From 8eaef8aa4759ce7a22ee8c5e09990acf33b0f96d Mon Sep 17 00:00:00 2001 From: lsviben Date: Wed, 26 Jul 2023 12:47:52 +0200 Subject: [PATCH] update upjet with some required comments changes Signed-off-by: lsviben --- apis/acm/v1beta1/zz_certificate_types.go | 1 + apis/acmpca/v1beta1/zz_certificate_types.go | 1 + .../v1beta1/zz_certificateauthoritycertificate_types.go | 2 ++ apis/amplify/v1beta1/zz_app_types.go | 4 ++++ apis/amplify/v1beta1/zz_branch_types.go | 1 + apis/apigateway/v1beta1/zz_apikey_types.go | 1 + apis/apigateway/v1beta1/zz_domainname_types.go | 1 + apis/appconfig/v1beta1/zz_configurationprofile_types.go | 1 + .../v1beta1/zz_hostedconfigurationversion_types.go | 1 + apis/appstream/v1beta1/zz_directoryconfig_types.go | 1 + .../zz_voiceconnectorterminationcredentials_types.go | 1 + apis/cloudcontrol/v1beta1/zz_resource_types.go | 1 + apis/cloudfront/v1beta1/zz_function_types.go | 1 + apis/cloudfront/v1beta1/zz_publickey_types.go | 1 + apis/cloudwatchevents/v1beta1/zz_connection_types.go | 9 +++++++++ apis/codepipeline/v1beta1/zz_webhook_types.go | 1 + apis/cognitoidp/v1beta1/zz_user_types.go | 2 ++ apis/connect/v1beta1/zz_user_types.go | 1 + apis/dms/v1beta1/zz_certificate_types.go | 2 ++ apis/dms/v1beta1/zz_endpoint_types.go | 4 ++++ apis/docdb/v1beta1/zz_cluster_types.go | 1 + apis/ds/v1beta1/zz_directory_types.go | 1 + apis/ds/v1beta1/zz_shareddirectory_types.go | 1 + apis/ec2/v1beta1/zz_vpnconnection_types.go | 2 ++ apis/elasticache/v1beta1/zz_replicationgroup_types.go | 1 + apis/elasticache/v1beta1/zz_user_types.go | 2 ++ apis/elasticsearch/v1beta1/zz_domain_types.go | 1 + apis/elasticsearch/v1beta1/zz_domainsamloptions_types.go | 1 + apis/elbv2/v1beta1/zz_lblistener_types.go | 1 + apis/elbv2/v1beta1/zz_lblistenerrule_types.go | 1 + apis/firehose/v1beta1/zz_deliverystream_types.go | 3 +++ apis/fsx/v1beta1/zz_ontapfilesystem_types.go | 1 + apis/fsx/v1beta1/zz_ontapstoragevirtualmachine_types.go | 2 ++ apis/fsx/v1beta1/zz_windowsfilesystem_types.go | 1 + apis/glue/v1beta1/zz_connection_types.go | 1 + apis/iam/v1beta1/zz_servercertificate_types.go | 1 + apis/iot/v1beta1/zz_certificate_types.go | 2 ++ apis/kms/v1beta1/zz_ciphertext_types.go | 1 + apis/kms/v1beta1/zz_externalkey_types.go | 1 + apis/kms/v1beta1/zz_replicaexternalkey_types.go | 1 + apis/mq/v1beta1/zz_broker_types.go | 2 ++ apis/opensearch/v1beta1/zz_domain_types.go | 1 + apis/opensearch/v1beta1/zz_domainsamloptions_types.go | 1 + apis/opsworks/v1beta1/zz_application_types.go | 3 +++ apis/opsworks/v1beta1/zz_rdsdbinstance_types.go | 1 + apis/opsworks/v1beta1/zz_stack_types.go | 2 ++ apis/rds/v1beta1/zz_cluster_types.go | 1 + apis/rds/v1beta1/zz_instance_types.go | 2 ++ apis/redshift/v1beta1/zz_cluster_types.go | 1 + apis/redshift/v1beta1/zz_hsmconfiguration_types.go | 1 + .../s3/v1beta1/zz_bucketobjectlockconfiguration_types.go | 1 + .../v1beta1/zz_bucketreplicationconfiguration_types.go | 1 + apis/s3/v1beta1/zz_objectcopy_types.go | 4 ++++ apis/sagemaker/v1beta1/zz_workforce_types.go | 1 + apis/secretsmanager/v1beta1/zz_secretversion_types.go | 2 ++ apis/sns/v1beta1/zz_platformapplication_types.go | 2 ++ apis/ssm/v1beta1/zz_maintenancewindowtask_types.go | 2 ++ apis/ssm/v1beta1/zz_parameter_types.go | 1 + apis/transfer/v1beta1/zz_server_types.go | 3 +++ go.mod | 2 +- go.sum | 4 ++-- ....aws.upbound.io_certificateauthoritycertificates.yaml | 1 - package/crds/acmpca.aws.upbound.io_certificates.yaml | 1 - ...onfig.aws.upbound.io_hostedconfigurationversions.yaml | 1 - package/crds/cloudfront.aws.upbound.io_functions.yaml | 1 - package/crds/cloudfront.aws.upbound.io_publickeys.yaml | 1 - package/crds/ds.aws.upbound.io_directories.yaml | 1 - package/crds/iam.aws.upbound.io_servercertificates.yaml | 2 -- package/crds/kms.aws.upbound.io_ciphertexts.yaml | 1 - package/crds/opsworks.aws.upbound.io_rdsdbinstances.yaml | 2 -- .../crds/redshift.aws.upbound.io_hsmconfigurations.yaml | 1 - .../crds/sns.aws.upbound.io_platformapplications.yaml | 1 - 72 files changed, 98 insertions(+), 16 deletions(-) diff --git a/apis/acm/v1beta1/zz_certificate_types.go b/apis/acm/v1beta1/zz_certificate_types.go index 0ebf6a765a..ec160d1e89 100755 --- a/apis/acm/v1beta1/zz_certificate_types.go +++ b/apis/acm/v1beta1/zz_certificate_types.go @@ -159,6 +159,7 @@ type CertificateParameters struct { Options []OptionsParameters `json:"options,omitempty" tf:"options,omitempty"` // Certificate's PEM-formatted private key + // +kubebuilder:validation:Optional PrivateKeySecretRef *v1.SecretKeySelector `json:"privateKeySecretRef,omitempty" tf:"-"` // Region is the region you'd like your resource to be created in. diff --git a/apis/acmpca/v1beta1/zz_certificate_types.go b/apis/acmpca/v1beta1/zz_certificate_types.go index bd90f822f4..50774fa339 100755 --- a/apis/acmpca/v1beta1/zz_certificate_types.go +++ b/apis/acmpca/v1beta1/zz_certificate_types.go @@ -78,6 +78,7 @@ type CertificateParameters struct { CertificateAuthorityArnSelector *v1.Selector `json:"certificateAuthorityArnSelector,omitempty" tf:"-"` // Certificate Signing Request in PEM format. + // +kubebuilder:validation:Optional CertificateSigningRequestSecretRef v1.SecretKeySelector `json:"certificateSigningRequestSecretRef" tf:"-"` // Region is the region you'd like your resource to be created in. diff --git a/apis/acmpca/v1beta1/zz_certificateauthoritycertificate_types.go b/apis/acmpca/v1beta1/zz_certificateauthoritycertificate_types.go index 4121d1b9e3..b723433e34 100755 --- a/apis/acmpca/v1beta1/zz_certificateauthoritycertificate_types.go +++ b/apis/acmpca/v1beta1/zz_certificateauthoritycertificate_types.go @@ -40,9 +40,11 @@ type CertificateAuthorityCertificateParameters struct { CertificateAuthorityArnSelector *v1.Selector `json:"certificateAuthorityArnSelector,omitempty" tf:"-"` // PEM-encoded certificate chain that includes any intermediate certificates and chains up to root CA. Required for subordinate Certificate Authorities. Not allowed for root Certificate Authorities. + // +kubebuilder:validation:Optional CertificateChainSecretRef *v1.SecretKeySelector `json:"certificateChainSecretRef,omitempty" tf:"-"` // PEM-encoded certificate for the Certificate Authority. + // +kubebuilder:validation:Optional CertificateSecretRef v1.SecretKeySelector `json:"certificateSecretRef" tf:"-"` // Region is the region you'd like your resource to be created in. diff --git a/apis/amplify/v1beta1/zz_app_types.go b/apis/amplify/v1beta1/zz_app_types.go index 82c54f5682..e240cb8cc8 100755 --- a/apis/amplify/v1beta1/zz_app_types.go +++ b/apis/amplify/v1beta1/zz_app_types.go @@ -124,6 +124,7 @@ type AppObservation struct { type AppParameters struct { // Personal access token for a third-party source control system for an Amplify app. The personal access token is used to create a webhook and a read-only deploy key. The token is not stored. + // +kubebuilder:validation:Optional AccessTokenSecretRef *v1.SecretKeySelector `json:"accessTokenSecretRef,omitempty" tf:"-"` // Automated branch creation configuration for an Amplify app. An auto_branch_creation_config block is documented below. @@ -133,6 +134,7 @@ type AppParameters struct { AutoBranchCreationPatterns []*string `json:"autoBranchCreationPatterns,omitempty" tf:"auto_branch_creation_patterns,omitempty"` // Credentials for basic authorization for an Amplify app. + // +kubebuilder:validation:Optional BasicAuthCredentialsSecretRef *v1.SecretKeySelector `json:"basicAuthCredentialsSecretRef,omitempty" tf:"-"` // The build specification (build spec) for an Amplify app. @@ -177,6 +179,7 @@ type AppParameters struct { Name *string `json:"name,omitempty" tf:"name,omitempty"` // OAuth token for a third-party source control system for an Amplify app. The OAuth token is used to create a webhook and a read-only deploy key. The OAuth token is not stored. + // +kubebuilder:validation:Optional OauthTokenSecretRef *v1.SecretKeySelector `json:"oauthTokenSecretRef,omitempty" tf:"-"` // Platform or framework for an Amplify app. Valid values: WEB, WEB_COMPUTE. Default value: WEB. @@ -257,6 +260,7 @@ type AutoBranchCreationConfigObservation struct { type AutoBranchCreationConfigParameters struct { // Basic authorization credentials for the autocreated branch. + // +kubebuilder:validation:Optional BasicAuthCredentialsSecretRef *v1.SecretKeySelector `json:"basicAuthCredentialsSecretRef,omitempty" tf:"-"` // Build specification (build spec) for the autocreated branch. diff --git a/apis/amplify/v1beta1/zz_branch_types.go b/apis/amplify/v1beta1/zz_branch_types.go index 52cb5808c8..d115af5ab4 100755 --- a/apis/amplify/v1beta1/zz_branch_types.go +++ b/apis/amplify/v1beta1/zz_branch_types.go @@ -146,6 +146,7 @@ type BranchParameters struct { BackendEnvironmentArn *string `json:"backendEnvironmentArn,omitempty" tf:"backend_environment_arn,omitempty"` // Basic authorization credentials for the branch. + // +kubebuilder:validation:Optional BasicAuthCredentialsSecretRef *v1.SecretKeySelector `json:"basicAuthCredentialsSecretRef,omitempty" tf:"-"` // Description for the branch. diff --git a/apis/apigateway/v1beta1/zz_apikey_types.go b/apis/apigateway/v1beta1/zz_apikey_types.go index 2382560f98..7e0f3ee8aa 100755 --- a/apis/apigateway/v1beta1/zz_apikey_types.go +++ b/apis/apigateway/v1beta1/zz_apikey_types.go @@ -78,6 +78,7 @@ type APIKeyParameters struct { Tags map[string]*string `json:"tags,omitempty" tf:"tags,omitempty"` // Value of the API key. If specified, the value must be an alphanumeric string between 20 and 128 characters. If not specified, it will be automatically generated by AWS on creation. + // +kubebuilder:validation:Optional ValueSecretRef *v1.SecretKeySelector `json:"valueSecretRef,omitempty" tf:"-"` } diff --git a/apis/apigateway/v1beta1/zz_domainname_types.go b/apis/apigateway/v1beta1/zz_domainname_types.go index 3ae6a82c57..64d6a44919 100755 --- a/apis/apigateway/v1beta1/zz_domainname_types.go +++ b/apis/apigateway/v1beta1/zz_domainname_types.go @@ -135,6 +135,7 @@ type DomainNameParameters struct { CertificateName *string `json:"certificateName,omitempty" tf:"certificate_name,omitempty"` // Private key associated with the domain certificate given in certificate_body. Only valid for EDGE endpoint configuration type. Conflicts with certificate_arn, regional_certificate_arn, and regional_certificate_name. + // +kubebuilder:validation:Optional CertificatePrivateKeySecretRef *v1.SecretKeySelector `json:"certificatePrivateKeySecretRef,omitempty" tf:"-"` // Fully-qualified domain name to register. diff --git a/apis/appconfig/v1beta1/zz_configurationprofile_types.go b/apis/appconfig/v1beta1/zz_configurationprofile_types.go index c5f093e634..4d3d6a1185 100755 --- a/apis/appconfig/v1beta1/zz_configurationprofile_types.go +++ b/apis/appconfig/v1beta1/zz_configurationprofile_types.go @@ -142,6 +142,7 @@ type ValidatorObservation struct { type ValidatorParameters struct { // Either the JSON Schema content or the ARN of an AWS Lambda function. + // +kubebuilder:validation:Optional ContentSecretRef *v1.SecretKeySelector `json:"contentSecretRef,omitempty" tf:"-"` // Type of validator. Valid values: JSON_SCHEMA and LAMBDA. diff --git a/apis/appconfig/v1beta1/zz_hostedconfigurationversion_types.go b/apis/appconfig/v1beta1/zz_hostedconfigurationversion_types.go index 746403e5c7..69ea24db5c 100755 --- a/apis/appconfig/v1beta1/zz_hostedconfigurationversion_types.go +++ b/apis/appconfig/v1beta1/zz_hostedconfigurationversion_types.go @@ -77,6 +77,7 @@ type HostedConfigurationVersionParameters struct { ConfigurationProfileIDSelector *v1.Selector `json:"configurationProfileIdSelector,omitempty" tf:"-"` // Content of the configuration or the configuration data. + // +kubebuilder:validation:Optional ContentSecretRef v1.SecretKeySelector `json:"contentSecretRef" tf:"-"` // Standard MIME type describing the format of the configuration content. For more information, see Content-Type. diff --git a/apis/appstream/v1beta1/zz_directoryconfig_types.go b/apis/appstream/v1beta1/zz_directoryconfig_types.go index 031a41559c..1e54580c20 100755 --- a/apis/appstream/v1beta1/zz_directoryconfig_types.go +++ b/apis/appstream/v1beta1/zz_directoryconfig_types.go @@ -78,6 +78,7 @@ type ServiceAccountCredentialsParameters struct { AccountName *string `json:"accountName,omitempty" tf:"account_name,omitempty"` // Password for the account. + // +kubebuilder:validation:Required AccountPasswordSecretRef v1.SecretKeySelector `json:"accountPasswordSecretRef" tf:"-"` } diff --git a/apis/chime/v1beta1/zz_voiceconnectorterminationcredentials_types.go b/apis/chime/v1beta1/zz_voiceconnectorterminationcredentials_types.go index 091fb0c3a7..bce12e8708 100755 --- a/apis/chime/v1beta1/zz_voiceconnectorterminationcredentials_types.go +++ b/apis/chime/v1beta1/zz_voiceconnectorterminationcredentials_types.go @@ -28,6 +28,7 @@ type CredentialsObservation struct { type CredentialsParameters struct { // RFC2617 compliant password associated with the SIP credentials. + // +kubebuilder:validation:Required PasswordSecretRef v1.SecretKeySelector `json:"passwordSecretRef" tf:"-"` // RFC2617 compliant username associated with the SIP credentials. diff --git a/apis/cloudcontrol/v1beta1/zz_resource_types.go b/apis/cloudcontrol/v1beta1/zz_resource_types.go index 0a0d6fc7ea..cef25d2de3 100755 --- a/apis/cloudcontrol/v1beta1/zz_resource_types.go +++ b/apis/cloudcontrol/v1beta1/zz_resource_types.go @@ -70,6 +70,7 @@ type ResourceParameters struct { RoleArnSelector *v1.Selector `json:"roleArnSelector,omitempty" tf:"-"` // JSON string of the CloudFormation resource type schema which is used for plan time validation where possible. Automatically fetched if not provided. In large scale environments with multiple resources using the same type_name, it is recommended to fetch the schema once via the aws_cloudformation_type data source and use this argument to reduce DescribeType API operation throttling. This value is marked sensitive only to prevent large plan differences from showing. + // +kubebuilder:validation:Optional SchemaSecretRef *v1.SecretKeySelector `json:"schemaSecretRef,omitempty" tf:"-"` // CloudFormation resource type name. For example, AWS::EC2::VPC. diff --git a/apis/cloudfront/v1beta1/zz_function_types.go b/apis/cloudfront/v1beta1/zz_function_types.go index ed54ad886b..6aa8fc23b5 100755 --- a/apis/cloudfront/v1beta1/zz_function_types.go +++ b/apis/cloudfront/v1beta1/zz_function_types.go @@ -54,6 +54,7 @@ type FunctionObservation struct { type FunctionParameters struct { // Source code of the function + // +kubebuilder:validation:Optional CodeSecretRef v1.SecretKeySelector `json:"codeSecretRef" tf:"-"` // Comment. diff --git a/apis/cloudfront/v1beta1/zz_publickey_types.go b/apis/cloudfront/v1beta1/zz_publickey_types.go index d444f4da72..82131057fc 100755 --- a/apis/cloudfront/v1beta1/zz_publickey_types.go +++ b/apis/cloudfront/v1beta1/zz_publickey_types.go @@ -46,6 +46,7 @@ type PublicKeyParameters struct { Comment *string `json:"comment,omitempty" tf:"comment,omitempty"` // The encoded public key that you want to add to CloudFront to use with features like field-level encryption. + // +kubebuilder:validation:Optional EncodedKeySecretRef v1.SecretKeySelector `json:"encodedKeySecretRef" tf:"-"` // The name for the public key. diff --git a/apis/cloudwatchevents/v1beta1/zz_connection_types.go b/apis/cloudwatchevents/v1beta1/zz_connection_types.go index 756a070fb1..925499c140 100755 --- a/apis/cloudwatchevents/v1beta1/zz_connection_types.go +++ b/apis/cloudwatchevents/v1beta1/zz_connection_types.go @@ -31,6 +31,7 @@ type APIKeyParameters struct { Key *string `json:"key,omitempty" tf:"key,omitempty"` // Header Value. Created and stored in AWS Secrets Manager. + // +kubebuilder:validation:Required ValueSecretRef v1.SecretKeySelector `json:"valueSecretRef" tf:"-"` } @@ -94,6 +95,7 @@ type BasicObservation struct { type BasicParameters struct { // A password for the authorization. Created and stored in AWS Secrets Manager. + // +kubebuilder:validation:Required PasswordSecretRef v1.SecretKeySelector `json:"passwordSecretRef" tf:"-"` // A username for the authorization. @@ -127,6 +129,7 @@ type BodyParameters struct { Key *string `json:"key,omitempty" tf:"key,omitempty"` // Header Value. Created and stored in AWS Secrets Manager. + // +kubebuilder:validation:Optional ValueSecretRef *v1.SecretKeySelector `json:"valueSecretRef,omitempty" tf:"-"` } @@ -148,6 +151,7 @@ type ClientParametersParameters struct { ClientID *string `json:"clientId,omitempty" tf:"client_id,omitempty"` // The client secret for the credentials to use for authorization. Created and stored in AWS Secrets Manager. + // +kubebuilder:validation:Required ClientSecretSecretRef v1.SecretKeySelector `json:"clientSecretSecretRef" tf:"-"` } @@ -227,6 +231,7 @@ type HeaderParameters struct { Key *string `json:"key,omitempty" tf:"key,omitempty"` // Header Value. Created and stored in AWS Secrets Manager. + // +kubebuilder:validation:Optional ValueSecretRef *v1.SecretKeySelector `json:"valueSecretRef,omitempty" tf:"-"` } @@ -293,6 +298,7 @@ type OauthHTTPParametersBodyParameters struct { Key *string `json:"key,omitempty" tf:"key,omitempty"` // Header Value. Created and stored in AWS Secrets Manager. + // +kubebuilder:validation:Optional ValueSecretRef *v1.SecretKeySelector `json:"valueSecretRef,omitempty" tf:"-"` } @@ -323,6 +329,7 @@ type OauthHTTPParametersHeaderParameters struct { Key *string `json:"key,omitempty" tf:"key,omitempty"` // Header Value. Created and stored in AWS Secrets Manager. + // +kubebuilder:validation:Optional ValueSecretRef *v1.SecretKeySelector `json:"valueSecretRef,omitempty" tf:"-"` } @@ -389,6 +396,7 @@ type OauthHTTPParametersQueryStringParameters struct { Key *string `json:"key,omitempty" tf:"key,omitempty"` // Header Value. Created and stored in AWS Secrets Manager. + // +kubebuilder:validation:Optional ValueSecretRef *v1.SecretKeySelector `json:"valueSecretRef,omitempty" tf:"-"` } @@ -464,6 +472,7 @@ type QueryStringParameters struct { Key *string `json:"key,omitempty" tf:"key,omitempty"` // Header Value. Created and stored in AWS Secrets Manager. + // +kubebuilder:validation:Optional ValueSecretRef *v1.SecretKeySelector `json:"valueSecretRef,omitempty" tf:"-"` } diff --git a/apis/codepipeline/v1beta1/zz_webhook_types.go b/apis/codepipeline/v1beta1/zz_webhook_types.go index 8c57251ea8..42f63c4c09 100755 --- a/apis/codepipeline/v1beta1/zz_webhook_types.go +++ b/apis/codepipeline/v1beta1/zz_webhook_types.go @@ -31,6 +31,7 @@ type AuthenticationConfigurationParameters struct { AllowedIPRange *string `json:"allowedIpRange,omitempty" tf:"allowed_ip_range,omitempty"` // The shared secret for the GitHub repository webhook. Set this as secret in your github_repository_webhook's configuration block. Required for GITHUB_HMAC. + // +kubebuilder:validation:Optional SecretTokenSecretRef *v1.SecretKeySelector `json:"secretTokenSecretRef,omitempty" tf:"-"` } diff --git a/apis/cognitoidp/v1beta1/zz_user_types.go b/apis/cognitoidp/v1beta1/zz_user_types.go index 7a29dc85ea..57221d8ac7 100755 --- a/apis/cognitoidp/v1beta1/zz_user_types.go +++ b/apis/cognitoidp/v1beta1/zz_user_types.go @@ -101,6 +101,7 @@ type UserParameters struct { MessageAction *string `json:"messageAction,omitempty" tf:"message_action,omitempty"` // The user's permanent password. This password must conform to the password policy specified by user pool the user belongs to. The welcome message always contains only temporary_password value. You can suppress sending the welcome message with the message_action argument. Amazon Cognito does not store the password value. Conflicts with temporary_password. + // +kubebuilder:validation:Optional PasswordSecretRef *v1.SecretKeySelector `json:"passwordSecretRef,omitempty" tf:"-"` // Region is the region you'd like your resource to be created in. @@ -109,6 +110,7 @@ type UserParameters struct { Region *string `json:"region" tf:"-"` // The user's temporary password. Conflicts with password. + // +kubebuilder:validation:Optional TemporaryPasswordSecretRef *v1.SecretKeySelector `json:"temporaryPasswordSecretRef,omitempty" tf:"-"` // The user pool ID for the user pool where the user will be created. diff --git a/apis/connect/v1beta1/zz_user_types.go b/apis/connect/v1beta1/zz_user_types.go index c84023daaa..96aca75400 100755 --- a/apis/connect/v1beta1/zz_user_types.go +++ b/apis/connect/v1beta1/zz_user_types.go @@ -145,6 +145,7 @@ type UserParameters struct { Name *string `json:"name,omitempty" tf:"name,omitempty"` // The password for the user account. A password is required if you are using Amazon Connect for identity management. Otherwise, it is an error to include a password. + // +kubebuilder:validation:Optional PasswordSecretRef *v1.SecretKeySelector `json:"passwordSecretRef,omitempty" tf:"-"` // A block that contains information about the phone settings for the user. Documented below. diff --git a/apis/dms/v1beta1/zz_certificate_types.go b/apis/dms/v1beta1/zz_certificate_types.go index c06a9bfa86..fe6e79aa1f 100755 --- a/apis/dms/v1beta1/zz_certificate_types.go +++ b/apis/dms/v1beta1/zz_certificate_types.go @@ -36,9 +36,11 @@ type CertificateObservation struct { type CertificateParameters struct { // The contents of the .pem X.509 certificate file for the certificate. Either certificate_pem or certificate_wallet must be set. + // +kubebuilder:validation:Optional CertificatePemSecretRef *v1.SecretKeySelector `json:"certificatePemSecretRef,omitempty" tf:"-"` // The contents of the Oracle Wallet certificate for use with SSL, provided as a base64-encoded String. Either certificate_pem or certificate_wallet must be set. + // +kubebuilder:validation:Optional CertificateWalletSecretRef *v1.SecretKeySelector `json:"certificateWalletSecretRef,omitempty" tf:"-"` // Region is the region you'd like your resource to be created in. diff --git a/apis/dms/v1beta1/zz_endpoint_types.go b/apis/dms/v1beta1/zz_endpoint_types.go index d1cc9bb1bd..a3172c821a 100755 --- a/apis/dms/v1beta1/zz_endpoint_types.go +++ b/apis/dms/v1beta1/zz_endpoint_types.go @@ -233,6 +233,7 @@ type EndpointParameters struct { MongodbSettings []MongodbSettingsParameters `json:"mongodbSettings,omitempty" tf:"mongodb_settings,omitempty"` // Password to be used to login to the endpoint database. + // +kubebuilder:validation:Optional PasswordSecretRef *v1.SecretKeySelector `json:"passwordSecretRef,omitempty" tf:"-"` // Port used by the endpoint database. @@ -440,9 +441,11 @@ type KafkaSettingsParameters struct { SSLClientKeyArn *string `json:"sslClientKeyArn,omitempty" tf:"ssl_client_key_arn,omitempty"` // Password for the client private key used to securely connect to a Kafka target endpoint. + // +kubebuilder:validation:Optional SSLClientKeyPasswordSecretRef *v1.SecretKeySelector `json:"sslClientKeyPasswordSecretRef,omitempty" tf:"-"` // Secure password you created when you first set up your MSK cluster to validate a client identity and make an encrypted connection between server and client using SASL-SSL authentication. + // +kubebuilder:validation:Optional SaslPasswordSecretRef *v1.SecretKeySelector `json:"saslPasswordSecretRef,omitempty" tf:"-"` // Secure user name you created when you first set up your MSK cluster to validate a client identity and make an encrypted connection between server and client using SASL-SSL authentication. @@ -653,6 +656,7 @@ type RedisSettingsObservation struct { type RedisSettingsParameters struct { // The password provided with the auth-role and auth-token options of the AuthType setting for a Redis target endpoint. + // +kubebuilder:validation:Optional AuthPasswordSecretRef *v1.SecretKeySelector `json:"authPasswordSecretRef,omitempty" tf:"-"` // Authentication type to access the MongoDB source endpoint. Default is password. diff --git a/apis/docdb/v1beta1/zz_cluster_types.go b/apis/docdb/v1beta1/zz_cluster_types.go index b1d96c3b55..22a8091b84 100755 --- a/apis/docdb/v1beta1/zz_cluster_types.go +++ b/apis/docdb/v1beta1/zz_cluster_types.go @@ -234,6 +234,7 @@ type ClusterParameters struct { // Password for the master DB user. Note that this may // show up in logs, and it will be stored in the state file. Please refer to the DocumentDB Naming Constraints. + // +kubebuilder:validation:Optional MasterPasswordSecretRef *v1.SecretKeySelector `json:"masterPasswordSecretRef,omitempty" tf:"-"` // Username for the master DB user. diff --git a/apis/ds/v1beta1/zz_directory_types.go b/apis/ds/v1beta1/zz_directory_types.go index c417828e65..e26294b1bb 100755 --- a/apis/ds/v1beta1/zz_directory_types.go +++ b/apis/ds/v1beta1/zz_directory_types.go @@ -194,6 +194,7 @@ type DirectoryParameters struct { Name *string `json:"name,omitempty" tf:"name,omitempty"` // The password for the directory administrator or connector user. + // +kubebuilder:validation:Optional PasswordSecretRef v1.SecretKeySelector `json:"passwordSecretRef" tf:"-"` // Region is the region you'd like your resource to be created in. diff --git a/apis/ds/v1beta1/zz_shareddirectory_types.go b/apis/ds/v1beta1/zz_shareddirectory_types.go index 30d3162268..99cc105207 100755 --- a/apis/ds/v1beta1/zz_shareddirectory_types.go +++ b/apis/ds/v1beta1/zz_shareddirectory_types.go @@ -60,6 +60,7 @@ type SharedDirectoryParameters struct { Method *string `json:"method,omitempty" tf:"method,omitempty"` // Message sent by the directory owner to the directory consumer to help the directory consumer administrator determine whether to approve or reject the share invitation. + // +kubebuilder:validation:Optional NotesSecretRef *v1.SecretKeySelector `json:"notesSecretRef,omitempty" tf:"-"` // Region is the region you'd like your resource to be created in. diff --git a/apis/ec2/v1beta1/zz_vpnconnection_types.go b/apis/ec2/v1beta1/zz_vpnconnection_types.go index 0e23a304f2..7cc7c41e2c 100755 --- a/apis/ec2/v1beta1/zz_vpnconnection_types.go +++ b/apis/ec2/v1beta1/zz_vpnconnection_types.go @@ -607,6 +607,7 @@ type VPNConnectionParameters_2 struct { Tunnel1Phase2LifetimeSeconds *float64 `json:"tunnel1Phase2LifetimeSeconds,omitempty" tf:"tunnel1_phase2_lifetime_seconds,omitempty"` // The preshared key of the first VPN tunnel. The preshared key must be between 8 and 64 characters in length and cannot start with zero(0). Allowed characters are alphanumeric characters, periods(.) and underscores(_). + // +kubebuilder:validation:Optional Tunnel1PresharedKeySecretRef *v1.SecretKeySelector `json:"tunnel1PresharedKeySecretRef,omitempty" tf:"-"` // The percentage of the rekey window for the first VPN tunnel (determined by tunnel1_rekey_margin_time_seconds) during which the rekey time is randomly selected. Valid value is between 0 and 100. @@ -667,6 +668,7 @@ type VPNConnectionParameters_2 struct { Tunnel2Phase2LifetimeSeconds *float64 `json:"tunnel2Phase2LifetimeSeconds,omitempty" tf:"tunnel2_phase2_lifetime_seconds,omitempty"` // The preshared key of the second VPN tunnel. The preshared key must be between 8 and 64 characters in length and cannot start with zero(0). Allowed characters are alphanumeric characters, periods(.) and underscores(_). + // +kubebuilder:validation:Optional Tunnel2PresharedKeySecretRef *v1.SecretKeySelector `json:"tunnel2PresharedKeySecretRef,omitempty" tf:"-"` // The percentage of the rekey window for the second VPN tunnel (determined by tunnel2_rekey_margin_time_seconds) during which the rekey time is randomly selected. Valid value is between 0 and 100. diff --git a/apis/elasticache/v1beta1/zz_replicationgroup_types.go b/apis/elasticache/v1beta1/zz_replicationgroup_types.go index fbb8d60374..3a74f9c3a6 100755 --- a/apis/elasticache/v1beta1/zz_replicationgroup_types.go +++ b/apis/elasticache/v1beta1/zz_replicationgroup_types.go @@ -361,6 +361,7 @@ type ReplicationGroupParameters struct { AtRestEncryptionEnabled *bool `json:"atRestEncryptionEnabled,omitempty" tf:"at_rest_encryption_enabled,omitempty"` // Password used to access a password protected server. Can be specified only if transit_encryption_enabled = true. + // +kubebuilder:validation:Optional AuthTokenSecretRef *v1.SecretKeySelector `json:"authTokenSecretRef,omitempty" tf:"-"` // Specifies whether minor version engine upgrades will be applied automatically to the underlying Cache Cluster instances during the maintenance window. diff --git a/apis/elasticache/v1beta1/zz_user_types.go b/apis/elasticache/v1beta1/zz_user_types.go index b7936f483e..b651d2a731 100755 --- a/apis/elasticache/v1beta1/zz_user_types.go +++ b/apis/elasticache/v1beta1/zz_user_types.go @@ -29,6 +29,7 @@ type AuthenticationModeObservation struct { type AuthenticationModeParameters struct { // Specifies the passwords to use for authentication if type is set to password. + // +kubebuilder:validation:Optional PasswordsSecretRef *[]v1.SecretKeySelector `json:"passwordsSecretRef,omitempty" tf:"-"` // Specifies the authentication type. Possible options are: password, no-password-required or iam. @@ -99,6 +100,7 @@ type UserParameters struct { NoPasswordRequired *bool `json:"noPasswordRequired,omitempty" tf:"no_password_required,omitempty"` // Passwords used for this user. You can create up to two passwords for each user. + // +kubebuilder:validation:Optional PasswordsSecretRef *[]v1.SecretKeySelector `json:"passwordsSecretRef,omitempty" tf:"-"` // Region is the region you'd like your resource to be created in. diff --git a/apis/elasticsearch/v1beta1/zz_domain_types.go b/apis/elasticsearch/v1beta1/zz_domain_types.go index 50faeb0300..d90ddd9eb8 100755 --- a/apis/elasticsearch/v1beta1/zz_domain_types.go +++ b/apis/elasticsearch/v1beta1/zz_domain_types.go @@ -691,6 +691,7 @@ type MasterUserOptionsParameters struct { MasterUserName *string `json:"masterUserName,omitempty" tf:"master_user_name,omitempty"` // Main user's password, which is stored in the Amazon Elasticsearch Service domain's internal database. Only specify if internal_user_database_enabled is set to true. + // +kubebuilder:validation:Optional MasterUserPasswordSecretRef *v1.SecretKeySelector `json:"masterUserPasswordSecretRef,omitempty" tf:"-"` } diff --git a/apis/elasticsearch/v1beta1/zz_domainsamloptions_types.go b/apis/elasticsearch/v1beta1/zz_domainsamloptions_types.go index 40dcfe1374..15e71a6458 100755 --- a/apis/elasticsearch/v1beta1/zz_domainsamloptions_types.go +++ b/apis/elasticsearch/v1beta1/zz_domainsamloptions_types.go @@ -120,6 +120,7 @@ type SAMLOptionsParameters struct { MasterBackendRole *string `json:"masterBackendRole,omitempty" tf:"master_backend_role,omitempty"` // This username from the SAML IdP receives full permissions to the cluster, equivalent to a new master user. + // +kubebuilder:validation:Optional MasterUserNameSecretRef *v1.SecretKeySelector `json:"masterUserNameSecretRef,omitempty" tf:"-"` // Element of the SAML assertion to use for backend roles. Default is roles. diff --git a/apis/elbv2/v1beta1/zz_lblistener_types.go b/apis/elbv2/v1beta1/zz_lblistener_types.go index 028bee494f..c9008231e7 100755 --- a/apis/elbv2/v1beta1/zz_lblistener_types.go +++ b/apis/elbv2/v1beta1/zz_lblistener_types.go @@ -172,6 +172,7 @@ type AuthenticateOidcParameters struct { ClientID *string `json:"clientId,omitempty" tf:"client_id,omitempty"` // OAuth 2.0 client secret. + // +kubebuilder:validation:Required ClientSecretSecretRef v1.SecretKeySelector `json:"clientSecretSecretRef" tf:"-"` // OIDC issuer identifier of the IdP. diff --git a/apis/elbv2/v1beta1/zz_lblistenerrule_types.go b/apis/elbv2/v1beta1/zz_lblistenerrule_types.go index e12224eff7..a72e6e5a17 100755 --- a/apis/elbv2/v1beta1/zz_lblistenerrule_types.go +++ b/apis/elbv2/v1beta1/zz_lblistenerrule_types.go @@ -196,6 +196,7 @@ type ActionAuthenticateOidcParameters struct { ClientID *string `json:"clientId,omitempty" tf:"client_id,omitempty"` // The OAuth 2.0 client secret. + // +kubebuilder:validation:Required ClientSecretSecretRef v1.SecretKeySelector `json:"clientSecretSecretRef" tf:"-"` // The OIDC issuer identifier of the IdP. diff --git a/apis/firehose/v1beta1/zz_deliverystream_types.go b/apis/firehose/v1beta1/zz_deliverystream_types.go index 41840944e6..b40c1fd22b 100755 --- a/apis/firehose/v1beta1/zz_deliverystream_types.go +++ b/apis/firehose/v1beta1/zz_deliverystream_types.go @@ -803,6 +803,7 @@ type HTTPEndpointConfigurationObservation struct { type HTTPEndpointConfigurationParameters struct { // The access key required for Kinesis Firehose to authenticate with the HTTP endpoint selected as the destination. + // +kubebuilder:validation:Optional AccessKeySecretRef *v1.SecretKeySelector `json:"accessKeySecretRef,omitempty" tf:"-"` // Buffer incoming data for the specified period of time, in seconds between 60 to 900, before delivering it to the destination. The default value is 300s. @@ -1770,6 +1771,7 @@ type RedshiftConfigurationParameters struct { DataTableName *string `json:"dataTableName,omitempty" tf:"data_table_name,omitempty"` // The password for the username above. + // +kubebuilder:validation:Required PasswordSecretRef v1.SecretKeySelector `json:"passwordSecretRef" tf:"-"` // The data processing configuration. More details are given below. @@ -2576,6 +2578,7 @@ type SplunkConfigurationParameters struct { HecEndpointType *string `json:"hecEndpointType,omitempty" tf:"hec_endpoint_type,omitempty"` // The GUID that you obtain from your Splunk cluster when you create a new HEC endpoint. + // +kubebuilder:validation:Required HecTokenSecretRef v1.SecretKeySelector `json:"hecTokenSecretRef" tf:"-"` // The data processing configuration. More details are given below. diff --git a/apis/fsx/v1beta1/zz_ontapfilesystem_types.go b/apis/fsx/v1beta1/zz_ontapfilesystem_types.go index 6a0a70288e..350139caca 100755 --- a/apis/fsx/v1beta1/zz_ontapfilesystem_types.go +++ b/apis/fsx/v1beta1/zz_ontapfilesystem_types.go @@ -211,6 +211,7 @@ type OntapFileSystemParameters struct { EndpointIPAddressRange *string `json:"endpointIpAddressRange,omitempty" tf:"endpoint_ip_address_range,omitempty"` // The ONTAP administrative password for the fsxadmin user that you can use to administer your file system using the ONTAP CLI and REST API. + // +kubebuilder:validation:Optional FSXAdminPasswordSecretRef *v1.SecretKeySelector `json:"fsxAdminPasswordSecretRef,omitempty" tf:"-"` // ARN for the KMS Key to encrypt the file system at rest, Defaults to an AWS managed KMS Key. diff --git a/apis/fsx/v1beta1/zz_ontapstoragevirtualmachine_types.go b/apis/fsx/v1beta1/zz_ontapstoragevirtualmachine_types.go index fec2143856..a8a6ac65a7 100755 --- a/apis/fsx/v1beta1/zz_ontapstoragevirtualmachine_types.go +++ b/apis/fsx/v1beta1/zz_ontapstoragevirtualmachine_types.go @@ -187,6 +187,7 @@ type OntapStorageVirtualMachineParameters struct { // Specifies the root volume security style, Valid values are UNIX, NTFS, and MIXED. All volumes created under this SVM will inherit the root security style unless the security style is specified on the volume. Default value is UNIX. RootVolumeSecurityStyle *string `json:"rootVolumeSecurityStyle,omitempty" tf:"root_volume_security_style,omitempty"` + // +kubebuilder:validation:Optional SvmAdminPasswordSecretRef *v1.SecretKeySelector `json:"svmAdminPasswordSecretRef,omitempty" tf:"-"` // Key-value map of resource tags. @@ -259,6 +260,7 @@ type SelfManagedActiveDirectoryConfigurationParameters struct { OrganizationalUnitDistinguishedName *string `json:"organizationalUnitDistinguishedName,omitempty" tf:"organizational_unit_distinguished_name,omitempty"` // The password for the service account on your self-managed AD domain that Amazon FSx will use to join to your AD domain. + // +kubebuilder:validation:Required PasswordSecretRef v1.SecretKeySelector `json:"passwordSecretRef" tf:"-"` // The user name for the service account on your self-managed AD domain that Amazon FSx will use to join to your AD domain. diff --git a/apis/fsx/v1beta1/zz_windowsfilesystem_types.go b/apis/fsx/v1beta1/zz_windowsfilesystem_types.go index c53e498e4d..a021c3fbb8 100755 --- a/apis/fsx/v1beta1/zz_windowsfilesystem_types.go +++ b/apis/fsx/v1beta1/zz_windowsfilesystem_types.go @@ -100,6 +100,7 @@ type SelfManagedActiveDirectoryParameters struct { OrganizationalUnitDistinguishedName *string `json:"organizationalUnitDistinguishedName,omitempty" tf:"organizational_unit_distinguished_name,omitempty"` // The password for the service account on your self-managed AD domain that Amazon FSx will use to join to your AD domain. + // +kubebuilder:validation:Required PasswordSecretRef v1.SecretKeySelector `json:"passwordSecretRef" tf:"-"` // The user name for the service account on your self-managed AD domain that Amazon FSx will use to join to your AD domain. diff --git a/apis/glue/v1beta1/zz_connection_types.go b/apis/glue/v1beta1/zz_connection_types.go index 2276d24448..31c10f8f3f 100755 --- a/apis/glue/v1beta1/zz_connection_types.go +++ b/apis/glue/v1beta1/zz_connection_types.go @@ -68,6 +68,7 @@ type ConnectionParameters struct { CatalogID *string `json:"catalogId" tf:"catalog_id,omitempty"` // value pairs used as parameters for this connection. + // +kubebuilder:validation:Optional ConnectionPropertiesSecretRef *v1.SecretReference `json:"connectionPropertiesSecretRef,omitempty" tf:"-"` // – The type of the connection. Supported are: CUSTOM, JDBC, KAFKA, MARKETPLACE, MONGODB, and NETWORK. Defaults to JBDC. diff --git a/apis/iam/v1beta1/zz_servercertificate_types.go b/apis/iam/v1beta1/zz_servercertificate_types.go index 39467d7eb7..6d0874785c 100755 --- a/apis/iam/v1beta1/zz_servercertificate_types.go +++ b/apis/iam/v1beta1/zz_servercertificate_types.go @@ -82,6 +82,7 @@ type ServerCertificateParameters struct { Path *string `json:"path,omitempty" tf:"path,omitempty"` // encoded format. + // +kubebuilder:validation:Optional PrivateKeySecretRef v1.SecretKeySelector `json:"privateKeySecretRef" tf:"-"` // Key-value map of resource tags. diff --git a/apis/iot/v1beta1/zz_certificate_types.go b/apis/iot/v1beta1/zz_certificate_types.go index 6bee4e9876..b7c039787d 100755 --- a/apis/iot/v1beta1/zz_certificate_types.go +++ b/apis/iot/v1beta1/zz_certificate_types.go @@ -51,6 +51,7 @@ type CertificateParameters struct { Active *bool `json:"active,omitempty" tf:"active,omitempty"` // The CA certificate for the certificate to be registered. If this is set, the CA needs to be registered with AWS IoT beforehand. + // +kubebuilder:validation:Optional CAPemSecretRef *v1.SecretKeySelector `json:"caPemSecretRef,omitempty" tf:"-"` // The certificate to be registered. If ca_pem is unspecified, review @@ -58,6 +59,7 @@ type CertificateParameters struct { // If ca_pem is specified, review // RegisterCertificate // for more information on registering a certificate. + // +kubebuilder:validation:Optional CertificatePemSecretRef *v1.SecretKeySelector `json:"certificatePemSecretRef,omitempty" tf:"-"` // The certificate signing request. Review diff --git a/apis/kms/v1beta1/zz_ciphertext_types.go b/apis/kms/v1beta1/zz_ciphertext_types.go index db0bfc2f5d..5c314cbf9a 100755 --- a/apis/kms/v1beta1/zz_ciphertext_types.go +++ b/apis/kms/v1beta1/zz_ciphertext_types.go @@ -52,6 +52,7 @@ type CiphertextParameters struct { KeyIDSelector *v1.Selector `json:"keyIdSelector,omitempty" tf:"-"` // Data to be encrypted. Note that this may show up in logs, and it will be stored in the state file. + // +kubebuilder:validation:Optional PlaintextSecretRef v1.SecretKeySelector `json:"plaintextSecretRef" tf:"-"` // Region is the region you'd like your resource to be created in. diff --git a/apis/kms/v1beta1/zz_externalkey_types.go b/apis/kms/v1beta1/zz_externalkey_types.go index df26ea8dfc..8c126b72da 100755 --- a/apis/kms/v1beta1/zz_externalkey_types.go +++ b/apis/kms/v1beta1/zz_externalkey_types.go @@ -100,6 +100,7 @@ type ExternalKeyParameters struct { Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` // Base64 encoded 256-bit symmetric encryption key material to import. The CMK is permanently associated with this key material. The same key material can be reimported, but you cannot import different key material. + // +kubebuilder:validation:Optional KeyMaterialBase64SecretRef *v1.SecretKeySelector `json:"keyMaterialBase64SecretRef,omitempty" tf:"-"` // Indicates whether the KMS key is a multi-Region (true) or regional (false) key. Defaults to false. diff --git a/apis/kms/v1beta1/zz_replicaexternalkey_types.go b/apis/kms/v1beta1/zz_replicaexternalkey_types.go index 9828dfd3d8..d0b9989e50 100755 --- a/apis/kms/v1beta1/zz_replicaexternalkey_types.go +++ b/apis/kms/v1beta1/zz_replicaexternalkey_types.go @@ -111,6 +111,7 @@ type ReplicaExternalKeyParameters struct { Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` // Base64 encoded 256-bit symmetric encryption key material to import. The KMS key is permanently associated with this key material. The same key material can be reimported, but you cannot import different key material. + // +kubebuilder:validation:Optional KeyMaterialBase64SecretRef *v1.SecretKeySelector `json:"keyMaterialBase64SecretRef,omitempty" tf:"-"` // The key policy to attach to the KMS key. If you do not specify a key policy, AWS KMS attaches the default key policy to the KMS key. diff --git a/apis/mq/v1beta1/zz_broker_types.go b/apis/mq/v1beta1/zz_broker_types.go index 5110342e6f..e5464bfe2e 100755 --- a/apis/mq/v1beta1/zz_broker_types.go +++ b/apis/mq/v1beta1/zz_broker_types.go @@ -392,6 +392,7 @@ type LdapServerMetadataParameters struct { RoleSearchSubtree *bool `json:"roleSearchSubtree,omitempty" tf:"role_search_subtree,omitempty"` // Service account password. + // +kubebuilder:validation:Optional ServiceAccountPasswordSecretRef *v1.SecretKeySelector `json:"serviceAccountPasswordSecretRef,omitempty" tf:"-"` // Service account username. @@ -506,6 +507,7 @@ type UserParameters struct { Groups []*string `json:"groups,omitempty" tf:"groups,omitempty"` // Password of the user. It must be 12 to 250 characters long, at least 4 unique characters, and must not contain commas. + // +kubebuilder:validation:Required PasswordSecretRef v1.SecretKeySelector `json:"passwordSecretRef" tf:"-"` // Username of the user. diff --git a/apis/opensearch/v1beta1/zz_domain_types.go b/apis/opensearch/v1beta1/zz_domain_types.go index 76903097bf..9275d110f3 100755 --- a/apis/opensearch/v1beta1/zz_domain_types.go +++ b/apis/opensearch/v1beta1/zz_domain_types.go @@ -706,6 +706,7 @@ type MasterUserOptionsParameters struct { MasterUserName *string `json:"masterUserName,omitempty" tf:"master_user_name,omitempty"` // Main user's password, which is stored in the Amazon OpenSearch Service domain's internal database. Only specify if internal_user_database_enabled is set to true. + // +kubebuilder:validation:Optional MasterUserPasswordSecretRef *v1.SecretKeySelector `json:"masterUserPasswordSecretRef,omitempty" tf:"-"` } diff --git a/apis/opensearch/v1beta1/zz_domainsamloptions_types.go b/apis/opensearch/v1beta1/zz_domainsamloptions_types.go index 17add2ef85..764faf8ff7 100755 --- a/apis/opensearch/v1beta1/zz_domainsamloptions_types.go +++ b/apis/opensearch/v1beta1/zz_domainsamloptions_types.go @@ -137,6 +137,7 @@ type SAMLOptionsParameters struct { MasterBackendRole *string `json:"masterBackendRole,omitempty" tf:"master_backend_role,omitempty"` // This username from the SAML IdP receives full permissions to the cluster, equivalent to a new master user. + // +kubebuilder:validation:Optional MasterUserNameSecretRef *v1.SecretKeySelector `json:"masterUserNameSecretRef,omitempty" tf:"-"` // Element of the SAML assertion to use for backend roles. Default is roles. diff --git a/apis/opsworks/v1beta1/zz_application_types.go b/apis/opsworks/v1beta1/zz_application_types.go index 565deee2aa..1ea7647072 100755 --- a/apis/opsworks/v1beta1/zz_application_types.go +++ b/apis/opsworks/v1beta1/zz_application_types.go @@ -46,12 +46,14 @@ type AppSourceObservation struct { type AppSourceParameters struct { // Password to use when authenticating to the source. + // +kubebuilder:validation:Optional PasswordSecretRef *v1.SecretKeySelector `json:"passwordSecretRef,omitempty" tf:"-"` // For sources that are version-aware, the revision to use. Revision *string `json:"revision,omitempty" tf:"revision,omitempty"` // SSH key to use when authenticating to the source. + // +kubebuilder:validation:Optional SSHKeySecretRef *v1.SecretKeySelector `json:"sshKeySecretRef,omitempty" tf:"-"` // The type of source to use. For example, "archive". @@ -300,6 +302,7 @@ type SSLConfigurationParameters struct { Chain *string `json:"chain,omitempty" tf:"chain,omitempty"` // The private key; the contents of the certificate's domain.key file. + // +kubebuilder:validation:Required PrivateKeySecretRef v1.SecretKeySelector `json:"privateKeySecretRef" tf:"-"` } diff --git a/apis/opsworks/v1beta1/zz_rdsdbinstance_types.go b/apis/opsworks/v1beta1/zz_rdsdbinstance_types.go index 4363c3268d..a8b16f0e6d 100755 --- a/apis/opsworks/v1beta1/zz_rdsdbinstance_types.go +++ b/apis/opsworks/v1beta1/zz_rdsdbinstance_types.go @@ -37,6 +37,7 @@ type RDSDBInstanceObservation struct { type RDSDBInstanceParameters struct { // A db password + // +kubebuilder:validation:Optional DBPasswordSecretRef v1.SecretKeySelector `json:"dbPasswordSecretRef" tf:"-"` // A db username diff --git a/apis/opsworks/v1beta1/zz_stack_types.go b/apis/opsworks/v1beta1/zz_stack_types.go index f49023c5df..fb7fa01ced 100755 --- a/apis/opsworks/v1beta1/zz_stack_types.go +++ b/apis/opsworks/v1beta1/zz_stack_types.go @@ -46,12 +46,14 @@ type CustomCookbooksSourceObservation struct { type CustomCookbooksSourceParameters struct { // Password to use when authenticating to the source. + // +kubebuilder:validation:Optional PasswordSecretRef *v1.SecretKeySelector `json:"passwordSecretRef,omitempty" tf:"-"` // For sources that are version-aware, the revision to use. Revision *string `json:"revision,omitempty" tf:"revision,omitempty"` // SSH key to use when authenticating to the source. + // +kubebuilder:validation:Optional SSHKeySecretRef *v1.SecretKeySelector `json:"sshKeySecretRef,omitempty" tf:"-"` // The type of source to use. For example, "archive". diff --git a/apis/rds/v1beta1/zz_cluster_types.go b/apis/rds/v1beta1/zz_cluster_types.go index 5e307800f4..6579199091 100755 --- a/apis/rds/v1beta1/zz_cluster_types.go +++ b/apis/rds/v1beta1/zz_cluster_types.go @@ -421,6 +421,7 @@ type ClusterParameters struct { ManageMasterUserPassword *bool `json:"manageMasterUserPassword,omitempty" tf:"manage_master_user_password,omitempty"` // Password for the master DB user. Note that this may show up in logs, and it will be stored in the state file. Please refer to the RDS Naming Constraints. Cannot be set if manage_master_user_password is set to true. + // +kubebuilder:validation:Optional MasterPasswordSecretRef *v1.SecretKeySelector `json:"masterPasswordSecretRef,omitempty" tf:"-"` // The Amazon Web Services KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key. To use a KMS key in a different Amazon Web Services account, specify the key ARN or alias ARN. If not specified, the default KMS key for your Amazon Web Services account is used. diff --git a/apis/rds/v1beta1/zz_instance_types.go b/apis/rds/v1beta1/zz_instance_types.go index 595967ea9b..63bd999174 100755 --- a/apis/rds/v1beta1/zz_instance_types.go +++ b/apis/rds/v1beta1/zz_instance_types.go @@ -557,6 +557,7 @@ type InstanceParameters struct { // logs, and it will be stored in the state file. Cannot be set if manage_master_user_password is set to true. // If true, the password will be auto-generated and stored in the Secret referenced by the passwordSecretRef field. // +upjet:crd:field:TFTag=- + // +kubebuilder:validation:Optional AutoGeneratePassword *bool `json:"autoGeneratePassword,omitempty" tf:"-"` // Indicates that minor engine upgrades @@ -754,6 +755,7 @@ type InstanceParameters struct { // Password for the master DB user. Note that this may show up in // logs, and it will be stored in the state file. Cannot be set if manage_master_user_password is set to true. // Password for the master DB user. If you set autoGeneratePassword to true, the Secret referenced here will be created or updated with generated password if it does not already contain one. + // +kubebuilder:validation:Optional PasswordSecretRef *v1.SecretKeySelector `json:"passwordSecretRef,omitempty" tf:"-"` // Specifies whether Performance Insights are enabled. Defaults to false. diff --git a/apis/redshift/v1beta1/zz_cluster_types.go b/apis/redshift/v1beta1/zz_cluster_types.go index 41ac0f03b6..f2f989a882 100755 --- a/apis/redshift/v1beta1/zz_cluster_types.go +++ b/apis/redshift/v1beta1/zz_cluster_types.go @@ -395,6 +395,7 @@ type ClusterParameters struct { // Password for the master DB user. // Note that this may show up in logs, and it will be stored in the state file. Password must contain at least 8 chars and // contain at least one uppercase letter, one lowercase letter, and one number. + // +kubebuilder:validation:Optional MasterPasswordSecretRef *v1.SecretKeySelector `json:"masterPasswordSecretRef,omitempty" tf:"-"` // Username for the master DB user. diff --git a/apis/redshift/v1beta1/zz_hsmconfiguration_types.go b/apis/redshift/v1beta1/zz_hsmconfiguration_types.go index 0176547578..16f3b1c3a0 100755 --- a/apis/redshift/v1beta1/zz_hsmconfiguration_types.go +++ b/apis/redshift/v1beta1/zz_hsmconfiguration_types.go @@ -69,6 +69,7 @@ type HSMConfigurationParameters struct { HSMPartitionName *string `json:"hsmPartitionName,omitempty" tf:"hsm_partition_name,omitempty"` // The password required to access the HSM partition. + // +kubebuilder:validation:Optional HSMPartitionPasswordSecretRef v1.SecretKeySelector `json:"hsmPartitionPasswordSecretRef" tf:"-"` // The HSMs public certificate file. When using Cloud HSM, the file name is server.pem. diff --git a/apis/s3/v1beta1/zz_bucketobjectlockconfiguration_types.go b/apis/s3/v1beta1/zz_bucketobjectlockconfiguration_types.go index 7ff0735df1..261e8045d9 100755 --- a/apis/s3/v1beta1/zz_bucketobjectlockconfiguration_types.go +++ b/apis/s3/v1beta1/zz_bucketobjectlockconfiguration_types.go @@ -75,6 +75,7 @@ type BucketObjectLockConfigurationParameters struct { // Token to allow Object Lock to be enabled for an existing bucket. You must contact AWS support for the bucket's "Object Lock token". // The token is generated in the back-end when versioning is enabled on a bucket. For more details on versioning, see the aws_s3_bucket_versioning resource. + // +kubebuilder:validation:Optional TokenSecretRef *v1.SecretKeySelector `json:"tokenSecretRef,omitempty" tf:"-"` } diff --git a/apis/s3/v1beta1/zz_bucketreplicationconfiguration_types.go b/apis/s3/v1beta1/zz_bucketreplicationconfiguration_types.go index 41ba13c43e..641d56063b 100755 --- a/apis/s3/v1beta1/zz_bucketreplicationconfiguration_types.go +++ b/apis/s3/v1beta1/zz_bucketreplicationconfiguration_types.go @@ -74,6 +74,7 @@ type BucketReplicationConfigurationParameters struct { // Token to allow replication to be enabled on an Object Lock-enabled bucket. You must contact AWS support for the bucket's "Object Lock token". // For more details, see Using S3 Object Lock with replication. + // +kubebuilder:validation:Optional TokenSecretRef *v1.SecretKeySelector `json:"tokenSecretRef,omitempty" tf:"-"` } diff --git a/apis/s3/v1beta1/zz_objectcopy_types.go b/apis/s3/v1beta1/zz_objectcopy_types.go index 5b1a31610c..97c16fe16b 100755 --- a/apis/s3/v1beta1/zz_objectcopy_types.go +++ b/apis/s3/v1beta1/zz_objectcopy_types.go @@ -343,6 +343,7 @@ type ObjectCopyParameters struct { CustomerKeyMd5 *string `json:"customerKeyMd5,omitempty" tf:"customer_key_md5,omitempty"` // Specifies the customer-provided encryption key for Amazon S3 to use in encrypting data. This value is used to store the object and then it is discarded; Amazon S3 does not store the encryption key. The key must be appropriate for use with the algorithm specified in the x-amz-server-side-encryption-customer-algorithm header. + // +kubebuilder:validation:Optional CustomerKeySecretRef *v1.SecretKeySelector `json:"customerKeySecretRef,omitempty" tf:"-"` // Account id of the expected destination bucket owner. If the destination bucket is owned by a different account, the request will fail with an HTTP 403 (Access Denied) error. @@ -361,9 +362,11 @@ type ObjectCopyParameters struct { Grant []ObjectCopyGrantParameters `json:"grant,omitempty" tf:"grant,omitempty"` // Specifies the AWS KMS Encryption Context to use for object encryption. The value is a base64-encoded UTF-8 string holding JSON with the encryption context key-value pairs. + // +kubebuilder:validation:Optional KMSEncryptionContextSecretRef *v1.SecretKeySelector `json:"kmsEncryptionContextSecretRef,omitempty" tf:"-"` // Specifies the AWS KMS Key ARN to use for object encryption. This value is a fully qualified ARN of the KMS Key. If using aws_kms_key, use the exported arn attribute: kms_key_id = aws_kms_key.foo.arn + // +kubebuilder:validation:Optional KMSKeyIDSecretRef *v1.SecretKeySelector `json:"kmsKeyIdSecretRef,omitempty" tf:"-"` // Name of the object once it is in the bucket. @@ -405,6 +408,7 @@ type ObjectCopyParameters struct { SourceCustomerKeyMd5 *string `json:"sourceCustomerKeyMd5,omitempty" tf:"source_customer_key_md5,omitempty"` // Specifies the customer-provided encryption key for Amazon S3 to use to decrypt the source object. The encryption key provided in this header must be one that was used when the source object was created. + // +kubebuilder:validation:Optional SourceCustomerKeySecretRef *v1.SecretKeySelector `json:"sourceCustomerKeySecretRef,omitempty" tf:"-"` // Specifies the desired storage class for the object. Defaults to STANDARD. diff --git a/apis/sagemaker/v1beta1/zz_workforce_types.go b/apis/sagemaker/v1beta1/zz_workforce_types.go index d7a7088179..2de2abf6e8 100755 --- a/apis/sagemaker/v1beta1/zz_workforce_types.go +++ b/apis/sagemaker/v1beta1/zz_workforce_types.go @@ -113,6 +113,7 @@ type OidcConfigParameters struct { ClientID *string `json:"clientId,omitempty" tf:"client_id,omitempty"` // The OIDC IdP client secret used to configure your private workforce. + // +kubebuilder:validation:Required ClientSecretSecretRef v1.SecretKeySelector `json:"clientSecretSecretRef" tf:"-"` // The OIDC IdP issuer used to configure your private workforce. diff --git a/apis/secretsmanager/v1beta1/zz_secretversion_types.go b/apis/secretsmanager/v1beta1/zz_secretversion_types.go index 78b454a114..d1c402baf9 100755 --- a/apis/secretsmanager/v1beta1/zz_secretversion_types.go +++ b/apis/secretsmanager/v1beta1/zz_secretversion_types.go @@ -45,6 +45,7 @@ type SecretVersionParameters struct { Region *string `json:"region" tf:"-"` // Specifies binary data that you want to encrypt and store in this version of the secret. This is required if secret_string is not set. Needs to be encoded to base64. + // +kubebuilder:validation:Optional SecretBinarySecretRef *v1.SecretKeySelector `json:"secretBinarySecretRef,omitempty" tf:"-"` // Specifies the secret to which you want to add a new version. You can specify either the Amazon Resource Name (ARN) or the friendly name of the secret. The secret must already exist. @@ -62,6 +63,7 @@ type SecretVersionParameters struct { SecretIDSelector *v1.Selector `json:"secretIdSelector,omitempty" tf:"-"` // Specifies text data that you want to encrypt and store in this version of the secret. This is required if secret_binary is not set. + // +kubebuilder:validation:Optional SecretStringSecretRef *v1.SecretKeySelector `json:"secretStringSecretRef,omitempty" tf:"-"` // Specifies a list of staging labels that are attached to this version of the secret. A staging label must be unique to a single version of the secret. If you specify a staging label that's already associated with a different version of the same secret then that staging label is automatically removed from the other version and attached to this version. If you do not specify a value, then AWS Secrets Manager automatically moves the staging label AWSCURRENT to this new version on creation. diff --git a/apis/sns/v1beta1/zz_platformapplication_types.go b/apis/sns/v1beta1/zz_platformapplication_types.go index cd1be719dc..ca1ab2dfe6 100755 --- a/apis/sns/v1beta1/zz_platformapplication_types.go +++ b/apis/sns/v1beta1/zz_platformapplication_types.go @@ -117,9 +117,11 @@ type PlatformApplicationParameters struct { Platform *string `json:"platform,omitempty" tf:"platform,omitempty"` // Application Platform credential. See Credential for type of credential required for platform. + // +kubebuilder:validation:Optional PlatformCredentialSecretRef v1.SecretKeySelector `json:"platformCredentialSecretRef" tf:"-"` // Application Platform principal. See Principal for type of principal required for platform. + // +kubebuilder:validation:Optional PlatformPrincipalSecretRef *v1.SecretKeySelector `json:"platformPrincipalSecretRef,omitempty" tf:"-"` // Region is the region you'd like your resource to be created in. diff --git a/apis/ssm/v1beta1/zz_maintenancewindowtask_types.go b/apis/ssm/v1beta1/zz_maintenancewindowtask_types.go index 7ce24ce11c..d7895b99ab 100755 --- a/apis/ssm/v1beta1/zz_maintenancewindowtask_types.go +++ b/apis/ssm/v1beta1/zz_maintenancewindowtask_types.go @@ -118,6 +118,7 @@ type LambdaParametersParameters struct { ClientContext *string `json:"clientContext,omitempty" tf:"client_context,omitempty"` // JSON to provide to your Lambda function as input. + // +kubebuilder:validation:Optional PayloadSecretRef *v1.SecretKeySelector `json:"payloadSecretRef,omitempty" tf:"-"` // Specify a Lambda function version or alias name. @@ -510,6 +511,7 @@ type StepFunctionsParametersObservation struct { type StepFunctionsParametersParameters struct { // The inputs for the STEP_FUNCTION task. + // +kubebuilder:validation:Optional InputSecretRef *v1.SecretKeySelector `json:"inputSecretRef,omitempty" tf:"-"` // The name of the maintenance window task. diff --git a/apis/ssm/v1beta1/zz_parameter_types.go b/apis/ssm/v1beta1/zz_parameter_types.go index 14e7e21039..9445d31ac6 100755 --- a/apis/ssm/v1beta1/zz_parameter_types.go +++ b/apis/ssm/v1beta1/zz_parameter_types.go @@ -125,6 +125,7 @@ type ParameterParameters_2 struct { Type *string `json:"type,omitempty" tf:"type,omitempty"` // Value of the parameter.15 and later, this may require additional configuration handling for certain scenarios.15 Upgrade Guide. + // +kubebuilder:validation:Optional ValueSecretRef *v1.SecretKeySelector `json:"valueSecretRef,omitempty" tf:"-"` } diff --git a/apis/transfer/v1beta1/zz_server_types.go b/apis/transfer/v1beta1/zz_server_types.go index f668b5af84..fcb5a9b70e 100755 --- a/apis/transfer/v1beta1/zz_server_types.go +++ b/apis/transfer/v1beta1/zz_server_types.go @@ -331,6 +331,7 @@ type ServerParameters struct { Function *string `json:"function,omitempty" tf:"function,omitempty"` // RSA, ECDSA, or ED25519 private key (e.g., as generated by the ssh-keygen -t rsa -b 2048 -N "" -m PEM -f my-new-server-key, ssh-keygen -t ecdsa -b 256 -N "" -m PEM -f my-new-server-key or ssh-keygen -t ed25519 -N "" -f my-new-server-key commands). + // +kubebuilder:validation:Optional HostKeySecretRef *v1.SecretKeySelector `json:"hostKeySecretRef,omitempty" tf:"-"` // The mode of authentication enabled for this service. The default value is SERVICE_MANAGED, which allows you to store and access SFTP user credentials within the service. API_GATEWAY indicates that user authentication requires a call to an API Gateway endpoint URL provided by you to integrate an identity provider of your choice. Using AWS_DIRECTORY_SERVICE will allow for authentication against AWS Managed Active Directory or Microsoft Active Directory in your on-premises environment, or in AWS using AD Connectors. Use the AWS_LAMBDA value to directly use a Lambda function as your identity provider. If you choose this value, you must specify the ARN for the lambda function in the function argument. @@ -343,9 +344,11 @@ type ServerParameters struct { LoggingRole *string `json:"loggingRole,omitempty" tf:"logging_role,omitempty"` // Specify a string to display when users connect to a server. This string is displayed after the user authenticates. The SFTP protocol does not support post-authentication display banners. + // +kubebuilder:validation:Optional PostAuthenticationLoginBannerSecretRef *v1.SecretKeySelector `json:"postAuthenticationLoginBannerSecretRef,omitempty" tf:"-"` // Specify a string to display when users connect to a server. This string is displayed before the user authenticates. + // +kubebuilder:validation:Optional PreAuthenticationLoginBannerSecretRef *v1.SecretKeySelector `json:"preAuthenticationLoginBannerSecretRef,omitempty" tf:"-"` // The protocol settings that are configured for your server. diff --git a/go.mod b/go.mod index f679fb0108..df59c0dbd7 100644 --- a/go.mod +++ b/go.mod @@ -2,7 +2,7 @@ module github.com/upbound/provider-aws go 1.19 -replace github.com/upbound/upjet => github.com/lsviben/upjet v0.0.0-20230724200920-341215a89e45 +replace github.com/upbound/upjet => github.com/lsviben/upjet v0.0.0-20230726104527-dc55bdf638c0 require ( github.com/aws/aws-sdk-go-v2 v1.16.15 diff --git a/go.sum b/go.sum index e0ed08e0d5..43faedb247 100644 --- a/go.sum +++ b/go.sum @@ -333,8 +333,8 @@ github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= github.com/kylelemons/godebug v0.0.0-20170820004349-d65d576e9348/go.mod h1:B69LEHPfb2qLo0BaaOLcbitczOKLWTsrBG9LczfCD4k= github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc= github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw= -github.com/lsviben/upjet v0.0.0-20230724200920-341215a89e45 h1:avxLeUuAMWDQj442nRF5pHwy7NJ9E0Y+oCJgEKtI1zo= -github.com/lsviben/upjet v0.0.0-20230724200920-341215a89e45/go.mod h1:2RXHgpIugCL/S/Use1QJAeVaev901RBeUByQh5gUtGk= +github.com/lsviben/upjet v0.0.0-20230726104527-dc55bdf638c0 h1:LZeq963G1o7iME8QaHzbLSgoKd/cDztbqj6NAr++77s= +github.com/lsviben/upjet v0.0.0-20230726104527-dc55bdf638c0/go.mod h1:2RXHgpIugCL/S/Use1QJAeVaev901RBeUByQh5gUtGk= github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0= github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU= diff --git a/package/crds/acmpca.aws.upbound.io_certificateauthoritycertificates.yaml b/package/crds/acmpca.aws.upbound.io_certificateauthoritycertificates.yaml index f07a596b3f..2c962f3fed 100644 --- a/package/crds/acmpca.aws.upbound.io_certificateauthoritycertificates.yaml +++ b/package/crds/acmpca.aws.upbound.io_certificateauthoritycertificates.yaml @@ -186,7 +186,6 @@ spec: be created in. type: string required: - - certificateSecretRef - region type: object initProvider: diff --git a/package/crds/acmpca.aws.upbound.io_certificates.yaml b/package/crds/acmpca.aws.upbound.io_certificates.yaml index 241e97734a..876afc3edb 100644 --- a/package/crds/acmpca.aws.upbound.io_certificates.yaml +++ b/package/crds/acmpca.aws.upbound.io_certificates.yaml @@ -196,7 +196,6 @@ spec: type: object type: array required: - - certificateSigningRequestSecretRef - region type: object initProvider: diff --git a/package/crds/appconfig.aws.upbound.io_hostedconfigurationversions.yaml b/package/crds/appconfig.aws.upbound.io_hostedconfigurationversions.yaml index d6ff482206..db994745c8 100644 --- a/package/crds/appconfig.aws.upbound.io_hostedconfigurationversions.yaml +++ b/package/crds/appconfig.aws.upbound.io_hostedconfigurationversions.yaml @@ -254,7 +254,6 @@ spec: be created in. type: string required: - - contentSecretRef - region type: object initProvider: diff --git a/package/crds/cloudfront.aws.upbound.io_functions.yaml b/package/crds/cloudfront.aws.upbound.io_functions.yaml index 66e42d6dd4..2178c9518f 100644 --- a/package/crds/cloudfront.aws.upbound.io_functions.yaml +++ b/package/crds/cloudfront.aws.upbound.io_functions.yaml @@ -102,7 +102,6 @@ spec: cloudfront-js-1.0 is valid. type: string required: - - codeSecretRef - region type: object initProvider: diff --git a/package/crds/cloudfront.aws.upbound.io_publickeys.yaml b/package/crds/cloudfront.aws.upbound.io_publickeys.yaml index 8160c4c227..06e9d579f2 100644 --- a/package/crds/cloudfront.aws.upbound.io_publickeys.yaml +++ b/package/crds/cloudfront.aws.upbound.io_publickeys.yaml @@ -97,7 +97,6 @@ spec: be created in. type: string required: - - encodedKeySecretRef - region type: object initProvider: diff --git a/package/crds/ds.aws.upbound.io_directories.yaml b/package/crds/ds.aws.upbound.io_directories.yaml index 8cb8cd567b..29dd86842b 100644 --- a/package/crds/ds.aws.upbound.io_directories.yaml +++ b/package/crds/ds.aws.upbound.io_directories.yaml @@ -489,7 +489,6 @@ spec: type: object type: array required: - - passwordSecretRef - region type: object initProvider: diff --git a/package/crds/iam.aws.upbound.io_servercertificates.yaml b/package/crds/iam.aws.upbound.io_servercertificates.yaml index 8313a1a097..e541ccd649 100644 --- a/package/crds/iam.aws.upbound.io_servercertificates.yaml +++ b/package/crds/iam.aws.upbound.io_servercertificates.yaml @@ -101,8 +101,6 @@ spec: type: string description: Key-value map of resource tags. type: object - required: - - privateKeySecretRef type: object initProvider: description: THIS IS AN ALPHA FIELD. Do not use it in production. diff --git a/package/crds/kms.aws.upbound.io_ciphertexts.yaml b/package/crds/kms.aws.upbound.io_ciphertexts.yaml index 1fcb224953..36c3eee60e 100644 --- a/package/crds/kms.aws.upbound.io_ciphertexts.yaml +++ b/package/crds/kms.aws.upbound.io_ciphertexts.yaml @@ -172,7 +172,6 @@ spec: be created in. type: string required: - - plaintextSecretRef - region type: object initProvider: diff --git a/package/crds/opsworks.aws.upbound.io_rdsdbinstances.yaml b/package/crds/opsworks.aws.upbound.io_rdsdbinstances.yaml index cbbba2a06f..4fececda65 100644 --- a/package/crds/opsworks.aws.upbound.io_rdsdbinstances.yaml +++ b/package/crds/opsworks.aws.upbound.io_rdsdbinstances.yaml @@ -241,8 +241,6 @@ spec: type: string type: object type: object - required: - - dbPasswordSecretRef type: object initProvider: description: THIS IS AN ALPHA FIELD. Do not use it in production. diff --git a/package/crds/redshift.aws.upbound.io_hsmconfigurations.yaml b/package/crds/redshift.aws.upbound.io_hsmconfigurations.yaml index e4520e6bb8..6e173eb218 100644 --- a/package/crds/redshift.aws.upbound.io_hsmconfigurations.yaml +++ b/package/crds/redshift.aws.upbound.io_hsmconfigurations.yaml @@ -112,7 +112,6 @@ spec: description: Key-value map of resource tags. type: object required: - - hsmPartitionPasswordSecretRef - region type: object initProvider: diff --git a/package/crds/sns.aws.upbound.io_platformapplications.yaml b/package/crds/sns.aws.upbound.io_platformapplications.yaml index 2227183585..86a47b54da 100644 --- a/package/crds/sns.aws.upbound.io_platformapplications.yaml +++ b/package/crds/sns.aws.upbound.io_platformapplications.yaml @@ -298,7 +298,6 @@ spec: delivered messages. type: string required: - - platformCredentialSecretRef - region type: object initProvider: