifies how long a managed spot training job has to complete. When the job reaches the time limit, SageMaker ends the training or compilation job. Use this API to cap model training costs. \n To stop a training job, SageMaker sends the algorithm the SIGTERM signal, which delays job termination for 120 seconds. Algorithms can use this 120-second window to save the model artifacts, so the results of training are not lost. \n The training algorithms provided by SageMaker automatically save the intermediate results of a model training job when possible. This attempt to save artifacts is only a best effort case as model might not be in a state from which it can be saved. For example, if training has just started, the model might not be ready to save. When saved, this intermediate data is a valid model artifact. You can use it to create a model with CreateModel. \n The Neural Topic Model (NTM) currently does not support saving intermediate model artifacts. When training NTMs, make sure that the maximum runtime is sufficient for the training job to complete.", + "properties": { + "maxRuntimeInSeconds": { + "format": "int64", + "type": "integer" + }, + "maxWaitTimeInSeconds": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + }, + "tuningObjective": { + "description": "Defines the objective metric for a hyperparameter tuning job. Hyperparameter tuning uses the value of this metric to evaluate the training jobs it launches, and returns the training job that results in either the highest or lowest value for this metric, depending on the value you specify for the Type parameter.", + "properties": { + "metricName": { + "type": "string" + }, + "type_": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "vpcConfig": { + "description": "Specifies a VPC that your training jobs and hosted models have access to. Control access to and from your training and model containers by configuring the VPC. For more information, see Protect Endpoints by Using an Amazon Virtual Private Cloud (https://docs.aws.amazon.com/sagemaker/latest/dg/host-vpc.html) and Protect Training Jobs by Using an Amazon Virtual Private Cloud (https://docs.aws.amazon.com/sagemaker/latest/dg/train-vpc.html).", + "properties": { + "securityGroupIDs": { + "items": { + "type": "string" + }, + "type": "array" + }, + "subnets": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "trainingJobDefinitions": { + "description": "A list of the HyperParameterTrainingJobDefinition objects launched for this tuning job.", + "items": { + "description": "Defines the training jobs launched by a hyperparameter tuning job.", + "properties": { + "algorithmSpecification": { + "description": "Specifies which training algorithm to use for training jobs that a hyperparameter tuning job launches and the metrics to monitor.", + "properties": { + "algorithmName": { + "type": "string" + }, + "metricDefinitions": { + "items": { + "description": "Specifies a metric that the training algorithm writes to stderr or stdout. SageMakerhyperparameter tuning captures all defined metrics. You specify one metric that a hyperparameter tuning job uses as its objective metric to choose the best training job.", + "properties": { + "name": { + "type": "string" + }, + "regex": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "trainingImage": { + "type": "string" + }, + "trainingInputMode": { + "description": "The training input mode that the algorithm supports. For more information about input modes, see Algorithms (https://docs.aws.amazon.com/sagemaker/latest/dg/algos.html). \n Pipe mode \n If an algorithm supports Pipe mode, Amazon SageMaker streams data directly from Amazon S3 to the container. \n File mode \n If an algorithm supports File mode, SageMaker downloads the training data from S3 to the provisioned ML storage volume, and mounts the directory to the Docker volume for the training container. \n You must provision the ML storage volume with sufficient capacity to accommodate the data downloaded from S3. In addition to the training data, the ML storage volume also stores the output model. The algorithm container uses the ML storage volume to also store intermediate information, if any. \n For distributed algorithms, training data is distributed uniformly. Your training duration is predictable if the input data objects sizes are approximately the same. SageMaker does not split the files any further for model training. If the object sizes are skewed, training won't be optimal as the data distribution is also skewed when one host in a training cluster is overloaded, thus becoming a bottleneck in training. \n FastFile mode \n If an algorithm supports FastFile mode, SageMaker streams data directly from S3 to the container with no code changes, and provides file system access to the data. Users can author their training script to interact with these files as if they were stored on disk. \n FastFile mode works best when the data is read sequentially. Augmented manifest files aren't supported. The startup time is lower when there are fewer files in the S3 bucket provided.", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "checkpointConfig": { + "description": "Contains information about the output location for managed spot training checkpoint data.", + "properties": { + "localPath": { + "type": "string" + }, + "s3URI": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "definitionName": { + "type": "string" + }, + "enableInterContainerTrafficEncryption": { + "type": "boolean" + }, + "enableManagedSpotTraining": { + "type": "boolean" + }, + "enableNetworkIsolation": { + "type": "boolean" + }, + "hyperParameterRanges": { + "description": "Specifies ranges of integer, continuous, and categorical hyperparameters that a hyperparameter tuning job searches. The hyperparameter tuning job launches training jobs with hyperparameter values within these ranges to find the combination of values that result in the training job with the best performance as measured by the objective metric of the hyperparameter tuning job. \n The maximum number of items specified for Array Members refers to the maximum number of hyperparameters for each range and also the maximum for the hyperparameter tuning job itself. That is, the sum of the number of hyperparameters for all the ranges can't exceed the maximum number specified.", + "properties": { + "categoricalParameterRanges": { + "items": { + "description": "A list of categorical hyperparameters to tune.", + "properties": { + "name": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "continuousParameterRanges": { + "items": { + "description": "A list of continuous hyperparameters to tune.", + "properties": { + "maxValue": { + "type": "string" + }, + "minValue": { + "type": "string" + }, + "name": { + "type": "string" + }, + "scalingType": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "integerParameterRanges": { + "items": { + "description": "For a hyperparameter of the integer type, specifies the range that a hyperparameter tuning job searches.", + "properties": { + "maxValue": { + "type": "string" + }, + "minValue": { + "type": "string" + }, + "name": { + "type": "string" + }, + "scalingType": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "inputDataConfig": { + "items": { + "description": "A channel is a named input source that training algorithms can consume.", + "properties": { + "channelName": { + "type": "string" + }, + "compressionType": { + "type": "string" + }, + "contentType": { + "type": "string" + }, + "dataSource": { + "description": "Describes the location of the channel data.", + "properties": { + "fileSystemDataSource": { + "description": "Specifies a file system data source for a channel.", + "properties": { + "directoryPath": { + "type": "string" + }, + "fileSystemAccessMode": { + "type": "string" + }, + "fileSystemID": { + "type": "string" + }, + "fileSystemType": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "s3DataSource": { + "description": "Describes the S3 data source.", + "properties": { + "attributeNames": { + "items": { + "type": "string" + }, + "type": "array" + }, + "instanceGroupNames": { + "items": { + "type": "string" + }, + "type": "array" + }, + "s3DataDistributionType": { + "type": "string" + }, + "s3DataType": { + "type": "string" + }, + "s3URI": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "inputMode": { + "description": "The training input mode that the algorithm supports. For more information about input modes, see Algorithms (https://docs.aws.amazon.com/sagemaker/latest/dg/algos.html). \n Pipe mode \n If an algorithm supports Pipe mode, Amazon SageMaker streams data directly from Amazon S3 to the container. \n File mode \n If an algorithm supports File mode, SageMaker downloads the training data from S3 to the provisioned ML storage volume, and mounts the directory to the Docker volume for the training container. \n You must provision the ML storage volume with sufficient capacity to accommodate the data downloaded from S3. In addition to the training data, the ML storage volume also stores the output model. The algorithm container uses the ML storage volume to also store intermediate information, if any. \n For distributed algorithms, training data is distributed uniformly. Your training duration is predictable if the input data objects sizes are approximately the same. SageMaker does not split the files any further for model training. If the object sizes are skewed, training won't be optimal as the data distribution is also skewed when one host in a training cluster is overloaded, thus becoming a bottleneck in training. \n FastFile mode \n If an algorithm supports FastFile mode, SageMaker streams data directly from S3 to the container with no code changes, and provides file system access to the data. Users can author their training script to interact with these files as if they were stored on disk. \n FastFile mode works best when the data is read sequentially. Augmented manifest files aren't supported. The startup time is lower when there are fewer files in the S3 bucket provided.", + "type": "string" + }, + "recordWrapperType": { + "type": "string" + }, + "shuffleConfig": { + "description": "A configuration for a shuffle option for input data in a channel. If you use S3Prefix for S3DataType, the results of the S3 key prefix matches are shuffled. If you use ManifestFile, the order of the S3 object references in the ManifestFile is shuffled. If you use AugmentedManifestFile, the order of the JSON lines in the AugmentedManifestFile is shuffled. The shuffling order is determined using the Seed value. \n For Pipe input mode, when ShuffleConfig is specified shuffling is done at the start of every epoch. With large datasets, this ensures that the order of the training data is different for each epoch, and it helps reduce bias and possible overfitting. In a multi-node training job when ShuffleConfig is combined with S3DataDistributionType of ShardedByS3Key, the data is shuffled across nodes so that the content sent to a particular node on the first epoch might be sent to a different node on the second epoch.", + "properties": { + "seed": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "outputDataConfig": { + "description": "Provides information about how to store model training results (model artifacts).", + "properties": { + "kmsKeyID": { + "type": "string" + }, + "s3OutputPath": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "resourceConfig": { + "description": "Describes the resources, including machine learning (ML) compute instances and ML storage volumes, to use for model training.", + "properties": { + "instanceCount": { + "format": "int64", + "type": "integer" + }, + "instanceGroups": { + "items": { + "description": "Defines an instance group for heterogeneous cluster training. When requesting a training job using the CreateTrainingJob (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateTrainingJob.html) API, you can configure multiple instance groups .", + "properties": { + "instanceCount": { + "format": "int64", + "type": "integer" + }, + "instanceGroupName": { + "type": "string" + }, + "instanceType": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "instanceType": { + "type": "string" + }, + "keepAlivePeriodInSeconds": { + "format": "int64", + "type": "integer" + }, + "volumeKMSKeyID": { + "type": "string" + }, + "volumeSizeInGB": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + }, + "retryStrategy": { + "description": "The retry strategy to use when a training job fails due to an InternalServerError. RetryStrategy is specified as part of the CreateTrainingJob and CreateHyperParameterTuningJob requests. You can add the StoppingCondition parameter to the request to limit the training time for the complete job.", + "properties": { + "maximumRetryAttempts": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + }, + "roleARN": { + "type": "string" + }, + "staticHyperParameters": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "stoppingCondition": { + "description": "Specifies a limit to how long a model training job or model compilation job can run. It also specifies how long a managed spot training job has to complete. When the job reaches the time limit, SageMaker ends the training or compilation job. Use this API to cap model training costs. \n To stop a training job, SageMaker sends the algorithm the SIGTERM signal, which delays job termination for 120 seconds. Algorithms can use this 120-second window to save the model artifacts, so the results of training are not lost. \n The training algorithms provided by SageMaker automatically save the intermediate results of a model training job when possible. This attempt to save artifacts is only a best effort case as model might not be in a state from which it can be saved. For example, if training has just started, the model might not be ready to save. When saved, this intermediate data is a valid model artifact. You can use it to create a model with CreateModel. \n The Neural Topic Model (NTM) currently does not support saving intermediate model artifacts. When training NTMs, make sure that the maximum runtime is sufficient for the training job to complete.", + "properties": { + "maxRuntimeInSeconds": { + "format": "int64", + "type": "integer" + }, + "maxWaitTimeInSeconds": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + }, + "tuningObjective": { + "description": "Defines the objective metric for a hyperparameter tuning job. Hyperparameter tuning uses the value of this metric to evaluate the training jobs it launches, and returns the training job that results in either the highest or lowest value for this metric, depending on the value you specify for the Type parameter.", + "properties": { + "metricName": { + "type": "string" + }, + "type_": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "vpcConfig": { + "description": "Specifies a VPC that your training jobs and hosted models have access to. Control access to and from your training and model containers by configuring the VPC. For more information, see Protect Endpoints by Using an Amazon Virtual Private Cloud (https://docs.aws.amazon.com/sagemaker/latest/dg/host-vpc.html) and Protect Training Jobs by Using an Amazon Virtual Private Cloud (https://docs.aws.amazon.com/sagemaker/latest/dg/train-vpc.html).", + "properties": { + "securityGroupIDs": { + "items": { + "type": "string" + }, + "type": "array" + }, + "subnets": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "warmStartConfig": { + "description": "Specifies the configuration for starting the hyperparameter tuning job using one or more previous tuning jobs as a starting point. The results of previous tuning jobs are used to inform which combinations of hyperparameters to search over in the new tuning job. \n All training jobs launched by the new hyperparameter tuning job are evaluated by using the objective metric. If you specify IDENTICAL_DATA_AND_ALGORITHM as the WarmStartType value for the warm start configuration, the training job that performs the best in the new tuning job is compared to the best training jobs from the parent tuning jobs. From these, the training job that performs the best as measured by the objective metric is returned as the overall best training job. \n All training jobs launched by parent hyperparameter tuning jobs and the new hyperparameter tuning jobs count against the limit of training jobs for the tuning job.", + "properties": { + "parentHyperParameterTuningJobs": { + "items": { + "description": "A previously completed or stopped hyperparameter tuning job to be used as a starting point for a new hyperparameter tuning job.", + "properties": { + "hyperParameterTuningJobName": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "warmStartType": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "required": [ + "hyperParameterTuningJobConfig", + "hyperParameterTuningJobName" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "HyperParameterTuningJobStatus defines the observed state of HyperParameterTuningJob", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "bestTrainingJob": { + "description": "A TrainingJobSummary object that describes the training job that completed with the best current HyperParameterTuningJobObjective.", + "properties": { + "creationTime": { + "format": "date-time", + "type": "string" + }, + "failureReason": { + "type": "string" + }, + "finalHyperParameterTuningJobObjectiveMetric": { + "description": "Shows the latest objective metric emitted by a training job that was launched by a hyperparameter tuning job. You define the objective metric in the HyperParameterTuningJobObjective parameter of HyperParameterTuningJobConfig.", + "properties": { + "metricName": { + "type": "string" + }, + "type_": { + "type": "string" + }, + "value": { + "type": "number" + } + }, + "type": "object", + "additionalProperties": false + }, + "objectiveStatus": { + "type": "string" + }, + "trainingEndTime": { + "format": "date-time", + "type": "string" + }, + "trainingJobARN": { + "type": "string" + }, + "trainingJobDefinitionName": { + "type": "string" + }, + "trainingJobName": { + "type": "string" + }, + "trainingJobStatus": { + "type": "string" + }, + "trainingStartTime": { + "format": "date-time", + "type": "string" + }, + "tunedHyperParameters": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "tuningJobName": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "failureReason": { + "description": "If the tuning job failed, the reason it failed.", + "type": "string" + }, + "hyperParameterTuningJobStatus": { + "description": "The status of the tuning job: InProgress, Completed, Failed, Stopping, or Stopped.", + "type": "string" + }, + "overallBestTrainingJob": { + "description": "If the hyperparameter tuning job is an warm start tuning job with a WarmStartType of IDENTICAL_DATA_AND_ALGORITHM, this is the TrainingJobSummary for the training job with the best objective metric value of all training jobs launched by this tuning job and all parent jobs specified for the warm start tuning job.", + "properties": { + "creationTime": { + "format": "date-time", + "type": "string" + }, + "failureReason": { + "type": "string" + }, + "finalHyperParameterTuningJobObjectiveMetric": { + "description": "Shows the latest objective metric emitted by a training job that was launched by a hyperparameter tuning job. You define the objective metric in the HyperParameterTuningJobObjective parameter of HyperParameterTuningJobConfig.", + "properties": { + "metricName": { + "type": "string" + }, + "type_": { + "type": "string" + }, + "value": { + "type": "number" + } + }, + "type": "object", + "additionalProperties": false + }, + "objectiveStatus": { + "type": "string" + }, + "trainingEndTime": { + "format": "date-time", + "type": "string" + }, + "trainingJobARN": { + "type": "string" + }, + "trainingJobDefinitionName": { + "type": "string" + }, + "trainingJobName": { + "type": "string" + }, + "trainingJobStatus": { + "type": "string" + }, + "trainingStartTime": { + "format": "date-time", + "type": "string" + }, + "tunedHyperParameters": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "tuningJobName": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/sagemaker.services.k8s.aws/model_v1alpha1.json b/sagemaker.services.k8s.aws/model_v1alpha1.json new file mode 100644 index 00000000..a56aaec7 --- /dev/null +++ b/sagemaker.services.k8s.aws/model_v1alpha1.json @@ -0,0 +1,278 @@ +{ + "description": "Model is the Schema for the Models API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "ModelSpec defines the desired state of Model. \n The properties of a model as returned by the Search API.", + "properties": { + "containers": { + "description": "Specifies the containers in the inference pipeline.", + "items": { + "description": "Describes the container, as part of model definition.", + "properties": { + "containerHostname": { + "type": "string" + }, + "environment": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "image": { + "type": "string" + }, + "imageConfig": { + "description": "Specifies whether the model container is in Amazon ECR or a private Docker registry accessible from your Amazon Virtual Private Cloud (VPC).", + "properties": { + "repositoryAccessMode": { + "type": "string" + }, + "repositoryAuthConfig": { + "description": "Specifies an authentication configuration for the private docker registry where your model image is hosted. Specify a value for this property only if you specified Vpc as the value for the RepositoryAccessMode field of the ImageConfig object that you passed to a call to CreateModel and the private Docker registry where the model image is hosted requires authentication.", + "properties": { + "repositoryCredentialsProviderARN": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "inferenceSpecificationName": { + "type": "string" + }, + "mode": { + "type": "string" + }, + "modelDataURL": { + "type": "string" + }, + "modelPackageName": { + "type": "string" + }, + "multiModelConfig": { + "description": "Specifies additional configuration for hosting multi-model endpoints.", + "properties": { + "modelCacheSetting": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "enableNetworkIsolation": { + "description": "Isolates the model container. No inbound or outbound network calls can be made to or from the model container.", + "type": "boolean" + }, + "executionRoleARN": { + "description": "The Amazon Resource Name (ARN) of the IAM role that SageMaker can assume to access model artifacts and docker image for deployment on ML compute instances or for batch transform jobs. Deploying on ML compute instances is part of model hosting. For more information, see SageMaker Roles (https://docs.aws.amazon.com/sagemaker/latest/dg/sagemaker-roles.html). \n To be able to pass this role to SageMaker, the caller of this API must have the iam:PassRole permission.", + "type": "string" + }, + "inferenceExecutionConfig": { + "description": "Specifies details of how containers in a multi-container endpoint are called.", + "properties": { + "mode": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "modelName": { + "description": "The name of the new model.", + "type": "string" + }, + "primaryContainer": { + "description": "The location of the primary docker image containing inference code, associated artifacts, and custom environment map that the inference code uses when the model is deployed for predictions.", + "properties": { + "containerHostname": { + "type": "string" + }, + "environment": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "image": { + "type": "string" + }, + "imageConfig": { + "description": "Specifies whether the model container is in Amazon ECR or a private Docker registry accessible from your Amazon Virtual Private Cloud (VPC).", + "properties": { + "repositoryAccessMode": { + "type": "string" + }, + "repositoryAuthConfig": { + "description": "Specifies an authentication configuration for the private docker registry where your model image is hosted. Specify a value for this property only if you specified Vpc as the value for the RepositoryAccessMode field of the ImageConfig object that you passed to a call to CreateModel and the private Docker registry where the model image is hosted requires authentication.", + "properties": { + "repositoryCredentialsProviderARN": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "inferenceSpecificationName": { + "type": "string" + }, + "mode": { + "type": "string" + }, + "modelDataURL": { + "type": "string" + }, + "modelPackageName": { + "type": "string" + }, + "multiModelConfig": { + "description": "Specifies additional configuration for hosting multi-model endpoints.", + "properties": { + "modelCacheSetting": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "tags": { + "description": "An array of key-value pairs. You can use tags to categorize your Amazon Web Services resources in different ways, for example, by purpose, owner, or environment. For more information, see Tagging Amazon Web Services Resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html).", + "items": { + "description": "A tag object that consists of a key and an optional value, used to manage metadata for SageMaker Amazon Web Services resources. \n You can add tags to notebook instances, training jobs, hyperparameter tuning jobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations, and endpoints. For more information on adding tags to SageMaker resources, see AddTags. \n For more information on adding metadata to your Amazon Web Services resources with tagging, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html). For advice on best practices for managing Amazon Web Services resources with tagging, see Tagging Best Practices: Implement an Effective Amazon Web Services Resource Tagging Strategy (https://d1.awsstatic.com/whitepapers/aws-tagging-best-practices.pdf).", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "vpcConfig": { + "description": "A VpcConfig object that specifies the VPC that you want your model to connect to. Control access to and from your model container by configuring the VPC. VpcConfig is used in hosting services and in batch transform. For more information, see Protect Endpoints by Using an Amazon Virtual Private Cloud (https://docs.aws.amazon.com/sagemaker/latest/dg/host-vpc.html) and Protect Data in Batch Transform Jobs by Using an Amazon Virtual Private Cloud (https://docs.aws.amazon.com/sagemaker/latest/dg/batch-vpc.html).", + "properties": { + "securityGroupIDs": { + "items": { + "type": "string" + }, + "type": "array" + }, + "subnets": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "required": [ + "executionRoleARN", + "modelName" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "ModelStatus defines the observed state of Model", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/sagemaker.services.k8s.aws/modelbiasjobdefinition_v1alpha1.json b/sagemaker.services.k8s.aws/modelbiasjobdefinition_v1alpha1.json new file mode 100644 index 00000000..1c1dee6b --- /dev/null +++ b/sagemaker.services.k8s.aws/modelbiasjobdefinition_v1alpha1.json @@ -0,0 +1,323 @@ +{ + "description": "ModelBiasJobDefinition is the Schema for the ModelBiasJobDefinitions API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "ModelBiasJobDefinitionSpec defines the desired state of ModelBiasJobDefinition.", + "properties": { + "jobDefinitionName": { + "description": "The name of the bias job definition. The name must be unique within an Amazon Web Services Region in the Amazon Web Services account.", + "type": "string" + }, + "jobResources": { + "description": "Identifies the resources to deploy for a monitoring job.", + "properties": { + "clusterConfig": { + "description": "Configuration for the cluster used to run model monitoring jobs.", + "properties": { + "instanceCount": { + "format": "int64", + "type": "integer" + }, + "instanceType": { + "type": "string" + }, + "volumeKMSKeyID": { + "type": "string" + }, + "volumeSizeInGB": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "modelBiasAppSpecification": { + "description": "Configures the model bias job to run a specified Docker container image.", + "properties": { + "configURI": { + "type": "string" + }, + "environment": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "imageURI": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "modelBiasBaselineConfig": { + "description": "The baseline configuration for a model bias job.", + "properties": { + "baseliningJobName": { + "type": "string" + }, + "constraintsResource": { + "description": "The constraints resource for a monitoring job.", + "properties": { + "s3URI": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "modelBiasJobInput": { + "description": "Inputs for the model bias job.", + "properties": { + "endpointInput": { + "description": "Input object for the endpoint", + "properties": { + "endTimeOffset": { + "type": "string" + }, + "endpointName": { + "type": "string" + }, + "featuresAttribute": { + "type": "string" + }, + "inferenceAttribute": { + "type": "string" + }, + "localPath": { + "type": "string" + }, + "probabilityAttribute": { + "type": "string" + }, + "probabilityThresholdAttribute": { + "type": "number" + }, + "s3DataDistributionType": { + "type": "string" + }, + "s3InputMode": { + "type": "string" + }, + "startTimeOffset": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "groundTruthS3Input": { + "description": "The ground truth labels for the dataset used for the monitoring job.", + "properties": { + "s3URI": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "modelBiasJobOutputConfig": { + "description": "The output configuration for monitoring jobs.", + "properties": { + "kmsKeyID": { + "type": "string" + }, + "monitoringOutputs": { + "items": { + "description": "The output object for a monitoring job.", + "properties": { + "s3Output": { + "description": "Information about where and how you want to store the results of a monitoring job.", + "properties": { + "localPath": { + "type": "string" + }, + "s3URI": { + "type": "string" + }, + "s3UploadMode": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "networkConfig": { + "description": "Networking options for a model bias job.", + "properties": { + "enableInterContainerTrafficEncryption": { + "type": "boolean" + }, + "enableNetworkIsolation": { + "type": "boolean" + }, + "vpcConfig": { + "description": "Specifies a VPC that your training jobs and hosted models have access to. Control access to and from your training and model containers by configuring the VPC. For more information, see Protect Endpoints by Using an Amazon Virtual Private Cloud (https://docs.aws.amazon.com/sagemaker/latest/dg/host-vpc.html) and Protect Training Jobs by Using an Amazon Virtual Private Cloud (https://docs.aws.amazon.com/sagemaker/latest/dg/train-vpc.html).", + "properties": { + "securityGroupIDs": { + "items": { + "type": "string" + }, + "type": "array" + }, + "subnets": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "roleARN": { + "description": "The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker can assume to perform tasks on your behalf.", + "type": "string" + }, + "stoppingCondition": { + "description": "A time limit for how long the monitoring job is allowed to run before stopping.", + "properties": { + "maxRuntimeInSeconds": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + }, + "tags": { + "description": "(Optional) An array of key-value pairs. For more information, see Using Cost Allocation Tags (https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html#allocation-whatURL) in the Amazon Web Services Billing and Cost Management User Guide.", + "items": { + "description": "A tag object that consists of a key and an optional value, used to manage metadata for SageMaker Amazon Web Services resources. \n You can add tags to notebook instances, training jobs, hyperparameter tuning jobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations, and endpoints. For more information on adding tags to SageMaker resources, see AddTags. \n For more information on adding metadata to your Amazon Web Services resources with tagging, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html). For advice on best practices for managing Amazon Web Services resources with tagging, see Tagging Best Practices: Implement an Effective Amazon Web Services Resource Tagging Strategy (https://d1.awsstatic.com/whitepapers/aws-tagging-best-practices.pdf).", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "required": [ + "jobDefinitionName", + "jobResources", + "modelBiasAppSpecification", + "modelBiasJobInput", + "modelBiasJobOutputConfig", + "roleARN" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "ModelBiasJobDefinitionStatus defines the observed state of ModelBiasJobDefinition", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/sagemaker.services.k8s.aws/modelexplainabilityjobdefinition_v1alpha1.json b/sagemaker.services.k8s.aws/modelexplainabilityjobdefinition_v1alpha1.json new file mode 100644 index 00000000..f7d0f627 --- /dev/null +++ b/sagemaker.services.k8s.aws/modelexplainabilityjobdefinition_v1alpha1.json @@ -0,0 +1,313 @@ +{ + "description": "ModelExplainabilityJobDefinition is the Schema for the ModelExplainabilityJobDefinitions API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "ModelExplainabilityJobDefinitionSpec defines the desired state of ModelExplainabilityJobDefinition.", + "properties": { + "jobDefinitionName": { + "description": "The name of the model explainability job definition. The name must be unique within an Amazon Web Services Region in the Amazon Web Services account.", + "type": "string" + }, + "jobResources": { + "description": "Identifies the resources to deploy for a monitoring job.", + "properties": { + "clusterConfig": { + "description": "Configuration for the cluster used to run model monitoring jobs.", + "properties": { + "instanceCount": { + "format": "int64", + "type": "integer" + }, + "instanceType": { + "type": "string" + }, + "volumeKMSKeyID": { + "type": "string" + }, + "volumeSizeInGB": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "modelExplainabilityAppSpecification": { + "description": "Configures the model explainability job to run a specified Docker container image.", + "properties": { + "configURI": { + "type": "string" + }, + "environment": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "imageURI": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "modelExplainabilityBaselineConfig": { + "description": "The baseline configuration for a model explainability job.", + "properties": { + "baseliningJobName": { + "type": "string" + }, + "constraintsResource": { + "description": "The constraints resource for a monitoring job.", + "properties": { + "s3URI": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "modelExplainabilityJobInput": { + "description": "Inputs for the model explainability job.", + "properties": { + "endpointInput": { + "description": "Input object for the endpoint", + "properties": { + "endTimeOffset": { + "type": "string" + }, + "endpointName": { + "type": "string" + }, + "featuresAttribute": { + "type": "string" + }, + "inferenceAttribute": { + "type": "string" + }, + "localPath": { + "type": "string" + }, + "probabilityAttribute": { + "type": "string" + }, + "probabilityThresholdAttribute": { + "type": "number" + }, + "s3DataDistributionType": { + "type": "string" + }, + "s3InputMode": { + "type": "string" + }, + "startTimeOffset": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "modelExplainabilityJobOutputConfig": { + "description": "The output configuration for monitoring jobs.", + "properties": { + "kmsKeyID": { + "type": "string" + }, + "monitoringOutputs": { + "items": { + "description": "The output object for a monitoring job.", + "properties": { + "s3Output": { + "description": "Information about where and how you want to store the results of a monitoring job.", + "properties": { + "localPath": { + "type": "string" + }, + "s3URI": { + "type": "string" + }, + "s3UploadMode": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "networkConfig": { + "description": "Networking options for a model explainability job.", + "properties": { + "enableInterContainerTrafficEncryption": { + "type": "boolean" + }, + "enableNetworkIsolation": { + "type": "boolean" + }, + "vpcConfig": { + "description": "Specifies a VPC that your training jobs and hosted models have access to. Control access to and from your training and model containers by configuring the VPC. For more information, see Protect Endpoints by Using an Amazon Virtual Private Cloud (https://docs.aws.amazon.com/sagemaker/latest/dg/host-vpc.html) and Protect Training Jobs by Using an Amazon Virtual Private Cloud (https://docs.aws.amazon.com/sagemaker/latest/dg/train-vpc.html).", + "properties": { + "securityGroupIDs": { + "items": { + "type": "string" + }, + "type": "array" + }, + "subnets": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "roleARN": { + "description": "The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker can assume to perform tasks on your behalf.", + "type": "string" + }, + "stoppingCondition": { + "description": "A time limit for how long the monitoring job is allowed to run before stopping.", + "properties": { + "maxRuntimeInSeconds": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + }, + "tags": { + "description": "(Optional) An array of key-value pairs. For more information, see Using Cost Allocation Tags (https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html#allocation-whatURL) in the Amazon Web Services Billing and Cost Management User Guide.", + "items": { + "description": "A tag object that consists of a key and an optional value, used to manage metadata for SageMaker Amazon Web Services resources. \n You can add tags to notebook instances, training jobs, hyperparameter tuning jobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations, and endpoints. For more information on adding tags to SageMaker resources, see AddTags. \n For more information on adding metadata to your Amazon Web Services resources with tagging, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html). For advice on best practices for managing Amazon Web Services resources with tagging, see Tagging Best Practices: Implement an Effective Amazon Web Services Resource Tagging Strategy (https://d1.awsstatic.com/whitepapers/aws-tagging-best-practices.pdf).", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "required": [ + "jobDefinitionName", + "jobResources", + "modelExplainabilityAppSpecification", + "modelExplainabilityJobInput", + "modelExplainabilityJobOutputConfig", + "roleARN" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "ModelExplainabilityJobDefinitionStatus defines the observed state of ModelExplainabilityJobDefinition", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/sagemaker.services.k8s.aws/modelpackage_v1alpha1.json b/sagemaker.services.k8s.aws/modelpackage_v1alpha1.json new file mode 100644 index 00000000..9541a33c --- /dev/null +++ b/sagemaker.services.k8s.aws/modelpackage_v1alpha1.json @@ -0,0 +1,888 @@ +{ + "description": "ModelPackage is the Schema for the ModelPackages API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "ModelPackageSpec defines the desired state of ModelPackage. \n A versioned model that can be deployed for SageMaker inference.", + "properties": { + "additionalInferenceSpecifications": { + "description": "An array of additional Inference Specification objects. Each additional Inference Specification specifies artifacts based on this model package that can be used on inference endpoints. Generally used with SageMaker Neo to store the compiled artifacts.", + "items": { + "description": "A structure of additional Inference Specification. Additional Inference Specification specifies details about inference jobs that can be run with models based on this model package", + "properties": { + "containers": { + "items": { + "description": "Describes the Docker container for the model package.", + "properties": { + "containerHostname": { + "type": "string" + }, + "environment": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "framework": { + "type": "string" + }, + "frameworkVersion": { + "type": "string" + }, + "image": { + "type": "string" + }, + "imageDigest": { + "type": "string" + }, + "modelDataURL": { + "type": "string" + }, + "modelInput": { + "description": "Input object for the model.", + "properties": { + "dataInputConfig": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "nearestModelName": { + "type": "string" + }, + "productID": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "description": { + "type": "string" + }, + "name": { + "type": "string" + }, + "supportedContentTypes": { + "items": { + "type": "string" + }, + "type": "array" + }, + "supportedRealtimeInferenceInstanceTypes": { + "items": { + "type": "string" + }, + "type": "array" + }, + "supportedResponseMIMETypes": { + "items": { + "type": "string" + }, + "type": "array" + }, + "supportedTransformInstanceTypes": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "approvalDescription": { + "description": "A description for the approval status of the model.", + "type": "string" + }, + "certifyForMarketplace": { + "description": "Whether to certify the model package for listing on Amazon Web Services Marketplace. \n This parameter is optional for unversioned models, and does not apply to versioned models.", + "type": "boolean" + }, + "clientToken": { + "description": "A unique token that guarantees that the call to this API is idempotent.", + "type": "string" + }, + "customerMetadataProperties": { + "additionalProperties": { + "type": "string" + }, + "description": "The metadata properties associated with the model package versions.", + "type": "object" + }, + "domain": { + "description": "The machine learning domain of your model package and its components. Common machine learning domains include computer vision and natural language processing.", + "type": "string" + }, + "driftCheckBaselines": { + "description": "Represents the drift check baselines that can be used when the model monitor is set using the model package. For more information, see the topic on Drift Detection against Previous Baselines in SageMaker Pipelines (https://docs.aws.amazon.com/sagemaker/latest/dg/pipelines-quality-clarify-baseline-lifecycle.html#pipelines-quality-clarify-baseline-drift-detection) in the Amazon SageMaker Developer Guide.", + "properties": { + "bias": { + "description": "Represents the drift check bias baselines that can be used when the model monitor is set using the model package.", + "properties": { + "configFile": { + "description": "Contains details regarding the file source.", + "properties": { + "contentDigest": { + "type": "string" + }, + "contentType": { + "type": "string" + }, + "s3URI": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "postTrainingConstraints": { + "description": "Details about the metrics source.", + "properties": { + "contentDigest": { + "type": "string" + }, + "contentType": { + "type": "string" + }, + "s3URI": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "preTrainingConstraints": { + "description": "Details about the metrics source.", + "properties": { + "contentDigest": { + "type": "string" + }, + "contentType": { + "type": "string" + }, + "s3URI": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "explainability": { + "description": "Represents the drift check explainability baselines that can be used when the model monitor is set using the model package.", + "properties": { + "configFile": { + "description": "Contains details regarding the file source.", + "properties": { + "contentDigest": { + "type": "string" + }, + "contentType": { + "type": "string" + }, + "s3URI": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "constraints": { + "description": "Details about the metrics source.", + "properties": { + "contentDigest": { + "type": "string" + }, + "contentType": { + "type": "string" + }, + "s3URI": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "modelDataQuality": { + "description": "Represents the drift check data quality baselines that can be used when the model monitor is set using the model package.", + "properties": { + "constraints": { + "description": "Details about the metrics source.", + "properties": { + "contentDigest": { + "type": "string" + }, + "contentType": { + "type": "string" + }, + "s3URI": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "statistics": { + "description": "Details about the metrics source.", + "properties": { + "contentDigest": { + "type": "string" + }, + "contentType": { + "type": "string" + }, + "s3URI": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "modelQuality": { + "description": "Represents the drift check model quality baselines that can be used when the model monitor is set using the model package.", + "properties": { + "constraints": { + "description": "Details about the metrics source.", + "properties": { + "contentDigest": { + "type": "string" + }, + "contentType": { + "type": "string" + }, + "s3URI": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "statistics": { + "description": "Details about the metrics source.", + "properties": { + "contentDigest": { + "type": "string" + }, + "contentType": { + "type": "string" + }, + "s3URI": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "inferenceSpecification": { + "description": "Specifies details about inference jobs that can be run with models based on this model package, including the following: \n - The Amazon ECR paths of containers that contain the inference code and model artifacts. \n - The instance types that the model package supports for transform jobs and real-time endpoints used for inference. \n - The input and output content formats that the model package supports for inference.", + "properties": { + "containers": { + "items": { + "description": "Describes the Docker container for the model package.", + "properties": { + "containerHostname": { + "type": "string" + }, + "environment": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "framework": { + "type": "string" + }, + "frameworkVersion": { + "type": "string" + }, + "image": { + "type": "string" + }, + "imageDigest": { + "type": "string" + }, + "modelDataURL": { + "type": "string" + }, + "modelInput": { + "description": "Input object for the model.", + "properties": { + "dataInputConfig": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "nearestModelName": { + "type": "string" + }, + "productID": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "supportedContentTypes": { + "items": { + "type": "string" + }, + "type": "array" + }, + "supportedRealtimeInferenceInstanceTypes": { + "items": { + "type": "string" + }, + "type": "array" + }, + "supportedResponseMIMETypes": { + "items": { + "type": "string" + }, + "type": "array" + }, + "supportedTransformInstanceTypes": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "metadataProperties": { + "description": "Metadata properties of the tracking entity, trial, or trial component.", + "properties": { + "commitID": { + "type": "string" + }, + "generatedBy": { + "type": "string" + }, + "projectID": { + "type": "string" + }, + "repository": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "modelApprovalStatus": { + "description": "Whether the model is approved for deployment. \n This parameter is optional for versioned models, and does not apply to unversioned models. \n For versioned models, the value of this parameter must be set to Approved to deploy the model.", + "type": "string" + }, + "modelMetrics": { + "description": "A structure that contains model metrics reports.", + "properties": { + "bias": { + "description": "Contains bias metrics for a model.", + "properties": { + "postTrainingReport": { + "description": "Details about the metrics source.", + "properties": { + "contentDigest": { + "type": "string" + }, + "contentType": { + "type": "string" + }, + "s3URI": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "preTrainingReport": { + "description": "Details about the metrics source.", + "properties": { + "contentDigest": { + "type": "string" + }, + "contentType": { + "type": "string" + }, + "s3URI": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "report": { + "description": "Details about the metrics source.", + "properties": { + "contentDigest": { + "type": "string" + }, + "contentType": { + "type": "string" + }, + "s3URI": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "explainability": { + "description": "Contains explainability metrics for a model.", + "properties": { + "report": { + "description": "Details about the metrics source.", + "properties": { + "contentDigest": { + "type": "string" + }, + "contentType": { + "type": "string" + }, + "s3URI": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "modelDataQuality": { + "description": "Data quality constraints and statistics for a model.", + "properties": { + "constraints": { + "description": "Details about the metrics source.", + "properties": { + "contentDigest": { + "type": "string" + }, + "contentType": { + "type": "string" + }, + "s3URI": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "statistics": { + "description": "Details about the metrics source.", + "properties": { + "contentDigest": { + "type": "string" + }, + "contentType": { + "type": "string" + }, + "s3URI": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "modelQuality": { + "description": "Model quality statistics and constraints.", + "properties": { + "constraints": { + "description": "Details about the metrics source.", + "properties": { + "contentDigest": { + "type": "string" + }, + "contentType": { + "type": "string" + }, + "s3URI": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "statistics": { + "description": "Details about the metrics source.", + "properties": { + "contentDigest": { + "type": "string" + }, + "contentType": { + "type": "string" + }, + "s3URI": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "modelPackageDescription": { + "description": "A description of the model package.", + "type": "string" + }, + "modelPackageGroupName": { + "description": "The name or Amazon Resource Name (ARN) of the model package group that this model version belongs to. \n This parameter is required for versioned models, and does not apply to unversioned models.", + "type": "string" + }, + "modelPackageName": { + "description": "The name of the model package. The name must have 1 to 63 characters. Valid characters are a-z, A-Z, 0-9, and - (hyphen). \n This parameter is required for unversioned models. It is not applicable to versioned models.", + "type": "string" + }, + "samplePayloadURL": { + "description": "The Amazon Simple Storage Service (Amazon S3) path where the sample payload is stored. This path must point to a single gzip compressed tar archive (.tar.gz suffix). This archive can hold multiple files that are all equally used in the load test. Each file in the archive must satisfy the size constraints of the InvokeEndpoint (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_runtime_InvokeEndpoint.html#API_runtime_InvokeEndpoint_RequestSyntax) call.", + "type": "string" + }, + "sourceAlgorithmSpecification": { + "description": "Details about the algorithm that was used to create the model package.", + "properties": { + "sourceAlgorithms": { + "items": { + "description": "Specifies an algorithm that was used to create the model package. The algorithm must be either an algorithm resource in your SageMaker account or an algorithm in Amazon Web Services Marketplace that you are subscribed to.", + "properties": { + "algorithmName": { + "type": "string" + }, + "modelDataURL": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "tags": { + "description": "A list of key value pairs associated with the model. For more information, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in the Amazon Web Services General Reference Guide.", + "items": { + "description": "A tag object that consists of a key and an optional value, used to manage metadata for SageMaker Amazon Web Services resources. \n You can add tags to notebook instances, training jobs, hyperparameter tuning jobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations, and endpoints. For more information on adding tags to SageMaker resources, see AddTags. \n For more information on adding metadata to your Amazon Web Services resources with tagging, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html). For advice on best practices for managing Amazon Web Services resources with tagging, see Tagging Best Practices: Implement an Effective Amazon Web Services Resource Tagging Strategy (https://d1.awsstatic.com/whitepapers/aws-tagging-best-practices.pdf).", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "task": { + "description": "The machine learning task your model package accomplishes. Common machine learning tasks include object detection and image classification. The following tasks are supported by Inference Recommender: \"IMAGE_CLASSIFICATION\" | \"OBJECT_DETECTION\" | \"TEXT_GENERATION\" |\"IMAGE_SEGMENTATION\" | \"FILL_MASK\" | \"CLASSIFICATION\" | \"REGRESSION\" | \"OTHER\". \n Specify \"OTHER\" if none of the tasks listed fit your use case.", + "type": "string" + }, + "validationSpecification": { + "description": "Specifies configurations for one or more transform jobs that SageMaker runs to test the model package.", + "properties": { + "validationProfiles": { + "items": { + "description": "Contains data, such as the inputs and targeted instance types that are used in the process of validating the model package. \n The data provided in the validation profile is made available to your buyers on Amazon Web Services Marketplace.", + "properties": { + "profileName": { + "type": "string" + }, + "transformJobDefinition": { + "description": "Defines the input needed to run a transform job using the inference specification specified in the algorithm.", + "properties": { + "batchStrategy": { + "type": "string" + }, + "environment": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "maxConcurrentTransforms": { + "format": "int64", + "type": "integer" + }, + "maxPayloadInMB": { + "format": "int64", + "type": "integer" + }, + "transformInput": { + "description": "Describes the input source of a transform job and the way the transform job consumes it.", + "properties": { + "compressionType": { + "type": "string" + }, + "contentType": { + "type": "string" + }, + "dataSource": { + "description": "Describes the location of the channel data.", + "properties": { + "s3DataSource": { + "description": "Describes the S3 data source.", + "properties": { + "s3DataType": { + "type": "string" + }, + "s3URI": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "splitType": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "transformOutput": { + "description": "Describes the results of a transform job.", + "properties": { + "accept": { + "type": "string" + }, + "assembleWith": { + "type": "string" + }, + "kmsKeyID": { + "type": "string" + }, + "s3OutputPath": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "transformResources": { + "description": "Describes the resources, including ML instance types and ML instance count, to use for transform job.", + "properties": { + "instanceCount": { + "format": "int64", + "type": "integer" + }, + "instanceType": { + "type": "string" + }, + "volumeKMSKeyID": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "validationRole": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "ModelPackageStatus defines the observed state of ModelPackage", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "creationTime": { + "description": "A timestamp specifying when the model package was created.", + "format": "date-time", + "type": "string" + }, + "lastModifiedTime": { + "description": "The last time that the model package was modified.", + "format": "date-time", + "type": "string" + }, + "modelPackageStatus": { + "description": "The current status of the model package.", + "type": "string" + }, + "modelPackageStatusDetails": { + "description": "Details about the current status of the model package.", + "properties": { + "imageScanStatuses": { + "items": { + "description": "Represents the overall status of a model package.", + "properties": { + "failureReason": { + "type": "string" + }, + "name": { + "type": "string" + }, + "status": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "validationStatuses": { + "items": { + "description": "Represents the overall status of a model package.", + "properties": { + "failureReason": { + "type": "string" + }, + "name": { + "type": "string" + }, + "status": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/sagemaker.services.k8s.aws/modelpackagegroup_v1alpha1.json b/sagemaker.services.k8s.aws/modelpackagegroup_v1alpha1.json new file mode 100644 index 00000000..6ddc098d --- /dev/null +++ b/sagemaker.services.k8s.aws/modelpackagegroup_v1alpha1.json @@ -0,0 +1,122 @@ +{ + "description": "ModelPackageGroup is the Schema for the ModelPackageGroups API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "ModelPackageGroupSpec defines the desired state of ModelPackageGroup. \n A group of versioned models in the model registry.", + "properties": { + "modelPackageGroupDescription": { + "description": "A description for the model group.", + "type": "string" + }, + "modelPackageGroupName": { + "description": "The name of the model group.", + "type": "string" + }, + "tags": { + "description": "A list of key value pairs associated with the model group. For more information, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in the Amazon Web Services General Reference Guide.", + "items": { + "description": "A tag object that consists of a key and an optional value, used to manage metadata for SageMaker Amazon Web Services resources. \n You can add tags to notebook instances, training jobs, hyperparameter tuning jobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations, and endpoints. For more information on adding tags to SageMaker resources, see AddTags. \n For more information on adding metadata to your Amazon Web Services resources with tagging, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html). For advice on best practices for managing Amazon Web Services resources with tagging, see Tagging Best Practices: Implement an Effective Amazon Web Services Resource Tagging Strategy (https://d1.awsstatic.com/whitepapers/aws-tagging-best-practices.pdf).", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "required": [ + "modelPackageGroupName" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "ModelPackageGroupStatus defines the observed state of ModelPackageGroup", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "modelPackageGroupStatus": { + "description": "The status of the model group.", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/sagemaker.services.k8s.aws/modelqualityjobdefinition_v1alpha1.json b/sagemaker.services.k8s.aws/modelqualityjobdefinition_v1alpha1.json new file mode 100644 index 00000000..c37532a5 --- /dev/null +++ b/sagemaker.services.k8s.aws/modelqualityjobdefinition_v1alpha1.json @@ -0,0 +1,341 @@ +{ + "description": "ModelQualityJobDefinition is the Schema for the ModelQualityJobDefinitions API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "ModelQualityJobDefinitionSpec defines the desired state of ModelQualityJobDefinition.", + "properties": { + "jobDefinitionName": { + "description": "The name of the monitoring job definition.", + "type": "string" + }, + "jobResources": { + "description": "Identifies the resources to deploy for a monitoring job.", + "properties": { + "clusterConfig": { + "description": "Configuration for the cluster used to run model monitoring jobs.", + "properties": { + "instanceCount": { + "format": "int64", + "type": "integer" + }, + "instanceType": { + "type": "string" + }, + "volumeKMSKeyID": { + "type": "string" + }, + "volumeSizeInGB": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "modelQualityAppSpecification": { + "description": "The container that runs the monitoring job.", + "properties": { + "containerArguments": { + "items": { + "type": "string" + }, + "type": "array" + }, + "containerEntrypoint": { + "items": { + "type": "string" + }, + "type": "array" + }, + "environment": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "imageURI": { + "type": "string" + }, + "postAnalyticsProcessorSourceURI": { + "type": "string" + }, + "problemType": { + "type": "string" + }, + "recordPreprocessorSourceURI": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "modelQualityBaselineConfig": { + "description": "Specifies the constraints and baselines for the monitoring job.", + "properties": { + "baseliningJobName": { + "type": "string" + }, + "constraintsResource": { + "description": "The constraints resource for a monitoring job.", + "properties": { + "s3URI": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "modelQualityJobInput": { + "description": "A list of the inputs that are monitored. Currently endpoints are supported.", + "properties": { + "endpointInput": { + "description": "Input object for the endpoint", + "properties": { + "endTimeOffset": { + "type": "string" + }, + "endpointName": { + "type": "string" + }, + "featuresAttribute": { + "type": "string" + }, + "inferenceAttribute": { + "type": "string" + }, + "localPath": { + "type": "string" + }, + "probabilityAttribute": { + "type": "string" + }, + "probabilityThresholdAttribute": { + "type": "number" + }, + "s3DataDistributionType": { + "type": "string" + }, + "s3InputMode": { + "type": "string" + }, + "startTimeOffset": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "groundTruthS3Input": { + "description": "The ground truth labels for the dataset used for the monitoring job.", + "properties": { + "s3URI": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "modelQualityJobOutputConfig": { + "description": "The output configuration for monitoring jobs.", + "properties": { + "kmsKeyID": { + "type": "string" + }, + "monitoringOutputs": { + "items": { + "description": "The output object for a monitoring job.", + "properties": { + "s3Output": { + "description": "Information about where and how you want to store the results of a monitoring job.", + "properties": { + "localPath": { + "type": "string" + }, + "s3URI": { + "type": "string" + }, + "s3UploadMode": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "networkConfig": { + "description": "Specifies the network configuration for the monitoring job.", + "properties": { + "enableInterContainerTrafficEncryption": { + "type": "boolean" + }, + "enableNetworkIsolation": { + "type": "boolean" + }, + "vpcConfig": { + "description": "Specifies a VPC that your training jobs and hosted models have access to. Control access to and from your training and model containers by configuring the VPC. For more information, see Protect Endpoints by Using an Amazon Virtual Private Cloud (https://docs.aws.amazon.com/sagemaker/latest/dg/host-vpc.html) and Protect Training Jobs by Using an Amazon Virtual Private Cloud (https://docs.aws.amazon.com/sagemaker/latest/dg/train-vpc.html).", + "properties": { + "securityGroupIDs": { + "items": { + "type": "string" + }, + "type": "array" + }, + "subnets": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "roleARN": { + "description": "The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker can assume to perform tasks on your behalf.", + "type": "string" + }, + "stoppingCondition": { + "description": "A time limit for how long the monitoring job is allowed to run before stopping.", + "properties": { + "maxRuntimeInSeconds": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + }, + "tags": { + "description": "(Optional) An array of key-value pairs. For more information, see Using Cost Allocation Tags (https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html#allocation-whatURL) in the Amazon Web Services Billing and Cost Management User Guide.", + "items": { + "description": "A tag object that consists of a key and an optional value, used to manage metadata for SageMaker Amazon Web Services resources. \n You can add tags to notebook instances, training jobs, hyperparameter tuning jobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations, and endpoints. For more information on adding tags to SageMaker resources, see AddTags. \n For more information on adding metadata to your Amazon Web Services resources with tagging, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html). For advice on best practices for managing Amazon Web Services resources with tagging, see Tagging Best Practices: Implement an Effective Amazon Web Services Resource Tagging Strategy (https://d1.awsstatic.com/whitepapers/aws-tagging-best-practices.pdf).", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "required": [ + "jobDefinitionName", + "jobResources", + "modelQualityAppSpecification", + "modelQualityJobInput", + "modelQualityJobOutputConfig", + "roleARN" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "ModelQualityJobDefinitionStatus defines the observed state of ModelQualityJobDefinition", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/sagemaker.services.k8s.aws/monitoringschedule_v1alpha1.json b/sagemaker.services.k8s.aws/monitoringschedule_v1alpha1.json new file mode 100644 index 00000000..42b1d141 --- /dev/null +++ b/sagemaker.services.k8s.aws/monitoringschedule_v1alpha1.json @@ -0,0 +1,424 @@ +{ + "description": "MonitoringSchedule is the Schema for the MonitoringSchedules API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "MonitoringScheduleSpec defines the desired state of MonitoringSchedule. \n A schedule for a model monitoring job. For information about model monitor, see Amazon SageMaker Model Monitor (https://docs.aws.amazon.com/sagemaker/latest/dg/model-monitor.html).", + "properties": { + "monitoringScheduleConfig": { + "description": "The configuration object that specifies the monitoring schedule and defines the monitoring job.", + "properties": { + "monitoringJobDefinition": { + "description": "Defines the monitoring job.", + "properties": { + "baselineConfig": { + "description": "Configuration for monitoring constraints and monitoring statistics. These baseline resources are compared against the results of the current job from the series of jobs scheduled to collect data periodically.", + "properties": { + "baseliningJobName": { + "type": "string" + }, + "constraintsResource": { + "description": "The constraints resource for a monitoring job.", + "properties": { + "s3URI": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "statisticsResource": { + "description": "The statistics resource for a monitoring job.", + "properties": { + "s3URI": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "environment": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "monitoringAppSpecification": { + "description": "Container image configuration object for the monitoring job.", + "properties": { + "containerArguments": { + "items": { + "type": "string" + }, + "type": "array" + }, + "containerEntrypoint": { + "items": { + "type": "string" + }, + "type": "array" + }, + "imageURI": { + "type": "string" + }, + "postAnalyticsProcessorSourceURI": { + "type": "string" + }, + "recordPreprocessorSourceURI": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "monitoringInputs": { + "items": { + "description": "The inputs for a monitoring job.", + "properties": { + "endpointInput": { + "description": "Input object for the endpoint", + "properties": { + "endTimeOffset": { + "type": "string" + }, + "endpointName": { + "type": "string" + }, + "featuresAttribute": { + "type": "string" + }, + "inferenceAttribute": { + "type": "string" + }, + "localPath": { + "type": "string" + }, + "probabilityAttribute": { + "type": "string" + }, + "probabilityThresholdAttribute": { + "type": "number" + }, + "s3DataDistributionType": { + "type": "string" + }, + "s3InputMode": { + "type": "string" + }, + "startTimeOffset": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "monitoringOutputConfig": { + "description": "The output configuration for monitoring jobs.", + "properties": { + "kmsKeyID": { + "type": "string" + }, + "monitoringOutputs": { + "items": { + "description": "The output object for a monitoring job.", + "properties": { + "s3Output": { + "description": "Information about where and how you want to store the results of a monitoring job.", + "properties": { + "localPath": { + "type": "string" + }, + "s3URI": { + "type": "string" + }, + "s3UploadMode": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "monitoringResources": { + "description": "Identifies the resources to deploy for a monitoring job.", + "properties": { + "clusterConfig": { + "description": "Configuration for the cluster used to run model monitoring jobs.", + "properties": { + "instanceCount": { + "format": "int64", + "type": "integer" + }, + "instanceType": { + "type": "string" + }, + "volumeKMSKeyID": { + "type": "string" + }, + "volumeSizeInGB": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "networkConfig": { + "description": "Networking options for a job, such as network traffic encryption between containers, whether to allow inbound and outbound network calls to and from containers, and the VPC subnets and security groups to use for VPC-enabled jobs.", + "properties": { + "enableInterContainerTrafficEncryption": { + "type": "boolean" + }, + "enableNetworkIsolation": { + "type": "boolean" + }, + "vpcConfig": { + "description": "Specifies a VPC that your training jobs and hosted models have access to. Control access to and from your training and model containers by configuring the VPC. For more information, see Protect Endpoints by Using an Amazon Virtual Private Cloud (https://docs.aws.amazon.com/sagemaker/latest/dg/host-vpc.html) and Protect Training Jobs by Using an Amazon Virtual Private Cloud (https://docs.aws.amazon.com/sagemaker/latest/dg/train-vpc.html).", + "properties": { + "securityGroupIDs": { + "items": { + "type": "string" + }, + "type": "array" + }, + "subnets": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "roleARN": { + "type": "string" + }, + "stoppingCondition": { + "description": "A time limit for how long the monitoring job is allowed to run before stopping.", + "properties": { + "maxRuntimeInSeconds": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "monitoringJobDefinitionName": { + "type": "string" + }, + "monitoringType": { + "type": "string" + }, + "scheduleConfig": { + "description": "Configuration details about the monitoring schedule.", + "properties": { + "scheduleExpression": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "monitoringScheduleName": { + "description": "The name of the monitoring schedule. The name must be unique within an Amazon Web Services Region within an Amazon Web Services account.", + "type": "string" + }, + "tags": { + "description": "(Optional) An array of key-value pairs. For more information, see Using Cost Allocation Tags (https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html#allocation-whatURL) in the Amazon Web Services Billing and Cost Management User Guide.", + "items": { + "description": "A tag object that consists of a key and an optional value, used to manage metadata for SageMaker Amazon Web Services resources. \n You can add tags to notebook instances, training jobs, hyperparameter tuning jobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations, and endpoints. For more information on adding tags to SageMaker resources, see AddTags. \n For more information on adding metadata to your Amazon Web Services resources with tagging, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html). For advice on best practices for managing Amazon Web Services resources with tagging, see Tagging Best Practices: Implement an Effective Amazon Web Services Resource Tagging Strategy (https://d1.awsstatic.com/whitepapers/aws-tagging-best-practices.pdf).", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "required": [ + "monitoringScheduleConfig", + "monitoringScheduleName" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "MonitoringScheduleStatus defines the observed state of MonitoringSchedule", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "creationTime": { + "description": "The time at which the monitoring job was created.", + "format": "date-time", + "type": "string" + }, + "failureReason": { + "description": "A string, up to one KB in size, that contains the reason a monitoring job failed, if it failed.", + "type": "string" + }, + "lastModifiedTime": { + "description": "The time at which the monitoring job was last modified.", + "format": "date-time", + "type": "string" + }, + "lastMonitoringExecutionSummary": { + "description": "Describes metadata on the last execution to run, if there was one.", + "properties": { + "creationTime": { + "format": "date-time", + "type": "string" + }, + "endpointName": { + "type": "string" + }, + "failureReason": { + "type": "string" + }, + "lastModifiedTime": { + "format": "date-time", + "type": "string" + }, + "monitoringExecutionStatus": { + "type": "string" + }, + "monitoringJobDefinitionName": { + "type": "string" + }, + "monitoringScheduleName": { + "type": "string" + }, + "monitoringType": { + "type": "string" + }, + "processingJobARN": { + "type": "string" + }, + "scheduledTime": { + "format": "date-time", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "monitoringScheduleStatus": { + "description": "The status of an monitoring job.", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/sagemaker.services.k8s.aws/notebookinstance_v1alpha1.json b/sagemaker.services.k8s.aws/notebookinstance_v1alpha1.json new file mode 100644 index 00000000..927b353d --- /dev/null +++ b/sagemaker.services.k8s.aws/notebookinstance_v1alpha1.json @@ -0,0 +1,194 @@ +{ + "description": "NotebookInstance is the Schema for the NotebookInstances API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "NotebookInstanceSpec defines the desired state of NotebookInstance.", + "properties": { + "acceleratorTypes": { + "description": "A list of Elastic Inference (EI) instance types to associate with this notebook instance. Currently, only one instance type can be associated with a notebook instance. For more information, see Using Elastic Inference in Amazon SageMaker (https://docs.aws.amazon.com/sagemaker/latest/dg/ei.html).", + "items": { + "type": "string" + }, + "type": "array" + }, + "additionalCodeRepositories": { + "description": "An array of up to three Git repositories to associate with the notebook instance. These can be either the names of Git repositories stored as resources in your account, or the URL of Git repositories in Amazon Web Services CodeCommit (https://docs.aws.amazon.com/codecommit/latest/userguide/welcome.html) or in any other Git repository. These repositories are cloned at the same level as the default repository of your notebook instance. For more information, see Associating Git Repositories with SageMaker Notebook Instances (https://docs.aws.amazon.com/sagemaker/latest/dg/nbi-git-repo.html).", + "items": { + "type": "string" + }, + "type": "array" + }, + "defaultCodeRepository": { + "description": "A Git repository to associate with the notebook instance as its default code repository. This can be either the name of a Git repository stored as a resource in your account, or the URL of a Git repository in Amazon Web Services CodeCommit (https://docs.aws.amazon.com/codecommit/latest/userguide/welcome.html) or in any other Git repository. When you open a notebook instance, it opens in the directory that contains this repository. For more information, see Associating Git Repositories with SageMaker Notebook Instances (https://docs.aws.amazon.com/sagemaker/latest/dg/nbi-git-repo.html).", + "type": "string" + }, + "directInternetAccess": { + "description": "Sets whether SageMaker provides internet access to the notebook instance. If you set this to Disabled this notebook instance is able to access resources only in your VPC, and is not be able to connect to SageMaker training and endpoint services unless you configure a NAT Gateway in your VPC. \n For more information, see Notebook Instances Are Internet-Enabled by Default (https://docs.aws.amazon.com/sagemaker/latest/dg/appendix-additional-considerations.html#appendix-notebook-and-internet-access). You can set the value of this parameter to Disabled only if you set a value for the SubnetId parameter.", + "type": "string" + }, + "instanceType": { + "description": "The type of ML compute instance to launch for the notebook instance.", + "type": "string" + }, + "kmsKeyID": { + "description": "The Amazon Resource Name (ARN) of a Amazon Web Services Key Management Service key that SageMaker uses to encrypt data on the storage volume attached to your notebook instance. The KMS key you provide must be enabled. For information, see Enabling and Disabling Keys (https://docs.aws.amazon.com/kms/latest/developerguide/enabling-keys.html) in the Amazon Web Services Key Management Service Developer Guide.", + "type": "string" + }, + "lifecycleConfigName": { + "description": "The name of a lifecycle configuration to associate with the notebook instance. For information about lifestyle configurations, see Step 2.1: (Optional) Customize a Notebook Instance (https://docs.aws.amazon.com/sagemaker/latest/dg/notebook-lifecycle-config.html).", + "type": "string" + }, + "notebookInstanceName": { + "description": "The name of the new notebook instance.", + "type": "string" + }, + "platformIdentifier": { + "description": "The platform identifier of the notebook instance runtime environment.", + "type": "string" + }, + "roleARN": { + "description": "When you send any requests to Amazon Web Services resources from the notebook instance, SageMaker assumes this role to perform tasks on your behalf. You must grant this role necessary permissions so SageMaker can perform these tasks. The policy must allow the SageMaker service principal (sagemaker.amazonaws.com) permissions to assume this role. For more information, see SageMaker Roles (https://docs.aws.amazon.com/sagemaker/latest/dg/sagemaker-roles.html). \n To be able to pass this role to SageMaker, the caller of this API must have the iam:PassRole permission.", + "type": "string" + }, + "rootAccess": { + "description": "Whether root access is enabled or disabled for users of the notebook instance. The default value is Enabled. \n Lifecycle configurations need root access to be able to set up a notebook instance. Because of this, lifecycle configurations associated with a notebook instance always run with root access even if you disable root access for users.", + "type": "string" + }, + "securityGroupIDs": { + "description": "The VPC security group IDs, in the form sg-xxxxxxxx. The security groups must be for the same VPC as specified in the subnet.", + "items": { + "type": "string" + }, + "type": "array" + }, + "subnetID": { + "description": "The ID of the subnet in a VPC to which you would like to have a connectivity from your ML compute instance.", + "type": "string" + }, + "tags": { + "description": "An array of key-value pairs. You can use tags to categorize your Amazon Web Services resources in different ways, for example, by purpose, owner, or environment. For more information, see Tagging Amazon Web Services Resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html).", + "items": { + "description": "A tag object that consists of a key and an optional value, used to manage metadata for SageMaker Amazon Web Services resources. \n You can add tags to notebook instances, training jobs, hyperparameter tuning jobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations, and endpoints. For more information on adding tags to SageMaker resources, see AddTags. \n For more information on adding metadata to your Amazon Web Services resources with tagging, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html). For advice on best practices for managing Amazon Web Services resources with tagging, see Tagging Best Practices: Implement an Effective Amazon Web Services Resource Tagging Strategy (https://d1.awsstatic.com/whitepapers/aws-tagging-best-practices.pdf).", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "volumeSizeInGB": { + "description": "The size, in GB, of the ML storage volume to attach to the notebook instance. The default value is 5 GB.", + "format": "int64", + "type": "integer" + } + }, + "required": [ + "instanceType", + "notebookInstanceName", + "roleARN" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "NotebookInstanceStatus defines the observed state of NotebookInstance", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "failureReason": { + "description": "If status is Failed, the reason it failed.", + "type": "string" + }, + "notebookInstanceStatus": { + "description": "The status of the notebook instance.", + "type": "string" + }, + "stoppedByControllerMetadata": { + "description": "The URL that you use to connect to the Jupyter notebook that is running in your notebook instance.", + "type": "string" + }, + "url": { + "description": "The URL that you use to connect to the Jupyter notebook that is running in your notebook instance.", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/sagemaker.services.k8s.aws/notebookinstancelifecycleconfig_v1alpha1.json b/sagemaker.services.k8s.aws/notebookinstancelifecycleconfig_v1alpha1.json new file mode 100644 index 00000000..09f9a116 --- /dev/null +++ b/sagemaker.services.k8s.aws/notebookinstancelifecycleconfig_v1alpha1.json @@ -0,0 +1,135 @@ +{ + "description": "NotebookInstanceLifecycleConfig is the Schema for the NotebookInstanceLifecycleConfigs API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "NotebookInstanceLifecycleConfigSpec defines the desired state of NotebookInstanceLifecycleConfig.", + "properties": { + "notebookInstanceLifecycleConfigName": { + "description": "The name of the lifecycle configuration.", + "type": "string" + }, + "onCreate": { + "description": "A shell script that runs only once, when you create a notebook instance. The shell script must be a base64-encoded string.", + "items": { + "description": "Contains the notebook instance lifecycle configuration script. \n Each lifecycle configuration script has a limit of 16384 characters. \n The value of the $PATH environment variable that is available to both scripts is /sbin:bin:/usr/sbin:/usr/bin. \n View CloudWatch Logs for notebook instance lifecycle configurations in log group /aws/sagemaker/NotebookInstances in log stream [notebook-instance-name]/[LifecycleConfigHook]. \n Lifecycle configuration scripts cannot run for longer than 5 minutes. If a script runs for longer than 5 minutes, it fails and the notebook instance is not created or started. \n For information about notebook instance lifestyle configurations, see Step 2.1: (Optional) Customize a Notebook Instance (https://docs.aws.amazon.com/sagemaker/latest/dg/notebook-lifecycle-config.html).", + "properties": { + "content": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "onStart": { + "description": "A shell script that runs every time you start a notebook instance, including when you create the notebook instance. The shell script must be a base64-encoded string.", + "items": { + "description": "Contains the notebook instance lifecycle configuration script. \n Each lifecycle configuration script has a limit of 16384 characters. \n The value of the $PATH environment variable that is available to both scripts is /sbin:bin:/usr/sbin:/usr/bin. \n View CloudWatch Logs for notebook instance lifecycle configurations in log group /aws/sagemaker/NotebookInstances in log stream [notebook-instance-name]/[LifecycleConfigHook]. \n Lifecycle configuration scripts cannot run for longer than 5 minutes. If a script runs for longer than 5 minutes, it fails and the notebook instance is not created or started. \n For information about notebook instance lifestyle configurations, see Step 2.1: (Optional) Customize a Notebook Instance (https://docs.aws.amazon.com/sagemaker/latest/dg/notebook-lifecycle-config.html).", + "properties": { + "content": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "required": [ + "notebookInstanceLifecycleConfigName" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "NotebookInstanceLifecycleConfigStatus defines the observed state of NotebookInstanceLifecycleConfig", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "creationTime": { + "description": "A timestamp that tells when the lifecycle configuration was created.", + "format": "date-time", + "type": "string" + }, + "lastModifiedTime": { + "description": "A timestamp that tells when the lifecycle configuration was last modified.", + "format": "date-time", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/sagemaker.services.k8s.aws/pipeline_v1alpha1.json b/sagemaker.services.k8s.aws/pipeline_v1alpha1.json new file mode 100644 index 00000000..ae166659 --- /dev/null +++ b/sagemaker.services.k8s.aws/pipeline_v1alpha1.json @@ -0,0 +1,156 @@ +{ + "description": "Pipeline is the Schema for the Pipelines API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "PipelineSpec defines the desired state of Pipeline. \n A SageMaker Model Building Pipeline instance.", + "properties": { + "parallelismConfiguration": { + "description": "This is the configuration that controls the parallelism of the pipeline. If specified, it applies to all runs of this pipeline by default.", + "properties": { + "maxParallelExecutionSteps": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + }, + "pipelineDefinition": { + "description": "The JSON pipeline definition of the pipeline.", + "type": "string" + }, + "pipelineDescription": { + "description": "A description of the pipeline.", + "type": "string" + }, + "pipelineDisplayName": { + "description": "The display name of the pipeline.", + "type": "string" + }, + "pipelineName": { + "description": "The name of the pipeline.", + "type": "string" + }, + "roleARN": { + "description": "The Amazon Resource Name (ARN) of the role used by the pipeline to access and create resources.", + "type": "string" + }, + "tags": { + "description": "A list of tags to apply to the created pipeline.", + "items": { + "description": "A tag object that consists of a key and an optional value, used to manage metadata for SageMaker Amazon Web Services resources. \n You can add tags to notebook instances, training jobs, hyperparameter tuning jobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations, and endpoints. For more information on adding tags to SageMaker resources, see AddTags. \n For more information on adding metadata to your Amazon Web Services resources with tagging, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html). For advice on best practices for managing Amazon Web Services resources with tagging, see Tagging Best Practices: Implement an Effective Amazon Web Services Resource Tagging Strategy (https://d1.awsstatic.com/whitepapers/aws-tagging-best-practices.pdf).", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "required": [ + "pipelineName", + "roleARN" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "PipelineStatus defines the observed state of Pipeline", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "creationTime": { + "description": "The time when the pipeline was created.", + "format": "date-time", + "type": "string" + }, + "lastModifiedTime": { + "description": "The time when the pipeline was last modified.", + "format": "date-time", + "type": "string" + }, + "pipelineStatus": { + "description": "The status of the pipeline execution.", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/sagemaker.services.k8s.aws/pipelineexecution_v1alpha1.json b/sagemaker.services.k8s.aws/pipelineexecution_v1alpha1.json new file mode 100644 index 00000000..3fa6bc42 --- /dev/null +++ b/sagemaker.services.k8s.aws/pipelineexecution_v1alpha1.json @@ -0,0 +1,151 @@ +{ + "description": "PipelineExecution is the Schema for the PipelineExecutions API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "PipelineExecutionSpec defines the desired state of PipelineExecution. \n An execution of a pipeline.", + "properties": { + "parallelismConfiguration": { + "description": "This configuration, if specified, overrides the parallelism configuration of the parent pipeline for this specific run.", + "properties": { + "maxParallelExecutionSteps": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + }, + "pipelineExecutionDescription": { + "description": "The description of the pipeline execution.", + "type": "string" + }, + "pipelineExecutionDisplayName": { + "description": "The display name of the pipeline execution.", + "type": "string" + }, + "pipelineName": { + "description": "The name of the pipeline.", + "type": "string" + }, + "pipelineParameters": { + "description": "Contains a list of pipeline parameters. This list can be empty.", + "items": { + "description": "Assigns a value to a named Pipeline parameter.", + "properties": { + "name": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "required": [ + "pipelineName" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "PipelineExecutionStatus defines the observed state of PipelineExecution", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "creationTime": { + "description": "The time when the pipeline execution was created.", + "format": "date-time", + "type": "string" + }, + "failureReason": { + "description": "If the execution failed, a message describing why.", + "type": "string" + }, + "lastModifiedTime": { + "description": "The time when the pipeline execution was modified last.", + "format": "date-time", + "type": "string" + }, + "pipelineExecutionStatus": { + "description": "The status of the pipeline execution.", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/sagemaker.services.k8s.aws/processingjob_v1alpha1.json b/sagemaker.services.k8s.aws/processingjob_v1alpha1.json new file mode 100644 index 00000000..a1e59ae3 --- /dev/null +++ b/sagemaker.services.k8s.aws/processingjob_v1alpha1.json @@ -0,0 +1,432 @@ +{ + "description": "ProcessingJob is the Schema for the ProcessingJobs API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "ProcessingJobSpec defines the desired state of ProcessingJob. \n An Amazon SageMaker processing job that is used to analyze data and evaluate models. For more information, see Process Data and Evaluate Models (https://docs.aws.amazon.com/sagemaker/latest/dg/processing-job.html).", + "properties": { + "appSpecification": { + "description": "Configures the processing job to run a specified Docker container image.", + "properties": { + "containerArguments": { + "items": { + "type": "string" + }, + "type": "array" + }, + "containerEntrypoint": { + "items": { + "type": "string" + }, + "type": "array" + }, + "imageURI": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "environment": { + "additionalProperties": { + "type": "string" + }, + "description": "The environment variables to set in the Docker container. Up to 100 key and values entries in the map are supported.", + "type": "object" + }, + "experimentConfig": { + "description": "Associates a SageMaker job as a trial component with an experiment and trial. Specified when you call the following APIs: \n - CreateProcessingJob \n - CreateTrainingJob \n - CreateTransformJob", + "properties": { + "experimentName": { + "type": "string" + }, + "trialComponentDisplayName": { + "type": "string" + }, + "trialName": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "networkConfig": { + "description": "Networking options for a processing job, such as whether to allow inbound and outbound network calls to and from processing containers, and the VPC subnets and security groups to use for VPC-enabled processing jobs.", + "properties": { + "enableInterContainerTrafficEncryption": { + "type": "boolean" + }, + "enableNetworkIsolation": { + "type": "boolean" + }, + "vpcConfig": { + "description": "Specifies a VPC that your training jobs and hosted models have access to. Control access to and from your training and model containers by configuring the VPC. For more information, see Protect Endpoints by Using an Amazon Virtual Private Cloud (https://docs.aws.amazon.com/sagemaker/latest/dg/host-vpc.html) and Protect Training Jobs by Using an Amazon Virtual Private Cloud (https://docs.aws.amazon.com/sagemaker/latest/dg/train-vpc.html).", + "properties": { + "securityGroupIDs": { + "items": { + "type": "string" + }, + "type": "array" + }, + "subnets": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "processingInputs": { + "description": "An array of inputs configuring the data to download into the processing container.", + "items": { + "description": "The inputs for a processing job. The processing input must specify exactly one of either S3Input or DatasetDefinition types.", + "properties": { + "appManaged": { + "type": "boolean" + }, + "datasetDefinition": { + "description": "Configuration for Dataset Definition inputs. The Dataset Definition input must specify exactly one of either AthenaDatasetDefinition or RedshiftDatasetDefinition types.", + "properties": { + "athenaDatasetDefinition": { + "description": "Configuration for Athena Dataset Definition input.", + "properties": { + "catalog": { + "description": "The name of the data catalog used in Athena query execution.", + "type": "string" + }, + "database": { + "description": "The name of the database used in the Athena query execution.", + "type": "string" + }, + "kmsKeyID": { + "type": "string" + }, + "outputCompression": { + "description": "The compression used for Athena query results.", + "type": "string" + }, + "outputFormat": { + "description": "The data storage format for Athena query results.", + "type": "string" + }, + "outputS3URI": { + "type": "string" + }, + "queryString": { + "description": "The SQL query statements, to be executed.", + "type": "string" + }, + "workGroup": { + "description": "The name of the workgroup in which the Athena query is being started.", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "dataDistributionType": { + "type": "string" + }, + "inputMode": { + "type": "string" + }, + "localPath": { + "type": "string" + }, + "redshiftDatasetDefinition": { + "description": "Configuration for Redshift Dataset Definition input.", + "properties": { + "clusterID": { + "description": "The Redshift cluster Identifier.", + "type": "string" + }, + "clusterRoleARN": { + "type": "string" + }, + "database": { + "description": "The name of the Redshift database used in Redshift query execution.", + "type": "string" + }, + "dbUser": { + "description": "The database user name used in Redshift query execution.", + "type": "string" + }, + "kmsKeyID": { + "type": "string" + }, + "outputCompression": { + "description": "The compression used for Redshift query results.", + "type": "string" + }, + "outputFormat": { + "description": "The data storage format for Redshift query results.", + "type": "string" + }, + "outputS3URI": { + "type": "string" + }, + "queryString": { + "description": "The SQL query statements to be executed.", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "inputName": { + "type": "string" + }, + "s3Input": { + "description": "Configuration for downloading input data from Amazon S3 into the processing container.", + "properties": { + "localPath": { + "type": "string" + }, + "s3CompressionType": { + "type": "string" + }, + "s3DataDistributionType": { + "type": "string" + }, + "s3DataType": { + "type": "string" + }, + "s3InputMode": { + "type": "string" + }, + "s3URI": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "processingJobName": { + "description": "The name of the processing job. The name must be unique within an Amazon Web Services Region in the Amazon Web Services account.", + "type": "string" + }, + "processingOutputConfig": { + "description": "Output configuration for the processing job.", + "properties": { + "kmsKeyID": { + "type": "string" + }, + "outputs": { + "items": { + "description": "Describes the results of a processing job. The processing output must specify exactly one of either S3Output or FeatureStoreOutput types.", + "properties": { + "appManaged": { + "type": "boolean" + }, + "featureStoreOutput": { + "description": "Configuration for processing job outputs in Amazon SageMaker Feature Store.", + "properties": { + "featureGroupName": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "outputName": { + "type": "string" + }, + "s3Output": { + "description": "Configuration for uploading output data to Amazon S3 from the processing container.", + "properties": { + "localPath": { + "type": "string" + }, + "s3URI": { + "type": "string" + }, + "s3UploadMode": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "processingResources": { + "description": "Identifies the resources, ML compute instances, and ML storage volumes to deploy for a processing job. In distributed training, you specify more than one instance.", + "properties": { + "clusterConfig": { + "description": "Configuration for the cluster used to run a processing job.", + "properties": { + "instanceCount": { + "format": "int64", + "type": "integer" + }, + "instanceType": { + "type": "string" + }, + "volumeKMSKeyID": { + "type": "string" + }, + "volumeSizeInGB": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "roleARN": { + "description": "The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker can assume to perform tasks on your behalf.", + "type": "string" + }, + "stoppingCondition": { + "description": "The time limit for how long the processing job is allowed to run.", + "properties": { + "maxRuntimeInSeconds": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + }, + "tags": { + "description": "(Optional) An array of key-value pairs. For more information, see Using Cost Allocation Tags (https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html#allocation-whatURL) in the Amazon Web Services Billing and Cost Management User Guide.", + "items": { + "description": "A tag object that consists of a key and an optional value, used to manage metadata for SageMaker Amazon Web Services resources. \n You can add tags to notebook instances, training jobs, hyperparameter tuning jobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations, and endpoints. For more information on adding tags to SageMaker resources, see AddTags. \n For more information on adding metadata to your Amazon Web Services resources with tagging, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html). For advice on best practices for managing Amazon Web Services resources with tagging, see Tagging Best Practices: Implement an Effective Amazon Web Services Resource Tagging Strategy (https://d1.awsstatic.com/whitepapers/aws-tagging-best-practices.pdf).", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "required": [ + "appSpecification", + "processingJobName", + "processingResources", + "roleARN" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "ProcessingJobStatus defines the observed state of ProcessingJob", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "failureReason": { + "description": "A string, up to one KB in size, that contains the reason a processing job failed, if it failed.", + "type": "string" + }, + "processingJobStatus": { + "description": "Provides the status of a processing job.", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/sagemaker.services.k8s.aws/trainingjob_v1alpha1.json b/sagemaker.services.k8s.aws/trainingjob_v1alpha1.json new file mode 100644 index 00000000..8b0d72fb --- /dev/null +++ b/sagemaker.services.k8s.aws/trainingjob_v1alpha1.json @@ -0,0 +1,659 @@ +{ + "description": "TrainingJob is the Schema for the TrainingJobs API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "TrainingJobSpec defines the desired state of TrainingJob. \n Contains information about a training job.", + "properties": { + "algorithmSpecification": { + "description": "The registry path of the Docker image that contains the training algorithm and algorithm-specific metadata, including the input mode. For more information about algorithms provided by SageMaker, see Algorithms (https://docs.aws.amazon.com/sagemaker/latest/dg/algos.html). For information about providing your own algorithms, see Using Your Own Algorithms with Amazon SageMaker (https://docs.aws.amazon.com/sagemaker/latest/dg/your-algorithms.html).", + "properties": { + "algorithmName": { + "type": "string" + }, + "enableSageMakerMetricsTimeSeries": { + "type": "boolean" + }, + "metricDefinitions": { + "items": { + "description": "Specifies a metric that the training algorithm writes to stderr or stdout. SageMakerhyperparameter tuning captures all defined metrics. You specify one metric that a hyperparameter tuning job uses as its objective metric to choose the best training job.", + "properties": { + "name": { + "type": "string" + }, + "regex": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "trainingImage": { + "type": "string" + }, + "trainingInputMode": { + "description": "The training input mode that the algorithm supports. For more information about input modes, see Algorithms (https://docs.aws.amazon.com/sagemaker/latest/dg/algos.html). \n Pipe mode \n If an algorithm supports Pipe mode, Amazon SageMaker streams data directly from Amazon S3 to the container. \n File mode \n If an algorithm supports File mode, SageMaker downloads the training data from S3 to the provisioned ML storage volume, and mounts the directory to the Docker volume for the training container. \n You must provision the ML storage volume with sufficient capacity to accommodate the data downloaded from S3. In addition to the training data, the ML storage volume also stores the output model. The algorithm container uses the ML storage volume to also store intermediate information, if any. \n For distributed algorithms, training data is distributed uniformly. Your training duration is predictable if the input data objects sizes are approximately the same. SageMaker does not split the files any further for model training. If the object sizes are skewed, training won't be optimal as the data distribution is also skewed when one host in a training cluster is overloaded, thus becoming a bottleneck in training. \n FastFile mode \n If an algorithm supports FastFile mode, SageMaker streams data directly from S3 to the container with no code changes, and provides file system access to the data. Users can author their training script to interact with these files as if they were stored on disk. \n FastFile mode works best when the data is read sequentially. Augmented manifest files aren't supported. The startup time is lower when there are fewer files in the S3 bucket provided.", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "checkpointConfig": { + "description": "Contains information about the output location for managed spot training checkpoint data.", + "properties": { + "localPath": { + "type": "string" + }, + "s3URI": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "debugHookConfig": { + "description": "Configuration information for the Amazon SageMaker Debugger hook parameters, metric and tensor collections, and storage paths. To learn more about how to configure the DebugHookConfig parameter, see Use the SageMaker and Debugger Configuration API Operations to Create, Update, and Debug Your Training Job (https://docs.aws.amazon.com/sagemaker/latest/dg/debugger-createtrainingjob-api.html).", + "properties": { + "collectionConfigurations": { + "items": { + "description": "Configuration information for the Amazon SageMaker Debugger output tensor collections.", + "properties": { + "collectionName": { + "type": "string" + }, + "collectionParameters": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "hookParameters": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "localPath": { + "type": "string" + }, + "s3OutputPath": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "debugRuleConfigurations": { + "description": "Configuration information for Amazon SageMaker Debugger rules for debugging output tensors.", + "items": { + "description": "Configuration information for SageMaker Debugger rules for debugging. To learn more about how to configure the DebugRuleConfiguration parameter, see Use the SageMaker and Debugger Configuration API Operations to Create, Update, and Debug Your Training Job (https://docs.aws.amazon.com/sagemaker/latest/dg/debugger-createtrainingjob-api.html).", + "properties": { + "instanceType": { + "type": "string" + }, + "localPath": { + "type": "string" + }, + "ruleConfigurationName": { + "type": "string" + }, + "ruleEvaluatorImage": { + "type": "string" + }, + "ruleParameters": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "s3OutputPath": { + "type": "string" + }, + "volumeSizeInGB": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "enableInterContainerTrafficEncryption": { + "description": "To encrypt all communications between ML compute instances in distributed training, choose True. Encryption provides greater security for distributed training, but training might take longer. How long it takes depends on the amount of communication between compute instances, especially if you use a deep learning algorithm in distributed training. For more information, see Protect Communications Between ML Compute Instances in a Distributed Training Job (https://docs.aws.amazon.com/sagemaker/latest/dg/train-encrypt.html).", + "type": "boolean" + }, + "enableManagedSpotTraining": { + "description": "To train models using managed spot training, choose True. Managed spot training provides a fully managed and scalable infrastructure for training machine learning models. this option is useful when training jobs can be interrupted and when there is flexibility when the training job is run. \n The complete and intermediate results of jobs are stored in an Amazon S3 bucket, and can be used as a starting point to train models incrementally. Amazon SageMaker provides metrics and logs in CloudWatch. They can be used to see when managed spot training jobs are running, interrupted, resumed, or completed.", + "type": "boolean" + }, + "enableNetworkIsolation": { + "description": "Isolates the training container. No inbound or outbound network calls can be made, except for calls between peers within a training cluster for distributed training. If you enable network isolation for training jobs that are configured to use a VPC, SageMaker downloads and uploads customer data and model artifacts through the specified VPC, but the training container does not have network access.", + "type": "boolean" + }, + "environment": { + "additionalProperties": { + "type": "string" + }, + "description": "The environment variables to set in the Docker container.", + "type": "object" + }, + "experimentConfig": { + "description": "Associates a SageMaker job as a trial component with an experiment and trial. Specified when you call the following APIs: \n - CreateProcessingJob \n - CreateTrainingJob \n - CreateTransformJob", + "properties": { + "experimentName": { + "type": "string" + }, + "trialComponentDisplayName": { + "type": "string" + }, + "trialName": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "hyperParameters": { + "additionalProperties": { + "type": "string" + }, + "description": "Algorithm-specific parameters that influence the quality of the model. You set hyperparameters before you start the learning process. For a list of hyperparameters for each training algorithm provided by SageMaker, see Algorithms (https://docs.aws.amazon.com/sagemaker/latest/dg/algos.html). \n You can specify a maximum of 100 hyperparameters. Each hyperparameter is a key-value pair. Each key and value is limited to 256 characters, as specified by the Length Constraint. \n Do not include any security-sensitive information including account access IDs, secrets or tokens in any hyperparameter field. If the use of security-sensitive credentials are detected, SageMaker will reject your training job request and return an exception error.", + "type": "object" + }, + "inputDataConfig": { + "description": "An array of Channel objects. Each channel is a named input source. InputDataConfig describes the input data and its location. \n Algorithms can accept input data from one or more channels. For example, an algorithm might have two channels of input data, training_data and validation_data. The configuration for each channel provides the S3, EFS, or FSx location where the input data is stored. It also provides information about the stored data: the MIME type, compression method, and whether the data is wrapped in RecordIO format. \n Depending on the input mode that the algorithm supports, SageMaker either copies input data files from an S3 bucket to a local directory in the Docker container, or makes it available as input streams. For example, if you specify an EFS location, input data files are available as input streams. They do not need to be downloaded.", + "items": { + "description": "A channel is a named input source that training algorithms can consume.", + "properties": { + "channelName": { + "type": "string" + }, + "compressionType": { + "type": "string" + }, + "contentType": { + "type": "string" + }, + "dataSource": { + "description": "Describes the location of the channel data.", + "properties": { + "fileSystemDataSource": { + "description": "Specifies a file system data source for a channel.", + "properties": { + "directoryPath": { + "type": "string" + }, + "fileSystemAccessMode": { + "type": "string" + }, + "fileSystemID": { + "type": "string" + }, + "fileSystemType": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "s3DataSource": { + "description": "Describes the S3 data source.", + "properties": { + "attributeNames": { + "items": { + "type": "string" + }, + "type": "array" + }, + "instanceGroupNames": { + "items": { + "type": "string" + }, + "type": "array" + }, + "s3DataDistributionType": { + "type": "string" + }, + "s3DataType": { + "type": "string" + }, + "s3URI": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "inputMode": { + "description": "The training input mode that the algorithm supports. For more information about input modes, see Algorithms (https://docs.aws.amazon.com/sagemaker/latest/dg/algos.html). \n Pipe mode \n If an algorithm supports Pipe mode, Amazon SageMaker streams data directly from Amazon S3 to the container. \n File mode \n If an algorithm supports File mode, SageMaker downloads the training data from S3 to the provisioned ML storage volume, and mounts the directory to the Docker volume for the training container. \n You must provision the ML storage volume with sufficient capacity to accommodate the data downloaded from S3. In addition to the training data, the ML storage volume also stores the output model. The algorithm container uses the ML storage volume to also store intermediate information, if any. \n For distributed algorithms, training data is distributed uniformly. Your training duration is predictable if the input data objects sizes are approximately the same. SageMaker does not split the files any further for model training. If the object sizes are skewed, training won't be optimal as the data distribution is also skewed when one host in a training cluster is overloaded, thus becoming a bottleneck in training. \n FastFile mode \n If an algorithm supports FastFile mode, SageMaker streams data directly from S3 to the container with no code changes, and provides file system access to the data. Users can author their training script to interact with these files as if they were stored on disk. \n FastFile mode works best when the data is read sequentially. Augmented manifest files aren't supported. The startup time is lower when there are fewer files in the S3 bucket provided.", + "type": "string" + }, + "recordWrapperType": { + "type": "string" + }, + "shuffleConfig": { + "description": "A configuration for a shuffle option for input data in a channel. If you use S3Prefix for S3DataType, the results of the S3 key prefix matches are shuffled. If you use ManifestFile, the order of the S3 object references in the ManifestFile is shuffled. If you use AugmentedManifestFile, the order of the JSON lines in the AugmentedManifestFile is shuffled. The shuffling order is determined using the Seed value. \n For Pipe input mode, when ShuffleConfig is specified shuffling is done at the start of every epoch. With large datasets, this ensures that the order of the training data is different for each epoch, and it helps reduce bias and possible overfitting. In a multi-node training job when ShuffleConfig is combined with S3DataDistributionType of ShardedByS3Key, the data is shuffled across nodes so that the content sent to a particular node on the first epoch might be sent to a different node on the second epoch.", + "properties": { + "seed": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "outputDataConfig": { + "description": "Specifies the path to the S3 location where you want to store model artifacts. SageMaker creates subfolders for the artifacts.", + "properties": { + "kmsKeyID": { + "type": "string" + }, + "s3OutputPath": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "profilerConfig": { + "description": "Configuration information for Amazon SageMaker Debugger system monitoring, framework profiling, and storage paths.", + "properties": { + "profilingIntervalInMilliseconds": { + "format": "int64", + "type": "integer" + }, + "profilingParameters": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "s3OutputPath": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "profilerRuleConfigurations": { + "description": "Configuration information for Amazon SageMaker Debugger rules for profiling system and framework metrics.", + "items": { + "description": "Configuration information for profiling rules.", + "properties": { + "instanceType": { + "type": "string" + }, + "localPath": { + "type": "string" + }, + "ruleConfigurationName": { + "type": "string" + }, + "ruleEvaluatorImage": { + "type": "string" + }, + "ruleParameters": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "s3OutputPath": { + "type": "string" + }, + "volumeSizeInGB": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "resourceConfig": { + "description": "The resources, including the ML compute instances and ML storage volumes, to use for model training. \n ML storage volumes store model artifacts and incremental states. Training algorithms might also use ML storage volumes for scratch space. If you want SageMaker to use the ML storage volume to store the training data, choose File as the TrainingInputMode in the algorithm specification. For distributed training algorithms, specify an instance count greater than 1.", + "properties": { + "instanceCount": { + "format": "int64", + "type": "integer" + }, + "instanceGroups": { + "items": { + "description": "Defines an instance group for heterogeneous cluster training. When requesting a training job using the CreateTrainingJob (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateTrainingJob.html) API, you can configure multiple instance groups .", + "properties": { + "instanceCount": { + "format": "int64", + "type": "integer" + }, + "instanceGroupName": { + "type": "string" + }, + "instanceType": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "instanceType": { + "type": "string" + }, + "keepAlivePeriodInSeconds": { + "format": "int64", + "type": "integer" + }, + "volumeKMSKeyID": { + "type": "string" + }, + "volumeSizeInGB": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + }, + "retryStrategy": { + "description": "The number of times to retry the job when the job fails due to an InternalServerError.", + "properties": { + "maximumRetryAttempts": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + }, + "roleARN": { + "description": "The Amazon Resource Name (ARN) of an IAM role that SageMaker can assume to perform tasks on your behalf. \n During model training, SageMaker needs your permission to read input data from an S3 bucket, download a Docker image that contains training code, write model artifacts to an S3 bucket, write logs to Amazon CloudWatch Logs, and publish metrics to Amazon CloudWatch. You grant permissions for all of these tasks to an IAM role. For more information, see SageMaker Roles (https://docs.aws.amazon.com/sagemaker/latest/dg/sagemaker-roles.html). \n To be able to pass this role to SageMaker, the caller of this API must have the iam:PassRole permission.", + "type": "string" + }, + "stoppingCondition": { + "description": "Specifies a limit to how long a model training job can run. It also specifies how long a managed Spot training job has to complete. When the job reaches the time limit, SageMaker ends the training job. Use this API to cap model training costs. \n To stop a job, SageMaker sends the algorithm the SIGTERM signal, which delays job termination for 120 seconds. Algorithms can use this 120-second window to save the model artifacts, so the results of training are not lost.", + "properties": { + "maxRuntimeInSeconds": { + "format": "int64", + "type": "integer" + }, + "maxWaitTimeInSeconds": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + }, + "tags": { + "description": "An array of key-value pairs. You can use tags to categorize your Amazon Web Services resources in different ways, for example, by purpose, owner, or environment. For more information, see Tagging Amazon Web Services Resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html).", + "items": { + "description": "A tag object that consists of a key and an optional value, used to manage metadata for SageMaker Amazon Web Services resources. \n You can add tags to notebook instances, training jobs, hyperparameter tuning jobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations, and endpoints. For more information on adding tags to SageMaker resources, see AddTags. \n For more information on adding metadata to your Amazon Web Services resources with tagging, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html). For advice on best practices for managing Amazon Web Services resources with tagging, see Tagging Best Practices: Implement an Effective Amazon Web Services Resource Tagging Strategy (https://d1.awsstatic.com/whitepapers/aws-tagging-best-practices.pdf).", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "tensorBoardOutputConfig": { + "description": "Configuration of storage locations for the Amazon SageMaker Debugger TensorBoard output data.", + "properties": { + "localPath": { + "type": "string" + }, + "s3OutputPath": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "trainingJobName": { + "description": "The name of the training job. The name must be unique within an Amazon Web Services Region in an Amazon Web Services account.", + "type": "string" + }, + "vpcConfig": { + "description": "A VpcConfig object that specifies the VPC that you want your training job to connect to. Control access to and from your training container by configuring the VPC. For more information, see Protect Training Jobs by Using an Amazon Virtual Private Cloud (https://docs.aws.amazon.com/sagemaker/latest/dg/train-vpc.html).", + "properties": { + "securityGroupIDs": { + "items": { + "type": "string" + }, + "type": "array" + }, + "subnets": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "required": [ + "algorithmSpecification", + "outputDataConfig", + "resourceConfig", + "roleARN", + "stoppingCondition", + "trainingJobName" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "TrainingJobStatus defines the observed state of TrainingJob", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "creationTime": { + "description": "A timestamp that indicates when the training job was created.", + "format": "date-time", + "type": "string" + }, + "debugRuleEvaluationStatuses": { + "description": "Evaluation status of Amazon SageMaker Debugger rules for debugging on a training job.", + "items": { + "description": "Information about the status of the rule evaluation.", + "properties": { + "lastModifiedTime": { + "format": "date-time", + "type": "string" + }, + "ruleConfigurationName": { + "type": "string" + }, + "ruleEvaluationJobARN": { + "type": "string" + }, + "ruleEvaluationStatus": { + "type": "string" + }, + "statusDetails": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "failureReason": { + "description": "If the training job failed, the reason it failed.", + "type": "string" + }, + "lastModifiedTime": { + "description": "A timestamp that indicates when the status of the training job was last modified.", + "format": "date-time", + "type": "string" + }, + "modelArtifacts": { + "description": "Information about the Amazon S3 location that is configured for storing model artifacts.", + "properties": { + "s3ModelArtifacts": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "profilerRuleEvaluationStatuses": { + "description": "Evaluation status of Amazon SageMaker Debugger rules for profiling on a training job.", + "items": { + "description": "Information about the status of the rule evaluation.", + "properties": { + "lastModifiedTime": { + "format": "date-time", + "type": "string" + }, + "ruleConfigurationName": { + "type": "string" + }, + "ruleEvaluationJobARN": { + "type": "string" + }, + "ruleEvaluationStatus": { + "type": "string" + }, + "statusDetails": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "profilingStatus": { + "description": "Profiling status of a training job.", + "type": "string" + }, + "secondaryStatus": { + "description": "Provides detailed information about the state of the training job. For detailed information on the secondary status of the training job, see StatusMessage under SecondaryStatusTransition. \n SageMaker provides primary statuses and secondary statuses that apply to each of them: \n InProgress \n * Starting - Starting the training job. \n * Downloading - An optional stage for algorithms that support File training input mode. It indicates that data is being downloaded to the ML storage volumes. \n * Training - Training is in progress. \n * Interrupted - The job stopped because the managed spot training instances were interrupted. \n * Uploading - Training is complete and the model artifacts are being uploaded to the S3 location. \n Completed \n * Completed - The training job has completed. \n Failed \n * Failed - The training job has failed. The reason for the failure is returned in the FailureReason field of DescribeTrainingJobResponse. \n Stopped \n * MaxRuntimeExceeded - The job stopped because it exceeded the maximum allowed runtime. \n * MaxWaitTimeExceeded - The job stopped because it exceeded the maximum allowed wait time. \n * Stopped - The training job has stopped. \n Stopping \n * Stopping - Stopping the training job. \n Valid values for SecondaryStatus are subject to change. \n We no longer support the following secondary statuses: \n * LaunchingMLInstances \n * PreparingTraining \n * DownloadingTrainingImage", + "type": "string" + }, + "trainingJobStatus": { + "description": "The status of the training job. \n SageMaker provides the following training job statuses: \n * InProgress - The training is in progress. \n * Completed - The training job has completed. \n * Failed - The training job has failed. To see the reason for the failure, see the FailureReason field in the response to a DescribeTrainingJobResponse call. \n * Stopping - The training job is stopping. \n * Stopped - The training job has stopped. \n For more detailed information, see SecondaryStatus.", + "type": "string" + }, + "warmPoolStatus": { + "description": "The status of the warm pool associated with the training job.", + "properties": { + "resourceRetainedBillableTimeInSeconds": { + "format": "int64", + "type": "integer" + }, + "reusedByJob": { + "type": "string" + }, + "status": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/sagemaker.services.k8s.aws/transformjob_v1alpha1.json b/sagemaker.services.k8s.aws/transformjob_v1alpha1.json new file mode 100644 index 00000000..e6b90533 --- /dev/null +++ b/sagemaker.services.k8s.aws/transformjob_v1alpha1.json @@ -0,0 +1,270 @@ +{ + "description": "TransformJob is the Schema for the TransformJobs API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "TransformJobSpec defines the desired state of TransformJob. \n A batch transform job. For information about SageMaker batch transform, see Use Batch Transform (https://docs.aws.amazon.com/sagemaker/latest/dg/batch-transform.html).", + "properties": { + "batchStrategy": { + "description": "Specifies the number of records to include in a mini-batch for an HTTP inference request. A record is a single unit of input data that inference can be made on. For example, a single line in a CSV file is a record. \n To enable the batch strategy, you must set the SplitType property to Line, RecordIO, or TFRecord. \n To use only one record when making an HTTP invocation request to a container, set BatchStrategy to SingleRecord and SplitType to Line. \n To fit as many records in a mini-batch as can fit within the MaxPayloadInMB limit, set BatchStrategy to MultiRecord and SplitType to Line.", + "type": "string" + }, + "dataProcessing": { + "description": "The data structure used to specify the data to be used for inference in a batch transform job and to associate the data that is relevant to the prediction results in the output. The input filter provided allows you to exclude input data that is not needed for inference in a batch transform job. The output filter provided allows you to include input data relevant to interpreting the predictions in the output from the job. For more information, see Associate Prediction Results with their Corresponding Input Records (https://docs.aws.amazon.com/sagemaker/latest/dg/batch-transform-data-processing.html).", + "properties": { + "inputFilter": { + "type": "string" + }, + "joinSource": { + "type": "string" + }, + "outputFilter": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "environment": { + "additionalProperties": { + "type": "string" + }, + "description": "The environment variables to set in the Docker container. We support up to 16 key and values entries in the map.", + "type": "object" + }, + "experimentConfig": { + "description": "Associates a SageMaker job as a trial component with an experiment and trial. Specified when you call the following APIs: \n - CreateProcessingJob \n - CreateTrainingJob \n - CreateTransformJob", + "properties": { + "experimentName": { + "type": "string" + }, + "trialComponentDisplayName": { + "type": "string" + }, + "trialName": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "maxConcurrentTransforms": { + "description": "The maximum number of parallel requests that can be sent to each instance in a transform job. If MaxConcurrentTransforms is set to 0 or left unset, Amazon SageMaker checks the optional execution-parameters to determine the settings for your chosen algorithm. If the execution-parameters endpoint is not enabled, the default value is 1. For more information on execution-parameters, see How Containers Serve Requests (https://docs.aws.amazon.com/sagemaker/latest/dg/your-algorithms-batch-code.html#your-algorithms-batch-code-how-containe-serves-requests). For built-in algorithms, you don't need to set a value for MaxConcurrentTransforms.", + "format": "int64", + "type": "integer" + }, + "maxPayloadInMB": { + "description": "The maximum allowed size of the payload, in MB. A payload is the data portion of a record (without metadata). The value in MaxPayloadInMB must be greater than, or equal to, the size of a single record. To estimate the size of a record in MB, divide the size of your dataset by the number of records. To ensure that the records fit within the maximum payload size, we recommend using a slightly larger value. The default value is 6 MB. \n The value of MaxPayloadInMB cannot be greater than 100 MB. If you specify the MaxConcurrentTransforms parameter, the value of (MaxConcurrentTransforms * MaxPayloadInMB) also cannot exceed 100 MB. \n For cases where the payload might be arbitrarily large and is transmitted using HTTP chunked encoding, set the value to 0. This feature works only in supported algorithms. Currently, Amazon SageMaker built-in algorithms do not support HTTP chunked encoding.", + "format": "int64", + "type": "integer" + }, + "modelClientConfig": { + "description": "Configures the timeout and maximum number of retries for processing a transform job invocation.", + "properties": { + "invocationsMaxRetries": { + "format": "int64", + "type": "integer" + }, + "invocationsTimeoutInSeconds": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + }, + "modelName": { + "description": "The name of the model that you want to use for the transform job. ModelName must be the name of an existing Amazon SageMaker model within an Amazon Web Services Region in an Amazon Web Services account.", + "type": "string" + }, + "tags": { + "description": "(Optional) An array of key-value pairs. For more information, see Using Cost Allocation Tags (https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html#allocation-what) in the Amazon Web Services Billing and Cost Management User Guide.", + "items": { + "description": "A tag object that consists of a key and an optional value, used to manage metadata for SageMaker Amazon Web Services resources. \n You can add tags to notebook instances, training jobs, hyperparameter tuning jobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations, and endpoints. For more information on adding tags to SageMaker resources, see AddTags. \n For more information on adding metadata to your Amazon Web Services resources with tagging, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html). For advice on best practices for managing Amazon Web Services resources with tagging, see Tagging Best Practices: Implement an Effective Amazon Web Services Resource Tagging Strategy (https://d1.awsstatic.com/whitepapers/aws-tagging-best-practices.pdf).", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "transformInput": { + "description": "Describes the input source and the way the transform job consumes it.", + "properties": { + "compressionType": { + "type": "string" + }, + "contentType": { + "type": "string" + }, + "dataSource": { + "description": "Describes the location of the channel data.", + "properties": { + "s3DataSource": { + "description": "Describes the S3 data source.", + "properties": { + "s3DataType": { + "type": "string" + }, + "s3URI": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "splitType": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "transformJobName": { + "description": "The name of the transform job. The name must be unique within an Amazon Web Services Region in an Amazon Web Services account.", + "type": "string" + }, + "transformOutput": { + "description": "Describes the results of the transform job.", + "properties": { + "accept": { + "type": "string" + }, + "assembleWith": { + "type": "string" + }, + "kmsKeyID": { + "type": "string" + }, + "s3OutputPath": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "transformResources": { + "description": "Describes the resources, including ML instance types and ML instance count, to use for the transform job.", + "properties": { + "instanceCount": { + "format": "int64", + "type": "integer" + }, + "instanceType": { + "type": "string" + }, + "volumeKMSKeyID": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "required": [ + "modelName", + "transformInput", + "transformJobName", + "transformOutput", + "transformResources" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "TransformJobStatus defines the observed state of TransformJob", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "failureReason": { + "description": "If the transform job failed, FailureReason describes why it failed. A transform job creates a log file, which includes error messages, and stores it as an Amazon S3 object. For more information, see Log Amazon SageMaker Events with Amazon CloudWatch (https://docs.aws.amazon.com/sagemaker/latest/dg/logging-cloudwatch.html).", + "type": "string" + }, + "transformJobStatus": { + "description": "The status of the transform job. If the transform job failed, the reason is returned in the FailureReason field.", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/sagemaker.services.k8s.aws/userprofile_v1alpha1.json b/sagemaker.services.k8s.aws/userprofile_v1alpha1.json new file mode 100644 index 00000000..efba1ac2 --- /dev/null +++ b/sagemaker.services.k8s.aws/userprofile_v1alpha1.json @@ -0,0 +1,286 @@ +{ + "description": "UserProfile is the Schema for the UserProfiles API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "UserProfileSpec defines the desired state of UserProfile.", + "properties": { + "domainID": { + "description": "The ID of the associated Domain.", + "type": "string" + }, + "singleSignOnUserIdentifier": { + "description": "A specifier for the type of value specified in SingleSignOnUserValue. Currently, the only supported value is \"UserName\". If the Domain's AuthMode is IAM Identity Center, this field is required. If the Domain's AuthMode is not IAM Identity Center, this field cannot be specified.", + "type": "string" + }, + "singleSignOnUserValue": { + "description": "The username of the associated Amazon Web Services Single Sign-On User for this UserProfile. If the Domain's AuthMode is IAM Identity Center, this field is required, and must match a valid username of a user in your directory. If the Domain's AuthMode is not IAM Identity Center, this field cannot be specified.", + "type": "string" + }, + "tags": { + "description": "Each tag consists of a key and an optional value. Tag keys must be unique per resource. \n Tags that you specify for the User Profile are also added to all Apps that the User Profile launches.", + "items": { + "description": "A tag object that consists of a key and an optional value, used to manage metadata for SageMaker Amazon Web Services resources. \n You can add tags to notebook instances, training jobs, hyperparameter tuning jobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations, and endpoints. For more information on adding tags to SageMaker resources, see AddTags. \n For more information on adding metadata to your Amazon Web Services resources with tagging, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html). For advice on best practices for managing Amazon Web Services resources with tagging, see Tagging Best Practices: Implement an Effective Amazon Web Services Resource Tagging Strategy (https://d1.awsstatic.com/whitepapers/aws-tagging-best-practices.pdf).", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "userProfileName": { + "description": "A name for the UserProfile. This value is not case sensitive.", + "type": "string" + }, + "userSettings": { + "description": "A collection of settings.", + "properties": { + "executionRole": { + "type": "string" + }, + "jupyterServerAppSettings": { + "description": "The JupyterServer app settings.", + "properties": { + "defaultResourceSpec": { + "description": "Specifies the ARN's of a SageMaker image and SageMaker image version, and the instance type that the version runs on.", + "properties": { + "instanceType": { + "type": "string" + }, + "lifecycleConfigARN": { + "type": "string" + }, + "sageMakerImageARN": { + "type": "string" + }, + "sageMakerImageVersionARN": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "lifecycleConfigARNs": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "kernelGatewayAppSettings": { + "description": "The KernelGateway app settings.", + "properties": { + "customImages": { + "items": { + "description": "A custom SageMaker image. For more information, see Bring your own SageMaker image (https://docs.aws.amazon.com/sagemaker/latest/dg/studio-byoi.html).", + "properties": { + "appImageConfigName": { + "type": "string" + }, + "imageName": { + "type": "string" + }, + "imageVersionNumber": { + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "defaultResourceSpec": { + "description": "Specifies the ARN's of a SageMaker image and SageMaker image version, and the instance type that the version runs on.", + "properties": { + "instanceType": { + "type": "string" + }, + "lifecycleConfigARN": { + "type": "string" + }, + "sageMakerImageARN": { + "type": "string" + }, + "sageMakerImageVersionARN": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "lifecycleConfigARNs": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "rStudioServerProAppSettings": { + "description": "A collection of settings that configure user interaction with the RStudioServerPro app. RStudioServerProAppSettings cannot be updated. The RStudioServerPro app must be deleted and a new one created to make any changes.", + "properties": { + "accessStatus": { + "type": "string" + }, + "userGroup": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "securityGroups": { + "items": { + "type": "string" + }, + "type": "array" + }, + "sharingSettings": { + "description": "Specifies options for sharing SageMaker Studio notebooks. These settings are specified as part of DefaultUserSettings when the CreateDomain API is called, and as part of UserSettings when the CreateUserProfile API is called. When SharingSettings is not specified, notebook sharing isn't allowed.", + "properties": { + "notebookOutputOption": { + "type": "string" + }, + "s3KMSKeyID": { + "type": "string" + }, + "s3OutputPath": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "tensorBoardAppSettings": { + "description": "The TensorBoard app settings.", + "properties": { + "defaultResourceSpec": { + "description": "Specifies the ARN's of a SageMaker image and SageMaker image version, and the instance type that the version runs on.", + "properties": { + "instanceType": { + "type": "string" + }, + "lifecycleConfigARN": { + "type": "string" + }, + "sageMakerImageARN": { + "type": "string" + }, + "sageMakerImageVersionARN": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + } + }, + "required": [ + "domainID", + "userProfileName" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "UserProfileStatus defines the observed state of UserProfile", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "status": { + "description": "The status.", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/services.k8s.aws/adoptedresource_v1alpha1.json b/services.k8s.aws/adoptedresource_v1alpha1.json new file mode 100644 index 00000000..e0b79d2f --- /dev/null +++ b/services.k8s.aws/adoptedresource_v1alpha1.json @@ -0,0 +1,188 @@ +{ + "description": "AdoptedResource is the schema for the AdoptedResource API.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "AdoptedResourceSpec defines the desired state of the AdoptedResource.", + "properties": { + "aws": { + "description": "AWSIdentifiers provide all unique ways to reference an AWS resource.", + "properties": { + "additionalKeys": { + "additionalProperties": { + "type": "string" + }, + "description": "AdditionalKeys represents any additional arbitrary identifiers used when describing the target resource.", + "type": "object" + }, + "arn": { + "description": "ARN is the AWS Resource Name for the resource. It is a globally unique identifier.", + "type": "string" + }, + "nameOrID": { + "description": "NameOrId is a user-supplied string identifier for the resource. It may or may not be globally unique, depending on the type of resource.", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "kubernetes": { + "description": "ResourceWithMetadata provides the values necessary to create a Kubernetes resource and override any of its metadata values.", + "properties": { + "group": { + "type": "string" + }, + "kind": { + "type": "string" + }, + "metadata": { + "description": "ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. It is not possible to use `metav1.ObjectMeta` inside spec, as the controller-gen automatically converts this to an arbitrary string-string map. https://github.com/kubernetes-sigs/controller-tools/issues/385 \n Active discussion about inclusion of this field in the spec is happening in this PR: https://github.com/kubernetes-sigs/controller-tools/pull/395 \n Until this is allowed, or if it never is, we will produce a subset of the object meta that contains only the fields which the user is allowed to modify in the metadata.", + "properties": { + "annotations": { + "additionalProperties": { + "type": "string" + }, + "description": "Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations", + "type": "object" + }, + "generateName": { + "description": "GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. \n If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). \n Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#idempotency", + "type": "string" + }, + "labels": { + "additionalProperties": { + "type": "string" + }, + "description": "Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels", + "type": "object" + }, + "name": { + "description": "Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names", + "type": "string" + }, + "namespace": { + "description": "Namespace defines the space within each name must be unique. An empty namespace is equivalent to the \"default\" namespace, but \"default\" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. \n Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces", + "type": "string" + }, + "ownerReferences": { + "description": "List of objects depended by this object. If ALL objects in the list have been deleted, this object will be garbage collected. If this object is managed by a controller, then an entry in this list will point to this controller, with the controller field set to true. There cannot be more than one managing controller.", + "items": { + "description": "OwnerReference contains enough information to let you identify an owning object. An owning object must be in the same namespace as the dependent, or be cluster-scoped, so there is no namespace field.", + "properties": { + "apiVersion": { + "description": "API version of the referent.", + "type": "string" + }, + "blockOwnerDeletion": { + "description": "If true, AND if the owner has the \"foregroundDeletion\" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. See https://kubernetes.io/docs/concepts/architecture/garbage-collection/#foreground-deletion for how the garbage collector interacts with this field and enforces the foreground deletion. Defaults to false. To set this field, a user needs \"delete\" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned.", + "type": "boolean" + }, + "controller": { + "description": "If true, this reference points to the managing controller.", + "type": "boolean" + }, + "kind": { + "description": "Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names", + "type": "string" + }, + "uid": { + "description": "UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids", + "type": "string" + } + }, + "required": [ + "apiVersion", + "kind", + "name", + "uid" + ], + "type": "object", + "x-kubernetes-map-type": "atomic", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "required": [ + "group", + "kind" + ], + "type": "object", + "additionalProperties": false + } + }, + "required": [ + "aws", + "kubernetes" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "AdoptedResourceStatus defines the observed status of the AdoptedResource.", + "properties": { + "conditions": { + "description": "A collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the adopted resource CR and its target custom resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "required": [ + "conditions" + ], + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/services.k8s.aws/fieldexport_v1alpha1.json b/services.k8s.aws/fieldexport_v1alpha1.json new file mode 100644 index 00000000..500d54a9 --- /dev/null +++ b/services.k8s.aws/fieldexport_v1alpha1.json @@ -0,0 +1,139 @@ +{ + "description": "FieldExport is the schema for the FieldExport API.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "FieldExportSpec defines the desired state of the FieldExport.", + "properties": { + "from": { + "description": "ResourceFieldSelector provides the values necessary to identify an individual field on an individual K8s resource.", + "properties": { + "path": { + "type": "string" + }, + "resource": { + "description": "NamespacedResource provides all the values necessary to identify an ACK resource of a given type (within the same namespace as the custom resource containing this type).", + "properties": { + "group": { + "type": "string" + }, + "kind": { + "type": "string" + }, + "name": { + "type": "string" + } + }, + "required": [ + "group", + "kind", + "name" + ], + "type": "object", + "additionalProperties": false + } + }, + "required": [ + "path", + "resource" + ], + "type": "object", + "additionalProperties": false + }, + "to": { + "description": "FieldExportTarget provides the values necessary to identify the output path for a field export.", + "properties": { + "key": { + "description": "Key overrides the default value (`.`) for the FieldExport target", + "type": "string" + }, + "kind": { + "description": "FieldExportOutputType represents all types that can be produced by a field export operation", + "enum": [ + "configmap", + "secret" + ], + "type": "string" + }, + "name": { + "type": "string" + }, + "namespace": { + "description": "Namespace is marked as optional, so we cannot compose `NamespacedName`", + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object", + "additionalProperties": false + } + }, + "required": [ + "from", + "to" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "FieldExportStatus defines the observed status of the FieldExport.", + "properties": { + "conditions": { + "description": "A collection of `ackv1alpha1.Condition` objects that describe the various recoverable states of the field CR", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "required": [ + "conditions" + ], + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/sfn.services.k8s.aws/activity_v1alpha1.json b/sfn.services.k8s.aws/activity_v1alpha1.json new file mode 100644 index 00000000..27cf2880 --- /dev/null +++ b/sfn.services.k8s.aws/activity_v1alpha1.json @@ -0,0 +1,119 @@ +{ + "description": "Activity is the Schema for the Activities API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "ActivitySpec defines the desired state of Activity.", + "properties": { + "name": { + "description": "The name of the activity to create. This name must be unique for your AWS account and region for 90 days. For more information, see Limits Related to State Machine Executions (https://docs.aws.amazon.com/step-functions/latest/dg/limits.html#service-limits-state-machine-executions) in the AWS Step Functions Developer Guide. \n A name must not contain: \n - white space \n - brackets < > { } [ ] \n - wildcard characters ? * \n - special characters \" # % \\ ^ | ~ ` $ & , ; : / \n - control characters (U+0000-001F, U+007F-009F) \n To enable logging with CloudWatch Logs, the name should only contain 0-9, A-Z, a-z, - and _.", + "type": "string" + }, + "tags": { + "description": "The list of tags to add to a resource. \n An array of key-value pairs. For more information, see Using Cost Allocation Tags (https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html) in the AWS Billing and Cost Management User Guide, and Controlling Access Using IAM Tags (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_iam-tags.html). \n Tags may only contain Unicode letters, digits, white space, or these symbols: _ . : / = + - @.", + "items": { + "description": "Tags are key-value pairs that can be associated with Step Functions state machines and activities. \n An array of key-value pairs. For more information, see Using Cost Allocation Tags (https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html) in the AWS Billing and Cost Management User Guide, and Controlling Access Using IAM Tags (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_iam-tags.html). \n Tags may only contain Unicode letters, digits, white space, or these symbols: _ . : / = + - @.", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "required": [ + "name" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "ActivityStatus defines the observed state of Activity", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "creationDate": { + "description": "The date the activity is created.", + "format": "date-time", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/sfn.services.k8s.aws/statemachine_v1alpha1.json b/sfn.services.k8s.aws/statemachine_v1alpha1.json new file mode 100644 index 00000000..571a1346 --- /dev/null +++ b/sfn.services.k8s.aws/statemachine_v1alpha1.json @@ -0,0 +1,174 @@ +{ + "description": "StateMachine is the Schema for the StateMachines API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "StateMachineSpec defines the desired state of StateMachine.", + "properties": { + "definition": { + "description": "The Amazon States Language definition of the state machine. See Amazon States Language (https://docs.aws.amazon.com/step-functions/latest/dg/concepts-amazon-states-language.html).", + "type": "string" + }, + "loggingConfiguration": { + "description": "Defines what execution history events are logged and where they are logged. \n By default, the level is set to OFF. For more information see Log Levels (https://docs.aws.amazon.com/step-functions/latest/dg/cloudwatch-log-level.html) in the AWS Step Functions User Guide.", + "properties": { + "destinations": { + "items": { + "properties": { + "cloudWatchLogsLogGroup": { + "properties": { + "logGroupARN": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "includeExecutionData": { + "type": "boolean" + }, + "level": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "name": { + "description": "The name of the state machine. \n A name must not contain: \n - white space \n - brackets < > { } [ ] \n - wildcard characters ? * \n - special characters \" # % \\ ^ | ~ ` $ & , ; : / \n - control characters (U+0000-001F, U+007F-009F) \n To enable logging with CloudWatch Logs, the name should only contain 0-9, A-Z, a-z, - and _.", + "type": "string" + }, + "roleARN": { + "description": "The Amazon Resource Name (ARN) of the IAM role to use for this state machine.", + "type": "string" + }, + "tags": { + "description": "Tags to be added when creating a state machine. \n An array of key-value pairs. For more information, see Using Cost Allocation Tags (https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html) in the AWS Billing and Cost Management User Guide, and Controlling Access Using IAM Tags (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_iam-tags.html). \n Tags may only contain Unicode letters, digits, white space, or these symbols: _ . : / = + - @.", + "items": { + "description": "Tags are key-value pairs that can be associated with Step Functions state machines and activities. \n An array of key-value pairs. For more information, see Using Cost Allocation Tags (https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html) in the AWS Billing and Cost Management User Guide, and Controlling Access Using IAM Tags (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_iam-tags.html). \n Tags may only contain Unicode letters, digits, white space, or these symbols: _ . : / = + - @.", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "tracingConfiguration": { + "description": "Selects whether AWS X-Ray tracing is enabled.", + "properties": { + "enabled": { + "type": "boolean" + } + }, + "type": "object", + "additionalProperties": false + }, + "type_": { + "description": "Determines whether a Standard or Express state machine is created. The default is STANDARD. You cannot update the type of a state machine once it has been created.", + "type": "string" + } + }, + "required": [ + "definition", + "name", + "roleARN" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "StateMachineStatus defines the observed state of StateMachine", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "creationDate": { + "description": "The date the state machine is created.", + "format": "date-time", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/sns.services.k8s.aws/platformapplication_v1alpha1.json b/sns.services.k8s.aws/platformapplication_v1alpha1.json new file mode 100644 index 00000000..c82a8041 --- /dev/null +++ b/sns.services.k8s.aws/platformapplication_v1alpha1.json @@ -0,0 +1,214 @@ +{ + "description": "PlatformApplication is the Schema for the PlatformApplications API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "PlatformApplicationSpec defines the desired state of PlatformApplication. \n Platform application object.", + "properties": { + "eventDeliveryFailure": { + "type": "string" + }, + "eventEndpointCreated": { + "type": "string" + }, + "eventEndpointCreatedRef": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "eventEndpointDeleted": { + "type": "string" + }, + "eventEndpointDeletedRef": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "eventEndpointUpdated": { + "type": "string" + }, + "eventEndpointUpdatedRef": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "failureFeedbackRoleARN": { + "type": "string" + }, + "failureFeedbackRoleRef": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "name": { + "description": "Application names must be made up of only uppercase and lowercase ASCII letters, numbers, underscores, hyphens, and periods, and must be between 1 and 256 characters long.", + "type": "string" + }, + "platform": { + "description": "The following platforms are supported: ADM (Amazon Device Messaging), APNS (Apple Push Notification Service), APNS_SANDBOX, and GCM (Firebase Cloud Messaging).", + "type": "string" + }, + "platformCredential": { + "type": "string" + }, + "platformPrincipal": { + "type": "string" + }, + "successFeedbackRoleARN": { + "type": "string" + }, + "successFeedbackRoleRef": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "successFeedbackSampleRate": { + "type": "string" + } + }, + "required": [ + "name", + "platform" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "PlatformApplicationStatus defines the observed state of PlatformApplication", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/sns.services.k8s.aws/platformendpoint_v1alpha1.json b/sns.services.k8s.aws/platformendpoint_v1alpha1.json new file mode 100644 index 00000000..8a35ed33 --- /dev/null +++ b/sns.services.k8s.aws/platformendpoint_v1alpha1.json @@ -0,0 +1,111 @@ +{ + "description": "PlatformEndpoint is the Schema for the PlatformEndpoints API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "PlatformEndpointSpec defines the desired state of PlatformEndpoint.", + "properties": { + "customUserData": { + "type": "string" + }, + "enabled": { + "type": "string" + }, + "platformApplicationARN": { + "description": "PlatformApplicationArn returned from CreatePlatformApplication is used to create a an endpoint.", + "type": "string" + }, + "token": { + "type": "string" + } + }, + "required": [ + "platformApplicationARN", + "token" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "PlatformEndpointStatus defines the observed state of PlatformEndpoint", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "endpointARN": { + "description": "EndpointArn returned from CreateEndpoint action.", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/sns.services.k8s.aws/subscription_v1alpha1.json b/sns.services.k8s.aws/subscription_v1alpha1.json new file mode 100644 index 00000000..6030f2c2 --- /dev/null +++ b/sns.services.k8s.aws/subscription_v1alpha1.json @@ -0,0 +1,152 @@ +{ + "description": "Subscription is the Schema for the Subscriptions API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "SubscriptionSpec defines the desired state of Subscription. \n A wrapper type for the attributes of an Amazon SNS subscription.", + "properties": { + "deliveryPolicy": { + "type": "string" + }, + "endpoint": { + "description": "The endpoint that you want to receive notifications. Endpoints vary by protocol: \n - For the http protocol, the (public) endpoint is a URL beginning with http://. \n - For the https protocol, the (public) endpoint is a URL beginning with https://. \n - For the email protocol, the endpoint is an email address. \n - For the email-json protocol, the endpoint is an email address. \n - For the sms protocol, the endpoint is a phone number of an SMS-enabled device. \n - For the sqs protocol, the endpoint is the ARN of an Amazon SQS queue. \n - For the application protocol, the endpoint is the EndpointArn of a mobile app and device. \n - For the lambda protocol, the endpoint is the ARN of an Lambda function. \n - For the firehose protocol, the endpoint is the ARN of an Amazon Kinesis Data Firehose delivery stream.", + "type": "string" + }, + "filterPolicy": { + "type": "string" + }, + "filterPolicyScope": { + "type": "string" + }, + "protocol": { + "description": "The protocol that you want to use. Supported protocols include: \n - http \u2013 delivery of JSON-encoded message via HTTP POST \n - https \u2013 delivery of JSON-encoded message via HTTPS POST \n - email \u2013 delivery of message via SMTP \n - email-json \u2013 delivery of JSON-encoded message via SMTP \n - sms \u2013 delivery of message via SMS \n - sqs \u2013 delivery of JSON-encoded message to an Amazon SQS queue \n - application \u2013 delivery of JSON-encoded message to an EndpointArn for a mobile app and device \n - lambda \u2013 delivery of JSON-encoded message to an Lambda function \n - firehose \u2013 delivery of JSON-encoded message to an Amazon Kinesis Data Firehose delivery stream.", + "type": "string" + }, + "rawMessageDelivery": { + "type": "string" + }, + "redrivePolicy": { + "type": "string" + }, + "subscriptionRoleARN": { + "type": "string" + }, + "topicARN": { + "description": "The ARN of the topic you want to subscribe to.", + "type": "string" + }, + "topicRef": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + } + }, + "required": [ + "protocol" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "SubscriptionStatus defines the observed state of Subscription", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "confirmationWasAuthenticated": { + "type": "string" + }, + "effectiveDeliveryPolicy": { + "type": "string" + }, + "owner": { + "type": "string" + }, + "pendingConfirmation": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/sns.services.k8s.aws/topic_v1alpha1.json b/sns.services.k8s.aws/topic_v1alpha1.json new file mode 100644 index 00000000..0add8b0b --- /dev/null +++ b/sns.services.k8s.aws/topic_v1alpha1.json @@ -0,0 +1,182 @@ +{ + "description": "Topic is the Schema for the Topics API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "TopicSpec defines the desired state of Topic. \n A wrapper type for the topic's Amazon Resource Name (ARN). To retrieve a topic's attributes, use GetTopicAttributes.", + "properties": { + "contentBasedDeduplication": { + "type": "string" + }, + "dataProtectionPolicy": { + "description": "The body of the policy document you want to use for this topic. \n You can only add one policy per topic. \n The policy must be in JSON string format. \n Length Constraints: Maximum length of 30,720.", + "type": "string" + }, + "deliveryPolicy": { + "type": "string" + }, + "displayName": { + "type": "string" + }, + "fifoTopic": { + "type": "string" + }, + "kmsMasterKeyID": { + "type": "string" + }, + "kmsMasterKeyRef": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "name": { + "description": "The name of the topic you want to create. \n Constraints: Topic names must be made up of only uppercase and lowercase ASCII letters, numbers, underscores, and hyphens, and must be between 1 and 256 characters long. \n For a FIFO (first-in-first-out) topic, the name must end with the .fifo suffix.", + "type": "string" + }, + "policy": { + "type": "string" + }, + "policyRef": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "signatureVersion": { + "type": "string" + }, + "tags": { + "description": "The list of tags to add to a new topic. \n To be able to tag a topic on creation, you must have the sns:CreateTopic and sns:TagResource permissions.", + "items": { + "description": "The list of tags to be added to the specified topic.", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "tracingConfig": { + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "TopicStatus defines the observed state of Topic", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "effectiveDeliveryPolicy": { + "type": "string" + }, + "owner": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/sqs.services.k8s.aws/queue_v1alpha1.json b/sqs.services.k8s.aws/queue_v1alpha1.json new file mode 100644 index 00000000..771963a4 --- /dev/null +++ b/sqs.services.k8s.aws/queue_v1alpha1.json @@ -0,0 +1,177 @@ +{ + "description": "Queue is the Schema for the Queues API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "QueueSpec defines the desired state of Queue.", + "properties": { + "contentBasedDeduplication": { + "type": "string" + }, + "delaySeconds": { + "type": "string" + }, + "fifoQueue": { + "type": "string" + }, + "kmsDataKeyReusePeriodSeconds": { + "type": "string" + }, + "kmsMasterKeyID": { + "type": "string" + }, + "kmsMasterKeyRef": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "maximumMessageSize": { + "type": "string" + }, + "messageRetentionPeriod": { + "type": "string" + }, + "policy": { + "type": "string" + }, + "policyRef": { + "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: \n from: name: my-api", + "properties": { + "from": { + "description": "AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name)", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "queueName": { + "type": "string" + }, + "receiveMessageWaitTimeSeconds": { + "type": "string" + }, + "redriveAllowPolicy": { + "type": "string" + }, + "redrivePolicy": { + "type": "string" + }, + "tags": { + "additionalProperties": { + "type": "string" + }, + "description": "Add cost allocation tags to the specified Amazon SQS queue. For an overview, see Tagging Your Amazon SQS Queues (https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-queue-tags.html) in the Amazon SQS Developer Guide. \n When you use queue tags, keep the following guidelines in mind: \n - Adding more than 50 tags to a queue isn't recommended. \n - Tags don't have any semantic meaning. Amazon SQS interprets tags as character strings. \n - Tags are case-sensitive. \n - A new tag with a key identical to that of an existing tag overwrites the existing tag. \n For a full list of tag restrictions, see Quotas related to queues (https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-limits.html#limits-queues) in the Amazon SQS Developer Guide. \n To be able to tag a queue on creation, you must have the sqs:CreateQueue and sqs:TagQueue permissions. \n Cross-account permissions don't apply to this action. For more information, see Grant cross-account permissions to a role and a user name (https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-customer-managed-policy-examples.html#grant-cross-account-permissions-to-role-and-user-name) in the Amazon SQS Developer Guide.", + "type": "object" + }, + "visibilityTimeout": { + "type": "string" + } + }, + "required": [ + "queueName" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "QueueStatus defines the observed state of Queue", + "properties": { + "ackResourceMetadata": { + "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource", + "properties": { + "arn": { + "description": "ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an \"adopted\" resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR's Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270", + "type": "string" + }, + "ownerAccountID": { + "description": "OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.", + "type": "string" + }, + "region": { + "description": "Region is the AWS region in which the resource exists or will exist.", + "type": "string" + } + }, + "required": [ + "ownerAccountID", + "region" + ], + "type": "object", + "additionalProperties": false + }, + "conditions": { + "description": "All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource", + "items": { + "description": "Condition is the common struct used by all CRDs managed by ACK service controllers to indicate terminal states of the CR and its backend AWS service API resource", + "properties": { + "lastTransitionTime": { + "description": "Last time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type is the type of the Condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "queueURL": { + "description": "The URL of the created Amazon SQS queue.", + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +}