├── .github └── workflows │ └── create-release.yml ├── .gitignore ├── ATTRIBUTION.md ├── CODE_OF_CONDUCT.md ├── CONTRIBUTING.md ├── GOVERNANCE.md ├── LICENSE ├── Makefile ├── NOTICE ├── OWNERS ├── OWNERS_ALIASES ├── README.md ├── SECURITY.md ├── apis └── v1alpha1 │ ├── ack-generate-metadata.yaml │ ├── capacity_reservation.go │ ├── dhcp_options.go │ ├── doc.go │ ├── elastic_ip_address.go │ ├── enums.go │ ├── flow_log.go │ ├── generator.yaml │ ├── groupversion_info.go │ ├── instance.go │ ├── internet_gateway.go │ ├── launch_template.go │ ├── nat_gateway.go │ ├── network_acl.go │ ├── route_table.go │ ├── security_group.go │ ├── subnet.go │ ├── transit_gateway.go │ ├── transit_gateway_vpc_attachment.go │ ├── types.go │ ├── vpc.go │ ├── vpc_endpoint.go │ ├── vpc_endpoint_service_configuration.go │ ├── vpc_peering_connection.go │ └── zz_generated.deepcopy.go ├── cmd └── controller │ └── main.go ├── config ├── controller │ ├── deployment.yaml │ ├── kustomization.yaml │ └── service.yaml ├── crd │ ├── bases │ │ ├── ec2.services.k8s.aws_capacityreservations.yaml │ │ ├── ec2.services.k8s.aws_dhcpoptions.yaml │ │ ├── ec2.services.k8s.aws_elasticipaddresses.yaml │ │ ├── ec2.services.k8s.aws_flowlogs.yaml │ │ ├── ec2.services.k8s.aws_instances.yaml │ │ ├── ec2.services.k8s.aws_internetgateways.yaml │ │ ├── ec2.services.k8s.aws_launchtemplates.yaml │ │ ├── ec2.services.k8s.aws_natgateways.yaml │ │ ├── ec2.services.k8s.aws_networkacls.yaml │ │ ├── ec2.services.k8s.aws_routetables.yaml │ │ ├── ec2.services.k8s.aws_securitygroups.yaml │ │ ├── ec2.services.k8s.aws_subnets.yaml │ │ ├── ec2.services.k8s.aws_transitgateways.yaml │ │ ├── ec2.services.k8s.aws_transitgatewayvpcattachments.yaml │ │ ├── ec2.services.k8s.aws_vpcendpoints.yaml │ │ ├── ec2.services.k8s.aws_vpcendpointserviceconfigurations.yaml │ │ ├── ec2.services.k8s.aws_vpcpeeringconnections.yaml │ │ └── ec2.services.k8s.aws_vpcs.yaml │ ├── common │ │ ├── bases │ │ │ ├── services.k8s.aws_adoptedresources.yaml │ │ │ └── services.k8s.aws_fieldexports.yaml │ │ └── kustomization.yaml │ └── kustomization.yaml ├── default │ └── kustomization.yaml ├── iam │ └── recommended-policy-arn ├── overlays │ └── namespaced │ │ ├── kustomization.yaml │ │ ├── role-binding.json │ │ └── role.json └── rbac │ ├── cluster-role-binding.yaml │ ├── cluster-role-controller.yaml │ ├── kustomization.yaml │ ├── leader-election-role-binding.yaml │ ├── leader-election-role.yaml │ ├── role-reader.yaml │ ├── role-writer.yaml │ └── service-account.yaml ├── generator.yaml ├── go.local.mod ├── go.local.sum ├── go.mod ├── go.sum ├── helm ├── Chart.yaml ├── crds │ ├── ec2.services.k8s.aws_capacityreservations.yaml │ ├── ec2.services.k8s.aws_dhcpoptions.yaml │ ├── ec2.services.k8s.aws_elasticipaddresses.yaml │ ├── ec2.services.k8s.aws_flowlogs.yaml │ ├── ec2.services.k8s.aws_instances.yaml │ ├── ec2.services.k8s.aws_internetgateways.yaml │ ├── ec2.services.k8s.aws_launchtemplates.yaml │ ├── ec2.services.k8s.aws_natgateways.yaml │ ├── ec2.services.k8s.aws_networkacls.yaml │ ├── ec2.services.k8s.aws_routetables.yaml │ ├── ec2.services.k8s.aws_securitygroups.yaml │ ├── ec2.services.k8s.aws_subnets.yaml │ ├── ec2.services.k8s.aws_transitgateways.yaml │ ├── ec2.services.k8s.aws_transitgatewayvpcattachments.yaml │ ├── ec2.services.k8s.aws_vpcendpoints.yaml │ ├── ec2.services.k8s.aws_vpcendpointserviceconfigurations.yaml │ ├── ec2.services.k8s.aws_vpcpeeringconnections.yaml │ ├── ec2.services.k8s.aws_vpcs.yaml │ ├── services.k8s.aws_adoptedresources.yaml │ └── services.k8s.aws_fieldexports.yaml ├── templates │ ├── NOTES.txt │ ├── _helpers.tpl │ ├── caches-role-binding.yaml │ ├── caches-role.yaml │ ├── cluster-role-binding.yaml │ ├── cluster-role-controller.yaml │ ├── deployment.yaml │ ├── leader-election-role-binding.yaml │ ├── leader-election-role.yaml │ ├── metrics-service.yaml │ ├── role-reader.yaml │ ├── role-writer.yaml │ └── service-account.yaml ├── values.schema.json └── values.yaml ├── metadata.yaml ├── olm └── olmconfig.yaml ├── pkg ├── resource │ ├── capacity_reservation │ │ ├── delta.go │ │ ├── descriptor.go │ │ ├── hooks.go │ │ ├── identifiers.go │ │ ├── manager.go │ │ ├── manager_factory.go │ │ ├── references.go │ │ ├── resource.go │ │ ├── sdk.go │ │ └── tags.go │ ├── dhcp_options │ │ ├── delta.go │ │ ├── descriptor.go │ │ ├── hooks.go │ │ ├── identifiers.go │ │ ├── manager.go │ │ ├── manager_factory.go │ │ ├── references.go │ │ ├── resource.go │ │ ├── sdk.go │ │ └── tags.go │ ├── elastic_ip_address │ │ ├── delta.go │ │ ├── descriptor.go │ │ ├── hooks.go │ │ ├── identifiers.go │ │ ├── manager.go │ │ ├── manager_factory.go │ │ ├── references.go │ │ ├── resource.go │ │ ├── sdk.go │ │ └── tags.go │ ├── flow_log │ │ ├── delta.go │ │ ├── descriptor.go │ │ ├── hooks.go │ │ ├── identifiers.go │ │ ├── manager.go │ │ ├── manager_factory.go │ │ ├── references.go │ │ ├── resource.go │ │ ├── sdk.go │ │ └── tags.go │ ├── instance │ │ ├── delta.go │ │ ├── descriptor.go │ │ ├── hooks.go │ │ ├── identifiers.go │ │ ├── manager.go │ │ ├── manager_factory.go │ │ ├── references.go │ │ ├── resource.go │ │ ├── sdk.go │ │ └── tags.go │ ├── internet_gateway │ │ ├── delta.go │ │ ├── descriptor.go │ │ ├── hooks.go │ │ ├── identifiers.go │ │ ├── manager.go │ │ ├── manager_factory.go │ │ ├── references.go │ │ ├── resource.go │ │ ├── sdk.go │ │ └── tags.go │ ├── launch_template │ │ ├── delta.go │ │ ├── descriptor.go │ │ ├── hooks.go │ │ ├── identifiers.go │ │ ├── manager.go │ │ ├── manager_factory.go │ │ ├── references.go │ │ ├── resource.go │ │ ├── sdk.go │ │ └── tags.go │ ├── nat_gateway │ │ ├── delta.go │ │ ├── descriptor.go │ │ ├── hooks.go │ │ ├── identifiers.go │ │ ├── manager.go │ │ ├── manager_factory.go │ │ ├── references.go │ │ ├── resource.go │ │ ├── sdk.go │ │ └── tags.go │ ├── network_acl │ │ ├── delta.go │ │ ├── descriptor.go │ │ ├── hooks.go │ │ ├── identifiers.go │ │ ├── manager.go │ │ ├── manager_factory.go │ │ ├── references.go │ │ ├── resource.go │ │ ├── sdk.go │ │ └── tags.go │ ├── registry.go │ ├── route_table │ │ ├── delta.go │ │ ├── descriptor.go │ │ ├── hooks.go │ │ ├── hooks_test.go │ │ ├── identifiers.go │ │ ├── manager.go │ │ ├── manager_factory.go │ │ ├── references.go │ │ ├── resource.go │ │ ├── sdk.go │ │ └── tags.go │ ├── security_group │ │ ├── delta.go │ │ ├── descriptor.go │ │ ├── hooks.go │ │ ├── identifiers.go │ │ ├── manager.go │ │ ├── manager_factory.go │ │ ├── references.go │ │ ├── resource.go │ │ ├── sdk.go │ │ └── tags.go │ ├── subnet │ │ ├── delta.go │ │ ├── descriptor.go │ │ ├── hooks.go │ │ ├── identifiers.go │ │ ├── manager.go │ │ ├── manager_factory.go │ │ ├── references.go │ │ ├── resource.go │ │ ├── sdk.go │ │ └── tags.go │ ├── transit_gateway │ │ ├── delta.go │ │ ├── descriptor.go │ │ ├── hooks.go │ │ ├── identifiers.go │ │ ├── manager.go │ │ ├── manager_factory.go │ │ ├── references.go │ │ ├── resource.go │ │ ├── sdk.go │ │ └── tags.go │ ├── transit_gateway_vpc_attachment │ │ ├── delta.go │ │ ├── descriptor.go │ │ ├── hooks.go │ │ ├── identifiers.go │ │ ├── manager.go │ │ ├── manager_factory.go │ │ ├── references.go │ │ ├── resource.go │ │ ├── sdk.go │ │ └── tags.go │ ├── vpc │ │ ├── delta.go │ │ ├── descriptor.go │ │ ├── hooks.go │ │ ├── identifiers.go │ │ ├── manager.go │ │ ├── manager_factory.go │ │ ├── references.go │ │ ├── resource.go │ │ ├── sdk.go │ │ └── tags.go │ ├── vpc_endpoint │ │ ├── delta.go │ │ ├── descriptor.go │ │ ├── hooks.go │ │ ├── identifiers.go │ │ ├── manager.go │ │ ├── manager_factory.go │ │ ├── references.go │ │ ├── resource.go │ │ ├── sdk.go │ │ └── tags.go │ ├── vpc_endpoint_service_configuration │ │ ├── delta.go │ │ ├── descriptor.go │ │ ├── hooks.go │ │ ├── identifiers.go │ │ ├── manager.go │ │ ├── manager_factory.go │ │ ├── references.go │ │ ├── resource.go │ │ ├── sdk.go │ │ └── tags.go │ └── vpc_peering_connection │ │ ├── delta.go │ │ ├── descriptor.go │ │ ├── hooks.go │ │ ├── identifiers.go │ │ ├── manager.go │ │ ├── manager_factory.go │ │ ├── references.go │ │ ├── resource.go │ │ ├── sdk.go │ │ └── tags.go ├── tags │ └── sync.go └── version │ └── version.go ├── templates └── hooks │ ├── capacity_reservation │ ├── sdk_create_post_build_request.go.tpl │ ├── sdk_update_post_set_output.go.tpl │ └── sdk_update_pre_build_request.go.tpl │ ├── dhcp_options │ ├── sdk_create_post_build_request.go.tpl │ ├── sdk_create_post_set_output.go.tpl │ ├── sdk_delete_pre_build_request.go.tpl │ ├── sdk_file_end.go.tpl │ └── sdk_read_many_post_set_output.go.tpl │ ├── elastic_ip_address │ ├── sdk_create_post_build_request.go.tpl │ ├── sdk_delete_post_build_request.go.tpl │ ├── sdk_file_end.go.tpl │ ├── sdk_read_many_post_build_request.go.tpl │ └── sdk_read_many_pre_build_request.go.tpl │ ├── flow_log │ ├── post_populate_resource_from_annotation.go.tpl │ ├── post_set_resource_identifiers.go.tpl │ ├── sdk_create_post_build_request.go.tpl │ ├── sdk_create_post_set_output.go.tpl │ ├── sdk_delete_post_build_request.go.tpl │ ├── sdk_file_end.go.tpl │ ├── sdk_read_many_post_build_request.go.tpl │ └── sdk_read_many_pre_build_request.go.tpl │ ├── instance │ ├── sdk_create_post_build_request.go.tpl │ ├── sdk_create_post_set_output.go.tpl │ ├── sdk_delete_post_build_request.go.tpl │ ├── sdk_file_end.go.tpl │ └── sdk_read_many_post_set_output.go.tpl │ ├── internet_gateway │ ├── sdk_create_post_build_request.go.tpl │ ├── sdk_create_post_set_output.go.tpl │ ├── sdk_delete_pre_build_request.go.tpl │ ├── sdk_file_end.go.tpl │ └── sdk_read_many_post_set_output.go.tpl │ ├── launch_template │ ├── sdk_create_post_build_request.go.tpl │ ├── sdk_file_end.go.tpl │ ├── sdk_read_many_post_set_output.go.tpl │ └── sdk_update_pre_build_request.go.tpl │ ├── nat_gateway │ ├── sdk_create_post_build_request.go.tpl │ ├── sdk_file_end.go.tpl │ └── sdk_read_many_post_set_output.go.tpl │ ├── network_acl │ ├── sdk_create_post_build_request.go.tpl │ ├── sdk_create_post_set_output.go.tpl │ ├── sdk_delete_pre_build_request.go.tpl │ └── sdk_file_end.go.tpl │ ├── route_table │ ├── sdk_create_post_build_request.go.tpl │ ├── sdk_create_post_set_output.go.tpl │ ├── sdk_file_end.go.tpl │ └── sdk_read_many_post_set_output.go.tpl │ ├── security_group │ ├── sdk_create_post_build_request.go.tpl │ ├── sdk_create_post_set_output.go.tpl │ ├── sdk_delete_pre_build_request.go.tpl │ ├── sdk_file_end.go.tpl │ └── sdk_read_many_post_set_output.go.tpl │ ├── subnet │ ├── sdk_create_post_build_request.go.tpl │ ├── sdk_create_post_set_output.go.tpl │ ├── sdk_file_end.go.tpl │ └── sdk_read_many_post_set_output.go.tpl │ ├── transit_gateway │ ├── sdk_create_post_build_request.go.tpl │ ├── sdk_file_end.go.tpl │ └── sdk_read_many_post_set_output.go.tpl │ ├── transit_gateway_vpc_attachment │ ├── sdk_create_post_build_request.go.tpl │ ├── sdk_update_post_build_request.go.tpl │ └── sdk_update_pre_build_request.go.tpl │ ├── vpc │ ├── sdk_create_post_build_request.go.tpl │ ├── sdk_create_post_set_output.go.tpl │ ├── sdk_file_end.go.tpl │ └── sdk_read_many_post_set_output.go.tpl │ ├── vpc_endpoint │ ├── sdk_create_post_build_request.go.tpl │ ├── sdk_create_post_set_output.go.tpl │ ├── sdk_delete_post_build_request.go.tpl │ ├── sdk_file_end.go.tpl │ └── sdk_read_many_post_set_output.go.tpl │ ├── vpc_endpoint_service_configuration │ ├── sdk_delete_post_build_request.go.tpl │ ├── sdk_file_end.go.tpl │ ├── sdk_read_many_post_set_output.go.tpl │ └── sdk_update_pre_build_request.go.tpl │ └── vpc_peering_connection │ ├── sdk_create_post_build_request.go.tpl │ ├── sdk_create_post_set_output.go.tpl │ ├── sdk_file_end.go.tpl │ ├── sdk_read_many_post_set_output.go.tpl │ └── sdk_update_pre_build_request.go.tpl └── test └── e2e ├── .gitignore ├── __init__.py ├── bootstrap_resources.py ├── conftest.py ├── replacement_values.py ├── requirements.txt ├── resources ├── capacity_reservation.yaml ├── dhcp_options.yaml ├── dhcp_options_vpc_ref.yaml ├── elastic_ip_address.yaml ├── flow_log.yaml ├── instance.yaml ├── internet_gateway.yaml ├── internet_gateway_ref.yaml ├── internet_gateway_route_table.yaml ├── internet_gateway_route_table_association.yaml ├── internet_gateway_vpc_attachment.yaml ├── invalid │ ├── elastic_ip_invalid_combination.yaml │ └── flow_log_invalid_parameter.yaml ├── launch_template.yaml ├── nat_gateway.yaml ├── network_acl.yaml ├── network_acl_with_default_rules.yaml ├── network_acl_with_subnet_assoc.yaml ├── route_table.yaml ├── route_table_ref.yaml ├── security_group.yaml ├── security_group_ref.yaml ├── security_group_rule.yaml ├── security_group_with_sg_ref.yaml ├── subnet.yaml ├── subnet_adoption.yaml ├── subnet_ref.yaml ├── subnet_route_table_assocations.yaml ├── transitgateway.yaml ├── transitgateway_vpc_attachment.yaml ├── vpc.yaml ├── vpc_adoption.yaml ├── vpc_endpoint.yaml ├── vpc_endpoint_modify.yaml ├── vpc_endpoint_ref.yaml ├── vpc_endpoint_service_configuration.yaml ├── vpc_multicidr.yaml ├── vpc_peering_connection.yaml ├── vpc_peering_connection_peering_options.yaml └── vpc_peering_connection_ref.yaml ├── service_bootstrap.py ├── service_cleanup.py └── tests ├── __init__.py ├── helper.py ├── test_capacity_reservation.py ├── test_dhcp_options.py ├── test_elastic_ip_address.py ├── test_flow_logs.py ├── test_instance.py ├── test_internet_gateway.py ├── test_launch_template.py ├── test_nat_gateway.py ├── test_network_acl.py ├── test_references.py ├── test_route_table.py ├── test_security_group.py ├── test_subnet.py ├── test_subnet_adoption.py ├── test_transit_gateway.py ├── test_transitgateway_vpc_attachment.py ├── test_vpc.py ├── test_vpc_adoption.py ├── test_vpc_endpoint.py ├── test_vpc_endpoint_service_configuration.py └── test_vpc_peering_connection.py /.github/workflows/create-release.yml: -------------------------------------------------------------------------------- 1 | name: Create Release 2 | 3 | on: 4 | push: 5 | tags: 6 | - "v*.*.*" 7 | 8 | permissions: 9 | contents: write # For creating releases 10 | 11 | jobs: 12 | call-create-release: 13 | uses: aws-controllers-k8s/.github/.github/workflows/reusable-create-release.yaml@main 14 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | .DS_Store 2 | *.swp 3 | *~ 4 | .idea 5 | /docs/site 6 | bin 7 | build 8 | -------------------------------------------------------------------------------- /CODE_OF_CONDUCT.md: -------------------------------------------------------------------------------- 1 | ## Code of Conduct 2 | This project has adopted the [Amazon Open Source Code of Conduct](https://aws.github.io/code-of-conduct). 3 | For more information see the [Code of Conduct FAQ](https://aws.github.io/code-of-conduct-faq) or contact 4 | opensource-codeofconduct@amazon.com with any additional questions or comments. 5 | -------------------------------------------------------------------------------- /CONTRIBUTING.md: -------------------------------------------------------------------------------- 1 | # Contributing Guidelines 2 | 3 | Thank you for your interest in contributing to our project. Whether it's a bug 4 | report, new feature, correction, or additional documentation, we greatly value 5 | feedback and contributions from our community. 6 | 7 | Please read through this document before submitting any issues or pull requests 8 | to ensure we have all the necessary information to effectively respond to your 9 | bug report or contribution. 10 | 11 | ## Reporting Bugs/Feature Requests 12 | 13 | We welcome you to use the GitHub issue tracker to report bugs or suggest 14 | features. 15 | 16 | When filing an issue, please check existing open, or recently closed, issues to 17 | make sure somebody else hasn't already reported the issue. Please try to 18 | include as much information as you can. Details like these are incredibly 19 | useful: 20 | 21 | * A reproducible test case or series of steps 22 | * The version of our code being used 23 | * Any modifications you've made relevant to the bug 24 | * Anything unusual about your environment or deployment 25 | 26 | ## Contributing via Pull Requests 27 | 28 | Contributions via pull requests are much appreciated. Before sending us a pull 29 | request, please ensure that: 30 | 31 | 1. You are working against the latest source on the *main* branch. 32 | 2. You check existing open, and recently merged, pull requests to make sure 33 | someone else hasn't addressed the problem already. 34 | 3. You open an issue to discuss any significant work - we would hate for your 35 | time to be wasted. 36 | 37 | To send us a pull request, please: 38 | 39 | 1. Fork the repository. 40 | 2. Modify the source; please focus on the specific change you are contributing. 41 | If you also reformat all the code, it will be hard for us to focus on your 42 | change. 43 | 3. Ensure local tests pass. 44 | 4. Commit to your fork using clear commit messages. 45 | 5. Send us a pull request, answering any default questions in the pull request 46 | interface. 47 | 6. Pay attention to any automated CI failures reported in the pull request, and 48 | stay involved in the conversation. 49 | 50 | GitHub provides additional document on [forking a repository][fork] and 51 | [creating a pull request][pr]. 52 | 53 | [fork]: https://help.github.com/articles/fork-a-repo/ 54 | [pr]: https://help.github.com/articles/creating-a-pull-request/ 55 | 56 | ## Finding contributions to work on 57 | 58 | Looking at the existing issues is a great way to find something to contribute 59 | on. As our projects, by default, use the default GitHub issue labels 60 | (enhancement/bug/duplicate/help wanted/invalid/question/wontfix), looking at 61 | any 'help wanted' issues is a great place to start. 62 | 63 | ## Developer documentation 64 | 65 | [See the documentation][dev-docs] for detailed development information. 66 | 67 | [dev-docs]: https://aws-controllers-k8s.github.io/community/docs/contributor-docs/overview/ 68 | 69 | ## Code of Conduct 70 | 71 | We adhere to the [Amazon Open Source Code of Conduct][coc]. 72 | 73 | [coc]: https://aws.github.io/code-of-conduct 74 | 75 | ## Security issue notifications 76 | 77 | If you discover a potential security issue in this project we ask that you 78 | notify AWS/Amazon Security via our [vulnerability reporting page][vuln]. Please 79 | do **not** create a public Github issue. 80 | 81 | [vuln]: http://aws.amazon.com/security/vulnerability-reporting/ 82 | 83 | ## License 84 | 85 | This project is [licensed][./LICENSE] under the Apache-2.0 License. 86 | -------------------------------------------------------------------------------- /GOVERNANCE.md: -------------------------------------------------------------------------------- 1 | # Project governance 2 | 3 | This document lays out the guidelines under which the AWS Controllers for Kubernetes (ACK) project will be governed. 4 | The goal is to make sure that the roles and responsibilities are well defined and clarify on how decisions are made. 5 | 6 | ## Roles 7 | 8 | In the context of ACK, we consider the following roles: 9 | 10 | * __Users__ ... everyone using ACK, typically willing to provide feedback on ACK by proposing features and/or filing issues. 11 | * __Contributors__ ... everyone contributing code, documentation, examples, testing infra, and participating in feature proposals as well as design discussions. Code contributions will require a Developer Certificate of Origin (DCO). 12 | * __Maintainers__ ... are responsible for engaging with and assisting contributors to iterate on the contributions until it reaches acceptable quality. Maintainers can decide whether the contributions can be accepted into the project or rejected. Any active contributor meeting the project quality can be made a Maintainer by the Advisory Board. 13 | * __Advisory Board__ ... is responsible for defining the guidelines and processes that the project operates under. 14 | 15 | The initial members of the Advisory Board are `@jaypipes` and `@mhausenblas`. 16 | 17 | 18 | ## Communication 19 | 20 | The primary mechanism for communication will be via the `#provider-aws` channel on the Kubernetes Slack community. 21 | All features and bug fixes will be tracked as issues in GitHub. All decisions will be documented in GitHub issues. 22 | 23 | In the future, we may consider using a public mailing list, which can be better archived. 24 | 25 | ## Roadmap Planning 26 | 27 | Maintainers will share roadmap and release versions as milestones in GitHub. 28 | 29 | ## Release Management 30 | 31 | The Advisory Board will propose a release management proposal via a GitHub issue and resolve it there. 32 | 33 | ## Other relevant governance resources 34 | 35 | * The ACK [Contributing Guidelines](CONTRIBUTING.md) 36 | * Our [Code of Conduct](CODE_OF_CONDUCT.md) 37 | -------------------------------------------------------------------------------- /Makefile: -------------------------------------------------------------------------------- 1 | SHELL := /bin/bash # Use bash syntax 2 | 3 | # Set up variables 4 | GO111MODULE=on 5 | 6 | # Build ldflags 7 | VERSION=$(shell git describe --tags --always --dirty) 8 | GITCOMMIT=$(shell git rev-parse HEAD) 9 | BUILDDATE=$(shell date -u +'%Y-%m-%dT%H:%M:%SZ') 10 | GO_LDFLAGS=-ldflags "-X main.version=$(VERSION) \ 11 | -X main.buildHash=$(GITCOMMIT) \ 12 | -X main.buildDate=$(BUILDDATE)" 13 | 14 | .PHONY: all test local-test 15 | 16 | all: test 17 | 18 | test: ## Run code tests 19 | go test -v ./... 20 | 21 | local-test: ## Run code tests using go.local.mod file 22 | go test -modfile=go.local.mod -v ./... 23 | 24 | help: ## Show this help. 25 | @grep -F -h "##" $(MAKEFILE_LIST) | grep -F -v grep | sed -e 's/\\$$//' \ 26 | | awk -F'[:#]' '{print $$1 = sprintf("%-30s", $$1), $$4}' 27 | 28 | version: 29 | @echo ${VERSION} -------------------------------------------------------------------------------- /NOTICE: -------------------------------------------------------------------------------- 1 | Copyright 2019 Amazon.com, Inc. or its affiliates. All Rights Reserved. 2 | -------------------------------------------------------------------------------- /OWNERS: -------------------------------------------------------------------------------- 1 | # See the OWNERS docs at https://go.k8s.io/owners 2 | 3 | approvers: 4 | - core-ack-team -------------------------------------------------------------------------------- /OWNERS_ALIASES: -------------------------------------------------------------------------------- 1 | # See the OWNERS docs at https://go.k8s.io/owners#owners_aliases 2 | 3 | aliases: 4 | core-ack-team: 5 | - a-hilaly 6 | - jlbutler 7 | - michaelhtm 8 | - rushmash91 9 | - knottnt 10 | # emeritus-core-ack-team: 11 | # - TiberiuGC 12 | # - jaypipes 13 | # - jljaco 14 | # - mhausenblas 15 | # - RedbackThomson 16 | # - vijtrip2 17 | # - ivelichkovich -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # ACK service controller for Amazon Elastic Compute Cloud (EC2) 2 | 3 | This repository contains source code for the AWS Controllers for Kubernetes 4 | (ACK) service controller for Amazon EC2. 5 | 6 | Please [log issues][ack-issues] and feedback on the main AWS Controllers for 7 | Kubernetes Github project. 8 | 9 | [ack-issues]: https://github.com/aws-controllers-k8s/community/issues 10 | 11 | ## Install the Controller 12 | 13 | Start with the [Install an ACK Controller](https://aws-controllers-k8s.github.io/community/docs/user-docs/install/) section to install the controller into a cluster and setup necessary IAM Permissions. 14 | 15 | *Note: it is recommended and assumed your local terminal has kubectl and AWS credentials configured to use the hosting cluster and AWS account, respectively.* 16 | 17 | ### Release Artifacts 18 | 19 | The latest images and Helm Charts can be found in their respective ECR Public repository: 20 | * [Images](https://gallery.ecr.aws/aws-controllers-k8s/ec2-controller) 21 | * [Helm charts](https://gallery.ecr.aws/aws-controllers-k8s/ec2-chart) 22 | 23 | 24 | ## Create/Delete an ACK Resource 25 | 26 | * Navigate to [test resources](https://github.com/aws-controllers-k8s/ec2-controller/tree/main/test/e2e/resources) for a list of resource `yaml` templates 27 | * Copy the file to the local terminal and substitute `$` values. Ex: [vpc.yaml](https://github.com/aws-controllers-k8s/ec2-controller/blob/main/test/e2e/resources/vpc.yaml) 28 | 29 | ``` 30 | apiVersion: ec2.services.k8s.aws/v1alpha1 31 | kind: VPC 32 | metadata: 33 | name: $VPC_NAME 34 | spec: 35 | cidrBlocks: 36 | - $CIDR_BLOCK 37 | enableDNSSupport: $ENABLE_DNS_SUPPORT 38 | enableDNSHostnames: $ENABLE_DNS_HOSTNAMES 39 | tags: 40 | - key: $TAG_KEY 41 | value: $TAG_VALUE 42 | ``` 43 | 44 | * Create a VPC: `kubectl apply -f vpc.yaml` 45 | * Check its status: `kubectl describe vpc/My-ACK-Resource` 46 | * Delete the VPC: `kubectl delete -f vpc.yaml` 47 | 48 | ## Uninstall the Controller 49 | 50 | Navigate to [Uninstall an ACK Controller](https://aws-controllers-k8s.github.io/community/docs/user-docs/cleanup/) section and substitute service values with `ec2` 51 | 52 | ## Contributing 53 | 54 | We welcome community contributions and pull requests. 55 | 56 | See our [contribution guide](/CONTRIBUTING.md) for more information on how to 57 | report issues, set up a development environment, and submit code. 58 | 59 | We adhere to the [Amazon Open Source Code of Conduct][coc]. 60 | 61 | You can also learn more about our [Governance](/GOVERNANCE.md) structure. 62 | 63 | [coc]: https://aws.github.io/code-of-conduct 64 | 65 | ## License 66 | 67 | This project is [licensed](/LICENSE) under the Apache-2.0 License. 68 | -------------------------------------------------------------------------------- /SECURITY.md: -------------------------------------------------------------------------------- 1 | # Security issue notifications 2 | 3 | If you discover a potential security issue in this project we ask that you notify AWS/Amazon Security via our [vulnerability reporting page](http://aws.amazon.com/security/vulnerability-reporting/). Please do **not** create a public github issue. 4 | -------------------------------------------------------------------------------- /apis/v1alpha1/ack-generate-metadata.yaml: -------------------------------------------------------------------------------- 1 | ack_generate_info: 2 | build_date: "2025-05-24T00:20:12Z" 3 | build_hash: 66a58d259146834e61b211a9a01609beaa58ef77 4 | go_version: go1.24.2 5 | version: v0.47.1 6 | api_directory_checksum: d162a6e9df2d4861d6c01d42047402b51f341293 7 | api_version: v1alpha1 8 | aws_sdk_go_version: v1.32.6 9 | generator_config_info: 10 | file_checksum: 631d4b99d0839af4f2c0561d15f7da3c911786d7 11 | original_file_name: generator.yaml 12 | last_modification: 13 | reason: API generation 14 | -------------------------------------------------------------------------------- /apis/v1alpha1/dhcp_options.go: -------------------------------------------------------------------------------- 1 | // Copyright Amazon.com Inc. or its affiliates. All Rights Reserved. 2 | // 3 | // Licensed under the Apache License, Version 2.0 (the "License"). You may 4 | // not use this file except in compliance with the License. A copy of the 5 | // License is located at 6 | // 7 | // http://aws.amazon.com/apache2.0/ 8 | // 9 | // or in the "license" file accompanying this file. This file is distributed 10 | // on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 11 | // express or implied. See the License for the specific language governing 12 | // permissions and limitations under the License. 13 | 14 | // Code generated by ack-generate. DO NOT EDIT. 15 | 16 | package v1alpha1 17 | 18 | import ( 19 | ackv1alpha1 "github.com/aws-controllers-k8s/runtime/apis/core/v1alpha1" 20 | metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" 21 | ) 22 | 23 | // DhcpOptionsSpec defines the desired state of DhcpOptions. 24 | // 25 | // The set of DHCP options. 26 | type DHCPOptionsSpec struct { 27 | 28 | // A DHCP configuration option. 29 | // +kubebuilder:validation:Required 30 | DHCPConfigurations []*NewDHCPConfiguration `json:"dhcpConfigurations"` 31 | // The tags. The value parameter is required, but if you don't want the tag 32 | // to have a value, specify the parameter with no value, and we set the value 33 | // to an empty string. 34 | Tags []*Tag `json:"tags,omitempty"` 35 | VPC []*string `json:"vpc,omitempty"` 36 | VPCRefs []*ackv1alpha1.AWSResourceReferenceWrapper `json:"vpcRefs,omitempty"` 37 | } 38 | 39 | // DHCPOptionsStatus defines the observed state of DHCPOptions 40 | type DHCPOptionsStatus struct { 41 | // All CRs managed by ACK have a common `Status.ACKResourceMetadata` member 42 | // that is used to contain resource sync state, account ownership, 43 | // constructed ARN for the resource 44 | // +kubebuilder:validation:Optional 45 | ACKResourceMetadata *ackv1alpha1.ResourceMetadata `json:"ackResourceMetadata"` 46 | // All CRs managed by ACK have a common `Status.Conditions` member that 47 | // contains a collection of `ackv1alpha1.Condition` objects that describe 48 | // the various terminal states of the CR and its backend AWS service API 49 | // resource 50 | // +kubebuilder:validation:Optional 51 | Conditions []*ackv1alpha1.Condition `json:"conditions"` 52 | // The ID of the set of DHCP options. 53 | // +kubebuilder:validation:Optional 54 | DHCPOptionsID *string `json:"dhcpOptionsID,omitempty"` 55 | // The ID of the Amazon Web Services account that owns the DHCP options set. 56 | // +kubebuilder:validation:Optional 57 | OwnerID *string `json:"ownerID,omitempty"` 58 | } 59 | 60 | // DHCPOptions is the Schema for the DHCPOptions API 61 | // +kubebuilder:object:root=true 62 | // +kubebuilder:subresource:status 63 | // +kubebuilder:printcolumn:name="ID",type=string,priority=0,JSONPath=`.status.dhcpOptionsID` 64 | type DHCPOptions struct { 65 | metav1.TypeMeta `json:",inline"` 66 | metav1.ObjectMeta `json:"metadata,omitempty"` 67 | Spec DHCPOptionsSpec `json:"spec,omitempty"` 68 | Status DHCPOptionsStatus `json:"status,omitempty"` 69 | } 70 | 71 | // DHCPOptionsList contains a list of DHCPOptions 72 | // +kubebuilder:object:root=true 73 | type DHCPOptionsList struct { 74 | metav1.TypeMeta `json:",inline"` 75 | metav1.ListMeta `json:"metadata,omitempty"` 76 | Items []DHCPOptions `json:"items"` 77 | } 78 | 79 | func init() { 80 | SchemeBuilder.Register(&DHCPOptions{}, &DHCPOptionsList{}) 81 | } 82 | -------------------------------------------------------------------------------- /apis/v1alpha1/doc.go: -------------------------------------------------------------------------------- 1 | // +k8s:deepcopy-gen=package 2 | // Package v1alpha1 is the v1alpha1 version of the ec2.services.k8s.aws API. 3 | // +groupName=ec2.services.k8s.aws 4 | package v1alpha1 5 | -------------------------------------------------------------------------------- /apis/v1alpha1/groupversion_info.go: -------------------------------------------------------------------------------- 1 | // Copyright Amazon.com Inc. or its affiliates. All Rights Reserved. 2 | // 3 | // Licensed under the Apache License, Version 2.0 (the "License"). You may 4 | // not use this file except in compliance with the License. A copy of the 5 | // License is located at 6 | // 7 | // http://aws.amazon.com/apache2.0/ 8 | // 9 | // or in the "license" file accompanying this file. This file is distributed 10 | // on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 11 | // express or implied. See the License for the specific language governing 12 | // permissions and limitations under the License. 13 | 14 | // Code generated by ack-generate. DO NOT EDIT. 15 | 16 | package v1alpha1 17 | 18 | import ( 19 | "k8s.io/apimachinery/pkg/runtime/schema" 20 | "sigs.k8s.io/controller-runtime/pkg/scheme" 21 | ) 22 | 23 | var ( 24 | // GroupVersion is the API Group Version used to register the objects 25 | GroupVersion = schema.GroupVersion{Group: "ec2.services.k8s.aws", Version: "v1alpha1"} 26 | 27 | // SchemeBuilder is used to add go types to the GroupVersionKind scheme 28 | SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion} 29 | 30 | // AddToScheme adds the types in this group-version to the given scheme. 31 | AddToScheme = SchemeBuilder.AddToScheme 32 | ) 33 | -------------------------------------------------------------------------------- /config/controller/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - deployment.yaml 3 | - service.yaml 4 | apiVersion: kustomize.config.k8s.io/v1beta1 5 | kind: Kustomization 6 | images: 7 | - name: controller 8 | newName: public.ecr.aws/aws-controllers-k8s/ec2-controller 9 | newTag: 1.4.5 10 | -------------------------------------------------------------------------------- /config/controller/service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: ack-ec2-metrics-service 5 | namespace: ack-system 6 | spec: 7 | selector: 8 | app.kubernetes.io/name: ack-ec2-controller 9 | ports: 10 | - name: metricsport 11 | port: 8080 12 | targetPort: http 13 | protocol: TCP 14 | type: NodePort 15 | -------------------------------------------------------------------------------- /config/crd/common/kustomization.yaml: -------------------------------------------------------------------------------- 1 | # Code generated in runtime. DO NOT EDIT. 2 | 3 | apiVersion: kustomize.config.k8s.io/v1beta1 4 | kind: Kustomization 5 | resources: 6 | - bases/services.k8s.aws_adoptedresources.yaml 7 | - bases/services.k8s.aws_fieldexports.yaml 8 | -------------------------------------------------------------------------------- /config/crd/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | resources: 4 | - common 5 | - bases/ec2.services.k8s.aws_capacityreservations.yaml 6 | - bases/ec2.services.k8s.aws_dhcpoptions.yaml 7 | - bases/ec2.services.k8s.aws_elasticipaddresses.yaml 8 | - bases/ec2.services.k8s.aws_flowlogs.yaml 9 | - bases/ec2.services.k8s.aws_instances.yaml 10 | - bases/ec2.services.k8s.aws_internetgateways.yaml 11 | - bases/ec2.services.k8s.aws_launchtemplates.yaml 12 | - bases/ec2.services.k8s.aws_natgateways.yaml 13 | - bases/ec2.services.k8s.aws_networkacls.yaml 14 | - bases/ec2.services.k8s.aws_routetables.yaml 15 | - bases/ec2.services.k8s.aws_securitygroups.yaml 16 | - bases/ec2.services.k8s.aws_subnets.yaml 17 | - bases/ec2.services.k8s.aws_transitgateways.yaml 18 | - bases/ec2.services.k8s.aws_transitgatewayvpcattachments.yaml 19 | - bases/ec2.services.k8s.aws_vpcs.yaml 20 | - bases/ec2.services.k8s.aws_vpcendpoints.yaml 21 | - bases/ec2.services.k8s.aws_vpcendpointserviceconfigurations.yaml 22 | - bases/ec2.services.k8s.aws_vpcpeeringconnections.yaml 23 | -------------------------------------------------------------------------------- /config/default/kustomization.yaml: -------------------------------------------------------------------------------- 1 | # Adds namespace to all resources. 2 | # namespace: 3 | 4 | # Value of this field is prepended to the 5 | # names of all resources, e.g. a deployment named 6 | # "wordpress" becomes "alices-wordpress". 7 | # Note that it should also match with the prefix (text before '-') of the namespace 8 | # field above. 9 | # namePrefix: 10 | 11 | # Labels to add to all resources and selectors. 12 | #commonLabels: 13 | # someName: someValue 14 | 15 | resources: 16 | - ../crd 17 | - ../rbac 18 | - ../controller 19 | 20 | patchesStrategicMerge: 21 | -------------------------------------------------------------------------------- /config/iam/recommended-policy-arn: -------------------------------------------------------------------------------- 1 | arn:aws:iam::aws:policy/AmazonEC2FullAccess 2 | -------------------------------------------------------------------------------- /config/overlays/namespaced/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - ../../default 3 | patches: 4 | - path: role.json 5 | target: 6 | group: rbac.authorization.k8s.io 7 | version: v1 8 | kind: ClusterRole 9 | name: ack-ec2-controller 10 | - path: role-binding.json 11 | target: 12 | group: rbac.authorization.k8s.io 13 | version: v1 14 | kind: ClusterRoleBinding 15 | name: ack-ec2-controller-rolebinding -------------------------------------------------------------------------------- /config/overlays/namespaced/role-binding.json: -------------------------------------------------------------------------------- 1 | [{"op": "replace", "path": "/kind", "value": "RoleBinding"}, 2 | {"op": "add", "path": "/metadata/namespace", "value": "ack-system"}, 3 | {"op": "replace", "path": "/roleRef/kind", "value": "Role"}] -------------------------------------------------------------------------------- /config/overlays/namespaced/role.json: -------------------------------------------------------------------------------- 1 | [{"op": "replace", "path": "/kind", "value": "Role"}, 2 | {"op": "add", "path": "/metadata/namespace", "value": "ack-system"}] -------------------------------------------------------------------------------- /config/rbac/cluster-role-binding.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRoleBinding 3 | metadata: 4 | name: ack-ec2-controller-rolebinding 5 | roleRef: 6 | apiGroup: rbac.authorization.k8s.io 7 | kind: ClusterRole 8 | name: ack-ec2-controller 9 | subjects: 10 | - kind: ServiceAccount 11 | name: ack-ec2-controller 12 | namespace: ack-system 13 | -------------------------------------------------------------------------------- /config/rbac/cluster-role-controller.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: ack-ec2-controller 6 | rules: 7 | - apiGroups: 8 | - "" 9 | resources: 10 | - configmaps 11 | - secrets 12 | verbs: 13 | - get 14 | - list 15 | - patch 16 | - watch 17 | - apiGroups: 18 | - "" 19 | resources: 20 | - namespaces 21 | verbs: 22 | - get 23 | - list 24 | - watch 25 | - apiGroups: 26 | - ec2.services.k8s.aws 27 | resources: 28 | - capacityreservations 29 | - dhcpoptions 30 | - elasticipaddresses 31 | - flowlogs 32 | - instances 33 | - internetgateways 34 | - launchtemplates 35 | - natgateways 36 | - networkacls 37 | - routetables 38 | - securitygroups 39 | - subnets 40 | - transitgateways 41 | - transitgatewayvpcattachments 42 | - vpcendpoints 43 | - vpcendpointserviceconfigurations 44 | - vpcpeeringconnections 45 | - vpcs 46 | verbs: 47 | - create 48 | - delete 49 | - get 50 | - list 51 | - patch 52 | - update 53 | - watch 54 | - apiGroups: 55 | - ec2.services.k8s.aws 56 | resources: 57 | - capacityreservations/status 58 | - dhcpoptions/status 59 | - elasticipaddresses/status 60 | - flowlogs/status 61 | - instances/status 62 | - internetgateways/status 63 | - launchtemplates/status 64 | - natgateways/status 65 | - networkacls/status 66 | - routetables/status 67 | - securitygroups/status 68 | - subnets/status 69 | - transitgateways/status 70 | - transitgatewayvpcattachments/status 71 | - vpcendpoints/status 72 | - vpcendpointserviceconfigurations/status 73 | - vpcpeeringconnections/status 74 | - vpcs/status 75 | verbs: 76 | - get 77 | - patch 78 | - update 79 | - apiGroups: 80 | - services.k8s.aws 81 | resources: 82 | - adoptedresources 83 | - fieldexports 84 | verbs: 85 | - create 86 | - delete 87 | - get 88 | - list 89 | - patch 90 | - update 91 | - watch 92 | - apiGroups: 93 | - services.k8s.aws 94 | resources: 95 | - adoptedresources/status 96 | - fieldexports/status 97 | verbs: 98 | - get 99 | - patch 100 | - update 101 | -------------------------------------------------------------------------------- /config/rbac/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - cluster-role-binding.yaml 3 | - cluster-role-controller.yaml 4 | - role-reader.yaml 5 | - role-writer.yaml 6 | - service-account.yaml 7 | - leader-election-role.yaml 8 | - leader-election-role-binding.yaml 9 | -------------------------------------------------------------------------------- /config/rbac/leader-election-role-binding.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: RoleBinding 4 | metadata: 5 | namespace: ack-system 6 | name: ec2-leader-election-rolebinding 7 | roleRef: 8 | apiGroup: rbac.authorization.k8s.io 9 | kind: Role 10 | name: ec2-leader-election-role 11 | subjects: 12 | - kind: ServiceAccount 13 | name: ack-ec2-controller 14 | namespace: ack-system 15 | -------------------------------------------------------------------------------- /config/rbac/leader-election-role.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: Role 4 | metadata: 5 | name: ec2-leader-election-role 6 | namespace: ack-system 7 | rules: 8 | - apiGroups: 9 | - coordination.k8s.io 10 | resources: 11 | - leases 12 | verbs: 13 | - get 14 | - list 15 | - watch 16 | - create 17 | - update 18 | - patch 19 | - delete 20 | - apiGroups: 21 | - "" 22 | resources: 23 | - events 24 | verbs: 25 | - create 26 | - patch 27 | -------------------------------------------------------------------------------- /config/rbac/role-reader.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: Role 4 | metadata: 5 | creationTimestamp: null 6 | name: ack-ec2-reader 7 | namespace: default 8 | rules: 9 | - apiGroups: 10 | - ec2.services.k8s.aws 11 | resources: 12 | - capacityreservations 13 | - dhcpoptions 14 | - elasticipaddresses 15 | - flowlogs 16 | - instances 17 | - internetgateways 18 | - launchtemplates 19 | - natgateways 20 | - networkacls 21 | - routetables 22 | - securitygroups 23 | - subnets 24 | - transitgateways 25 | - transitgatewayvpcattachments 26 | - vpcs 27 | - vpcendpoints 28 | - vpcendpointserviceconfigurations 29 | - vpcpeeringconnections 30 | verbs: 31 | - get 32 | - list 33 | - watch 34 | -------------------------------------------------------------------------------- /config/rbac/role-writer.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: Role 4 | metadata: 5 | creationTimestamp: null 6 | name: ack-ec2-writer 7 | namespace: default 8 | rules: 9 | - apiGroups: 10 | - ec2.services.k8s.aws 11 | resources: 12 | - capacityreservations 13 | - dhcpoptions 14 | - elasticipaddresses 15 | - flowlogs 16 | - instances 17 | - internetgateways 18 | - launchtemplates 19 | - natgateways 20 | - networkacls 21 | - routetables 22 | - securitygroups 23 | - subnets 24 | - transitgateways 25 | - transitgatewayvpcattachments 26 | - vpcs 27 | - vpcendpoints 28 | - vpcendpointserviceconfigurations 29 | - vpcpeeringconnections 30 | verbs: 31 | - create 32 | - delete 33 | - get 34 | - list 35 | - patch 36 | - update 37 | - watch 38 | - apiGroups: 39 | - ec2.services.k8s.aws 40 | resources: 41 | - capacityreservations 42 | - dhcpoptions 43 | - elasticipaddresses 44 | - flowlogs 45 | - instances 46 | - internetgateways 47 | - launchtemplates 48 | - natgateways 49 | - networkacls 50 | - routetables 51 | - securitygroups 52 | - subnets 53 | - transitgateways 54 | - transitgatewayvpcattachments 55 | - vpcs 56 | - vpcendpoints 57 | - vpcendpointserviceconfigurations 58 | - vpcpeeringconnections 59 | verbs: 60 | - get 61 | - patch 62 | - update 63 | -------------------------------------------------------------------------------- /config/rbac/service-account.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: ack-ec2-controller 6 | namespace: ack-system 7 | -------------------------------------------------------------------------------- /go.local.mod: -------------------------------------------------------------------------------- 1 | module github.com/aws-controllers-k8s/ec2-controller 2 | 3 | go 1.22.0 4 | 5 | toolchain go1.22.5 6 | 7 | replace github.com/aws-controllers-k8s/runtime => ../runtime 8 | 9 | require ( 10 | github.com/aws-controllers-k8s/runtime v0.0.0 11 | github.com/aws/aws-sdk-go v1.49.0 12 | github.com/go-logr/logr v1.4.1 13 | github.com/samber/lo v1.37.0 14 | github.com/spf13/pflag v1.0.5 15 | k8s.io/api v0.30.1 16 | k8s.io/apimachinery v0.30.1 17 | k8s.io/client-go v0.30.1 18 | sigs.k8s.io/controller-runtime v0.18.4 19 | ) 20 | 21 | require ( 22 | github.com/beorn7/perks v1.0.1 // indirect 23 | github.com/cenkalti/backoff/v4 v4.2.1 // indirect 24 | github.com/cespare/xxhash/v2 v2.2.0 // indirect 25 | github.com/davecgh/go-spew v1.1.1 // indirect 26 | github.com/emicklei/go-restful/v3 v3.11.0 // indirect 27 | github.com/evanphx/json-patch/v5 v5.9.0 // indirect 28 | github.com/fsnotify/fsnotify v1.7.0 // indirect 29 | github.com/go-logr/zapr v1.3.0 // indirect 30 | github.com/go-openapi/jsonpointer v0.19.6 // indirect 31 | github.com/go-openapi/jsonreference v0.20.2 // indirect 32 | github.com/go-openapi/swag v0.22.3 // indirect 33 | github.com/gogo/protobuf v1.3.2 // indirect 34 | github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect 35 | github.com/golang/protobuf v1.5.4 // indirect 36 | github.com/google/gnostic-models v0.6.8 // indirect 37 | github.com/google/go-cmp v0.6.0 // indirect 38 | github.com/google/gofuzz v1.2.0 // indirect 39 | github.com/google/uuid v1.3.0 // indirect 40 | github.com/imdario/mergo v0.3.12 // indirect 41 | github.com/itchyny/gojq v0.12.6 // indirect 42 | github.com/itchyny/timefmt-go v0.1.3 // indirect 43 | github.com/jaypipes/envutil v1.0.0 // indirect 44 | github.com/jmespath/go-jmespath v0.4.0 // indirect 45 | github.com/josharian/intern v1.0.0 // indirect 46 | github.com/json-iterator/go v1.1.12 // indirect 47 | github.com/mailru/easyjson v0.7.7 // indirect 48 | github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0 // indirect 49 | github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect 50 | github.com/modern-go/reflect2 v1.0.2 // indirect 51 | github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect 52 | github.com/pkg/errors v0.9.1 // indirect 53 | github.com/prometheus/client_golang v1.18.0 // indirect 54 | github.com/prometheus/client_model v0.5.0 // indirect 55 | github.com/prometheus/common v0.45.0 // indirect 56 | github.com/prometheus/procfs v0.12.0 // indirect 57 | go.uber.org/multierr v1.11.0 // indirect 58 | go.uber.org/zap v1.26.0 // indirect 59 | golang.org/x/exp v0.0.0-20220722155223-a9213eeb770e // indirect 60 | golang.org/x/net v0.23.0 // indirect 61 | golang.org/x/oauth2 v0.12.0 // indirect 62 | golang.org/x/sys v0.18.0 // indirect 63 | golang.org/x/term v0.18.0 // indirect 64 | golang.org/x/text v0.14.0 // indirect 65 | golang.org/x/time v0.3.0 // indirect 66 | gomodules.xyz/jsonpatch/v2 v2.4.0 // indirect 67 | google.golang.org/appengine v1.6.7 // indirect 68 | google.golang.org/protobuf v1.33.0 // indirect 69 | gopkg.in/inf.v0 v0.9.1 // indirect 70 | gopkg.in/yaml.v2 v2.4.0 // indirect 71 | gopkg.in/yaml.v3 v3.0.1 // indirect 72 | k8s.io/apiextensions-apiserver v0.30.1 // indirect 73 | k8s.io/klog/v2 v2.120.1 // indirect 74 | k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340 // indirect 75 | k8s.io/utils v0.0.0-20230726121419-3b25d923346b // indirect 76 | sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect 77 | sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect 78 | sigs.k8s.io/yaml v1.4.0 // indirect 79 | ) 80 | -------------------------------------------------------------------------------- /helm/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | name: ec2-chart 3 | description: A Helm chart for the ACK service controller for Amazon Elastic Cloud Compute (EC2) 4 | version: 1.4.5 5 | appVersion: 1.4.5 6 | home: https://github.com/aws-controllers-k8s/ec2-controller 7 | icon: https://raw.githubusercontent.com/aws/eks-charts/master/docs/logo/aws.png 8 | sources: 9 | - https://github.com/aws-controllers-k8s/ec2-controller 10 | maintainers: 11 | - name: ACK Admins 12 | url: https://github.com/orgs/aws-controllers-k8s/teams/ack-admin 13 | - name: EC2 Admins 14 | url: https://github.com/orgs/aws-controllers-k8s/teams/ec2-maintainer 15 | keywords: 16 | - aws 17 | - kubernetes 18 | - ec2 19 | -------------------------------------------------------------------------------- /helm/templates/NOTES.txt: -------------------------------------------------------------------------------- 1 | {{ .Chart.Name }} has been installed. 2 | This chart deploys "public.ecr.aws/aws-controllers-k8s/ec2-controller:1.4.5". 3 | 4 | Check its status by running: 5 | kubectl --namespace {{ .Release.Namespace }} get pods -l "app.kubernetes.io/instance={{ .Release.Name }}" 6 | 7 | You are now able to create Amazon Elastic Cloud Compute (EC2) resources! 8 | 9 | The controller is running in "{{ .Values.installScope }}" mode. 10 | The controller is configured to manage AWS resources in region: "{{ .Values.aws.region }}" 11 | 12 | Visit https://aws-controllers-k8s.github.io/community/reference/ for an API 13 | reference of all the resources that can be created using this controller. 14 | 15 | For more information on the AWS Controllers for Kubernetes (ACK) project, visit: 16 | https://aws-controllers-k8s.github.io/community/ 17 | -------------------------------------------------------------------------------- /helm/templates/caches-role-binding.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRoleBinding 3 | metadata: 4 | name: ack-namespaces-cache-ec2-controller 5 | roleRef: 6 | kind: ClusterRole 7 | apiGroup: rbac.authorization.k8s.io 8 | name: ack-namespaces-cache-ec2-controller 9 | subjects: 10 | - kind: ServiceAccount 11 | name: {{ include "ack-ec2-controller.service-account.name" . }} 12 | namespace: {{ .Release.Namespace }} 13 | --- 14 | apiVersion: rbac.authorization.k8s.io/v1 15 | kind: RoleBinding 16 | metadata: 17 | name: ack-configmaps-cache-ec2-controller 18 | namespace: {{ .Release.Namespace }} 19 | roleRef: 20 | kind: Role 21 | apiGroup: rbac.authorization.k8s.io 22 | name: ack-configmaps-cache-ec2-controller 23 | subjects: 24 | - kind: ServiceAccount 25 | name: {{ include "ack-ec2-controller.service-account.name" . }} 26 | namespace: {{ .Release.Namespace }} 27 | -------------------------------------------------------------------------------- /helm/templates/caches-role.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRole 3 | metadata: 4 | name: ack-namespaces-cache-ec2-controller 5 | rules: 6 | - apiGroups: 7 | - "" 8 | resources: 9 | - namespaces 10 | verbs: 11 | - get 12 | - list 13 | - watch 14 | --- 15 | apiVersion: rbac.authorization.k8s.io/v1 16 | kind: Role 17 | metadata: 18 | name: ack-configmaps-cache-ec2-controller 19 | namespace: {{ .Release.Namespace }} 20 | rules: 21 | - apiGroups: 22 | - "" 23 | resources: 24 | - configmaps 25 | verbs: 26 | - get 27 | - list 28 | - watch -------------------------------------------------------------------------------- /helm/templates/cluster-role-binding.yaml: -------------------------------------------------------------------------------- 1 | {{ if eq .Values.installScope "cluster" }} 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRoleBinding 4 | metadata: 5 | name: {{ include "ack-ec2-controller.app.fullname" . }} 6 | roleRef: 7 | kind: ClusterRole 8 | apiGroup: rbac.authorization.k8s.io 9 | name: ack-ec2-controller 10 | subjects: 11 | - kind: ServiceAccount 12 | name: {{ include "ack-ec2-controller.service-account.name" . }} 13 | namespace: {{ .Release.Namespace }} 14 | {{ else if eq .Values.installScope "namespace" }} 15 | {{ $wn := include "ack-ec2-controller.watch-namespace" . }} 16 | {{ $namespaces := split "," $wn }} 17 | {{ $fullname := include "ack-ec2-controller.app.fullname" . }} 18 | {{ $releaseNamespace := .Release.Namespace }} 19 | {{ $serviceAccountName := include "ack-ec2-controller.service-account.name" . }} 20 | {{ range $namespaces }} 21 | --- 22 | apiVersion: rbac.authorization.k8s.io/v1 23 | kind: RoleBinding 24 | metadata: 25 | name: {{ $fullname }} 26 | namespace: {{ . }} 27 | roleRef: 28 | kind: Role 29 | apiGroup: rbac.authorization.k8s.io 30 | name: ack-ec2-controller 31 | subjects: 32 | - kind: ServiceAccount 33 | name: {{ $serviceAccountName }} 34 | namespace: {{ $releaseNamespace }} 35 | {{ end }} 36 | {{ end }} -------------------------------------------------------------------------------- /helm/templates/cluster-role-controller.yaml: -------------------------------------------------------------------------------- 1 | {{ $labels := .Values.role.labels }} 2 | {{ $rbacRules := include "ack-ec2-controller.rbac-rules" . }} 3 | {{ if eq .Values.installScope "cluster" }} 4 | apiVersion: rbac.authorization.k8s.io/v1 5 | kind: ClusterRole 6 | metadata: 7 | name: ack-ec2-controller 8 | labels: 9 | {{- range $key, $value := $labels }} 10 | {{ $key }}: {{ $value | quote }} 11 | {{- end }} 12 | {{$rbacRules }} 13 | {{ else if eq .Values.installScope "namespace" }} 14 | {{ $wn := include "ack-ec2-controller.watch-namespace" . }} 15 | {{ $namespaces := split "," $wn }} 16 | {{ range $namespaces }} 17 | --- 18 | apiVersion: rbac.authorization.k8s.io/v1 19 | kind: Role 20 | metadata: 21 | name: ack-ec2-controller 22 | namespace: {{ . }} 23 | labels: 24 | {{- range $key, $value := $labels }} 25 | {{ $key }}: {{ $value | quote }} 26 | {{- end }} 27 | {{ $rbacRules }} 28 | {{ end }} 29 | {{ end }} -------------------------------------------------------------------------------- /helm/templates/leader-election-role-binding.yaml: -------------------------------------------------------------------------------- 1 | {{ if .Values.leaderElection.enabled }} 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: RoleBinding 4 | metadata: 5 | name: ec2-leader-election-rolebinding 6 | {{ if .Values.leaderElection.namespace }} 7 | namespace: {{ .Values.leaderElection.namespace }} 8 | {{ else }} 9 | namespace: {{ .Release.Namespace }} 10 | {{ end }} 11 | roleRef: 12 | apiGroup: rbac.authorization.k8s.io 13 | kind: Role 14 | name: ec2-leader-election-role 15 | subjects: 16 | - kind: ServiceAccount 17 | name: {{ include "ack-ec2-controller.service-account.name" . }} 18 | namespace: {{ .Release.Namespace }}{{- end }} 19 | -------------------------------------------------------------------------------- /helm/templates/leader-election-role.yaml: -------------------------------------------------------------------------------- 1 | {{ if .Values.leaderElection.enabled }} 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: Role 4 | metadata: 5 | name: ec2-leader-election-role 6 | {{ if .Values.leaderElection.namespace }} 7 | namespace: {{ .Values.leaderElection.namespace }} 8 | {{ else }} 9 | namespace: {{ .Release.Namespace }} 10 | {{ end }} 11 | rules: 12 | - apiGroups: 13 | - coordination.k8s.io 14 | resources: 15 | - leases 16 | verbs: 17 | - get 18 | - list 19 | - watch 20 | - create 21 | - update 22 | - patch 23 | - delete 24 | - apiGroups: 25 | - "" 26 | resources: 27 | - events 28 | verbs: 29 | - create 30 | - patch{{- end }} 31 | -------------------------------------------------------------------------------- /helm/templates/metrics-service.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.metrics.service.create }} 2 | apiVersion: v1 3 | kind: Service 4 | metadata: 5 | name: {{ .Chart.Name | trimSuffix "-chart" | trunc 44 }}-controller-metrics 6 | namespace: {{ .Release.Namespace }} 7 | labels: 8 | app.kubernetes.io/name: {{ include "ack-ec2-controller.app.name" . }} 9 | app.kubernetes.io/instance: {{ .Release.Name }} 10 | app.kubernetes.io/managed-by: Helm 11 | app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} 12 | k8s-app: {{ include "ack-ec2-controller.app.name" . }} 13 | helm.sh/chart: {{ include "ack-ec2-controller.chart.name-version" . }} 14 | spec: 15 | selector: 16 | app.kubernetes.io/name: {{ include "ack-ec2-controller.app.name" . }} 17 | app.kubernetes.io/instance: {{ .Release.Name }} 18 | app.kubernetes.io/managed-by: Helm 19 | k8s-app: {{ include "ack-ec2-controller.app.name" . }} 20 | {{- range $key, $value := .Values.deployment.labels }} 21 | {{ $key }}: {{ $value | quote }} 22 | {{- end }} 23 | type: {{ .Values.metrics.service.type }} 24 | ports: 25 | - name: metricsport 26 | port: 8080 27 | targetPort: http 28 | protocol: TCP 29 | {{- end }} 30 | -------------------------------------------------------------------------------- /helm/templates/role-reader.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: Role 4 | metadata: 5 | creationTimestamp: null 6 | name: ack-ec2-reader 7 | namespace: {{ .Release.Namespace }} 8 | rules: 9 | - apiGroups: 10 | - ec2.services.k8s.aws 11 | resources: 12 | - capacityreservations 13 | - dhcpoptions 14 | - elasticipaddresses 15 | - flowlogs 16 | - instances 17 | - internetgateways 18 | - launchtemplates 19 | - natgateways 20 | - networkacls 21 | - routetables 22 | - securitygroups 23 | - subnets 24 | - transitgateways 25 | - transitgatewayvpcattachments 26 | - vpcs 27 | - vpcendpoints 28 | - vpcendpointserviceconfigurations 29 | - vpcpeeringconnections 30 | verbs: 31 | - get 32 | - list 33 | - watch 34 | -------------------------------------------------------------------------------- /helm/templates/role-writer.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: Role 4 | metadata: 5 | creationTimestamp: null 6 | name: ack-ec2-writer 7 | namespace: {{ .Release.Namespace }} 8 | rules: 9 | - apiGroups: 10 | - ec2.services.k8s.aws 11 | resources: 12 | - capacityreservations 13 | - dhcpoptions 14 | - elasticipaddresses 15 | - flowlogs 16 | - instances 17 | - internetgateways 18 | - launchtemplates 19 | - natgateways 20 | - networkacls 21 | - routetables 22 | - securitygroups 23 | - subnets 24 | - transitgateways 25 | - transitgatewayvpcattachments 26 | - vpcs 27 | - vpcendpoints 28 | - vpcendpointserviceconfigurations 29 | - vpcpeeringconnections 30 | verbs: 31 | - create 32 | - delete 33 | - get 34 | - list 35 | - patch 36 | - update 37 | - watch 38 | - apiGroups: 39 | - ec2.services.k8s.aws 40 | resources: 41 | - capacityreservations 42 | - dhcpoptions 43 | - elasticipaddresses 44 | - flowlogs 45 | - instances 46 | - internetgateways 47 | - launchtemplates 48 | - natgateways 49 | - networkacls 50 | - routetables 51 | - securitygroups 52 | - subnets 53 | - transitgateways 54 | - transitgatewayvpcattachments 55 | - vpcs 56 | - vpcendpoints 57 | - vpcendpointserviceconfigurations 58 | - vpcpeeringconnections 59 | verbs: 60 | - get 61 | - patch 62 | - update 63 | -------------------------------------------------------------------------------- /helm/templates/service-account.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.serviceAccount.create }} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | labels: 6 | app.kubernetes.io/name: {{ include "ack-ec2-controller.app.name" . }} 7 | app.kubernetes.io/instance: {{ .Release.Name }} 8 | app.kubernetes.io/managed-by: Helm 9 | app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} 10 | k8s-app: {{ include "ack-ec2-controller.app.name" . }} 11 | helm.sh/chart: {{ include "ack-ec2-controller.chart.name-version" . }} 12 | name: {{ include "ack-ec2-controller.service-account.name" . }} 13 | namespace: {{ .Release.Namespace }} 14 | annotations: 15 | {{- range $key, $value := .Values.serviceAccount.annotations }} 16 | {{ $key }}: {{ $value | quote }} 17 | {{- end }} 18 | {{- end }} 19 | -------------------------------------------------------------------------------- /metadata.yaml: -------------------------------------------------------------------------------- 1 | service: 2 | full_name: "Amazon Elastic Cloud Compute" 3 | short_name: "EC2" 4 | link: "https://aws.amazon.com/ec2/" 5 | documentation: "https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/concepts.html" 6 | api_versions: 7 | - api_version: v1alpha1 8 | status: available 9 | -------------------------------------------------------------------------------- /olm/olmconfig.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | annotations: 3 | capabilityLevel: Basic Install 4 | shortDescription: AWS EC2 controller is a service controller for managing EC2 resources 5 | in Kubernetes 6 | displayName: AWS Controllers for Kubernetes - Amazon EC2 7 | description: |- 8 | Manage Elastic Compute Cloud (EC2) resources in AWS from within your Kubernetes cluster. 9 | 10 | 11 | **About Amazon EC2** 12 | 13 | 14 | Amazon Elastic Compute Cloud (Amazon EC2) provides scalable computing capacity in the Amazon Web Services (AWS) Cloud. Using Amazon EC2 eliminates your need to invest in hardware up front, so you can develop and deploy applications faster. You can use Amazon EC2 to launch as many or as few virtual servers as you need, configure security and networking, and manage storage. Amazon EC2 enables you to scale up or down to handle changes in requirements or spikes in popularity, reducing your need to forecast traffic. 15 | 16 | 17 | **About the AWS Controllers for Kubernetes** 18 | 19 | 20 | This controller is a component of the [AWS Controller for Kubernetes](https://github.com/aws/aws-controllers-k8s) 21 | project. 22 | 23 | 24 | **Pre-Installation Steps** 25 | 26 | 27 | Please follow the following link: [Red Hat OpenShift](https://aws-controllers-k8s.github.io/community/docs/user-docs/openshift/) 28 | samples: 29 | - kind: VPCEndpoint 30 | spec: '{}' 31 | - kind: VPC 32 | spec: '{}' 33 | - kind: InternetGateway 34 | spec: '{}' 35 | - kind: RouteTable 36 | spec: '{}' 37 | - kind: SecurityGroup 38 | spec: '{}' 39 | - kind: Subnet 40 | spec: '{}' 41 | - kind: TransitGateway 42 | spec: '{}' 43 | - kind: Instance 44 | spec: '{}' 45 | - kind: DHCPOptions 46 | spec: '{}' 47 | - kind: NATGateway 48 | spec: '{}' 49 | - kind: ElasticIPAddress 50 | spec: '{}' 51 | maintainers: 52 | - name: "ec2 maintainer team" 53 | email: "ack-maintainers@amazon.com" 54 | links: 55 | - name: Amazon EC2 Developer Resources 56 | url: https://aws.amazon.com/ec2/resources/ 57 | -------------------------------------------------------------------------------- /pkg/resource/capacity_reservation/hooks.go: -------------------------------------------------------------------------------- 1 | package capacity_reservation 2 | 3 | import ( 4 | "github.com/aws-controllers-k8s/ec2-controller/pkg/tags" 5 | svcsdk "github.com/aws/aws-sdk-go-v2/service/ec2" 6 | svcsdktypes "github.com/aws/aws-sdk-go-v2/service/ec2/types" 7 | ) 8 | 9 | var syncTags = tags.Sync 10 | 11 | // updateTagSpecificationsInCreateRequest adds 12 | // Tags defined in the Spec to CreateCapacityReservationInput.TagSpecifications 13 | // and ensures the ResourceType is always set to 'capacity-reservation' 14 | func updateTagSpecificationsInCreateRequest(r *resource, 15 | input *svcsdk.CreateCapacityReservationInput) { 16 | input.TagSpecifications = nil 17 | desiredTagSpecs := svcsdktypes.TagSpecification{} 18 | if r.ko.Spec.Tags != nil { 19 | requestedTags := []svcsdktypes.Tag{} 20 | for _, desiredTag := range r.ko.Spec.Tags { 21 | // Add in tags defined in the Spec 22 | tag := svcsdktypes.Tag{} 23 | if desiredTag.Key != nil && desiredTag.Value != nil { 24 | tag.Key = desiredTag.Key 25 | tag.Value = desiredTag.Value 26 | } 27 | requestedTags = append(requestedTags, tag) 28 | } 29 | desiredTagSpecs.ResourceType = "capacity-reservation" 30 | desiredTagSpecs.Tags = requestedTags 31 | input.TagSpecifications = []svcsdktypes.TagSpecification{desiredTagSpecs} 32 | } 33 | } 34 | -------------------------------------------------------------------------------- /pkg/resource/capacity_reservation/identifiers.go: -------------------------------------------------------------------------------- 1 | // Copyright Amazon.com Inc. or its affiliates. All Rights Reserved. 2 | // 3 | // Licensed under the Apache License, Version 2.0 (the "License"). You may 4 | // not use this file except in compliance with the License. A copy of the 5 | // License is located at 6 | // 7 | // http://aws.amazon.com/apache2.0/ 8 | // 9 | // or in the "license" file accompanying this file. This file is distributed 10 | // on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 11 | // express or implied. See the License for the specific language governing 12 | // permissions and limitations under the License. 13 | 14 | // Code generated by ack-generate. DO NOT EDIT. 15 | 16 | package capacity_reservation 17 | 18 | import ( 19 | ackv1alpha1 "github.com/aws-controllers-k8s/runtime/apis/core/v1alpha1" 20 | ) 21 | 22 | // resourceIdentifiers implements the 23 | // `aws-service-operator-k8s/pkg/types.AWSResourceIdentifiers` interface 24 | type resourceIdentifiers struct { 25 | meta *ackv1alpha1.ResourceMetadata 26 | } 27 | 28 | // ARN returns the AWS Resource Name for the backend AWS resource. If nil, 29 | // this means the resource has not yet been created in the backend AWS 30 | // service. 31 | func (ri *resourceIdentifiers) ARN() *ackv1alpha1.AWSResourceName { 32 | if ri.meta != nil { 33 | return ri.meta.ARN 34 | } 35 | return nil 36 | } 37 | 38 | // OwnerAccountID returns the AWS account identifier in which the 39 | // backend AWS resource resides, or nil if this information is not known 40 | // for the resource 41 | func (ri *resourceIdentifiers) OwnerAccountID() *ackv1alpha1.AWSAccountID { 42 | if ri.meta != nil { 43 | return ri.meta.OwnerAccountID 44 | } 45 | return nil 46 | } 47 | 48 | // Region returns the AWS region in which the resource exists, or 49 | // nil if this information is not known. 50 | func (ri *resourceIdentifiers) Region() *ackv1alpha1.AWSRegion { 51 | if ri.meta != nil { 52 | return ri.meta.Region 53 | } 54 | return nil 55 | } 56 | -------------------------------------------------------------------------------- /pkg/resource/capacity_reservation/references.go: -------------------------------------------------------------------------------- 1 | // Copyright Amazon.com Inc. or its affiliates. All Rights Reserved. 2 | // 3 | // Licensed under the Apache License, Version 2.0 (the "License"). You may 4 | // not use this file except in compliance with the License. A copy of the 5 | // License is located at 6 | // 7 | // http://aws.amazon.com/apache2.0/ 8 | // 9 | // or in the "license" file accompanying this file. This file is distributed 10 | // on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 11 | // express or implied. See the License for the specific language governing 12 | // permissions and limitations under the License. 13 | 14 | // Code generated by ack-generate. DO NOT EDIT. 15 | 16 | package capacity_reservation 17 | 18 | import ( 19 | "context" 20 | 21 | "sigs.k8s.io/controller-runtime/pkg/client" 22 | 23 | acktypes "github.com/aws-controllers-k8s/runtime/pkg/types" 24 | 25 | svcapitypes "github.com/aws-controllers-k8s/ec2-controller/apis/v1alpha1" 26 | ) 27 | 28 | // ClearResolvedReferences removes any reference values that were made 29 | // concrete in the spec. It returns a copy of the input AWSResource which 30 | // contains the original *Ref values, but none of their respective concrete 31 | // values. 32 | func (rm *resourceManager) ClearResolvedReferences(res acktypes.AWSResource) acktypes.AWSResource { 33 | ko := rm.concreteResource(res).ko.DeepCopy() 34 | 35 | return &resource{ko} 36 | } 37 | 38 | // ResolveReferences finds if there are any Reference field(s) present 39 | // inside AWSResource passed in the parameter and attempts to resolve those 40 | // reference field(s) into their respective target field(s). It returns a 41 | // copy of the input AWSResource with resolved reference(s), a boolean which 42 | // is set to true if the resource contains any references (regardless of if 43 | // they are resolved successfully) and an error if the passed AWSResource's 44 | // reference field(s) could not be resolved. 45 | func (rm *resourceManager) ResolveReferences( 46 | ctx context.Context, 47 | apiReader client.Reader, 48 | res acktypes.AWSResource, 49 | ) (acktypes.AWSResource, bool, error) { 50 | return res, false, nil 51 | } 52 | 53 | // validateReferenceFields validates the reference field and corresponding 54 | // identifier field. 55 | func validateReferenceFields(ko *svcapitypes.CapacityReservation) error { 56 | return nil 57 | } 58 | -------------------------------------------------------------------------------- /pkg/resource/dhcp_options/delta.go: -------------------------------------------------------------------------------- 1 | // Copyright Amazon.com Inc. or its affiliates. All Rights Reserved. 2 | // 3 | // Licensed under the Apache License, Version 2.0 (the "License"). You may 4 | // not use this file except in compliance with the License. A copy of the 5 | // License is located at 6 | // 7 | // http://aws.amazon.com/apache2.0/ 8 | // 9 | // or in the "license" file accompanying this file. This file is distributed 10 | // on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 11 | // express or implied. See the License for the specific language governing 12 | // permissions and limitations under the License. 13 | 14 | // Code generated by ack-generate. DO NOT EDIT. 15 | 16 | package dhcp_options 17 | 18 | import ( 19 | "bytes" 20 | "reflect" 21 | 22 | ackcompare "github.com/aws-controllers-k8s/runtime/pkg/compare" 23 | acktags "github.com/aws-controllers-k8s/runtime/pkg/tags" 24 | ) 25 | 26 | // Hack to avoid import errors during build... 27 | var ( 28 | _ = &bytes.Buffer{} 29 | _ = &reflect.Method{} 30 | _ = &acktags.Tags{} 31 | ) 32 | 33 | // newResourceDelta returns a new `ackcompare.Delta` used to compare two 34 | // resources 35 | func newResourceDelta( 36 | a *resource, 37 | b *resource, 38 | ) *ackcompare.Delta { 39 | delta := ackcompare.NewDelta() 40 | if (a == nil && b != nil) || 41 | (a != nil && b == nil) { 42 | delta.Add("", a, b) 43 | return delta 44 | } 45 | 46 | if len(a.ko.Spec.DHCPConfigurations) != len(b.ko.Spec.DHCPConfigurations) { 47 | delta.Add("Spec.DHCPConfigurations", a.ko.Spec.DHCPConfigurations, b.ko.Spec.DHCPConfigurations) 48 | } else if len(a.ko.Spec.DHCPConfigurations) > 0 { 49 | if !reflect.DeepEqual(a.ko.Spec.DHCPConfigurations, b.ko.Spec.DHCPConfigurations) { 50 | delta.Add("Spec.DHCPConfigurations", a.ko.Spec.DHCPConfigurations, b.ko.Spec.DHCPConfigurations) 51 | } 52 | } 53 | desiredACKTags, _ := convertToOrderedACKTags(a.ko.Spec.Tags) 54 | latestACKTags, _ := convertToOrderedACKTags(b.ko.Spec.Tags) 55 | if !ackcompare.MapStringStringEqual(desiredACKTags, latestACKTags) { 56 | delta.Add("Spec.Tags", a.ko.Spec.Tags, b.ko.Spec.Tags) 57 | } 58 | if len(a.ko.Spec.VPC) != len(b.ko.Spec.VPC) { 59 | delta.Add("Spec.VPC", a.ko.Spec.VPC, b.ko.Spec.VPC) 60 | } else if len(a.ko.Spec.VPC) > 0 { 61 | if !ackcompare.SliceStringPEqual(a.ko.Spec.VPC, b.ko.Spec.VPC) { 62 | delta.Add("Spec.VPC", a.ko.Spec.VPC, b.ko.Spec.VPC) 63 | } 64 | } 65 | if !reflect.DeepEqual(a.ko.Spec.VPCRefs, b.ko.Spec.VPCRefs) { 66 | delta.Add("Spec.VPCRefs", a.ko.Spec.VPCRefs, b.ko.Spec.VPCRefs) 67 | } 68 | 69 | return delta 70 | } 71 | -------------------------------------------------------------------------------- /pkg/resource/dhcp_options/identifiers.go: -------------------------------------------------------------------------------- 1 | // Copyright Amazon.com Inc. or its affiliates. All Rights Reserved. 2 | // 3 | // Licensed under the Apache License, Version 2.0 (the "License"). You may 4 | // not use this file except in compliance with the License. A copy of the 5 | // License is located at 6 | // 7 | // http://aws.amazon.com/apache2.0/ 8 | // 9 | // or in the "license" file accompanying this file. This file is distributed 10 | // on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 11 | // express or implied. See the License for the specific language governing 12 | // permissions and limitations under the License. 13 | 14 | // Code generated by ack-generate. DO NOT EDIT. 15 | 16 | package dhcp_options 17 | 18 | import ( 19 | ackv1alpha1 "github.com/aws-controllers-k8s/runtime/apis/core/v1alpha1" 20 | ) 21 | 22 | // resourceIdentifiers implements the 23 | // `aws-service-operator-k8s/pkg/types.AWSResourceIdentifiers` interface 24 | type resourceIdentifiers struct { 25 | meta *ackv1alpha1.ResourceMetadata 26 | } 27 | 28 | // ARN returns the AWS Resource Name for the backend AWS resource. If nil, 29 | // this means the resource has not yet been created in the backend AWS 30 | // service. 31 | func (ri *resourceIdentifiers) ARN() *ackv1alpha1.AWSResourceName { 32 | if ri.meta != nil { 33 | return ri.meta.ARN 34 | } 35 | return nil 36 | } 37 | 38 | // OwnerAccountID returns the AWS account identifier in which the 39 | // backend AWS resource resides, or nil if this information is not known 40 | // for the resource 41 | func (ri *resourceIdentifiers) OwnerAccountID() *ackv1alpha1.AWSAccountID { 42 | if ri.meta != nil { 43 | return ri.meta.OwnerAccountID 44 | } 45 | return nil 46 | } 47 | 48 | // Region returns the AWS region in which the resource exists, or 49 | // nil if this information is not known. 50 | func (ri *resourceIdentifiers) Region() *ackv1alpha1.AWSRegion { 51 | if ri.meta != nil { 52 | return ri.meta.Region 53 | } 54 | return nil 55 | } 56 | -------------------------------------------------------------------------------- /pkg/resource/elastic_ip_address/delta.go: -------------------------------------------------------------------------------- 1 | // Copyright Amazon.com Inc. or its affiliates. All Rights Reserved. 2 | // 3 | // Licensed under the Apache License, Version 2.0 (the "License"). You may 4 | // not use this file except in compliance with the License. A copy of the 5 | // License is located at 6 | // 7 | // http://aws.amazon.com/apache2.0/ 8 | // 9 | // or in the "license" file accompanying this file. This file is distributed 10 | // on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 11 | // express or implied. See the License for the specific language governing 12 | // permissions and limitations under the License. 13 | 14 | // Code generated by ack-generate. DO NOT EDIT. 15 | 16 | package elastic_ip_address 17 | 18 | import ( 19 | "bytes" 20 | "reflect" 21 | 22 | ackcompare "github.com/aws-controllers-k8s/runtime/pkg/compare" 23 | acktags "github.com/aws-controllers-k8s/runtime/pkg/tags" 24 | ) 25 | 26 | // Hack to avoid import errors during build... 27 | var ( 28 | _ = &bytes.Buffer{} 29 | _ = &reflect.Method{} 30 | _ = &acktags.Tags{} 31 | ) 32 | 33 | // newResourceDelta returns a new `ackcompare.Delta` used to compare two 34 | // resources 35 | func newResourceDelta( 36 | a *resource, 37 | b *resource, 38 | ) *ackcompare.Delta { 39 | delta := ackcompare.NewDelta() 40 | if (a == nil && b != nil) || 41 | (a != nil && b == nil) { 42 | delta.Add("", a, b) 43 | return delta 44 | } 45 | 46 | if ackcompare.HasNilDifference(a.ko.Spec.Address, b.ko.Spec.Address) { 47 | delta.Add("Spec.Address", a.ko.Spec.Address, b.ko.Spec.Address) 48 | } else if a.ko.Spec.Address != nil && b.ko.Spec.Address != nil { 49 | if *a.ko.Spec.Address != *b.ko.Spec.Address { 50 | delta.Add("Spec.Address", a.ko.Spec.Address, b.ko.Spec.Address) 51 | } 52 | } 53 | if ackcompare.HasNilDifference(a.ko.Spec.CustomerOwnedIPv4Pool, b.ko.Spec.CustomerOwnedIPv4Pool) { 54 | delta.Add("Spec.CustomerOwnedIPv4Pool", a.ko.Spec.CustomerOwnedIPv4Pool, b.ko.Spec.CustomerOwnedIPv4Pool) 55 | } else if a.ko.Spec.CustomerOwnedIPv4Pool != nil && b.ko.Spec.CustomerOwnedIPv4Pool != nil { 56 | if *a.ko.Spec.CustomerOwnedIPv4Pool != *b.ko.Spec.CustomerOwnedIPv4Pool { 57 | delta.Add("Spec.CustomerOwnedIPv4Pool", a.ko.Spec.CustomerOwnedIPv4Pool, b.ko.Spec.CustomerOwnedIPv4Pool) 58 | } 59 | } 60 | if ackcompare.HasNilDifference(a.ko.Spec.NetworkBorderGroup, b.ko.Spec.NetworkBorderGroup) { 61 | delta.Add("Spec.NetworkBorderGroup", a.ko.Spec.NetworkBorderGroup, b.ko.Spec.NetworkBorderGroup) 62 | } else if a.ko.Spec.NetworkBorderGroup != nil && b.ko.Spec.NetworkBorderGroup != nil { 63 | if *a.ko.Spec.NetworkBorderGroup != *b.ko.Spec.NetworkBorderGroup { 64 | delta.Add("Spec.NetworkBorderGroup", a.ko.Spec.NetworkBorderGroup, b.ko.Spec.NetworkBorderGroup) 65 | } 66 | } 67 | if ackcompare.HasNilDifference(a.ko.Spec.PublicIPv4Pool, b.ko.Spec.PublicIPv4Pool) { 68 | delta.Add("Spec.PublicIPv4Pool", a.ko.Spec.PublicIPv4Pool, b.ko.Spec.PublicIPv4Pool) 69 | } else if a.ko.Spec.PublicIPv4Pool != nil && b.ko.Spec.PublicIPv4Pool != nil { 70 | if *a.ko.Spec.PublicIPv4Pool != *b.ko.Spec.PublicIPv4Pool { 71 | delta.Add("Spec.PublicIPv4Pool", a.ko.Spec.PublicIPv4Pool, b.ko.Spec.PublicIPv4Pool) 72 | } 73 | } 74 | desiredACKTags, _ := convertToOrderedACKTags(a.ko.Spec.Tags) 75 | latestACKTags, _ := convertToOrderedACKTags(b.ko.Spec.Tags) 76 | if !ackcompare.MapStringStringEqual(desiredACKTags, latestACKTags) { 77 | delta.Add("Spec.Tags", a.ko.Spec.Tags, b.ko.Spec.Tags) 78 | } 79 | 80 | return delta 81 | } 82 | -------------------------------------------------------------------------------- /pkg/resource/elastic_ip_address/hooks.go: -------------------------------------------------------------------------------- 1 | // Copyright Amazon.com Inc. or its affiliates. All Rights Reserved. 2 | // 3 | // Licensed under the Apache License, Version 2.0 (the "License"). You may 4 | // not use this file except in compliance with the License. A copy of the 5 | // License is located at 6 | // 7 | // http://aws.amazon.com/apache2.0/ 8 | // 9 | // or in the "license" file accompanying this file. This file is distributed 10 | // on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 11 | // express or implied. See the License for the specific language governing 12 | // permissions and limitations under the License. 13 | 14 | package elastic_ip_address 15 | 16 | import ( 17 | "context" 18 | 19 | ackcompare "github.com/aws-controllers-k8s/runtime/pkg/compare" 20 | ackrtlog "github.com/aws-controllers-k8s/runtime/pkg/runtime/log" 21 | svcsdk "github.com/aws/aws-sdk-go-v2/service/ec2" 22 | svcsdktypes "github.com/aws/aws-sdk-go-v2/service/ec2/types" 23 | 24 | "github.com/aws-controllers-k8s/ec2-controller/pkg/tags" 25 | ) 26 | 27 | func (rm *resourceManager) customUpdateElasticIP( 28 | ctx context.Context, 29 | desired *resource, 30 | latest *resource, 31 | delta *ackcompare.Delta, 32 | ) (updated *resource, err error) { 33 | rlog := ackrtlog.FromContext(ctx) 34 | exit := rlog.Trace("rm.customUpdateElasticIP") 35 | defer exit(err) 36 | 37 | // Default `updated` to `desired` because it is likely 38 | // EC2 `modify` APIs do NOT return output, only errors. 39 | // If the `modify` calls (i.e. `sync`) do NOT return 40 | // an error, then the update was successful and desired.Spec 41 | // (now updated.Spec) reflects the latest resource state. 42 | updated = rm.concreteResource(desired.DeepCopy()) 43 | 44 | if delta.DifferentAt("Spec.Tags") { 45 | if err := tags.Sync( 46 | ctx, rm.sdkapi, rm.metrics, *latest.ko.Status.AllocationID, 47 | desired.ko.Spec.Tags, latest.ko.Spec.Tags, 48 | ); err != nil { 49 | return nil, err 50 | } 51 | } 52 | 53 | return updated, nil 54 | } 55 | 56 | // updateTagSpecificationsInCreateRequest adds 57 | // Tags defined in the Spec to AllocateAddressInput.TagSpecification 58 | // and ensures the ResourceType is always set to 'elastic-ip' 59 | func updateTagSpecificationsInCreateRequest(r *resource, 60 | input *svcsdk.AllocateAddressInput) { 61 | input.TagSpecifications = nil 62 | desiredTagSpecs := svcsdktypes.TagSpecification{} 63 | if r.ko.Spec.Tags != nil { 64 | requestedTags := []svcsdktypes.Tag{} 65 | for _, desiredTag := range r.ko.Spec.Tags { 66 | // Add in tags defined in the Spec 67 | tag := svcsdktypes.Tag{} 68 | if desiredTag.Key != nil && desiredTag.Value != nil { 69 | tag.Key = desiredTag.Key 70 | tag.Value = desiredTag.Value 71 | } 72 | requestedTags = append(requestedTags, tag) 73 | } 74 | desiredTagSpecs.ResourceType = "elastic-ip" 75 | desiredTagSpecs.Tags = requestedTags 76 | input.TagSpecifications = []svcsdktypes.TagSpecification{desiredTagSpecs} 77 | } 78 | } 79 | -------------------------------------------------------------------------------- /pkg/resource/elastic_ip_address/identifiers.go: -------------------------------------------------------------------------------- 1 | // Copyright Amazon.com Inc. or its affiliates. All Rights Reserved. 2 | // 3 | // Licensed under the Apache License, Version 2.0 (the "License"). You may 4 | // not use this file except in compliance with the License. A copy of the 5 | // License is located at 6 | // 7 | // http://aws.amazon.com/apache2.0/ 8 | // 9 | // or in the "license" file accompanying this file. This file is distributed 10 | // on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 11 | // express or implied. See the License for the specific language governing 12 | // permissions and limitations under the License. 13 | 14 | // Code generated by ack-generate. DO NOT EDIT. 15 | 16 | package elastic_ip_address 17 | 18 | import ( 19 | ackv1alpha1 "github.com/aws-controllers-k8s/runtime/apis/core/v1alpha1" 20 | ) 21 | 22 | // resourceIdentifiers implements the 23 | // `aws-service-operator-k8s/pkg/types.AWSResourceIdentifiers` interface 24 | type resourceIdentifiers struct { 25 | meta *ackv1alpha1.ResourceMetadata 26 | } 27 | 28 | // ARN returns the AWS Resource Name for the backend AWS resource. If nil, 29 | // this means the resource has not yet been created in the backend AWS 30 | // service. 31 | func (ri *resourceIdentifiers) ARN() *ackv1alpha1.AWSResourceName { 32 | if ri.meta != nil { 33 | return ri.meta.ARN 34 | } 35 | return nil 36 | } 37 | 38 | // OwnerAccountID returns the AWS account identifier in which the 39 | // backend AWS resource resides, or nil if this information is not known 40 | // for the resource 41 | func (ri *resourceIdentifiers) OwnerAccountID() *ackv1alpha1.AWSAccountID { 42 | if ri.meta != nil { 43 | return ri.meta.OwnerAccountID 44 | } 45 | return nil 46 | } 47 | 48 | // Region returns the AWS region in which the resource exists, or 49 | // nil if this information is not known. 50 | func (ri *resourceIdentifiers) Region() *ackv1alpha1.AWSRegion { 51 | if ri.meta != nil { 52 | return ri.meta.Region 53 | } 54 | return nil 55 | } 56 | -------------------------------------------------------------------------------- /pkg/resource/elastic_ip_address/references.go: -------------------------------------------------------------------------------- 1 | // Copyright Amazon.com Inc. or its affiliates. All Rights Reserved. 2 | // 3 | // Licensed under the Apache License, Version 2.0 (the "License"). You may 4 | // not use this file except in compliance with the License. A copy of the 5 | // License is located at 6 | // 7 | // http://aws.amazon.com/apache2.0/ 8 | // 9 | // or in the "license" file accompanying this file. This file is distributed 10 | // on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 11 | // express or implied. See the License for the specific language governing 12 | // permissions and limitations under the License. 13 | 14 | // Code generated by ack-generate. DO NOT EDIT. 15 | 16 | package elastic_ip_address 17 | 18 | import ( 19 | "context" 20 | 21 | "sigs.k8s.io/controller-runtime/pkg/client" 22 | 23 | acktypes "github.com/aws-controllers-k8s/runtime/pkg/types" 24 | 25 | svcapitypes "github.com/aws-controllers-k8s/ec2-controller/apis/v1alpha1" 26 | ) 27 | 28 | // ClearResolvedReferences removes any reference values that were made 29 | // concrete in the spec. It returns a copy of the input AWSResource which 30 | // contains the original *Ref values, but none of their respective concrete 31 | // values. 32 | func (rm *resourceManager) ClearResolvedReferences(res acktypes.AWSResource) acktypes.AWSResource { 33 | ko := rm.concreteResource(res).ko.DeepCopy() 34 | 35 | return &resource{ko} 36 | } 37 | 38 | // ResolveReferences finds if there are any Reference field(s) present 39 | // inside AWSResource passed in the parameter and attempts to resolve those 40 | // reference field(s) into their respective target field(s). It returns a 41 | // copy of the input AWSResource with resolved reference(s), a boolean which 42 | // is set to true if the resource contains any references (regardless of if 43 | // they are resolved successfully) and an error if the passed AWSResource's 44 | // reference field(s) could not be resolved. 45 | func (rm *resourceManager) ResolveReferences( 46 | ctx context.Context, 47 | apiReader client.Reader, 48 | res acktypes.AWSResource, 49 | ) (acktypes.AWSResource, bool, error) { 50 | return res, false, nil 51 | } 52 | 53 | // validateReferenceFields validates the reference field and corresponding 54 | // identifier field. 55 | func validateReferenceFields(ko *svcapitypes.ElasticIPAddress) error { 56 | return nil 57 | } 58 | -------------------------------------------------------------------------------- /pkg/resource/flow_log/hooks.go: -------------------------------------------------------------------------------- 1 | // Copyright Amazon.com Inc. or its affiliates. All Rights Reserved. 2 | // 3 | // Licensed under the Apache License, Version 2.0 (the "License"). You may 4 | // not use this file except in compliance with the License. A copy of the 5 | // License is located at 6 | // 7 | // http://aws.amazon.com/apache2.0/ 8 | // 9 | // or in the "license" file accompanying this file. This file is distributed 10 | // on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 11 | // express or implied. See the License for the specific language governing 12 | // permissions and limitations under the License. 13 | 14 | package flow_log 15 | 16 | import ( 17 | "context" 18 | 19 | ackcompare "github.com/aws-controllers-k8s/runtime/pkg/compare" 20 | ackrtlog "github.com/aws-controllers-k8s/runtime/pkg/runtime/log" 21 | svcsdk "github.com/aws/aws-sdk-go-v2/service/ec2" 22 | svcsdktypes "github.com/aws/aws-sdk-go-v2/service/ec2/types" 23 | 24 | "github.com/aws-controllers-k8s/ec2-controller/pkg/tags" 25 | ) 26 | 27 | func (rm *resourceManager) customUpdateFlowLog( 28 | ctx context.Context, 29 | desired *resource, 30 | latest *resource, 31 | delta *ackcompare.Delta, 32 | ) (updated *resource, err error) { 33 | rlog := ackrtlog.FromContext(ctx) 34 | exit := rlog.Trace("rm.customUpdateFlowLog") 35 | defer exit(err) 36 | 37 | // Default `updated` to `desired` because it is likely 38 | // EC2 `modify` APIs do NOT return output, only errors. 39 | // If the `modify` calls (i.e. `sync`) do NOT return 40 | // an error, then the update was successful and desired.Spec 41 | // (now updated.Spec) reflects the latest resource state. 42 | updated = rm.concreteResource(desired.DeepCopy()) 43 | 44 | if delta.DifferentAt("Spec.Tags") { 45 | if err := tags.Sync( 46 | ctx, rm.sdkapi, rm.metrics, *latest.ko.Status.FlowLogID, 47 | desired.ko.Spec.Tags, latest.ko.Spec.Tags, 48 | ); err != nil { 49 | return nil, err 50 | } 51 | } 52 | 53 | return updated, nil 54 | } 55 | 56 | // updateTagSpecificationsInCreateRequest adds 57 | // Tags defined in the Spec to CreateFlowLogsInput.TagSpecification 58 | // and ensures the ResourceType is always set to 'FlowLog' 59 | func updateTagSpecificationsInCreateRequest(r *resource, 60 | input *svcsdk.CreateFlowLogsInput) { 61 | input.TagSpecifications = nil 62 | desiredTagSpecs := svcsdktypes.TagSpecification{} 63 | if r.ko.Spec.Tags != nil { 64 | requestedTags := []svcsdktypes.Tag{} 65 | for _, desiredTag := range r.ko.Spec.Tags { 66 | // Add in tags defined in the Spec 67 | tag := svcsdktypes.Tag{} 68 | if desiredTag.Key != nil && desiredTag.Value != nil { 69 | tag.Key = desiredTag.Key 70 | tag.Value = desiredTag.Value 71 | } 72 | requestedTags = append(requestedTags, tag) 73 | } 74 | desiredTagSpecs.ResourceType = "vpc-flow-log" 75 | desiredTagSpecs.Tags = requestedTags 76 | input.TagSpecifications = []svcsdktypes.TagSpecification{desiredTagSpecs} 77 | } 78 | } 79 | -------------------------------------------------------------------------------- /pkg/resource/flow_log/identifiers.go: -------------------------------------------------------------------------------- 1 | // Copyright Amazon.com Inc. or its affiliates. All Rights Reserved. 2 | // 3 | // Licensed under the Apache License, Version 2.0 (the "License"). You may 4 | // not use this file except in compliance with the License. A copy of the 5 | // License is located at 6 | // 7 | // http://aws.amazon.com/apache2.0/ 8 | // 9 | // or in the "license" file accompanying this file. This file is distributed 10 | // on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 11 | // express or implied. See the License for the specific language governing 12 | // permissions and limitations under the License. 13 | 14 | // Code generated by ack-generate. DO NOT EDIT. 15 | 16 | package flow_log 17 | 18 | import ( 19 | ackv1alpha1 "github.com/aws-controllers-k8s/runtime/apis/core/v1alpha1" 20 | ) 21 | 22 | // resourceIdentifiers implements the 23 | // `aws-service-operator-k8s/pkg/types.AWSResourceIdentifiers` interface 24 | type resourceIdentifiers struct { 25 | meta *ackv1alpha1.ResourceMetadata 26 | } 27 | 28 | // ARN returns the AWS Resource Name for the backend AWS resource. If nil, 29 | // this means the resource has not yet been created in the backend AWS 30 | // service. 31 | func (ri *resourceIdentifiers) ARN() *ackv1alpha1.AWSResourceName { 32 | if ri.meta != nil { 33 | return ri.meta.ARN 34 | } 35 | return nil 36 | } 37 | 38 | // OwnerAccountID returns the AWS account identifier in which the 39 | // backend AWS resource resides, or nil if this information is not known 40 | // for the resource 41 | func (ri *resourceIdentifiers) OwnerAccountID() *ackv1alpha1.AWSAccountID { 42 | if ri.meta != nil { 43 | return ri.meta.OwnerAccountID 44 | } 45 | return nil 46 | } 47 | 48 | // Region returns the AWS region in which the resource exists, or 49 | // nil if this information is not known. 50 | func (ri *resourceIdentifiers) Region() *ackv1alpha1.AWSRegion { 51 | if ri.meta != nil { 52 | return ri.meta.Region 53 | } 54 | return nil 55 | } 56 | -------------------------------------------------------------------------------- /pkg/resource/flow_log/references.go: -------------------------------------------------------------------------------- 1 | // Copyright Amazon.com Inc. or its affiliates. All Rights Reserved. 2 | // 3 | // Licensed under the Apache License, Version 2.0 (the "License"). You may 4 | // not use this file except in compliance with the License. A copy of the 5 | // License is located at 6 | // 7 | // http://aws.amazon.com/apache2.0/ 8 | // 9 | // or in the "license" file accompanying this file. This file is distributed 10 | // on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 11 | // express or implied. See the License for the specific language governing 12 | // permissions and limitations under the License. 13 | 14 | // Code generated by ack-generate. DO NOT EDIT. 15 | 16 | package flow_log 17 | 18 | import ( 19 | "context" 20 | 21 | "sigs.k8s.io/controller-runtime/pkg/client" 22 | 23 | acktypes "github.com/aws-controllers-k8s/runtime/pkg/types" 24 | 25 | svcapitypes "github.com/aws-controllers-k8s/ec2-controller/apis/v1alpha1" 26 | ) 27 | 28 | // ClearResolvedReferences removes any reference values that were made 29 | // concrete in the spec. It returns a copy of the input AWSResource which 30 | // contains the original *Ref values, but none of their respective concrete 31 | // values. 32 | func (rm *resourceManager) ClearResolvedReferences(res acktypes.AWSResource) acktypes.AWSResource { 33 | ko := rm.concreteResource(res).ko.DeepCopy() 34 | 35 | return &resource{ko} 36 | } 37 | 38 | // ResolveReferences finds if there are any Reference field(s) present 39 | // inside AWSResource passed in the parameter and attempts to resolve those 40 | // reference field(s) into their respective target field(s). It returns a 41 | // copy of the input AWSResource with resolved reference(s), a boolean which 42 | // is set to true if the resource contains any references (regardless of if 43 | // they are resolved successfully) and an error if the passed AWSResource's 44 | // reference field(s) could not be resolved. 45 | func (rm *resourceManager) ResolveReferences( 46 | ctx context.Context, 47 | apiReader client.Reader, 48 | res acktypes.AWSResource, 49 | ) (acktypes.AWSResource, bool, error) { 50 | return res, false, nil 51 | } 52 | 53 | // validateReferenceFields validates the reference field and corresponding 54 | // identifier field. 55 | func validateReferenceFields(ko *svcapitypes.FlowLog) error { 56 | return nil 57 | } 58 | -------------------------------------------------------------------------------- /pkg/resource/instance/hooks.go: -------------------------------------------------------------------------------- 1 | // Copyright Amazon.com Inc. or its affiliates. All Rights Reserved. 2 | // 3 | // Licensed under the Apache License, Version 2.0 (the "License"). You may 4 | // not use this file except in compliance with the License. A copy of the 5 | // License is located at 6 | // 7 | // http://aws.amazon.com/apache2.0/ 8 | // 9 | // or in the "license" file accompanying this file. This file is distributed 10 | // on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 11 | // express or implied. See the License for the specific language governing 12 | // permissions and limitations under the License. 13 | 14 | package instance 15 | 16 | import ( 17 | "context" 18 | "errors" 19 | 20 | ackcompare "github.com/aws-controllers-k8s/runtime/pkg/compare" 21 | ackrtlog "github.com/aws-controllers-k8s/runtime/pkg/runtime/log" 22 | svcsdk "github.com/aws/aws-sdk-go-v2/service/ec2" 23 | svcsdktypes "github.com/aws/aws-sdk-go-v2/service/ec2/types" 24 | 25 | "github.com/aws-controllers-k8s/ec2-controller/pkg/tags" 26 | ) 27 | 28 | // addInstanceIDsToTerminateRequest populates the list of InstanceIDs 29 | // in the TerminateInstances request with the resource's InstanceID 30 | // Return error to indicate to callers that the resource is not yet created. 31 | func addInstanceIDsToTerminateRequest(r *resource, 32 | input *svcsdk.TerminateInstancesInput) error { 33 | if r.ko.Status.InstanceID == nil { 34 | return errors.New("InstanceID nil for resource when creating TerminateRequest") 35 | } 36 | input.InstanceIds = append(input.InstanceIds, *r.ko.Status.InstanceID) 37 | return nil 38 | } 39 | 40 | func (rm *resourceManager) customUpdateInstance( 41 | ctx context.Context, 42 | desired *resource, 43 | latest *resource, 44 | delta *ackcompare.Delta, 45 | ) (updated *resource, err error) { 46 | rlog := ackrtlog.FromContext(ctx) 47 | exit := rlog.Trace("rm.customUpdateInstance") 48 | defer exit(err) 49 | 50 | // Default `updated` to `desired` because it is likely 51 | // EC2 `modify` APIs do NOT return output, only errors. 52 | // If the `modify` calls (i.e. `sync`) do NOT return 53 | // an error, then the update was successful and desired.Spec 54 | // (now updated.Spec) reflects the latest resource state. 55 | updated = rm.concreteResource(desired.DeepCopy()) 56 | 57 | if delta.DifferentAt("Spec.Tags") { 58 | if err := tags.Sync( 59 | ctx, rm.sdkapi, rm.metrics, *latest.ko.Status.InstanceID, 60 | desired.ko.Spec.Tags, latest.ko.Spec.Tags, 61 | ); err != nil { 62 | return nil, err 63 | } 64 | } 65 | 66 | return updated, nil 67 | } 68 | 69 | var computeTagsDelta = tags.ComputeTagsDelta 70 | 71 | // updateTagSpecificationsInCreateRequest adds 72 | // Tags defined in the Spec to RunInstancesInput.TagSpecification 73 | // and ensures the ResourceType is always set to 'instance' 74 | func updateTagSpecificationsInCreateRequest(r *resource, 75 | input *svcsdk.RunInstancesInput) { 76 | input.TagSpecifications = nil 77 | desiredTagSpecs := svcsdktypes.TagSpecification{} 78 | if r.ko.Spec.Tags != nil { 79 | instanceTags := []svcsdktypes.Tag{} 80 | for _, desiredTag := range r.ko.Spec.Tags { 81 | // Add in tags defined in the Spec 82 | tag := svcsdktypes.Tag{} 83 | if desiredTag.Key != nil && desiredTag.Value != nil { 84 | tag.Key = desiredTag.Key 85 | tag.Value = desiredTag.Value 86 | } 87 | instanceTags = append(instanceTags, tag) 88 | } 89 | desiredTagSpecs.ResourceType = "instance" 90 | desiredTagSpecs.Tags = instanceTags 91 | input.TagSpecifications = []svcsdktypes.TagSpecification{desiredTagSpecs} 92 | } 93 | } 94 | -------------------------------------------------------------------------------- /pkg/resource/instance/identifiers.go: -------------------------------------------------------------------------------- 1 | // Copyright Amazon.com Inc. or its affiliates. All Rights Reserved. 2 | // 3 | // Licensed under the Apache License, Version 2.0 (the "License"). You may 4 | // not use this file except in compliance with the License. A copy of the 5 | // License is located at 6 | // 7 | // http://aws.amazon.com/apache2.0/ 8 | // 9 | // or in the "license" file accompanying this file. This file is distributed 10 | // on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 11 | // express or implied. See the License for the specific language governing 12 | // permissions and limitations under the License. 13 | 14 | // Code generated by ack-generate. DO NOT EDIT. 15 | 16 | package instance 17 | 18 | import ( 19 | ackv1alpha1 "github.com/aws-controllers-k8s/runtime/apis/core/v1alpha1" 20 | ) 21 | 22 | // resourceIdentifiers implements the 23 | // `aws-service-operator-k8s/pkg/types.AWSResourceIdentifiers` interface 24 | type resourceIdentifiers struct { 25 | meta *ackv1alpha1.ResourceMetadata 26 | } 27 | 28 | // ARN returns the AWS Resource Name for the backend AWS resource. If nil, 29 | // this means the resource has not yet been created in the backend AWS 30 | // service. 31 | func (ri *resourceIdentifiers) ARN() *ackv1alpha1.AWSResourceName { 32 | if ri.meta != nil { 33 | return ri.meta.ARN 34 | } 35 | return nil 36 | } 37 | 38 | // OwnerAccountID returns the AWS account identifier in which the 39 | // backend AWS resource resides, or nil if this information is not known 40 | // for the resource 41 | func (ri *resourceIdentifiers) OwnerAccountID() *ackv1alpha1.AWSAccountID { 42 | if ri.meta != nil { 43 | return ri.meta.OwnerAccountID 44 | } 45 | return nil 46 | } 47 | 48 | // Region returns the AWS region in which the resource exists, or 49 | // nil if this information is not known. 50 | func (ri *resourceIdentifiers) Region() *ackv1alpha1.AWSRegion { 51 | if ri.meta != nil { 52 | return ri.meta.Region 53 | } 54 | return nil 55 | } 56 | -------------------------------------------------------------------------------- /pkg/resource/internet_gateway/delta.go: -------------------------------------------------------------------------------- 1 | // Copyright Amazon.com Inc. or its affiliates. All Rights Reserved. 2 | // 3 | // Licensed under the Apache License, Version 2.0 (the "License"). You may 4 | // not use this file except in compliance with the License. A copy of the 5 | // License is located at 6 | // 7 | // http://aws.amazon.com/apache2.0/ 8 | // 9 | // or in the "license" file accompanying this file. This file is distributed 10 | // on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 11 | // express or implied. See the License for the specific language governing 12 | // permissions and limitations under the License. 13 | 14 | // Code generated by ack-generate. DO NOT EDIT. 15 | 16 | package internet_gateway 17 | 18 | import ( 19 | "bytes" 20 | "reflect" 21 | 22 | ackcompare "github.com/aws-controllers-k8s/runtime/pkg/compare" 23 | acktags "github.com/aws-controllers-k8s/runtime/pkg/tags" 24 | ) 25 | 26 | // Hack to avoid import errors during build... 27 | var ( 28 | _ = &bytes.Buffer{} 29 | _ = &reflect.Method{} 30 | _ = &acktags.Tags{} 31 | ) 32 | 33 | // newResourceDelta returns a new `ackcompare.Delta` used to compare two 34 | // resources 35 | func newResourceDelta( 36 | a *resource, 37 | b *resource, 38 | ) *ackcompare.Delta { 39 | delta := ackcompare.NewDelta() 40 | if (a == nil && b != nil) || 41 | (a != nil && b == nil) { 42 | delta.Add("", a, b) 43 | return delta 44 | } 45 | 46 | if !reflect.DeepEqual(a.ko.Spec.RouteTableRefs, b.ko.Spec.RouteTableRefs) { 47 | delta.Add("Spec.RouteTableRefs", a.ko.Spec.RouteTableRefs, b.ko.Spec.RouteTableRefs) 48 | } 49 | if len(a.ko.Spec.RouteTables) != len(b.ko.Spec.RouteTables) { 50 | delta.Add("Spec.RouteTables", a.ko.Spec.RouteTables, b.ko.Spec.RouteTables) 51 | } else if len(a.ko.Spec.RouteTables) > 0 { 52 | if !ackcompare.SliceStringPEqual(a.ko.Spec.RouteTables, b.ko.Spec.RouteTables) { 53 | delta.Add("Spec.RouteTables", a.ko.Spec.RouteTables, b.ko.Spec.RouteTables) 54 | } 55 | } 56 | desiredACKTags, _ := convertToOrderedACKTags(a.ko.Spec.Tags) 57 | latestACKTags, _ := convertToOrderedACKTags(b.ko.Spec.Tags) 58 | if !ackcompare.MapStringStringEqual(desiredACKTags, latestACKTags) { 59 | delta.Add("Spec.Tags", a.ko.Spec.Tags, b.ko.Spec.Tags) 60 | } 61 | if ackcompare.HasNilDifference(a.ko.Spec.VPC, b.ko.Spec.VPC) { 62 | delta.Add("Spec.VPC", a.ko.Spec.VPC, b.ko.Spec.VPC) 63 | } else if a.ko.Spec.VPC != nil && b.ko.Spec.VPC != nil { 64 | if *a.ko.Spec.VPC != *b.ko.Spec.VPC { 65 | delta.Add("Spec.VPC", a.ko.Spec.VPC, b.ko.Spec.VPC) 66 | } 67 | } 68 | if !reflect.DeepEqual(a.ko.Spec.VPCRef, b.ko.Spec.VPCRef) { 69 | delta.Add("Spec.VPCRef", a.ko.Spec.VPCRef, b.ko.Spec.VPCRef) 70 | } 71 | 72 | return delta 73 | } 74 | -------------------------------------------------------------------------------- /pkg/resource/internet_gateway/identifiers.go: -------------------------------------------------------------------------------- 1 | // Copyright Amazon.com Inc. or its affiliates. All Rights Reserved. 2 | // 3 | // Licensed under the Apache License, Version 2.0 (the "License"). You may 4 | // not use this file except in compliance with the License. A copy of the 5 | // License is located at 6 | // 7 | // http://aws.amazon.com/apache2.0/ 8 | // 9 | // or in the "license" file accompanying this file. This file is distributed 10 | // on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 11 | // express or implied. See the License for the specific language governing 12 | // permissions and limitations under the License. 13 | 14 | // Code generated by ack-generate. DO NOT EDIT. 15 | 16 | package internet_gateway 17 | 18 | import ( 19 | ackv1alpha1 "github.com/aws-controllers-k8s/runtime/apis/core/v1alpha1" 20 | ) 21 | 22 | // resourceIdentifiers implements the 23 | // `aws-service-operator-k8s/pkg/types.AWSResourceIdentifiers` interface 24 | type resourceIdentifiers struct { 25 | meta *ackv1alpha1.ResourceMetadata 26 | } 27 | 28 | // ARN returns the AWS Resource Name for the backend AWS resource. If nil, 29 | // this means the resource has not yet been created in the backend AWS 30 | // service. 31 | func (ri *resourceIdentifiers) ARN() *ackv1alpha1.AWSResourceName { 32 | if ri.meta != nil { 33 | return ri.meta.ARN 34 | } 35 | return nil 36 | } 37 | 38 | // OwnerAccountID returns the AWS account identifier in which the 39 | // backend AWS resource resides, or nil if this information is not known 40 | // for the resource 41 | func (ri *resourceIdentifiers) OwnerAccountID() *ackv1alpha1.AWSAccountID { 42 | if ri.meta != nil { 43 | return ri.meta.OwnerAccountID 44 | } 45 | return nil 46 | } 47 | 48 | // Region returns the AWS region in which the resource exists, or 49 | // nil if this information is not known. 50 | func (ri *resourceIdentifiers) Region() *ackv1alpha1.AWSRegion { 51 | if ri.meta != nil { 52 | return ri.meta.Region 53 | } 54 | return nil 55 | } 56 | -------------------------------------------------------------------------------- /pkg/resource/launch_template/identifiers.go: -------------------------------------------------------------------------------- 1 | // Copyright Amazon.com Inc. or its affiliates. All Rights Reserved. 2 | // 3 | // Licensed under the Apache License, Version 2.0 (the "License"). You may 4 | // not use this file except in compliance with the License. A copy of the 5 | // License is located at 6 | // 7 | // http://aws.amazon.com/apache2.0/ 8 | // 9 | // or in the "license" file accompanying this file. This file is distributed 10 | // on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 11 | // express or implied. See the License for the specific language governing 12 | // permissions and limitations under the License. 13 | 14 | // Code generated by ack-generate. DO NOT EDIT. 15 | 16 | package launch_template 17 | 18 | import ( 19 | ackv1alpha1 "github.com/aws-controllers-k8s/runtime/apis/core/v1alpha1" 20 | ) 21 | 22 | // resourceIdentifiers implements the 23 | // `aws-service-operator-k8s/pkg/types.AWSResourceIdentifiers` interface 24 | type resourceIdentifiers struct { 25 | meta *ackv1alpha1.ResourceMetadata 26 | } 27 | 28 | // ARN returns the AWS Resource Name for the backend AWS resource. If nil, 29 | // this means the resource has not yet been created in the backend AWS 30 | // service. 31 | func (ri *resourceIdentifiers) ARN() *ackv1alpha1.AWSResourceName { 32 | if ri.meta != nil { 33 | return ri.meta.ARN 34 | } 35 | return nil 36 | } 37 | 38 | // OwnerAccountID returns the AWS account identifier in which the 39 | // backend AWS resource resides, or nil if this information is not known 40 | // for the resource 41 | func (ri *resourceIdentifiers) OwnerAccountID() *ackv1alpha1.AWSAccountID { 42 | if ri.meta != nil { 43 | return ri.meta.OwnerAccountID 44 | } 45 | return nil 46 | } 47 | 48 | // Region returns the AWS region in which the resource exists, or 49 | // nil if this information is not known. 50 | func (ri *resourceIdentifiers) Region() *ackv1alpha1.AWSRegion { 51 | if ri.meta != nil { 52 | return ri.meta.Region 53 | } 54 | return nil 55 | } 56 | -------------------------------------------------------------------------------- /pkg/resource/launch_template/references.go: -------------------------------------------------------------------------------- 1 | // Copyright Amazon.com Inc. or its affiliates. All Rights Reserved. 2 | // 3 | // Licensed under the Apache License, Version 2.0 (the "License"). You may 4 | // not use this file except in compliance with the License. A copy of the 5 | // License is located at 6 | // 7 | // http://aws.amazon.com/apache2.0/ 8 | // 9 | // or in the "license" file accompanying this file. This file is distributed 10 | // on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 11 | // express or implied. See the License for the specific language governing 12 | // permissions and limitations under the License. 13 | 14 | // Code generated by ack-generate. DO NOT EDIT. 15 | 16 | package launch_template 17 | 18 | import ( 19 | "context" 20 | 21 | "sigs.k8s.io/controller-runtime/pkg/client" 22 | 23 | acktypes "github.com/aws-controllers-k8s/runtime/pkg/types" 24 | 25 | svcapitypes "github.com/aws-controllers-k8s/ec2-controller/apis/v1alpha1" 26 | ) 27 | 28 | // ClearResolvedReferences removes any reference values that were made 29 | // concrete in the spec. It returns a copy of the input AWSResource which 30 | // contains the original *Ref values, but none of their respective concrete 31 | // values. 32 | func (rm *resourceManager) ClearResolvedReferences(res acktypes.AWSResource) acktypes.AWSResource { 33 | ko := rm.concreteResource(res).ko.DeepCopy() 34 | 35 | return &resource{ko} 36 | } 37 | 38 | // ResolveReferences finds if there are any Reference field(s) present 39 | // inside AWSResource passed in the parameter and attempts to resolve those 40 | // reference field(s) into their respective target field(s). It returns a 41 | // copy of the input AWSResource with resolved reference(s), a boolean which 42 | // is set to true if the resource contains any references (regardless of if 43 | // they are resolved successfully) and an error if the passed AWSResource's 44 | // reference field(s) could not be resolved. 45 | func (rm *resourceManager) ResolveReferences( 46 | ctx context.Context, 47 | apiReader client.Reader, 48 | res acktypes.AWSResource, 49 | ) (acktypes.AWSResource, bool, error) { 50 | return res, false, nil 51 | } 52 | 53 | // validateReferenceFields validates the reference field and corresponding 54 | // identifier field. 55 | func validateReferenceFields(ko *svcapitypes.LaunchTemplate) error { 56 | return nil 57 | } 58 | -------------------------------------------------------------------------------- /pkg/resource/nat_gateway/delta.go: -------------------------------------------------------------------------------- 1 | // Copyright Amazon.com Inc. or its affiliates. All Rights Reserved. 2 | // 3 | // Licensed under the Apache License, Version 2.0 (the "License"). You may 4 | // not use this file except in compliance with the License. A copy of the 5 | // License is located at 6 | // 7 | // http://aws.amazon.com/apache2.0/ 8 | // 9 | // or in the "license" file accompanying this file. This file is distributed 10 | // on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 11 | // express or implied. See the License for the specific language governing 12 | // permissions and limitations under the License. 13 | 14 | // Code generated by ack-generate. DO NOT EDIT. 15 | 16 | package nat_gateway 17 | 18 | import ( 19 | "bytes" 20 | "reflect" 21 | 22 | ackcompare "github.com/aws-controllers-k8s/runtime/pkg/compare" 23 | acktags "github.com/aws-controllers-k8s/runtime/pkg/tags" 24 | ) 25 | 26 | // Hack to avoid import errors during build... 27 | var ( 28 | _ = &bytes.Buffer{} 29 | _ = &reflect.Method{} 30 | _ = &acktags.Tags{} 31 | ) 32 | 33 | // newResourceDelta returns a new `ackcompare.Delta` used to compare two 34 | // resources 35 | func newResourceDelta( 36 | a *resource, 37 | b *resource, 38 | ) *ackcompare.Delta { 39 | delta := ackcompare.NewDelta() 40 | if (a == nil && b != nil) || 41 | (a != nil && b == nil) { 42 | delta.Add("", a, b) 43 | return delta 44 | } 45 | 46 | if ackcompare.HasNilDifference(a.ko.Spec.AllocationID, b.ko.Spec.AllocationID) { 47 | delta.Add("Spec.AllocationID", a.ko.Spec.AllocationID, b.ko.Spec.AllocationID) 48 | } else if a.ko.Spec.AllocationID != nil && b.ko.Spec.AllocationID != nil { 49 | if *a.ko.Spec.AllocationID != *b.ko.Spec.AllocationID { 50 | delta.Add("Spec.AllocationID", a.ko.Spec.AllocationID, b.ko.Spec.AllocationID) 51 | } 52 | } 53 | if !reflect.DeepEqual(a.ko.Spec.AllocationRef, b.ko.Spec.AllocationRef) { 54 | delta.Add("Spec.AllocationRef", a.ko.Spec.AllocationRef, b.ko.Spec.AllocationRef) 55 | } 56 | if ackcompare.HasNilDifference(a.ko.Spec.ConnectivityType, b.ko.Spec.ConnectivityType) { 57 | delta.Add("Spec.ConnectivityType", a.ko.Spec.ConnectivityType, b.ko.Spec.ConnectivityType) 58 | } else if a.ko.Spec.ConnectivityType != nil && b.ko.Spec.ConnectivityType != nil { 59 | if *a.ko.Spec.ConnectivityType != *b.ko.Spec.ConnectivityType { 60 | delta.Add("Spec.ConnectivityType", a.ko.Spec.ConnectivityType, b.ko.Spec.ConnectivityType) 61 | } 62 | } 63 | if ackcompare.HasNilDifference(a.ko.Spec.SubnetID, b.ko.Spec.SubnetID) { 64 | delta.Add("Spec.SubnetID", a.ko.Spec.SubnetID, b.ko.Spec.SubnetID) 65 | } else if a.ko.Spec.SubnetID != nil && b.ko.Spec.SubnetID != nil { 66 | if *a.ko.Spec.SubnetID != *b.ko.Spec.SubnetID { 67 | delta.Add("Spec.SubnetID", a.ko.Spec.SubnetID, b.ko.Spec.SubnetID) 68 | } 69 | } 70 | if !reflect.DeepEqual(a.ko.Spec.SubnetRef, b.ko.Spec.SubnetRef) { 71 | delta.Add("Spec.SubnetRef", a.ko.Spec.SubnetRef, b.ko.Spec.SubnetRef) 72 | } 73 | desiredACKTags, _ := convertToOrderedACKTags(a.ko.Spec.Tags) 74 | latestACKTags, _ := convertToOrderedACKTags(b.ko.Spec.Tags) 75 | if !ackcompare.MapStringStringEqual(desiredACKTags, latestACKTags) { 76 | delta.Add("Spec.Tags", a.ko.Spec.Tags, b.ko.Spec.Tags) 77 | } 78 | 79 | return delta 80 | } 81 | -------------------------------------------------------------------------------- /pkg/resource/nat_gateway/hooks.go: -------------------------------------------------------------------------------- 1 | // Copyright Amazon.com Inc. or its affiliates. All Rights Reserved. 2 | // 3 | // Licensed under the Apache License, Version 2.0 (the "License"). You may 4 | // not use this file except in compliance with the License. A copy of the 5 | // License is located at 6 | // 7 | // http://aws.amazon.com/apache2.0/ 8 | // 9 | // or in the "license" file accompanying this file. This file is distributed 10 | // on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 11 | // express or implied. See the License for the specific language governing 12 | // permissions and limitations under the License. 13 | 14 | package nat_gateway 15 | 16 | import ( 17 | "context" 18 | 19 | ackcompare "github.com/aws-controllers-k8s/runtime/pkg/compare" 20 | ackrtlog "github.com/aws-controllers-k8s/runtime/pkg/runtime/log" 21 | svcsdk "github.com/aws/aws-sdk-go-v2/service/ec2" 22 | svcsdktypes "github.com/aws/aws-sdk-go-v2/service/ec2/types" 23 | 24 | "github.com/aws-controllers-k8s/ec2-controller/pkg/tags" 25 | ) 26 | 27 | func isResourceDeleted(r *resource) bool { 28 | if r.ko.Status.State == nil { 29 | return true 30 | } 31 | status := *r.ko.Status.State 32 | return status == string(svcsdktypes.NatGatewayStateDeleted) 33 | } 34 | 35 | func isResourcePending(r *resource) bool { 36 | if r.ko.Status.State == nil { 37 | return false 38 | } 39 | status := *r.ko.Status.State 40 | return status == string(svcsdktypes.NatGatewayStatePending) 41 | } 42 | 43 | func (rm *resourceManager) customUpdateNATGateway( 44 | ctx context.Context, 45 | desired *resource, 46 | latest *resource, 47 | delta *ackcompare.Delta, 48 | ) (updated *resource, err error) { 49 | rlog := ackrtlog.FromContext(ctx) 50 | exit := rlog.Trace("rm.customUpdateNATGateway") 51 | defer exit(err) 52 | 53 | // Default `updated` to `desired` because it is likely 54 | // EC2 `modify` APIs do NOT return output, only errors. 55 | // If the `modify` calls (i.e. `sync`) do NOT return 56 | // an error, then the update was successful and desired.Spec 57 | // (now updated.Spec) reflects the latest resource state. 58 | updated = rm.concreteResource(desired.DeepCopy()) 59 | updated.ko.Status = latest.ko.Status 60 | 61 | if delta.DifferentAt("Spec.Tags") { 62 | if err := tags.Sync( 63 | ctx, rm.sdkapi, rm.metrics, *latest.ko.Status.NATGatewayID, 64 | desired.ko.Spec.Tags, latest.ko.Spec.Tags, 65 | ); err != nil { 66 | return nil, err 67 | } 68 | } 69 | 70 | return updated, nil 71 | } 72 | 73 | // updateTagSpecificationsInCreateRequest adds 74 | // Tags defined in the Spec to CreateNatGatewayInput.TagSpecification 75 | // and ensures the ResourceType is always set to 'natgateway' 76 | func updateTagSpecificationsInCreateRequest(r *resource, 77 | input *svcsdk.CreateNatGatewayInput) { 78 | input.TagSpecifications = nil 79 | desiredTagSpecs := svcsdktypes.TagSpecification{} 80 | if r.ko.Spec.Tags != nil { 81 | requestedTags := []svcsdktypes.Tag{} 82 | for _, desiredTag := range r.ko.Spec.Tags { 83 | // Add in tags defined in the Spec 84 | tag := svcsdktypes.Tag{} 85 | if desiredTag.Key != nil && desiredTag.Value != nil { 86 | tag.Key = desiredTag.Key 87 | tag.Value = desiredTag.Value 88 | } 89 | requestedTags = append(requestedTags, tag) 90 | } 91 | desiredTagSpecs.ResourceType = "natgateway" 92 | desiredTagSpecs.Tags = requestedTags 93 | input.TagSpecifications = []svcsdktypes.TagSpecification{desiredTagSpecs} 94 | } 95 | } 96 | -------------------------------------------------------------------------------- /pkg/resource/nat_gateway/identifiers.go: -------------------------------------------------------------------------------- 1 | // Copyright Amazon.com Inc. or its affiliates. All Rights Reserved. 2 | // 3 | // Licensed under the Apache License, Version 2.0 (the "License"). You may 4 | // not use this file except in compliance with the License. A copy of the 5 | // License is located at 6 | // 7 | // http://aws.amazon.com/apache2.0/ 8 | // 9 | // or in the "license" file accompanying this file. This file is distributed 10 | // on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 11 | // express or implied. See the License for the specific language governing 12 | // permissions and limitations under the License. 13 | 14 | // Code generated by ack-generate. DO NOT EDIT. 15 | 16 | package nat_gateway 17 | 18 | import ( 19 | ackv1alpha1 "github.com/aws-controllers-k8s/runtime/apis/core/v1alpha1" 20 | ) 21 | 22 | // resourceIdentifiers implements the 23 | // `aws-service-operator-k8s/pkg/types.AWSResourceIdentifiers` interface 24 | type resourceIdentifiers struct { 25 | meta *ackv1alpha1.ResourceMetadata 26 | } 27 | 28 | // ARN returns the AWS Resource Name for the backend AWS resource. If nil, 29 | // this means the resource has not yet been created in the backend AWS 30 | // service. 31 | func (ri *resourceIdentifiers) ARN() *ackv1alpha1.AWSResourceName { 32 | if ri.meta != nil { 33 | return ri.meta.ARN 34 | } 35 | return nil 36 | } 37 | 38 | // OwnerAccountID returns the AWS account identifier in which the 39 | // backend AWS resource resides, or nil if this information is not known 40 | // for the resource 41 | func (ri *resourceIdentifiers) OwnerAccountID() *ackv1alpha1.AWSAccountID { 42 | if ri.meta != nil { 43 | return ri.meta.OwnerAccountID 44 | } 45 | return nil 46 | } 47 | 48 | // Region returns the AWS region in which the resource exists, or 49 | // nil if this information is not known. 50 | func (ri *resourceIdentifiers) Region() *ackv1alpha1.AWSRegion { 51 | if ri.meta != nil { 52 | return ri.meta.Region 53 | } 54 | return nil 55 | } 56 | -------------------------------------------------------------------------------- /pkg/resource/network_acl/delta.go: -------------------------------------------------------------------------------- 1 | // Copyright Amazon.com Inc. or its affiliates. All Rights Reserved. 2 | // 3 | // Licensed under the Apache License, Version 2.0 (the "License"). You may 4 | // not use this file except in compliance with the License. A copy of the 5 | // License is located at 6 | // 7 | // http://aws.amazon.com/apache2.0/ 8 | // 9 | // or in the "license" file accompanying this file. This file is distributed 10 | // on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 11 | // express or implied. See the License for the specific language governing 12 | // permissions and limitations under the License. 13 | 14 | // Code generated by ack-generate. DO NOT EDIT. 15 | 16 | package network_acl 17 | 18 | import ( 19 | "bytes" 20 | "reflect" 21 | 22 | ackcompare "github.com/aws-controllers-k8s/runtime/pkg/compare" 23 | acktags "github.com/aws-controllers-k8s/runtime/pkg/tags" 24 | ) 25 | 26 | // Hack to avoid import errors during build... 27 | var ( 28 | _ = &bytes.Buffer{} 29 | _ = &reflect.Method{} 30 | _ = &acktags.Tags{} 31 | ) 32 | 33 | // newResourceDelta returns a new `ackcompare.Delta` used to compare two 34 | // resources 35 | func newResourceDelta( 36 | a *resource, 37 | b *resource, 38 | ) *ackcompare.Delta { 39 | delta := ackcompare.NewDelta() 40 | if (a == nil && b != nil) || 41 | (a != nil && b == nil) { 42 | delta.Add("", a, b) 43 | return delta 44 | } 45 | customPreCompare(delta, a, b) 46 | 47 | if len(a.ko.Spec.Associations) != len(b.ko.Spec.Associations) { 48 | delta.Add("Spec.Associations", a.ko.Spec.Associations, b.ko.Spec.Associations) 49 | } else if len(a.ko.Spec.Associations) > 0 { 50 | if !reflect.DeepEqual(a.ko.Spec.Associations, b.ko.Spec.Associations) { 51 | delta.Add("Spec.Associations", a.ko.Spec.Associations, b.ko.Spec.Associations) 52 | } 53 | } 54 | if len(a.ko.Spec.Entries) != len(b.ko.Spec.Entries) { 55 | delta.Add("Spec.Entries", a.ko.Spec.Entries, b.ko.Spec.Entries) 56 | } else if len(a.ko.Spec.Entries) > 0 { 57 | if !reflect.DeepEqual(a.ko.Spec.Entries, b.ko.Spec.Entries) { 58 | delta.Add("Spec.Entries", a.ko.Spec.Entries, b.ko.Spec.Entries) 59 | } 60 | } 61 | desiredACKTags, _ := convertToOrderedACKTags(a.ko.Spec.Tags) 62 | latestACKTags, _ := convertToOrderedACKTags(b.ko.Spec.Tags) 63 | if !ackcompare.MapStringStringEqual(desiredACKTags, latestACKTags) { 64 | delta.Add("Spec.Tags", a.ko.Spec.Tags, b.ko.Spec.Tags) 65 | } 66 | if ackcompare.HasNilDifference(a.ko.Spec.VPCID, b.ko.Spec.VPCID) { 67 | delta.Add("Spec.VPCID", a.ko.Spec.VPCID, b.ko.Spec.VPCID) 68 | } else if a.ko.Spec.VPCID != nil && b.ko.Spec.VPCID != nil { 69 | if *a.ko.Spec.VPCID != *b.ko.Spec.VPCID { 70 | delta.Add("Spec.VPCID", a.ko.Spec.VPCID, b.ko.Spec.VPCID) 71 | } 72 | } 73 | if !reflect.DeepEqual(a.ko.Spec.VPCRef, b.ko.Spec.VPCRef) { 74 | delta.Add("Spec.VPCRef", a.ko.Spec.VPCRef, b.ko.Spec.VPCRef) 75 | } 76 | 77 | return delta 78 | } 79 | -------------------------------------------------------------------------------- /pkg/resource/network_acl/identifiers.go: -------------------------------------------------------------------------------- 1 | // Copyright Amazon.com Inc. or its affiliates. All Rights Reserved. 2 | // 3 | // Licensed under the Apache License, Version 2.0 (the "License"). You may 4 | // not use this file except in compliance with the License. A copy of the 5 | // License is located at 6 | // 7 | // http://aws.amazon.com/apache2.0/ 8 | // 9 | // or in the "license" file accompanying this file. This file is distributed 10 | // on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 11 | // express or implied. See the License for the specific language governing 12 | // permissions and limitations under the License. 13 | 14 | // Code generated by ack-generate. DO NOT EDIT. 15 | 16 | package network_acl 17 | 18 | import ( 19 | ackv1alpha1 "github.com/aws-controllers-k8s/runtime/apis/core/v1alpha1" 20 | ) 21 | 22 | // resourceIdentifiers implements the 23 | // `aws-service-operator-k8s/pkg/types.AWSResourceIdentifiers` interface 24 | type resourceIdentifiers struct { 25 | meta *ackv1alpha1.ResourceMetadata 26 | } 27 | 28 | // ARN returns the AWS Resource Name for the backend AWS resource. If nil, 29 | // this means the resource has not yet been created in the backend AWS 30 | // service. 31 | func (ri *resourceIdentifiers) ARN() *ackv1alpha1.AWSResourceName { 32 | if ri.meta != nil { 33 | return ri.meta.ARN 34 | } 35 | return nil 36 | } 37 | 38 | // OwnerAccountID returns the AWS account identifier in which the 39 | // backend AWS resource resides, or nil if this information is not known 40 | // for the resource 41 | func (ri *resourceIdentifiers) OwnerAccountID() *ackv1alpha1.AWSAccountID { 42 | if ri.meta != nil { 43 | return ri.meta.OwnerAccountID 44 | } 45 | return nil 46 | } 47 | 48 | // Region returns the AWS region in which the resource exists, or 49 | // nil if this information is not known. 50 | func (ri *resourceIdentifiers) Region() *ackv1alpha1.AWSRegion { 51 | if ri.meta != nil { 52 | return ri.meta.Region 53 | } 54 | return nil 55 | } 56 | -------------------------------------------------------------------------------- /pkg/resource/registry.go: -------------------------------------------------------------------------------- 1 | // Copyright Amazon.com Inc. or its affiliates. All Rights Reserved. 2 | // 3 | // Licensed under the Apache License, Version 2.0 (the "License"). You may 4 | // not use this file except in compliance with the License. A copy of the 5 | // License is located at 6 | // 7 | // http://aws.amazon.com/apache2.0/ 8 | // 9 | // or in the "license" file accompanying this file. This file is distributed 10 | // on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 11 | // express or implied. See the License for the specific language governing 12 | // permissions and limitations under the License. 13 | 14 | // Code generated by ack-generate. DO NOT EDIT. 15 | 16 | package resource 17 | 18 | import ( 19 | ackrt "github.com/aws-controllers-k8s/runtime/pkg/runtime" 20 | acktypes "github.com/aws-controllers-k8s/runtime/pkg/types" 21 | ) 22 | 23 | // +kubebuilder:rbac:groups=services.k8s.aws,resources=adoptedresources,verbs=get;list;watch;create;update;patch;delete 24 | // +kubebuilder:rbac:groups=services.k8s.aws,resources=adoptedresources/status,verbs=get;update;patch 25 | // +kubebuilder:rbac:groups=services.k8s.aws,resources=fieldexports,verbs=get;list;watch;create;update;patch;delete 26 | // +kubebuilder:rbac:groups=services.k8s.aws,resources=fieldexports/status,verbs=get;update;patch 27 | // +kubebuilder:rbac:groups="",resources=namespaces,verbs=get;list;watch 28 | // +kubebuilder:rbac:groups="",resources=configmaps,verbs=get;list;watch;patch 29 | // +kubebuilder:rbac:groups="",resources=secrets,verbs=get;list;watch;patch 30 | 31 | var ( 32 | reg = ackrt.NewRegistry() 33 | ) 34 | 35 | // GetManagerFactories returns a slice of resource manager factories that are 36 | // registered with this package 37 | func GetManagerFactories() []acktypes.AWSResourceManagerFactory { 38 | return reg.GetResourceManagerFactories() 39 | } 40 | 41 | // RegisterManagerFactory registers a resource manager factory with the 42 | // package's registry 43 | func RegisterManagerFactory(f acktypes.AWSResourceManagerFactory) { 44 | reg.RegisterResourceManagerFactory(f) 45 | } 46 | -------------------------------------------------------------------------------- /pkg/resource/route_table/delta.go: -------------------------------------------------------------------------------- 1 | // Copyright Amazon.com Inc. or its affiliates. All Rights Reserved. 2 | // 3 | // Licensed under the Apache License, Version 2.0 (the "License"). You may 4 | // not use this file except in compliance with the License. A copy of the 5 | // License is located at 6 | // 7 | // http://aws.amazon.com/apache2.0/ 8 | // 9 | // or in the "license" file accompanying this file. This file is distributed 10 | // on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 11 | // express or implied. See the License for the specific language governing 12 | // permissions and limitations under the License. 13 | 14 | // Code generated by ack-generate. DO NOT EDIT. 15 | 16 | package route_table 17 | 18 | import ( 19 | "bytes" 20 | "reflect" 21 | 22 | ackcompare "github.com/aws-controllers-k8s/runtime/pkg/compare" 23 | acktags "github.com/aws-controllers-k8s/runtime/pkg/tags" 24 | ) 25 | 26 | // Hack to avoid import errors during build... 27 | var ( 28 | _ = &bytes.Buffer{} 29 | _ = &reflect.Method{} 30 | _ = &acktags.Tags{} 31 | ) 32 | 33 | // newResourceDelta returns a new `ackcompare.Delta` used to compare two 34 | // resources 35 | func newResourceDelta( 36 | a *resource, 37 | b *resource, 38 | ) *ackcompare.Delta { 39 | delta := ackcompare.NewDelta() 40 | if (a == nil && b != nil) || 41 | (a != nil && b == nil) { 42 | delta.Add("", a, b) 43 | return delta 44 | } 45 | customPreCompare(delta, a, b) 46 | 47 | desiredACKTags, _ := convertToOrderedACKTags(a.ko.Spec.Tags) 48 | latestACKTags, _ := convertToOrderedACKTags(b.ko.Spec.Tags) 49 | if !ackcompare.MapStringStringEqual(desiredACKTags, latestACKTags) { 50 | delta.Add("Spec.Tags", a.ko.Spec.Tags, b.ko.Spec.Tags) 51 | } 52 | if ackcompare.HasNilDifference(a.ko.Spec.VPCID, b.ko.Spec.VPCID) { 53 | delta.Add("Spec.VPCID", a.ko.Spec.VPCID, b.ko.Spec.VPCID) 54 | } else if a.ko.Spec.VPCID != nil && b.ko.Spec.VPCID != nil { 55 | if *a.ko.Spec.VPCID != *b.ko.Spec.VPCID { 56 | delta.Add("Spec.VPCID", a.ko.Spec.VPCID, b.ko.Spec.VPCID) 57 | } 58 | } 59 | if !reflect.DeepEqual(a.ko.Spec.VPCRef, b.ko.Spec.VPCRef) { 60 | delta.Add("Spec.VPCRef", a.ko.Spec.VPCRef, b.ko.Spec.VPCRef) 61 | } 62 | 63 | return delta 64 | } 65 | -------------------------------------------------------------------------------- /pkg/resource/route_table/identifiers.go: -------------------------------------------------------------------------------- 1 | // Copyright Amazon.com Inc. or its affiliates. All Rights Reserved. 2 | // 3 | // Licensed under the Apache License, Version 2.0 (the "License"). You may 4 | // not use this file except in compliance with the License. A copy of the 5 | // License is located at 6 | // 7 | // http://aws.amazon.com/apache2.0/ 8 | // 9 | // or in the "license" file accompanying this file. This file is distributed 10 | // on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 11 | // express or implied. See the License for the specific language governing 12 | // permissions and limitations under the License. 13 | 14 | // Code generated by ack-generate. DO NOT EDIT. 15 | 16 | package route_table 17 | 18 | import ( 19 | ackv1alpha1 "github.com/aws-controllers-k8s/runtime/apis/core/v1alpha1" 20 | ) 21 | 22 | // resourceIdentifiers implements the 23 | // `aws-service-operator-k8s/pkg/types.AWSResourceIdentifiers` interface 24 | type resourceIdentifiers struct { 25 | meta *ackv1alpha1.ResourceMetadata 26 | } 27 | 28 | // ARN returns the AWS Resource Name for the backend AWS resource. If nil, 29 | // this means the resource has not yet been created in the backend AWS 30 | // service. 31 | func (ri *resourceIdentifiers) ARN() *ackv1alpha1.AWSResourceName { 32 | if ri.meta != nil { 33 | return ri.meta.ARN 34 | } 35 | return nil 36 | } 37 | 38 | // OwnerAccountID returns the AWS account identifier in which the 39 | // backend AWS resource resides, or nil if this information is not known 40 | // for the resource 41 | func (ri *resourceIdentifiers) OwnerAccountID() *ackv1alpha1.AWSAccountID { 42 | if ri.meta != nil { 43 | return ri.meta.OwnerAccountID 44 | } 45 | return nil 46 | } 47 | 48 | // Region returns the AWS region in which the resource exists, or 49 | // nil if this information is not known. 50 | func (ri *resourceIdentifiers) Region() *ackv1alpha1.AWSRegion { 51 | if ri.meta != nil { 52 | return ri.meta.Region 53 | } 54 | return nil 55 | } 56 | -------------------------------------------------------------------------------- /pkg/resource/security_group/identifiers.go: -------------------------------------------------------------------------------- 1 | // Copyright Amazon.com Inc. or its affiliates. All Rights Reserved. 2 | // 3 | // Licensed under the Apache License, Version 2.0 (the "License"). You may 4 | // not use this file except in compliance with the License. A copy of the 5 | // License is located at 6 | // 7 | // http://aws.amazon.com/apache2.0/ 8 | // 9 | // or in the "license" file accompanying this file. This file is distributed 10 | // on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 11 | // express or implied. See the License for the specific language governing 12 | // permissions and limitations under the License. 13 | 14 | // Code generated by ack-generate. DO NOT EDIT. 15 | 16 | package security_group 17 | 18 | import ( 19 | ackv1alpha1 "github.com/aws-controllers-k8s/runtime/apis/core/v1alpha1" 20 | ) 21 | 22 | // resourceIdentifiers implements the 23 | // `aws-service-operator-k8s/pkg/types.AWSResourceIdentifiers` interface 24 | type resourceIdentifiers struct { 25 | meta *ackv1alpha1.ResourceMetadata 26 | } 27 | 28 | // ARN returns the AWS Resource Name for the backend AWS resource. If nil, 29 | // this means the resource has not yet been created in the backend AWS 30 | // service. 31 | func (ri *resourceIdentifiers) ARN() *ackv1alpha1.AWSResourceName { 32 | if ri.meta != nil { 33 | return ri.meta.ARN 34 | } 35 | return nil 36 | } 37 | 38 | // OwnerAccountID returns the AWS account identifier in which the 39 | // backend AWS resource resides, or nil if this information is not known 40 | // for the resource 41 | func (ri *resourceIdentifiers) OwnerAccountID() *ackv1alpha1.AWSAccountID { 42 | if ri.meta != nil { 43 | return ri.meta.OwnerAccountID 44 | } 45 | return nil 46 | } 47 | 48 | // Region returns the AWS region in which the resource exists, or 49 | // nil if this information is not known. 50 | func (ri *resourceIdentifiers) Region() *ackv1alpha1.AWSRegion { 51 | if ri.meta != nil { 52 | return ri.meta.Region 53 | } 54 | return nil 55 | } 56 | -------------------------------------------------------------------------------- /pkg/resource/subnet/identifiers.go: -------------------------------------------------------------------------------- 1 | // Copyright Amazon.com Inc. or its affiliates. All Rights Reserved. 2 | // 3 | // Licensed under the Apache License, Version 2.0 (the "License"). You may 4 | // not use this file except in compliance with the License. A copy of the 5 | // License is located at 6 | // 7 | // http://aws.amazon.com/apache2.0/ 8 | // 9 | // or in the "license" file accompanying this file. This file is distributed 10 | // on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 11 | // express or implied. See the License for the specific language governing 12 | // permissions and limitations under the License. 13 | 14 | // Code generated by ack-generate. DO NOT EDIT. 15 | 16 | package subnet 17 | 18 | import ( 19 | ackv1alpha1 "github.com/aws-controllers-k8s/runtime/apis/core/v1alpha1" 20 | ) 21 | 22 | // resourceIdentifiers implements the 23 | // `aws-service-operator-k8s/pkg/types.AWSResourceIdentifiers` interface 24 | type resourceIdentifiers struct { 25 | meta *ackv1alpha1.ResourceMetadata 26 | } 27 | 28 | // ARN returns the AWS Resource Name for the backend AWS resource. If nil, 29 | // this means the resource has not yet been created in the backend AWS 30 | // service. 31 | func (ri *resourceIdentifiers) ARN() *ackv1alpha1.AWSResourceName { 32 | if ri.meta != nil { 33 | return ri.meta.ARN 34 | } 35 | return nil 36 | } 37 | 38 | // OwnerAccountID returns the AWS account identifier in which the 39 | // backend AWS resource resides, or nil if this information is not known 40 | // for the resource 41 | func (ri *resourceIdentifiers) OwnerAccountID() *ackv1alpha1.AWSAccountID { 42 | if ri.meta != nil { 43 | return ri.meta.OwnerAccountID 44 | } 45 | return nil 46 | } 47 | 48 | // Region returns the AWS region in which the resource exists, or 49 | // nil if this information is not known. 50 | func (ri *resourceIdentifiers) Region() *ackv1alpha1.AWSRegion { 51 | if ri.meta != nil { 52 | return ri.meta.Region 53 | } 54 | return nil 55 | } 56 | -------------------------------------------------------------------------------- /pkg/resource/transit_gateway/hooks.go: -------------------------------------------------------------------------------- 1 | // Copyright Amazon.com Inc. or its affiliates. All Rights Reserved. 2 | // 3 | // Licensed under the Apache License, Version 2.0 (the "License"). You may 4 | // not use this file except in compliance with the License. A copy of the 5 | // License is located at 6 | // 7 | // http://aws.amazon.com/apache2.0/ 8 | // 9 | // or in the "license" file accompanying this file. This file is distributed 10 | // on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 11 | // express or implied. See the License for the specific language governing 12 | // permissions and limitations under the License. 13 | 14 | package transit_gateway 15 | 16 | import ( 17 | "context" 18 | 19 | ackcompare "github.com/aws-controllers-k8s/runtime/pkg/compare" 20 | ackrtlog "github.com/aws-controllers-k8s/runtime/pkg/runtime/log" 21 | svcsdk "github.com/aws/aws-sdk-go-v2/service/ec2" 22 | svcsdktypes "github.com/aws/aws-sdk-go-v2/service/ec2/types" 23 | 24 | "github.com/aws-controllers-k8s/ec2-controller/pkg/tags" 25 | ) 26 | 27 | func isResourceDeleted(r *resource) bool { 28 | if r.ko.Status.State == nil { 29 | return true 30 | } 31 | status := *r.ko.Status.State 32 | return status == string(svcsdktypes.TransitGatewayStateDeleted) 33 | } 34 | 35 | func isResourcePending(r *resource) bool { 36 | if r.ko.Status.State == nil { 37 | return false 38 | } 39 | status := *r.ko.Status.State 40 | return status == string(svcsdktypes.TransitGatewayStatePending) 41 | } 42 | 43 | func (rm *resourceManager) customUpdateTransitGateway( 44 | ctx context.Context, 45 | desired *resource, 46 | latest *resource, 47 | delta *ackcompare.Delta, 48 | ) (updated *resource, err error) { 49 | rlog := ackrtlog.FromContext(ctx) 50 | exit := rlog.Trace("rm.customUpdateTransitGateway") 51 | defer exit(err) 52 | 53 | // Default `updated` to `desired` because it is likely 54 | // EC2 `modify` APIs do NOT return output, only errors. 55 | // If the `modify` calls (i.e. `sync`) do NOT return 56 | // an error, then the update was successful and desired.Spec 57 | // (now updated.Spec) reflects the latest resource state. 58 | updated = rm.concreteResource(desired.DeepCopy()) 59 | 60 | if delta.DifferentAt("Spec.Tags") { 61 | if err := tags.Sync( 62 | ctx, rm.sdkapi, rm.metrics, *latest.ko.Status.TransitGatewayID, 63 | desired.ko.Spec.Tags, latest.ko.Spec.Tags, 64 | ); err != nil { 65 | return nil, err 66 | } 67 | } 68 | 69 | return updated, nil 70 | } 71 | 72 | // updateTagSpecificationsInCreateRequest adds 73 | // Tags defined in the Spec to CreateTransitGatewayInput.TagSpecification 74 | // and ensures the ResourceType is always set to 'transit-gateway' 75 | func updateTagSpecificationsInCreateRequest(r *resource, 76 | input *svcsdk.CreateTransitGatewayInput) { 77 | input.TagSpecifications = nil 78 | desiredTagSpecs := svcsdktypes.TagSpecification{} 79 | if r.ko.Spec.Tags != nil { 80 | requestedTags := []svcsdktypes.Tag{} 81 | for _, desiredTag := range r.ko.Spec.Tags { 82 | // Add in tags defined in the Spec 83 | tag := svcsdktypes.Tag{} 84 | if desiredTag.Key != nil && desiredTag.Value != nil { 85 | tag.Key = desiredTag.Key 86 | tag.Value = desiredTag.Value 87 | } 88 | requestedTags = append(requestedTags, tag) 89 | } 90 | desiredTagSpecs.ResourceType = "transit-gateway" 91 | desiredTagSpecs.Tags = requestedTags 92 | input.TagSpecifications = []svcsdktypes.TagSpecification{desiredTagSpecs} 93 | } 94 | } 95 | -------------------------------------------------------------------------------- /pkg/resource/transit_gateway/identifiers.go: -------------------------------------------------------------------------------- 1 | // Copyright Amazon.com Inc. or its affiliates. All Rights Reserved. 2 | // 3 | // Licensed under the Apache License, Version 2.0 (the "License"). You may 4 | // not use this file except in compliance with the License. A copy of the 5 | // License is located at 6 | // 7 | // http://aws.amazon.com/apache2.0/ 8 | // 9 | // or in the "license" file accompanying this file. This file is distributed 10 | // on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 11 | // express or implied. See the License for the specific language governing 12 | // permissions and limitations under the License. 13 | 14 | // Code generated by ack-generate. DO NOT EDIT. 15 | 16 | package transit_gateway 17 | 18 | import ( 19 | ackv1alpha1 "github.com/aws-controllers-k8s/runtime/apis/core/v1alpha1" 20 | ) 21 | 22 | // resourceIdentifiers implements the 23 | // `aws-service-operator-k8s/pkg/types.AWSResourceIdentifiers` interface 24 | type resourceIdentifiers struct { 25 | meta *ackv1alpha1.ResourceMetadata 26 | } 27 | 28 | // ARN returns the AWS Resource Name for the backend AWS resource. If nil, 29 | // this means the resource has not yet been created in the backend AWS 30 | // service. 31 | func (ri *resourceIdentifiers) ARN() *ackv1alpha1.AWSResourceName { 32 | if ri.meta != nil { 33 | return ri.meta.ARN 34 | } 35 | return nil 36 | } 37 | 38 | // OwnerAccountID returns the AWS account identifier in which the 39 | // backend AWS resource resides, or nil if this information is not known 40 | // for the resource 41 | func (ri *resourceIdentifiers) OwnerAccountID() *ackv1alpha1.AWSAccountID { 42 | if ri.meta != nil { 43 | return ri.meta.OwnerAccountID 44 | } 45 | return nil 46 | } 47 | 48 | // Region returns the AWS region in which the resource exists, or 49 | // nil if this information is not known. 50 | func (ri *resourceIdentifiers) Region() *ackv1alpha1.AWSRegion { 51 | if ri.meta != nil { 52 | return ri.meta.Region 53 | } 54 | return nil 55 | } 56 | -------------------------------------------------------------------------------- /pkg/resource/transit_gateway/references.go: -------------------------------------------------------------------------------- 1 | // Copyright Amazon.com Inc. or its affiliates. All Rights Reserved. 2 | // 3 | // Licensed under the Apache License, Version 2.0 (the "License"). You may 4 | // not use this file except in compliance with the License. A copy of the 5 | // License is located at 6 | // 7 | // http://aws.amazon.com/apache2.0/ 8 | // 9 | // or in the "license" file accompanying this file. This file is distributed 10 | // on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 11 | // express or implied. See the License for the specific language governing 12 | // permissions and limitations under the License. 13 | 14 | // Code generated by ack-generate. DO NOT EDIT. 15 | 16 | package transit_gateway 17 | 18 | import ( 19 | "context" 20 | 21 | "sigs.k8s.io/controller-runtime/pkg/client" 22 | 23 | acktypes "github.com/aws-controllers-k8s/runtime/pkg/types" 24 | 25 | svcapitypes "github.com/aws-controllers-k8s/ec2-controller/apis/v1alpha1" 26 | ) 27 | 28 | // ClearResolvedReferences removes any reference values that were made 29 | // concrete in the spec. It returns a copy of the input AWSResource which 30 | // contains the original *Ref values, but none of their respective concrete 31 | // values. 32 | func (rm *resourceManager) ClearResolvedReferences(res acktypes.AWSResource) acktypes.AWSResource { 33 | ko := rm.concreteResource(res).ko.DeepCopy() 34 | 35 | return &resource{ko} 36 | } 37 | 38 | // ResolveReferences finds if there are any Reference field(s) present 39 | // inside AWSResource passed in the parameter and attempts to resolve those 40 | // reference field(s) into their respective target field(s). It returns a 41 | // copy of the input AWSResource with resolved reference(s), a boolean which 42 | // is set to true if the resource contains any references (regardless of if 43 | // they are resolved successfully) and an error if the passed AWSResource's 44 | // reference field(s) could not be resolved. 45 | func (rm *resourceManager) ResolveReferences( 46 | ctx context.Context, 47 | apiReader client.Reader, 48 | res acktypes.AWSResource, 49 | ) (acktypes.AWSResource, bool, error) { 50 | return res, false, nil 51 | } 52 | 53 | // validateReferenceFields validates the reference field and corresponding 54 | // identifier field. 55 | func validateReferenceFields(ko *svcapitypes.TransitGateway) error { 56 | return nil 57 | } 58 | -------------------------------------------------------------------------------- /pkg/resource/transit_gateway_vpc_attachment/identifiers.go: -------------------------------------------------------------------------------- 1 | // Copyright Amazon.com Inc. or its affiliates. All Rights Reserved. 2 | // 3 | // Licensed under the Apache License, Version 2.0 (the "License"). You may 4 | // not use this file except in compliance with the License. A copy of the 5 | // License is located at 6 | // 7 | // http://aws.amazon.com/apache2.0/ 8 | // 9 | // or in the "license" file accompanying this file. This file is distributed 10 | // on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 11 | // express or implied. See the License for the specific language governing 12 | // permissions and limitations under the License. 13 | 14 | // Code generated by ack-generate. DO NOT EDIT. 15 | 16 | package transit_gateway_vpc_attachment 17 | 18 | import ( 19 | ackv1alpha1 "github.com/aws-controllers-k8s/runtime/apis/core/v1alpha1" 20 | ) 21 | 22 | // resourceIdentifiers implements the 23 | // `aws-service-operator-k8s/pkg/types.AWSResourceIdentifiers` interface 24 | type resourceIdentifiers struct { 25 | meta *ackv1alpha1.ResourceMetadata 26 | } 27 | 28 | // ARN returns the AWS Resource Name for the backend AWS resource. If nil, 29 | // this means the resource has not yet been created in the backend AWS 30 | // service. 31 | func (ri *resourceIdentifiers) ARN() *ackv1alpha1.AWSResourceName { 32 | if ri.meta != nil { 33 | return ri.meta.ARN 34 | } 35 | return nil 36 | } 37 | 38 | // OwnerAccountID returns the AWS account identifier in which the 39 | // backend AWS resource resides, or nil if this information is not known 40 | // for the resource 41 | func (ri *resourceIdentifiers) OwnerAccountID() *ackv1alpha1.AWSAccountID { 42 | if ri.meta != nil { 43 | return ri.meta.OwnerAccountID 44 | } 45 | return nil 46 | } 47 | 48 | // Region returns the AWS region in which the resource exists, or 49 | // nil if this information is not known. 50 | func (ri *resourceIdentifiers) Region() *ackv1alpha1.AWSRegion { 51 | if ri.meta != nil { 52 | return ri.meta.Region 53 | } 54 | return nil 55 | } 56 | -------------------------------------------------------------------------------- /pkg/resource/vpc/identifiers.go: -------------------------------------------------------------------------------- 1 | // Copyright Amazon.com Inc. or its affiliates. All Rights Reserved. 2 | // 3 | // Licensed under the Apache License, Version 2.0 (the "License"). You may 4 | // not use this file except in compliance with the License. A copy of the 5 | // License is located at 6 | // 7 | // http://aws.amazon.com/apache2.0/ 8 | // 9 | // or in the "license" file accompanying this file. This file is distributed 10 | // on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 11 | // express or implied. See the License for the specific language governing 12 | // permissions and limitations under the License. 13 | 14 | // Code generated by ack-generate. DO NOT EDIT. 15 | 16 | package vpc 17 | 18 | import ( 19 | ackv1alpha1 "github.com/aws-controllers-k8s/runtime/apis/core/v1alpha1" 20 | ) 21 | 22 | // resourceIdentifiers implements the 23 | // `aws-service-operator-k8s/pkg/types.AWSResourceIdentifiers` interface 24 | type resourceIdentifiers struct { 25 | meta *ackv1alpha1.ResourceMetadata 26 | } 27 | 28 | // ARN returns the AWS Resource Name for the backend AWS resource. If nil, 29 | // this means the resource has not yet been created in the backend AWS 30 | // service. 31 | func (ri *resourceIdentifiers) ARN() *ackv1alpha1.AWSResourceName { 32 | if ri.meta != nil { 33 | return ri.meta.ARN 34 | } 35 | return nil 36 | } 37 | 38 | // OwnerAccountID returns the AWS account identifier in which the 39 | // backend AWS resource resides, or nil if this information is not known 40 | // for the resource 41 | func (ri *resourceIdentifiers) OwnerAccountID() *ackv1alpha1.AWSAccountID { 42 | if ri.meta != nil { 43 | return ri.meta.OwnerAccountID 44 | } 45 | return nil 46 | } 47 | 48 | // Region returns the AWS region in which the resource exists, or 49 | // nil if this information is not known. 50 | func (ri *resourceIdentifiers) Region() *ackv1alpha1.AWSRegion { 51 | if ri.meta != nil { 52 | return ri.meta.Region 53 | } 54 | return nil 55 | } 56 | -------------------------------------------------------------------------------- /pkg/resource/vpc/references.go: -------------------------------------------------------------------------------- 1 | // Copyright Amazon.com Inc. or its affiliates. All Rights Reserved. 2 | // 3 | // Licensed under the Apache License, Version 2.0 (the "License"). You may 4 | // not use this file except in compliance with the License. A copy of the 5 | // License is located at 6 | // 7 | // http://aws.amazon.com/apache2.0/ 8 | // 9 | // or in the "license" file accompanying this file. This file is distributed 10 | // on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 11 | // express or implied. See the License for the specific language governing 12 | // permissions and limitations under the License. 13 | 14 | // Code generated by ack-generate. DO NOT EDIT. 15 | 16 | package vpc 17 | 18 | import ( 19 | "context" 20 | 21 | "sigs.k8s.io/controller-runtime/pkg/client" 22 | 23 | acktypes "github.com/aws-controllers-k8s/runtime/pkg/types" 24 | 25 | svcapitypes "github.com/aws-controllers-k8s/ec2-controller/apis/v1alpha1" 26 | ) 27 | 28 | // ClearResolvedReferences removes any reference values that were made 29 | // concrete in the spec. It returns a copy of the input AWSResource which 30 | // contains the original *Ref values, but none of their respective concrete 31 | // values. 32 | func (rm *resourceManager) ClearResolvedReferences(res acktypes.AWSResource) acktypes.AWSResource { 33 | ko := rm.concreteResource(res).ko.DeepCopy() 34 | 35 | return &resource{ko} 36 | } 37 | 38 | // ResolveReferences finds if there are any Reference field(s) present 39 | // inside AWSResource passed in the parameter and attempts to resolve those 40 | // reference field(s) into their respective target field(s). It returns a 41 | // copy of the input AWSResource with resolved reference(s), a boolean which 42 | // is set to true if the resource contains any references (regardless of if 43 | // they are resolved successfully) and an error if the passed AWSResource's 44 | // reference field(s) could not be resolved. 45 | func (rm *resourceManager) ResolveReferences( 46 | ctx context.Context, 47 | apiReader client.Reader, 48 | res acktypes.AWSResource, 49 | ) (acktypes.AWSResource, bool, error) { 50 | return res, false, nil 51 | } 52 | 53 | // validateReferenceFields validates the reference field and corresponding 54 | // identifier field. 55 | func validateReferenceFields(ko *svcapitypes.VPC) error { 56 | return nil 57 | } 58 | -------------------------------------------------------------------------------- /pkg/resource/vpc_endpoint/identifiers.go: -------------------------------------------------------------------------------- 1 | // Copyright Amazon.com Inc. or its affiliates. All Rights Reserved. 2 | // 3 | // Licensed under the Apache License, Version 2.0 (the "License"). You may 4 | // not use this file except in compliance with the License. A copy of the 5 | // License is located at 6 | // 7 | // http://aws.amazon.com/apache2.0/ 8 | // 9 | // or in the "license" file accompanying this file. This file is distributed 10 | // on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 11 | // express or implied. See the License for the specific language governing 12 | // permissions and limitations under the License. 13 | 14 | // Code generated by ack-generate. DO NOT EDIT. 15 | 16 | package vpc_endpoint 17 | 18 | import ( 19 | ackv1alpha1 "github.com/aws-controllers-k8s/runtime/apis/core/v1alpha1" 20 | ) 21 | 22 | // resourceIdentifiers implements the 23 | // `aws-service-operator-k8s/pkg/types.AWSResourceIdentifiers` interface 24 | type resourceIdentifiers struct { 25 | meta *ackv1alpha1.ResourceMetadata 26 | } 27 | 28 | // ARN returns the AWS Resource Name for the backend AWS resource. If nil, 29 | // this means the resource has not yet been created in the backend AWS 30 | // service. 31 | func (ri *resourceIdentifiers) ARN() *ackv1alpha1.AWSResourceName { 32 | if ri.meta != nil { 33 | return ri.meta.ARN 34 | } 35 | return nil 36 | } 37 | 38 | // OwnerAccountID returns the AWS account identifier in which the 39 | // backend AWS resource resides, or nil if this information is not known 40 | // for the resource 41 | func (ri *resourceIdentifiers) OwnerAccountID() *ackv1alpha1.AWSAccountID { 42 | if ri.meta != nil { 43 | return ri.meta.OwnerAccountID 44 | } 45 | return nil 46 | } 47 | 48 | // Region returns the AWS region in which the resource exists, or 49 | // nil if this information is not known. 50 | func (ri *resourceIdentifiers) Region() *ackv1alpha1.AWSRegion { 51 | if ri.meta != nil { 52 | return ri.meta.Region 53 | } 54 | return nil 55 | } 56 | -------------------------------------------------------------------------------- /pkg/resource/vpc_endpoint_service_configuration/identifiers.go: -------------------------------------------------------------------------------- 1 | // Copyright Amazon.com Inc. or its affiliates. All Rights Reserved. 2 | // 3 | // Licensed under the Apache License, Version 2.0 (the "License"). You may 4 | // not use this file except in compliance with the License. A copy of the 5 | // License is located at 6 | // 7 | // http://aws.amazon.com/apache2.0/ 8 | // 9 | // or in the "license" file accompanying this file. This file is distributed 10 | // on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 11 | // express or implied. See the License for the specific language governing 12 | // permissions and limitations under the License. 13 | 14 | // Code generated by ack-generate. DO NOT EDIT. 15 | 16 | package vpc_endpoint_service_configuration 17 | 18 | import ( 19 | ackv1alpha1 "github.com/aws-controllers-k8s/runtime/apis/core/v1alpha1" 20 | ) 21 | 22 | // resourceIdentifiers implements the 23 | // `aws-service-operator-k8s/pkg/types.AWSResourceIdentifiers` interface 24 | type resourceIdentifiers struct { 25 | meta *ackv1alpha1.ResourceMetadata 26 | } 27 | 28 | // ARN returns the AWS Resource Name for the backend AWS resource. If nil, 29 | // this means the resource has not yet been created in the backend AWS 30 | // service. 31 | func (ri *resourceIdentifiers) ARN() *ackv1alpha1.AWSResourceName { 32 | if ri.meta != nil { 33 | return ri.meta.ARN 34 | } 35 | return nil 36 | } 37 | 38 | // OwnerAccountID returns the AWS account identifier in which the 39 | // backend AWS resource resides, or nil if this information is not known 40 | // for the resource 41 | func (ri *resourceIdentifiers) OwnerAccountID() *ackv1alpha1.AWSAccountID { 42 | if ri.meta != nil { 43 | return ri.meta.OwnerAccountID 44 | } 45 | return nil 46 | } 47 | 48 | // Region returns the AWS region in which the resource exists, or 49 | // nil if this information is not known. 50 | func (ri *resourceIdentifiers) Region() *ackv1alpha1.AWSRegion { 51 | if ri.meta != nil { 52 | return ri.meta.Region 53 | } 54 | return nil 55 | } 56 | -------------------------------------------------------------------------------- /pkg/resource/vpc_endpoint_service_configuration/references.go: -------------------------------------------------------------------------------- 1 | // Copyright Amazon.com Inc. or its affiliates. All Rights Reserved. 2 | // 3 | // Licensed under the Apache License, Version 2.0 (the "License"). You may 4 | // not use this file except in compliance with the License. A copy of the 5 | // License is located at 6 | // 7 | // http://aws.amazon.com/apache2.0/ 8 | // 9 | // or in the "license" file accompanying this file. This file is distributed 10 | // on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 11 | // express or implied. See the License for the specific language governing 12 | // permissions and limitations under the License. 13 | 14 | // Code generated by ack-generate. DO NOT EDIT. 15 | 16 | package vpc_endpoint_service_configuration 17 | 18 | import ( 19 | "context" 20 | 21 | "sigs.k8s.io/controller-runtime/pkg/client" 22 | 23 | acktypes "github.com/aws-controllers-k8s/runtime/pkg/types" 24 | 25 | svcapitypes "github.com/aws-controllers-k8s/ec2-controller/apis/v1alpha1" 26 | ) 27 | 28 | // ClearResolvedReferences removes any reference values that were made 29 | // concrete in the spec. It returns a copy of the input AWSResource which 30 | // contains the original *Ref values, but none of their respective concrete 31 | // values. 32 | func (rm *resourceManager) ClearResolvedReferences(res acktypes.AWSResource) acktypes.AWSResource { 33 | ko := rm.concreteResource(res).ko.DeepCopy() 34 | 35 | return &resource{ko} 36 | } 37 | 38 | // ResolveReferences finds if there are any Reference field(s) present 39 | // inside AWSResource passed in the parameter and attempts to resolve those 40 | // reference field(s) into their respective target field(s). It returns a 41 | // copy of the input AWSResource with resolved reference(s), a boolean which 42 | // is set to true if the resource contains any references (regardless of if 43 | // they are resolved successfully) and an error if the passed AWSResource's 44 | // reference field(s) could not be resolved. 45 | func (rm *resourceManager) ResolveReferences( 46 | ctx context.Context, 47 | apiReader client.Reader, 48 | res acktypes.AWSResource, 49 | ) (acktypes.AWSResource, bool, error) { 50 | return res, false, nil 51 | } 52 | 53 | // validateReferenceFields validates the reference field and corresponding 54 | // identifier field. 55 | func validateReferenceFields(ko *svcapitypes.VPCEndpointServiceConfiguration) error { 56 | return nil 57 | } 58 | -------------------------------------------------------------------------------- /pkg/resource/vpc_peering_connection/identifiers.go: -------------------------------------------------------------------------------- 1 | // Copyright Amazon.com Inc. or its affiliates. All Rights Reserved. 2 | // 3 | // Licensed under the Apache License, Version 2.0 (the "License"). You may 4 | // not use this file except in compliance with the License. A copy of the 5 | // License is located at 6 | // 7 | // http://aws.amazon.com/apache2.0/ 8 | // 9 | // or in the "license" file accompanying this file. This file is distributed 10 | // on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 11 | // express or implied. See the License for the specific language governing 12 | // permissions and limitations under the License. 13 | 14 | // Code generated by ack-generate. DO NOT EDIT. 15 | 16 | package vpc_peering_connection 17 | 18 | import ( 19 | ackv1alpha1 "github.com/aws-controllers-k8s/runtime/apis/core/v1alpha1" 20 | ) 21 | 22 | // resourceIdentifiers implements the 23 | // `aws-service-operator-k8s/pkg/types.AWSResourceIdentifiers` interface 24 | type resourceIdentifiers struct { 25 | meta *ackv1alpha1.ResourceMetadata 26 | } 27 | 28 | // ARN returns the AWS Resource Name for the backend AWS resource. If nil, 29 | // this means the resource has not yet been created in the backend AWS 30 | // service. 31 | func (ri *resourceIdentifiers) ARN() *ackv1alpha1.AWSResourceName { 32 | if ri.meta != nil { 33 | return ri.meta.ARN 34 | } 35 | return nil 36 | } 37 | 38 | // OwnerAccountID returns the AWS account identifier in which the 39 | // backend AWS resource resides, or nil if this information is not known 40 | // for the resource 41 | func (ri *resourceIdentifiers) OwnerAccountID() *ackv1alpha1.AWSAccountID { 42 | if ri.meta != nil { 43 | return ri.meta.OwnerAccountID 44 | } 45 | return nil 46 | } 47 | 48 | // Region returns the AWS region in which the resource exists, or 49 | // nil if this information is not known. 50 | func (ri *resourceIdentifiers) Region() *ackv1alpha1.AWSRegion { 51 | if ri.meta != nil { 52 | return ri.meta.Region 53 | } 54 | return nil 55 | } 56 | -------------------------------------------------------------------------------- /pkg/version/version.go: -------------------------------------------------------------------------------- 1 | // Copyright Amazon.com Inc. or its affiliates. All Rights Reserved. 2 | // 3 | // Licensed under the Apache License, Version 2.0 (the "License"). You may 4 | // not use this file except in compliance with the License. A copy of the 5 | // License is located at 6 | // 7 | // http://aws.amazon.com/apache2.0/ 8 | // 9 | // or in the "license" file accompanying this file. This file is distributed 10 | // on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 11 | // express or implied. See the License for the specific language governing 12 | // permissions and limitations under the License. 13 | 14 | // Code generated by ack-generate. DO NOT EDIT. 15 | 16 | package version 17 | 18 | var ( 19 | GitVersion string 20 | GitCommit string 21 | BuildDate string 22 | ) 23 | -------------------------------------------------------------------------------- /templates/hooks/capacity_reservation/sdk_create_post_build_request.go.tpl: -------------------------------------------------------------------------------- 1 | updateTagSpecificationsInCreateRequest(desired, input) 2 | -------------------------------------------------------------------------------- /templates/hooks/capacity_reservation/sdk_update_post_set_output.go.tpl: -------------------------------------------------------------------------------- 1 | 2 | // Explicitly call sdkFind to fetch the latest resource state 3 | latestCopy, err := rm.sdkFind(ctx, desired) 4 | if err != nil { 5 | return nil, err 6 | } 7 | 8 | ko.Status.AvailableInstanceCount = latestCopy.ko.Status.AvailableInstanceCount 9 | ko.Status.TotalInstanceCount = latestCopy.ko.Status.TotalInstanceCount 10 | ko.Status.State = latestCopy.ko.Status.State 11 | -------------------------------------------------------------------------------- /templates/hooks/capacity_reservation/sdk_update_pre_build_request.go.tpl: -------------------------------------------------------------------------------- 1 | 2 | if delta.DifferentAt("Spec.Tags") { 3 | if err := syncTags( 4 | ctx, rm.sdkapi, rm.metrics, *latest.ko.Status.CapacityReservationID, 5 | desired.ko.Spec.Tags, latest.ko.Spec.Tags, 6 | ); err != nil { 7 | return nil, err 8 | } 9 | } 10 | 11 | // Only continue if something other than Tags has changed in the Spec 12 | if !delta.DifferentExcept("Spec.Tags") { 13 | return desired, nil 14 | } 15 | -------------------------------------------------------------------------------- /templates/hooks/dhcp_options/sdk_create_post_build_request.go.tpl: -------------------------------------------------------------------------------- 1 | updateTagSpecificationsInCreateRequest(desired, input) -------------------------------------------------------------------------------- /templates/hooks/dhcp_options/sdk_create_post_set_output.go.tpl: -------------------------------------------------------------------------------- 1 | if ko.Spec.VPC != nil { 2 | if err = rm.syncVPCs(ctx, &resource{ko},nil); err != nil { 3 | return nil, err 4 | } 5 | } -------------------------------------------------------------------------------- /templates/hooks/dhcp_options/sdk_delete_pre_build_request.go.tpl: -------------------------------------------------------------------------------- 1 | if r.ko.Spec.VPC != nil && r.ko.Status.DHCPOptionsID != nil { 2 | desired := rm.concreteResource(r.DeepCopy()) 3 | desired.ko.Spec.VPC = nil 4 | if err = rm.syncVPCs(ctx, desired,r); err != nil { 5 | return nil, err 6 | } 7 | } -------------------------------------------------------------------------------- /templates/hooks/dhcp_options/sdk_file_end.go.tpl: -------------------------------------------------------------------------------- 1 | {{ $CRD := .CRD }} 2 | {{ $SDKAPI := .SDKAPI }} 3 | 4 | {{/* Generate helper methods for DhcpOptions */}} 5 | {{- range $specFieldName, $specField := $CRD.Config.Resources.DhcpOptions.Fields }} 6 | {{- if $specField.From }} 7 | {{- $operationName := $specField.From.Operation }} 8 | {{- $operation := (index $SDKAPI.API.Operations $operationName) -}} 9 | {{- range $dhcpOptionsRefName, $dhcpOptionsMemberRefs := $operation.InputRef.Shape.MemberRefs -}} 10 | {{- if eq $dhcpOptionsRefName "Tags" }} 11 | {{- $dhcpOptionsRef := $dhcpOptionsMemberRefs.Shape.MemberRef }} 12 | {{- $dhcpOptionsRefName = "Tag" }} 13 | func (rm *resourceManager) new{{ $dhcpOptionsRefName }}( 14 | c svcapitypes.{{ $dhcpOptionsRefName }}, 15 | ) svcsdktypes.{{ $dhcpOptionsRefName }} { 16 | res := svcsdktypes.{{ $dhcpOptionsRefName }}{} 17 | {{ GoCodeSetSDKForStruct $CRD "" "res" $dhcpOptionsRef "" "c" 1 }} 18 | return res 19 | } 20 | {{- end }} 21 | {{- end }} 22 | {{- end }} 23 | {{- end }} -------------------------------------------------------------------------------- /templates/hooks/dhcp_options/sdk_read_many_post_set_output.go.tpl: -------------------------------------------------------------------------------- 1 | ko.Spec.VPC, err = rm.getAttachedVPC(ctx, &resource{ko}) 2 | if err != nil { 3 | return nil, err 4 | } -------------------------------------------------------------------------------- /templates/hooks/elastic_ip_address/sdk_create_post_build_request.go.tpl: -------------------------------------------------------------------------------- 1 | updateTagSpecificationsInCreateRequest(desired, input) 2 | // EC2-VPC only supports setting Domain to "vpc" 3 | input.Domain = svcsdktypes.DomainTypeVpc -------------------------------------------------------------------------------- /templates/hooks/elastic_ip_address/sdk_delete_post_build_request.go.tpl: -------------------------------------------------------------------------------- 1 | // PublicIP and AllocationID are two ways of identifying the same resource 2 | // depending on whether they are included as part of EC2-Classic or EC2-VPC, 3 | // respectively. As EC2-Classic is retired, we should attempt to use the 4 | // AllocationID field whenever possible. 5 | if input.PublicIp != nil && input.AllocationId != nil { 6 | input.PublicIp = nil 7 | } -------------------------------------------------------------------------------- /templates/hooks/elastic_ip_address/sdk_file_end.go.tpl: -------------------------------------------------------------------------------- 1 | {{ $CRD := .CRD }} 2 | {{ $SDKAPI := .SDKAPI }} 3 | 4 | {{/* Generate helper methods for ElasticIP */}} 5 | {{- range $specFieldName, $specField := $CRD.Config.Resources.ElasticIPAddress.Fields }} 6 | {{- if $specField.From }} 7 | {{- $operationName := $specField.From.Operation }} 8 | {{- $operation := (index $SDKAPI.API.Operations $operationName) -}} 9 | {{- range $eipRefName, $eipMemberRefs := $operation.InputRef.Shape.MemberRefs -}} 10 | {{- if eq $eipRefName "Tags" }} 11 | {{- $eipRef := $eipMemberRefs.Shape.MemberRef }} 12 | {{- $eipRefName = "Tag" }} 13 | func (rm *resourceManager) new{{ $eipRefName }}( 14 | c svcapitypes.{{ $eipRefName }}, 15 | ) *svcsdktypes.{{ $eipRefName }} { 16 | res := &svcsdktypes.{{ $eipRefName }}{} 17 | {{ GoCodeSetSDKForStruct $CRD "" "res" $eipRef "" "c" 1 }} 18 | return res 19 | } 20 | {{- end }} 21 | {{- end }} 22 | {{- end }} 23 | {{- end }} -------------------------------------------------------------------------------- /templates/hooks/elastic_ip_address/sdk_read_many_post_build_request.go.tpl: -------------------------------------------------------------------------------- 1 | if r.ko.Status.AllocationID != nil { 2 | input.AllocationIds = []string{*r.ko.Status.AllocationID} 3 | } else if r.ko.Status.PublicIP != nil { 4 | input.PublicIps = []string{*r.ko.Status.PublicIP} 5 | } -------------------------------------------------------------------------------- /templates/hooks/elastic_ip_address/sdk_read_many_pre_build_request.go.tpl: -------------------------------------------------------------------------------- 1 | if r.ko.Status.AllocationID == nil { 2 | return nil, ackerr.NotFound 3 | } -------------------------------------------------------------------------------- /templates/hooks/flow_log/post_populate_resource_from_annotation.go.tpl: -------------------------------------------------------------------------------- 1 | if resourceID, ok := fields["resourceID"]; ok { 2 | r.ko.Spec.ResourceID = &resourceID 3 | } else { 4 | return ackerrors.MissingNameIdentifier 5 | } 6 | 7 | if resourceType, ok := fields["resourceType"]; ok { 8 | r.ko.Spec.ResourceType = &resourceType 9 | } else { 10 | return ackerrors.MissingNameIdentifier 11 | } 12 | -------------------------------------------------------------------------------- /templates/hooks/flow_log/post_set_resource_identifiers.go.tpl: -------------------------------------------------------------------------------- 1 | if resourceID, ok := identifier.AdditionalKeys["resourceID"]; ok { 2 | r.ko.Spec.ResourceID = &resourceID 3 | } 4 | 5 | if resourceType, ok := identifier.AdditionalKeys["resourceType"]; ok { 6 | r.ko.Spec.ResourceType = &resourceType 7 | } 8 | -------------------------------------------------------------------------------- /templates/hooks/flow_log/sdk_create_post_build_request.go.tpl: -------------------------------------------------------------------------------- 1 | updateTagSpecificationsInCreateRequest(desired, input) 2 | input.ResourceIds = []string{*desired.ko.Spec.ResourceID} -------------------------------------------------------------------------------- /templates/hooks/flow_log/sdk_create_post_set_output.go.tpl: -------------------------------------------------------------------------------- 1 | if len(resp.FlowLogIds) > 0 && resp.FlowLogIds[0] != "" { 2 | ko.Status.FlowLogID = aws.String(resp.FlowLogIds[0]) 3 | } -------------------------------------------------------------------------------- /templates/hooks/flow_log/sdk_delete_post_build_request.go.tpl: -------------------------------------------------------------------------------- 1 | if r.ko.Status.FlowLogID == nil { 2 | return nil, ackerr.NotFound 3 | } 4 | input.FlowLogIds = []string{*r.ko.Status.FlowLogID} -------------------------------------------------------------------------------- /templates/hooks/flow_log/sdk_file_end.go.tpl: -------------------------------------------------------------------------------- 1 | {{ $CRD := .CRD }} 2 | {{ $SDKAPI := .SDKAPI }} 3 | 4 | {{/* Generate helper methods for Flow Log */}} 5 | {{- range $specFieldName, $specField := $CRD.Config.Resources.FlowLog.Fields }} 6 | {{- if $specField.From }} 7 | {{- $operationName := $specField.From.Operation }} 8 | {{- $operation := (index $SDKAPI.API.Operations $operationName) -}} 9 | {{- range $flowLogRefName, $flowLogMemberRefs := $operation.InputRef.Shape.MemberRefs -}} 10 | {{- if eq $flowLogRefName "Tags" }} 11 | {{- $flowLogRef := $flowLogMemberRefs.Shape.MemberRef }} 12 | {{- $flowLogRefName = "Tag" }} 13 | func (rm *resourceManager) new{{ $flowLogRefName }}( 14 | c svcapitypes.{{ $flowLogRefName }}, 15 | ) *svcsdktypes.{{ $flowLogRefName }} { 16 | res := &svcsdktypes.{{ $flowLogRefName }}{} 17 | {{ GoCodeSetSDKForStruct $CRD "" "res" $flowLogRef "" "c" 1 }} 18 | return res 19 | } 20 | {{- end }} 21 | {{- end }} 22 | {{- end }} 23 | {{- end }} -------------------------------------------------------------------------------- /templates/hooks/flow_log/sdk_read_many_post_build_request.go.tpl: -------------------------------------------------------------------------------- 1 | input.FlowLogIds = []string{*r.ko.Status.FlowLogID} -------------------------------------------------------------------------------- /templates/hooks/flow_log/sdk_read_many_pre_build_request.go.tpl: -------------------------------------------------------------------------------- 1 | if r.ko.Status.FlowLogID == nil { 2 | return nil, ackerr.NotFound 3 | } -------------------------------------------------------------------------------- /templates/hooks/instance/sdk_create_post_build_request.go.tpl: -------------------------------------------------------------------------------- 1 | updateTagSpecificationsInCreateRequest(desired, input) -------------------------------------------------------------------------------- /templates/hooks/instance/sdk_create_post_set_output.go.tpl: -------------------------------------------------------------------------------- 1 | toAdd, toDelete := computeTagsDelta(desired.ko.Spec.Tags, ko.Spec.Tags) 2 | if len(toAdd) == 0 && len(toDelete) == 0 { 3 | // if desired tags and response tags are equal, 4 | // then assign desired tags to maintain tag order 5 | ko.Spec.Tags = desired.ko.Spec.Tags 6 | } -------------------------------------------------------------------------------- /templates/hooks/instance/sdk_delete_post_build_request.go.tpl: -------------------------------------------------------------------------------- 1 | if err = addInstanceIDsToTerminateRequest(r, input); err != nil { 2 | return nil, ackerr.NotFound 3 | } -------------------------------------------------------------------------------- /templates/hooks/instance/sdk_file_end.go.tpl: -------------------------------------------------------------------------------- 1 | {{ $CRD := .CRD }} 2 | {{ $SDKAPI := .SDKAPI }} 3 | 4 | {{/* Generate helper methods for Instance */}} 5 | {{- range $specFieldName, $specField := $CRD.Config.Resources.Instance.Fields }} 6 | {{- if $specField.From }} 7 | {{- $operationName := $specField.From.Operation }} 8 | {{- $operation := (index $SDKAPI.API.Operations $operationName) -}} 9 | {{- range $instanceRefName, $instanceMemberRefs := $operation.InputRef.Shape.MemberRefs -}} 10 | {{- if eq $instanceRefName "Tags" }} 11 | {{- $instanceRef := $instanceMemberRefs.Shape.MemberRef }} 12 | {{- $instanceRefName = "Tag" }} 13 | func (rm *resourceManager) new{{ $instanceRefName }}( 14 | c svcapitypes.{{ $instanceRefName }}, 15 | ) *svcsdktypes.{{ $instanceRefName }} { 16 | res := &svcsdktypes.{{ $instanceRefName }}{} 17 | {{ GoCodeSetSDKForStruct $CRD "" "res" $instanceRef "" "c" 1 }} 18 | return res 19 | } 20 | {{- end }} 21 | {{- end }} 22 | {{- end }} 23 | {{- end }} -------------------------------------------------------------------------------- /templates/hooks/instance/sdk_read_many_post_set_output.go.tpl: -------------------------------------------------------------------------------- 1 | 2 | toAdd, toDelete := computeTagsDelta(r.ko.Spec.Tags, ko.Spec.Tags) 3 | if len(toAdd) == 0 && len(toDelete) == 0 { 4 | // if resource's initial tags and response tags are equal, 5 | // then assign resource's tags to maintain tag order 6 | ko.Spec.Tags = r.ko.Spec.Tags 7 | } 8 | 9 | -------------------------------------------------------------------------------- /templates/hooks/internet_gateway/sdk_create_post_build_request.go.tpl: -------------------------------------------------------------------------------- 1 | updateTagSpecificationsInCreateRequest(desired, input) -------------------------------------------------------------------------------- /templates/hooks/internet_gateway/sdk_create_post_set_output.go.tpl: -------------------------------------------------------------------------------- 1 | if ko.Spec.VPC != nil { 2 | if err = rm.attachToVPC(ctx, &resource{ko}); err != nil { 3 | return nil, err 4 | } 5 | } 6 | 7 | if err = rm.createRouteTableAssociations(ctx, &resource{ko}); err != nil { 8 | return nil, err 9 | } 10 | -------------------------------------------------------------------------------- /templates/hooks/internet_gateway/sdk_delete_pre_build_request.go.tpl: -------------------------------------------------------------------------------- 1 | if r.ko.Spec.VPC != nil && r.ko.Status.InternetGatewayID != nil { 2 | if err = rm.detachFromVPC(ctx, *r.ko.Spec.VPC, *r.ko.Status.InternetGatewayID); err != nil { 3 | return nil, err 4 | } 5 | } -------------------------------------------------------------------------------- /templates/hooks/internet_gateway/sdk_file_end.go.tpl: -------------------------------------------------------------------------------- 1 | {{ $CRD := .CRD }} 2 | {{ $SDKAPI := .SDKAPI }} 3 | 4 | {{/* Generate helper methods for Internet Gateway */}} 5 | {{- range $specFieldName, $specField := $CRD.Config.Resources.InternetGateway.Fields }} 6 | {{- if $specField.From }} 7 | {{- $operationName := $specField.From.Operation }} 8 | {{- $operation := (index $SDKAPI.API.Operations $operationName) -}} 9 | {{- range $igwRefName, $igwMemberRefs := $operation.InputRef.Shape.MemberRefs -}} 10 | {{- if eq $igwRefName "Tags" }} 11 | {{- $igwRef := $igwMemberRefs.Shape.MemberRef }} 12 | {{- $igwRefName = "Tag" }} 13 | func (rm *resourceManager) new{{ $igwRefName }}( 14 | c svcapitypes.{{ $igwRefName }}, 15 | ) *svcsdktypes.{{ $igwRefName }} { 16 | res := &svcsdktypes.{{ $igwRefName }}{} 17 | {{ GoCodeSetSDKForStruct $CRD "" "res" $igwRef "" "c" 1 }} 18 | return res 19 | } 20 | {{- end }} 21 | {{- end }} 22 | {{- end }} 23 | {{- end }} -------------------------------------------------------------------------------- /templates/hooks/internet_gateway/sdk_read_many_post_set_output.go.tpl: -------------------------------------------------------------------------------- 1 | vpcID, err := rm.getAttachedVPC(ctx, &resource{ko}) 2 | if err != nil { 3 | return nil, err 4 | } else { 5 | ko.Spec.VPC = vpcID 6 | } 7 | 8 | assocs, err := rm.getRouteTableAssociations(ctx, &resource{ko}) 9 | if err != nil { 10 | return nil, err 11 | } else { 12 | ko.Spec.RouteTables = make([]*string, len(assocs)) 13 | for i, assoc := range assocs { 14 | ko.Spec.RouteTables[i] = assoc.RouteTableId 15 | } 16 | } 17 | -------------------------------------------------------------------------------- /templates/hooks/launch_template/sdk_create_post_build_request.go.tpl: -------------------------------------------------------------------------------- 1 | updateTagSpecificationsInCreateRequest(desired, input) 2 | -------------------------------------------------------------------------------- /templates/hooks/launch_template/sdk_file_end.go.tpl: -------------------------------------------------------------------------------- 1 | {{ $CRD := .CRD }} 2 | {{ $SDKAPI := .SDKAPI }} 3 | 4 | {{- $launchtTemplateDataResponseRef := (index (index $SDKAPI.API.Shapes "LaunchTemplateVersion").MemberRefs "LaunchTemplateData") }} 5 | {{- $launchtTemplateDataResponseRefName := $launchtTemplateDataResponseRef.ShapeName }} 6 | 7 | {{- $launchtTemplateDataRequestRef := (index (index $SDKAPI.API.Shapes "CreateLaunchTemplateInput").MemberRefs "LaunchTemplateData") }} 8 | {{- $launchtTemplateDataRequestRefName := $launchtTemplateDataRequestRef.ShapeName }} 9 | 10 | // set{{ $launchtTemplateDataRequestRefName }} sets a resource {{ $launchtTemplateDataRequestRefName }} type 11 | // given the SDK type. 12 | func (rm *resourceManager) set{{ $launchtTemplateDataRequestRefName }}( 13 | resp *svcsdktypes.{{ $launchtTemplateDataResponseRefName }}, 14 | ) *svcapitypes.{{ $launchtTemplateDataRequestRefName }} { 15 | res := &svcapitypes.{{ $launchtTemplateDataRequestRefName }}{} 16 | 17 | {{ GoCodeSetResourceForStruct $CRD "Data" "res" $launchtTemplateDataRequestRef "resp" $launchtTemplateDataResponseRef 1 }} 18 | return res 19 | } 20 | -------------------------------------------------------------------------------- /templates/hooks/launch_template/sdk_read_many_post_set_output.go.tpl: -------------------------------------------------------------------------------- 1 | err = rm.setLatestLaunchTemplateAttributes(ctx, r, ko) 2 | if err != nil { 3 | return &resource{ko}, nil 4 | } 5 | -------------------------------------------------------------------------------- /templates/hooks/launch_template/sdk_update_pre_build_request.go.tpl: -------------------------------------------------------------------------------- 1 | if delta.DifferentAt("Spec.Tags") { 2 | if err := syncTags( 3 | ctx, rm.sdkapi, rm.metrics, *latest.ko.Status.ID, 4 | desired.ko.Spec.Tags, latest.ko.Spec.Tags, 5 | ); err != nil { 6 | return nil, err 7 | } 8 | } 9 | // We want to update the defaultVersion after we create the new 10 | // version if needed. 11 | // Wondering how this works? find out in https://go.dev/play/p/10QSDg2xbTB 12 | if delta.DifferentAt("Spec.DefaultVersion") { 13 | defer func() { 14 | err = rm.updateDefaultVersion(ctx, desired) 15 | }() 16 | } 17 | 18 | if !delta.DifferentExcept("Spec.Tags", "Spec.DefaultVersion") { 19 | return desired, nil 20 | } 21 | -------------------------------------------------------------------------------- /templates/hooks/nat_gateway/sdk_create_post_build_request.go.tpl: -------------------------------------------------------------------------------- 1 | updateTagSpecificationsInCreateRequest(desired, input) -------------------------------------------------------------------------------- /templates/hooks/nat_gateway/sdk_file_end.go.tpl: -------------------------------------------------------------------------------- 1 | {{ $CRD := .CRD }} 2 | {{ $SDKAPI := .SDKAPI }} 3 | 4 | {{/* Generate helper methods for NAT Gateway */}} 5 | {{- range $specFieldName, $specField := $CRD.Config.Resources.NatGateway.Fields }} 6 | {{- if $specField.From }} 7 | {{- $operationName := $specField.From.Operation }} 8 | {{- $operation := (index $SDKAPI.API.Operations $operationName) -}} 9 | {{- range $natGatewayRefName, $natGatewayMemberRefs := $operation.InputRef.Shape.MemberRefs -}} 10 | {{- if eq $natGatewayRefName "Tags" }} 11 | {{- $natGatewayRef := $natGatewayMemberRefs.Shape.MemberRef }} 12 | {{- $natGatewayRefName = "Tag" }} 13 | func (rm *resourceManager) new{{ $natGatewayRefName }}( 14 | c svcapitypes.{{ $natGatewayRefName }}, 15 | ) *svcsdktypes.{{ $natGatewayRefName }} { 16 | res := &svcsdktypes.{{ $natGatewayRefName }}{} 17 | {{ GoCodeSetSDKForStruct $CRD "" "res" $natGatewayRef "" "c" 1 }} 18 | return res 19 | } 20 | {{- end }} 21 | {{- end }} 22 | {{- end }} 23 | {{- end }} -------------------------------------------------------------------------------- /templates/hooks/nat_gateway/sdk_read_many_post_set_output.go.tpl: -------------------------------------------------------------------------------- 1 | if isResourceDeleted(&resource{ko}) { 2 | return nil, ackerr.NotFound 3 | } 4 | if isResourcePending(&resource{ko}) { 5 | return nil, ackrequeue.Needed(fmt.Errorf("resource is pending")) 6 | } 7 | -------------------------------------------------------------------------------- /templates/hooks/network_acl/sdk_create_post_build_request.go.tpl: -------------------------------------------------------------------------------- 1 | updateTagSpecificationsInCreateRequest(desired, input) -------------------------------------------------------------------------------- /templates/hooks/network_acl/sdk_create_post_set_output.go.tpl: -------------------------------------------------------------------------------- 1 | if rm.requiredFieldsMissingForCreateNetworkAcl(&resource{ko}) { 2 | return nil, ackerr.NotFound 3 | } 4 | 5 | if len(desired.ko.Spec.Associations) > 0 { 6 | ko.Spec.Associations = desired.ko.Spec.Associations 7 | copy := ko.DeepCopy() 8 | if err := rm.createAssociation(ctx, &resource{copy}); err != nil { 9 | rlog.Debug("Error while syncing Association", err) 10 | } 11 | } 12 | 13 | if len(desired.ko.Spec.Entries) > 0 { 14 | //desired rules are overwritten by NetworkACL's default rules 15 | ko.Spec.Entries = desired.ko.Spec.Entries 16 | copy := ko.DeepCopy() 17 | if err := rm.createEntries(ctx, &resource{copy}); err != nil { 18 | rlog.Debug("Error while syncing entries", err) 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /templates/hooks/network_acl/sdk_delete_pre_build_request.go.tpl: -------------------------------------------------------------------------------- 1 | 2 | if r.ko.Spec.Associations != nil { 3 | if err := rm.syncAssociation(ctx, nil, r); err != nil { 4 | return nil, err 5 | } 6 | } 7 | -------------------------------------------------------------------------------- /templates/hooks/network_acl/sdk_file_end.go.tpl: -------------------------------------------------------------------------------- 1 | {{ $CRD := .CRD }} 2 | {{ $SDKAPI := .SDKAPI }} 3 | 4 | {{ range $specFieldName, $specField := $CRD.Config.Resources.NetworkAcl.Fields -}} 5 | 6 | {{/* Entry is a CustomField */}} 7 | {{- if $specField.CustomField }} 8 | 9 | 10 | {{- $memberRefName := $specField.CustomField.ListOf }} 11 | 12 | 13 | {{- range $index, $customShape := $SDKAPI.CustomShapes }} 14 | 15 | {{- if (eq (Dereference $customShape.MemberShapeName) $memberRefName) }} 16 | 17 | 18 | {{- if eq $specFieldName "Entries" }} 19 | {{- $memberRef := $customShape.Shape.MemberRef }} 20 | {{ $memberRefName = "NetworkACLEntry" }} 21 | 22 | 23 | 24 | 25 | func compare{{$memberRefName}} ( 26 | a *svcapitypes.{{ $memberRefName }}, 27 | b *svcapitypes.{{ $memberRefName }}, 28 | ) *ackcompare.Delta { 29 | delta := ackcompare.NewDelta() 30 | {{ GoCodeCompareStruct $CRD $memberRef.Shape "delta" "a" "b" $memberRefName 1 }} 31 | return delta 32 | } 33 | 34 | {{/* Helper method for tag support */}} 35 | {{- range $specFieldName, $specField := $CRD.Config.Resources.RouteTable.Fields }} 36 | {{- if $specField.From }} 37 | {{- $operationName := $specField.From.Operation }} 38 | {{- $operation := (index $SDKAPI.API.Operations $operationName) -}} 39 | {{- range $rtRefName, $rtMemberRefs := $operation.InputRef.Shape.MemberRefs -}} 40 | {{- if eq $rtRefName "Tags" }} 41 | {{- $rtRef := $rtMemberRefs.Shape.MemberRef }} 42 | {{- $rtRefName = "Tag" }} 43 | 44 | func (rm *resourceManager) new{{ $rtRefName }}( 45 | c svcapitypes.{{ $rtRefName }}, 46 | ) *svcsdktypes.{{ $rtRefName }} { 47 | res := &svcsdktypes.{{ $rtRefName }}{} 48 | {{ GoCodeSetSDKForStruct $CRD "" "res" $rtRef "" "c" 1 }} 49 | return res 50 | } 51 | {{- end }} 52 | {{- end }} 53 | {{- end }} 54 | {{- end }} 55 | 56 | 57 | {{- end }} 58 | {{- end }} 59 | {{- end }} 60 | {{- end }} 61 | {{- end }} 62 | 63 | -------------------------------------------------------------------------------- /templates/hooks/route_table/sdk_create_post_build_request.go.tpl: -------------------------------------------------------------------------------- 1 | updateTagSpecificationsInCreateRequest(desired, input) -------------------------------------------------------------------------------- /templates/hooks/route_table/sdk_create_post_set_output.go.tpl: -------------------------------------------------------------------------------- 1 | rm.addRoutesToStatus(ko, *resp.RouteTable) 2 | 3 | if rm.requiredFieldsMissingForCreateRoute(&resource{ko}) { 4 | return nil, ackerr.NotFound 5 | } 6 | 7 | if len(desired.ko.Spec.Routes) > 0 { 8 | //desired routes are overwritten by RouteTable's default route 9 | ko.Spec.Routes = append(ko.Spec.Routes, desired.ko.Spec.Routes...) 10 | copy := ko.DeepCopy() 11 | if err := rm.createRoutes(ctx, &resource{copy}); err != nil { 12 | return nil, err 13 | } 14 | } 15 | 16 | toAdd, toDelete := computeTagsDelta(desired.ko.Spec.Tags, ko.Spec.Tags) 17 | if len(toAdd) == 0 && len(toDelete) == 0 { 18 | // if desired tags and response tags are equal, 19 | // then assign desired tags to maintain tag order 20 | ko.Spec.Tags = desired.ko.Spec.Tags 21 | } 22 | -------------------------------------------------------------------------------- /templates/hooks/route_table/sdk_file_end.go.tpl: -------------------------------------------------------------------------------- 1 | {{ $CRD := .CRD }} 2 | {{ $SDKAPI := .SDKAPI }} 3 | 4 | {{ range $specFieldName, $specField := $CRD.Config.Resources.RouteTable.Fields -}} 5 | 6 | {{/* Route is a CustomField */}} 7 | {{- if $specField.CustomField }} 8 | {{- $memberRefName := $specField.CustomField.ListOf }} 9 | {{- range $index, $customShape := $SDKAPI.CustomShapes }} 10 | {{- if (eq (Dereference $customShape.MemberShapeName) $memberRefName) }} 11 | 12 | {{- $memberRef := $customShape.Shape.MemberRef }} 13 | 14 | func compare{{$memberRefName}} ( 15 | a *svcapitypes.{{ $memberRefName }}, 16 | b *svcapitypes.{{ $memberRefName }}, 17 | ) *ackcompare.Delta { 18 | delta := ackcompare.NewDelta() 19 | {{ GoCodeCompareStruct $CRD $memberRef.Shape "delta" "a" "b" $memberRefName 1 }} 20 | return delta 21 | } 22 | 23 | func (rm *resourceManager) new{{ $memberRefName }}( 24 | c svcapitypes.{{ $memberRefName }}, 25 | ) *svcsdk.{{ $memberRefName }} { 26 | res := &svcsdk.{{ $memberRefName }}{} 27 | 28 | {{ GoCodeSetSDKForStruct $CRD "" "res" $memberRef "" "c" 1 }} 29 | 30 | return res 31 | } 32 | 33 | {{/* Helper method for tag support */}} 34 | {{- range $specFieldName, $specField := $CRD.Config.Resources.RouteTable.Fields }} 35 | {{- if $specField.From }} 36 | {{- $operationName := $specField.From.Operation }} 37 | {{- $operation := (index $SDKAPI.API.Operations $operationName) -}} 38 | {{- range $rtRefName, $rtMemberRefs := $operation.InputRef.Shape.MemberRefs -}} 39 | {{- if eq $rtRefName "Tags" }} 40 | {{- $rtRef := $rtMemberRefs.Shape.MemberRef }} 41 | {{- $rtRefName = "Tag" }} 42 | 43 | func (rm *resourceManager) new{{ $rtRefName }}( 44 | c svcapitypes.{{ $rtRefName }}, 45 | ) *svcsdktypes.{{ $rtRefName }} { 46 | res := &svcsdktypes.{{ $rtRefName }}{} 47 | {{ GoCodeSetSDKForStruct $CRD "" "res" $rtRef "" "c" 1 }} 48 | return res 49 | } 50 | 51 | {{- end }} 52 | 53 | {{- end }} 54 | {{- end }} 55 | {{- end }} 56 | 57 | {{- end }} 58 | {{- end }} 59 | {{- end }} 60 | {{- end }} 61 | 62 | {{/* Delete operation for Routes */}} 63 | 64 | {{- $deleteInputRef := (index $SDKAPI.API.Operations "DeleteRoute").InputRef }} 65 | {{- $deleteInputName := $deleteInputRef.ShapeName }} 66 | 67 | func (rm *resourceManager) new{{ $deleteInputName }}( 68 | c svcapitypes.CreateRouteInput, 69 | ) *svcsdk.{{ $deleteInputName }} { 70 | res := &svcsdk.{{ $deleteInputName }}{} 71 | 72 | {{ GoCodeSetSDKForStruct $CRD "" "res" $deleteInputRef "" "c" 1 }} 73 | 74 | return res 75 | } 76 | 77 | {{/* Setter for Route */}} 78 | 79 | {{- $routeRef := (index (index $SDKAPI.API.Shapes "RouteTable").MemberRefs "Routes").Shape.MemberRef }} 80 | {{- $routeRefName := $routeRef.ShapeName }} 81 | 82 | // set{{ $routeRefName }} sets a resource {{ $routeRefName }} type 83 | // given the SDK type. 84 | func (rm *resourceManager) setResource{{ $routeRefName }}( 85 | resp svcsdktypes.{{ $routeRefName }}, 86 | ) *svcapitypes.{{ $routeRefName }} { 87 | res := &svcapitypes.{{ $routeRefName }}{} 88 | 89 | {{ GoCodeSetResourceForStruct $CRD "RouteStatuses" "res" $routeRef "resp" $routeRef 1 }} 90 | return res 91 | } -------------------------------------------------------------------------------- /templates/hooks/route_table/sdk_read_many_post_set_output.go.tpl: -------------------------------------------------------------------------------- 1 | 2 | if found { 3 | rm.addRoutesToStatus(ko, resp.RouteTables[0]) 4 | } 5 | toAdd, toDelete := computeTagsDelta(r.ko.Spec.Tags, ko.Spec.Tags) 6 | if len(toAdd) == 0 && len(toDelete) == 0 { 7 | // if resource's initial tags and response tags are equal, 8 | // then assign resource's tags to maintain tag order 9 | ko.Spec.Tags = r.ko.Spec.Tags 10 | } 11 | 12 | // Even if route is created with arguments as VPCEndpointID, 13 | // when aws api is called to describe the route (inside skdFind), it 14 | // returns VPCEndpointID as GatewayID. Due to this bug, spec section for 15 | // routes is populated incorrectly in above auto-gen code. 16 | // To solve this, if 'GatewayID' has prefix 'vpce-', then the entry is 17 | // moved from 'GatewayID' to 'VPCEndpointID'. 18 | for i, route := range ko.Spec.Routes { 19 | if route.GatewayID != nil && strings.HasPrefix(*route.GatewayID, "vpce-") { 20 | ko.Spec.Routes[i].VPCEndpointID = route.GatewayID 21 | ko.Spec.Routes[i].GatewayID = nil 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /templates/hooks/security_group/sdk_create_post_build_request.go.tpl: -------------------------------------------------------------------------------- 1 | updateTagSpecificationsInCreateRequest(desired, input) -------------------------------------------------------------------------------- /templates/hooks/security_group/sdk_create_post_set_output.go.tpl: -------------------------------------------------------------------------------- 1 | 2 | if rm.requiredFieldsMissingForSGRule(&resource{ko}) { 3 | return nil, ackerr.NotFound 4 | } 5 | 6 | // Delete the default egress rule 7 | if err = rm.deleteDefaultSecurityGroupRule(ctx, &resource{ko}); err != nil { 8 | return &resource{ko}, err 9 | } 10 | 11 | if !rm.referencesResolved(&resource{ko}) { 12 | ackcondition.SetSynced(&resource{ko}, corev1.ConditionFalse, nil, nil) 13 | return &resource{ko}, nil 14 | } 15 | 16 | if err = rm.syncSGRules(ctx, &resource{ko}, nil); err != nil { 17 | return &resource{ko}, err 18 | } 19 | 20 | // A ReadOne call for SecurityGroup Rules (NOT SecurityGroups) 21 | // is made to refresh Status.Rules with the recently-updated 22 | // data from the above `sync` call 23 | if rules, err := rm.getRules(ctx, &resource{ko}); err != nil { 24 | return &resource{ko}, err 25 | } else { 26 | ko.Status.Rules = rules 27 | } 28 | -------------------------------------------------------------------------------- /templates/hooks/security_group/sdk_delete_pre_build_request.go.tpl: -------------------------------------------------------------------------------- 1 | sgCpy := r.ko.DeepCopy() 2 | sgCpy.Spec.IngressRules = nil 3 | sgCpy.Spec.EgressRules = nil 4 | if err := rm.syncSGRules(ctx, &resource{ko: sgCpy}, r); err != nil { 5 | return nil, err 6 | } -------------------------------------------------------------------------------- /templates/hooks/security_group/sdk_file_end.go.tpl: -------------------------------------------------------------------------------- 1 | {{ $CRD := .CRD }} 2 | {{ $SDKAPI := .SDKAPI }} 3 | 4 | {{/* Generate helper methods for SecurityGroupRules */}} 5 | {{- range $specFieldName, $specField := $CRD.Config.Resources.SecurityGroup.Fields }} 6 | {{- if $specField.CustomField }} 7 | {{- $sgRuleRefName := $specField.CustomField.ListOf }} 8 | {{- range $index, $customShape := $SDKAPI.CustomShapes }} 9 | {{- if (eq (Dereference $customShape.MemberShapeName) $sgRuleRefName) }} 10 | {{- $sgRuleRef := $customShape.Shape.MemberRef }} 11 | {{- if eq $specFieldName "IngressRules" }} 12 | {{ $sgRuleRefName = "IPPermission" }} 13 | func compare{{$sgRuleRefName}} ( 14 | a *svcapitypes.{{ $sgRuleRefName }}, 15 | b *svcapitypes.{{ $sgRuleRefName }}, 16 | ) *ackcompare.Delta { 17 | delta := ackcompare.NewDelta() 18 | {{ GoCodeCompareStruct $CRD $sgRuleRef.Shape "delta" "a" "b" $sgRuleRefName 1 }} 19 | return delta 20 | } 21 | 22 | func (rm *resourceManager) new{{ $sgRuleRefName }}( 23 | c svcapitypes.{{ $sgRuleRefName }}, 24 | ) (*svcsdktypes.{{ $sgRuleRef.ShapeName }}, error) { 25 | res := &svcsdktypes.{{ $sgRuleRef.ShapeName }}{} 26 | 27 | {{ GoCodeSetSDKForStruct $CRD "" "res" $sgRuleRef "" "c" 1 }} 28 | return res, nil 29 | } 30 | 31 | {{/* Helper method for tag support */}} 32 | {{- range $specFieldName, $specField := $CRD.Config.Resources.SecurityGroup.Fields }} 33 | {{- if $specField.From }} 34 | {{- $operationName := $specField.From.Operation }} 35 | {{- $operation := (index $SDKAPI.API.Operations $operationName) -}} 36 | {{- range $securityGroupRefName, $securityGroupMemberRefs := $operation.InputRef.Shape.MemberRefs -}} 37 | {{- if eq $securityGroupRefName "Tags" }} 38 | {{- $securityGroupRef := $securityGroupMemberRefs.Shape.MemberRef }} 39 | {{- $securityGroupRefName = "Tag" }} 40 | 41 | func (rm *resourceManager) new{{ $securityGroupRefName }}( 42 | c svcapitypes.{{ $securityGroupRefName }}, 43 | ) *svcsdktypes.{{ $securityGroupRefName }} { 44 | res := &svcsdktypes.{{ $securityGroupRefName }}{} 45 | {{ GoCodeSetSDKForStruct $CRD "" "res" $securityGroupRef "" "c" 1 }} 46 | return res 47 | } 48 | 49 | {{- end }} 50 | 51 | {{- end }} 52 | {{- end }} 53 | {{- end }} 54 | {{- end }} 55 | {{- end }} 56 | {{- end }} 57 | {{- end }} 58 | {{- end }} 59 | 60 | {{/* Setters for SecurityGroupRules */}} 61 | 62 | {{- $sgRuleRef := (index $SDKAPI.API.Shapes "SecurityGroupRuleList").MemberRef }} 63 | {{- $sgRuleName := "SecurityGroupRule" }} 64 | 65 | // set{{ $sgRuleName }} sets a resource {{ $sgRuleName }} type 66 | // given the SDK type. 67 | func (rm *resourceManager) setResource{{ $sgRuleName }}( 68 | resp *svcsdktypes.{{ $sgRuleName }}, 69 | ) *svcapitypes.{{ $sgRuleName }} { 70 | res := &svcapitypes.{{ $sgRuleName }}{} 71 | 72 | {{ GoCodeSetResourceForStruct $CRD "IngressRules" "res" $sgRuleRef "resp" $sgRuleRef 1 }} 73 | return res 74 | } 75 | 76 | {{- $ipPermRef := (index $SDKAPI.API.Shapes "IpPermissionList").MemberRef }} 77 | {{- $ipPermName := "IPPermission" }} 78 | 79 | // set{{ $ipPermName }} sets a resource {{ $ipPermName }} type 80 | // given the SDK type. 81 | func (rm *resourceManager) setResource{{ $ipPermName }}( 82 | resp *svcsdktypes.IpPermission, 83 | ) *svcapitypes.{{ $ipPermName }} { 84 | res := &svcapitypes.{{ $ipPermName }}{} 85 | 86 | {{ GoCodeSetResourceForStruct $CRD "IngressRules" "res" $ipPermRef "resp" $ipPermRef 1 }} 87 | return res 88 | } -------------------------------------------------------------------------------- /templates/hooks/security_group/sdk_read_many_post_set_output.go.tpl: -------------------------------------------------------------------------------- 1 | if found { 2 | 3 | // Needed because SecurityGroups Name are held in GroupName property of the AWS resource 4 | ko.Spec.Name = resp.SecurityGroups[0].GroupName 5 | 6 | rm.addRulesToSpec(ko, resp.SecurityGroups[0]) 7 | 8 | // A ReadOne call for SecurityGroup Rules (NOT SecurityGroups) 9 | // is made to refresh Status.Rules 10 | if rules, err := rm.getRules(ctx, &resource{ko}); err != nil { 11 | return nil, err 12 | } else { 13 | ko.Status.Rules = rules 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /templates/hooks/subnet/sdk_create_post_build_request.go.tpl: -------------------------------------------------------------------------------- 1 | updateTagSpecificationsInCreateRequest(desired, input) -------------------------------------------------------------------------------- /templates/hooks/subnet/sdk_create_post_set_output.go.tpl: -------------------------------------------------------------------------------- 1 | // use desired resource data for fields that cannot be provided 2 | // in the create request, but are present in the create response; 3 | // otherwise, server-side data will incorrectly be treated as "desired" 4 | if desired.ko.Spec.AssignIPv6AddressOnCreation != nil { 5 | ko.Spec.AssignIPv6AddressOnCreation = desired.ko.Spec.AssignIPv6AddressOnCreation 6 | } 7 | if desired.ko.Spec.CustomerOwnedIPv4Pool != nil { 8 | ko.Spec.CustomerOwnedIPv4Pool = desired.ko.Spec.CustomerOwnedIPv4Pool 9 | } 10 | if desired.ko.Spec.EnableDNS64 != nil { 11 | ko.Spec.EnableDNS64 = desired.ko.Spec.EnableDNS64 12 | } 13 | if desired.ko.Spec.MapPublicIPOnLaunch != nil { 14 | ko.Spec.MapPublicIPOnLaunch = desired.ko.Spec.MapPublicIPOnLaunch 15 | } 16 | 17 | if err = rm.createRouteTableAssociations(ctx, &resource{ko}); err != nil { 18 | return nil, err 19 | } -------------------------------------------------------------------------------- /templates/hooks/subnet/sdk_file_end.go.tpl: -------------------------------------------------------------------------------- 1 | {{ $CRD := .CRD }} 2 | {{ $SDKAPI := .SDKAPI }} 3 | 4 | {{/* Generate helper methods for Subnet */}} 5 | {{- range $specFieldName, $specField := $CRD.Config.Resources.Subnet.Fields }} 6 | {{- if $specField.From }} 7 | {{- $operationName := $specField.From.Operation }} 8 | {{- $operation := (index $SDKAPI.API.Operations $operationName) -}} 9 | {{- range $subnetRefName, $subnetMemberRefs := $operation.InputRef.Shape.MemberRefs -}} 10 | {{- if eq $subnetRefName "Tags" }} 11 | {{- $subnetRef := $subnetMemberRefs.Shape.MemberRef }} 12 | {{- $subnetRefName = "Tag" }} 13 | func (rm *resourceManager) new{{ $subnetRefName }}( 14 | c svcapitypes.{{ $subnetRefName }}, 15 | ) *svcsdktypes.{{ $subnetRefName }} { 16 | res := &svcsdktypes.{{ $subnetRefName }}{} 17 | {{ GoCodeSetSDKForStruct $CRD "" "res" $subnetRef "" "c" 1 }} 18 | return res 19 | } 20 | {{- end }} 21 | {{- end }} 22 | {{- end }} 23 | {{- end }} -------------------------------------------------------------------------------- /templates/hooks/subnet/sdk_read_many_post_set_output.go.tpl: -------------------------------------------------------------------------------- 1 | if ko.Status.PrivateDNSNameOptionsOnLaunch != nil { 2 | if ko.Status.PrivateDNSNameOptionsOnLaunch.EnableResourceNameDNSARecord != nil { 3 | ko.Spec.EnableResourceNameDNSARecord = ko.Status.PrivateDNSNameOptionsOnLaunch.EnableResourceNameDNSARecord 4 | } 5 | if ko.Status.PrivateDNSNameOptionsOnLaunch.EnableResourceNameDNSAAAARecord != nil { 6 | ko.Spec.EnableResourceNameDNSAAAARecord = ko.Status.PrivateDNSNameOptionsOnLaunch.EnableResourceNameDNSAAAARecord 7 | } 8 | if ko.Status.PrivateDNSNameOptionsOnLaunch.HostnameType != nil { 9 | ko.Spec.HostnameType = ko.Status.PrivateDNSNameOptionsOnLaunch.HostnameType 10 | } 11 | } 12 | 13 | assocs, err := rm.getRouteTableAssociations(ctx, &resource{ko}) 14 | if err != nil { 15 | return nil, err 16 | } else { 17 | ko.Spec.RouteTables = make([]*string, len(assocs)) 18 | for i, assoc := range assocs { 19 | ko.Spec.RouteTables[i] = assoc.RouteTableId 20 | } 21 | } -------------------------------------------------------------------------------- /templates/hooks/transit_gateway/sdk_create_post_build_request.go.tpl: -------------------------------------------------------------------------------- 1 | updateTagSpecificationsInCreateRequest(desired, input) -------------------------------------------------------------------------------- /templates/hooks/transit_gateway/sdk_file_end.go.tpl: -------------------------------------------------------------------------------- 1 | {{ $CRD := .CRD }} 2 | {{ $SDKAPI := .SDKAPI }} 3 | 4 | {{/* Generate helper methods for Transit Gateway */}} 5 | {{- range $specFieldName, $specField := $CRD.Config.Resources.TransitGateway.Fields }} 6 | {{- if $specField.From }} 7 | {{- $operationName := $specField.From.Operation }} 8 | {{- $operation := (index $SDKAPI.API.Operations $operationName) -}} 9 | {{- range $transitGatewayRefName, $transitGatewayMemberRefs := $operation.InputRef.Shape.MemberRefs -}} 10 | {{- if eq $transitGatewayRefName "Tags" }} 11 | {{- $transitGatewayRef := $transitGatewayMemberRefs.Shape.MemberRef }} 12 | {{- $transitGatewayRefName = "Tag" }} 13 | func (rm *resourceManager) new{{ $transitGatewayRefName }}( 14 | c svcapitypes.{{ $transitGatewayRefName }}, 15 | ) *svcsdktypes.{{ $transitGatewayRefName }} { 16 | res := &svcsdktypes.{{ $transitGatewayRefName }}{} 17 | {{ GoCodeSetSDKForStruct $CRD "" "res" $transitGatewayRef "" "c" 1 }} 18 | return res 19 | } 20 | {{- end }} 21 | {{- end }} 22 | {{- end }} 23 | {{- end }} -------------------------------------------------------------------------------- /templates/hooks/transit_gateway/sdk_read_many_post_set_output.go.tpl: -------------------------------------------------------------------------------- 1 | if isResourceDeleted(&resource{ko}) { 2 | return nil, ackerr.NotFound 3 | } 4 | if isResourcePending(&resource{ko}) { 5 | return nil, ackrequeue.Needed(fmt.Errorf("resource is pending")) 6 | } 7 | -------------------------------------------------------------------------------- /templates/hooks/transit_gateway_vpc_attachment/sdk_create_post_build_request.go.tpl: -------------------------------------------------------------------------------- 1 | updateTagSpecificationsInCreateRequest(desired, input) -------------------------------------------------------------------------------- /templates/hooks/transit_gateway_vpc_attachment/sdk_update_post_build_request.go.tpl: -------------------------------------------------------------------------------- 1 | 2 | input.AddSubnetIds, input.RemoveSubnetIds = compareSubnetIDs( 3 | desired.ko.Spec.SubnetIDs, 4 | latest.ko.Spec.SubnetIDs, 5 | ) -------------------------------------------------------------------------------- /templates/hooks/transit_gateway_vpc_attachment/sdk_update_pre_build_request.go.tpl: -------------------------------------------------------------------------------- 1 | 2 | if delta.DifferentAt("Spec.Tags") { 3 | if err := syncTags( 4 | ctx, rm.sdkapi, rm.metrics, *latest.ko.Status.ID, 5 | desired.ko.Spec.Tags, latest.ko.Spec.Tags, 6 | ); err != nil { 7 | return nil, err 8 | } 9 | } 10 | 11 | // Only continue if something other than Tags has changed in the Spec 12 | if !delta.DifferentExcept("Spec.Tags") { 13 | return desired, nil 14 | } 15 | 16 | if *latest.ko.Status.State != string(svcsdktypes.TransitGatewayAttachmentStateAvailable) { 17 | return desired, requeueWaitUntilCanModify(desired) 18 | } 19 | -------------------------------------------------------------------------------- /templates/hooks/vpc/sdk_create_post_build_request.go.tpl: -------------------------------------------------------------------------------- 1 | updateTagSpecificationsInCreateRequest(desired, input) 2 | 3 | // The first CIDR block will be used as the primary IPv4 CIDR block for the VPC 4 | applyPrimaryCIDRBlockInCreateRequest(desired, input) -------------------------------------------------------------------------------- /templates/hooks/vpc/sdk_create_post_set_output.go.tpl: -------------------------------------------------------------------------------- 1 | if resp.Vpc.CidrBlock != nil { 2 | ko.Spec.CIDRBlocks = make([]*string, 1) 3 | ko.Spec.CIDRBlocks[0] = resp.Vpc.CidrBlock 4 | } 5 | rm.syncCIDRBlocks(ctx, desired, &resource{ko}) 6 | 7 | rm.setSpecCIDRs(ko) 8 | err = rm.createAttributes(ctx, &resource{ko}) 9 | if err != nil { 10 | return nil, err 11 | } 12 | sgDefaultRulesExist, err := rm.hasSecurityGroupDefaultRules(ctx, &resource{ko}) 13 | if err != nil { 14 | return nil, err 15 | } else { 16 | ko.Status.SecurityGroupDefaultRulesExist = &sgDefaultRulesExist 17 | } 18 | -------------------------------------------------------------------------------- /templates/hooks/vpc/sdk_file_end.go.tpl: -------------------------------------------------------------------------------- 1 | {{ $CRD := .CRD }} 2 | {{ $SDKAPI := .SDKAPI }} 3 | 4 | {{/* Generate helper methods for VPC */}} 5 | {{- range $specFieldName, $specField := $CRD.Config.Resources.Vpc.Fields }} 6 | {{- if $specField.From }} 7 | {{- $operationName := $specField.From.Operation }} 8 | {{- $operation := (index $SDKAPI.API.Operations $operationName) -}} 9 | {{- range $vpcRefName, $vpcMemberRefs := $operation.InputRef.Shape.MemberRefs -}} 10 | {{- if eq $vpcRefName "Tags" }} 11 | {{- $vpcRef := $vpcMemberRefs.Shape.MemberRef }} 12 | {{- $vpcRefName = "Tag" }} 13 | func (rm *resourceManager) new{{ $vpcRefName }}( 14 | c svcapitypes.{{ $vpcRefName }}, 15 | ) *svcsdktypes.{{ $vpcRefName }} { 16 | res := &svcsdktypes.{{ $vpcRefName }}{} 17 | {{ GoCodeSetSDKForStruct $CRD "" "res" $vpcRef "" "c" 1 }} 18 | return res 19 | } 20 | {{- end }} 21 | {{- end }} 22 | {{- end }} 23 | {{- end }} -------------------------------------------------------------------------------- /templates/hooks/vpc/sdk_read_many_post_set_output.go.tpl: -------------------------------------------------------------------------------- 1 | rm.setSpecCIDRs(ko) 2 | if dnsAttrs, err := rm.getDNSAttributes(ctx, *ko.Status.VPCID); err != nil { 3 | return nil, err 4 | } else { 5 | ko.Spec.EnableDNSSupport = dnsAttrs.EnableSupport 6 | ko.Spec.EnableDNSHostnames = dnsAttrs.EnableHostnames 7 | } 8 | sgDefaultRulesExist, err := rm.hasSecurityGroupDefaultRules(ctx, &resource{ko}) 9 | if err != nil { 10 | return nil, err 11 | } 12 | 13 | // If default security group rules exist, then set 14 | // DisallowSecurityGroupDefaultRules field in spec to false. This will 15 | // allow sdkUpdate to be invoked if 'desired' cr has 16 | // DisallowSecurityGroupDefaultRules field in spec set to true. 17 | disallowSGDefaultRules := !sgDefaultRulesExist 18 | ko.Spec.DisallowSecurityGroupDefaultRules = &disallowSGDefaultRules 19 | -------------------------------------------------------------------------------- /templates/hooks/vpc_endpoint/sdk_create_post_build_request.go.tpl: -------------------------------------------------------------------------------- 1 | updateTagSpecificationsInCreateRequest(desired, input) -------------------------------------------------------------------------------- /templates/hooks/vpc_endpoint/sdk_create_post_set_output.go.tpl: -------------------------------------------------------------------------------- 1 | 2 | // Setting resource synced condition to false will trigger a requeue of 3 | // the resource. No need to return a requeue error here. 4 | ackcondition.SetSynced(&resource{ko}, corev1.ConditionFalse, nil, nil) 5 | -------------------------------------------------------------------------------- /templates/hooks/vpc_endpoint/sdk_delete_post_build_request.go.tpl: -------------------------------------------------------------------------------- 1 | if err = addIDToDeleteRequest(r, input); err != nil { 2 | return nil, ackerr.NotFound 3 | } -------------------------------------------------------------------------------- /templates/hooks/vpc_endpoint/sdk_file_end.go.tpl: -------------------------------------------------------------------------------- 1 | {{ $CRD := .CRD }} 2 | {{ $SDKAPI := .SDKAPI }} 3 | 4 | {{/* Generate helper methods for vpcEndpoint */}} 5 | {{- range $specFieldName, $specField := $CRD.Config.Resources.VpcEndpoint.Fields }} 6 | {{- if $specField.From }} 7 | {{- $operationName := $specField.From.Operation }} 8 | {{- $operation := (index $SDKAPI.API.Operations $operationName) -}} 9 | {{- range $vpcEndpointRefName, $vpcEndpointMemberRefs := $operation.InputRef.Shape.MemberRefs -}} 10 | {{- if eq $vpcEndpointRefName "Tags" }} 11 | {{- $vpcEndpointRef := $vpcEndpointMemberRefs.Shape.MemberRef }} 12 | {{- $vpcEndpointRefName = "Tag" }} 13 | func (rm *resourceManager) new{{ $vpcEndpointRefName }}( 14 | c svcapitypes.{{ $vpcEndpointRefName }}, 15 | ) *svcsdktypes.{{ $vpcEndpointRefName }} { 16 | res := &svcsdktypes.{{ $vpcEndpointRefName }}{} 17 | {{ GoCodeSetSDKForStruct $CRD "" "res" $vpcEndpointRef "" "c" 1 }} 18 | return res 19 | } 20 | {{- end }} 21 | {{- end }} 22 | {{- end }} 23 | {{- end }} -------------------------------------------------------------------------------- /templates/hooks/vpc_endpoint/sdk_read_many_post_set_output.go.tpl: -------------------------------------------------------------------------------- 1 | 2 | if vpcEndpointPending(&resource{ko}) { 3 | // Setting resource synced condition to false will trigger a requeue of 4 | // the resource. No need to return a requeue error here. 5 | ackcondition.SetSynced(&resource{ko}, corev1.ConditionFalse, nil, nil) 6 | } 7 | -------------------------------------------------------------------------------- /templates/hooks/vpc_endpoint_service_configuration/sdk_delete_post_build_request.go.tpl: -------------------------------------------------------------------------------- 1 | if err = addIDToDeleteRequest(r, input); err != nil { 2 | return nil, ackerr.NotFound 3 | } -------------------------------------------------------------------------------- /templates/hooks/vpc_endpoint_service_configuration/sdk_file_end.go.tpl: -------------------------------------------------------------------------------- 1 | {{ $CRD := .CRD }} 2 | {{ $SDKAPI := .SDKAPI }} 3 | 4 | {{/* Generate helper methods for VpcEndpointServiceConfiguration */}} 5 | {{- range $specFieldName, $specField := $CRD.Config.Resources.VpcEndpointServiceConfiguration.Fields }} 6 | {{- if $specField.From }} 7 | {{- $operationName := $specField.From.Operation }} 8 | {{- $operation := (index $SDKAPI.API.Operations $operationName) -}} 9 | {{- range $vpcEndpointServiceConfigurationRefName, $vpcEndpointServiceConfigurationMemberRefs := $operation.InputRef.Shape.MemberRefs -}} 10 | {{- if eq $vpcEndpointServiceConfigurationRefName "Tags" }} 11 | {{- $vpcEndpointServiceConfigurationRef := $vpcEndpointServiceConfigurationMemberRefs.Shape.MemberRef }} 12 | {{- $vpcEndpointServiceConfigurationRefName = "Tag" }} 13 | func (rm *resourceManager) new{{ $vpcEndpointServiceConfigurationRefName }}( 14 | c svcapitypes.{{ $vpcEndpointServiceConfigurationRefName }}, 15 | ) *svcsdktypes.{{ $vpcEndpointServiceConfigurationRefName }} { 16 | res := &svcsdktypes.{{ $vpcEndpointServiceConfigurationRefName }}{} 17 | {{ GoCodeSetSDKForStruct $CRD "" "res" $vpcEndpointServiceConfigurationRef "" "c" 1 }} 18 | return res 19 | } 20 | {{- end }} 21 | {{- end }} 22 | {{- end }} 23 | {{- end }} -------------------------------------------------------------------------------- /templates/hooks/vpc_endpoint_service_configuration/sdk_read_many_post_set_output.go.tpl: -------------------------------------------------------------------------------- 1 | 2 | rm.setAdditionalFields(ctx, ko) 3 | -------------------------------------------------------------------------------- /templates/hooks/vpc_endpoint_service_configuration/sdk_update_pre_build_request.go.tpl: -------------------------------------------------------------------------------- 1 | 2 | // Only continue if the VPC Endpoint Service is in 'Available' state 3 | if *latest.ko.Status.ServiceState != "Available" { 4 | return desired, requeueWaitNotAvailable 5 | } 6 | 7 | if delta.DifferentAt("Spec.Tags") { 8 | if err := syncTags( 9 | ctx, rm.sdkapi, rm.metrics, *latest.ko.Status.ServiceID, 10 | desired.ko.Spec.Tags, latest.ko.Spec.Tags, 11 | ); err != nil { 12 | return nil, err 13 | } 14 | } 15 | 16 | if delta.DifferentAt("Spec.AllowedPrincipals") { 17 | if desired, err := rm.syncAllowedPrincipals(ctx, desired, latest); err != nil { 18 | // This causes a requeue and the rest of the fields will be synced on the next reconciliation loop 19 | ackcondition.SetSynced(desired, corev1.ConditionFalse, nil, nil) 20 | return desired, err 21 | } 22 | } 23 | 24 | // Only continue if something other than Tags or certain fields has changed in the Spec 25 | if !delta.DifferentExcept("Spec.Tags", "Spec.AllowedPrincipals") { 26 | return desired, nil 27 | } 28 | -------------------------------------------------------------------------------- /templates/hooks/vpc_peering_connection/sdk_create_post_build_request.go.tpl: -------------------------------------------------------------------------------- 1 | updateTagSpecificationsInCreateRequest(desired, input) -------------------------------------------------------------------------------- /templates/hooks/vpc_peering_connection/sdk_create_post_set_output.go.tpl: -------------------------------------------------------------------------------- 1 | 2 | // This causes a requeue and the rest of the fields will be synced on the next reconciliation loop 3 | ackcondition.SetSynced(&resource{ko}, corev1.ConditionFalse, nil, nil) 4 | -------------------------------------------------------------------------------- /templates/hooks/vpc_peering_connection/sdk_file_end.go.tpl: -------------------------------------------------------------------------------- 1 | {{ $CRD := .CRD }} 2 | {{ $SDKAPI := .SDKAPI }} 3 | 4 | {{/* Generate helper methods for VPC Peering Connection */}} 5 | {{- range $specFieldName, $specField := $CRD.Config.Resources.VpcPeeringConnection.Fields }} 6 | {{- if $specField.From }} 7 | {{- $operationName := $specField.From.Operation }} 8 | {{- $operation := (index $SDKAPI.API.Operations $operationName) -}} 9 | {{- range $vpcPeeringConnectionRefName, $vpcPeeringConnectionMemberRefs := $operation.InputRef.Shape.MemberRefs -}} 10 | {{- if eq $vpcPeeringConnectionRefName "Tags" }} 11 | {{- $vpcPeeringConnectionRef := $vpcPeeringConnectionMemberRefs.Shape.MemberRef }} 12 | {{- $vpcPeeringConnectionRefName = "Tag" }} 13 | func (rm *resourceManager) new{{ $vpcPeeringConnectionRefName }}( 14 | c svcapitypes.{{ $vpcPeeringConnectionRefName }}, 15 | ) *svcsdktypes.{{ $vpcPeeringConnectionRefName }} { 16 | res := &svcsdktypes.{{ $vpcPeeringConnectionRefName }}{} 17 | {{ GoCodeSetSDKForStruct $CRD "" "res" $vpcPeeringConnectionRef "" "c" 1 }} 18 | return res 19 | } 20 | {{- end }} 21 | {{- end }} 22 | {{- end }} 23 | {{- end }} -------------------------------------------------------------------------------- /templates/hooks/vpc_peering_connection/sdk_read_many_post_set_output.go.tpl: -------------------------------------------------------------------------------- 1 | 2 | // This prevents reference resolution errors when adopting existing resources where these fields are not provided in the manifest. 3 | if ko.Spec.VPCID == nil && ko.Status.RequesterVPCInfo != nil && ko.Status.RequesterVPCInfo.VPCID != nil { 4 | ko.Spec.VPCID = ko.Status.RequesterVPCInfo.VPCID 5 | } 6 | 7 | if r.ko.Spec.AccepterPeeringConnectionOptions != nil { 8 | f0 := &svcapitypes.PeeringConnectionOptionsRequest{} 9 | if r.ko.Spec.AccepterPeeringConnectionOptions.AllowDNSResolutionFromRemoteVPC != nil { 10 | f0.AllowEgressFromLocalClassicLinkToRemoteVPC = r.ko.Spec.AccepterPeeringConnectionOptions.AllowDNSResolutionFromRemoteVPC 11 | } 12 | if r.ko.Spec.AccepterPeeringConnectionOptions.AllowEgressFromLocalClassicLinkToRemoteVPC != nil { 13 | f0.AllowEgressFromLocalClassicLinkToRemoteVPC = r.ko.Spec.AccepterPeeringConnectionOptions.AllowEgressFromLocalClassicLinkToRemoteVPC 14 | } 15 | if r.ko.Spec.AccepterPeeringConnectionOptions.AllowEgressFromLocalVPCToRemoteClassicLink != nil { 16 | f0.AllowEgressFromLocalVPCToRemoteClassicLink = r.ko.Spec.AccepterPeeringConnectionOptions.AllowEgressFromLocalVPCToRemoteClassicLink 17 | } 18 | ko.Spec.AccepterPeeringConnectionOptions = f0 19 | } else { 20 | ko.Spec.AccepterPeeringConnectionOptions = nil 21 | } 22 | if r.ko.Spec.RequesterPeeringConnectionOptions != nil { 23 | f1 := &svcapitypes.PeeringConnectionOptionsRequest{} 24 | if r.ko.Spec.RequesterPeeringConnectionOptions.AllowDNSResolutionFromRemoteVPC != nil { 25 | f1.AllowDNSResolutionFromRemoteVPC = r.ko.Spec.RequesterPeeringConnectionOptions.AllowDNSResolutionFromRemoteVPC 26 | } 27 | if r.ko.Spec.RequesterPeeringConnectionOptions.AllowEgressFromLocalClassicLinkToRemoteVPC != nil { 28 | f1.AllowEgressFromLocalClassicLinkToRemoteVPC = r.ko.Spec.RequesterPeeringConnectionOptions.AllowEgressFromLocalClassicLinkToRemoteVPC 29 | } 30 | if r.ko.Spec.RequesterPeeringConnectionOptions.AllowEgressFromLocalVPCToRemoteClassicLink != nil { 31 | f1.AllowEgressFromLocalVPCToRemoteClassicLink = r.ko.Spec.RequesterPeeringConnectionOptions.AllowEgressFromLocalVPCToRemoteClassicLink 32 | } 33 | ko.Spec.RequesterPeeringConnectionOptions = f1 34 | } else { 35 | ko.Spec.RequesterPeeringConnectionOptions = nil 36 | } 37 | 38 | // Artificially trigger detection by delta.DifferentAt("Spec.AcceptRequest") 39 | res := &resource{ko} 40 | if isVPCPeeringConnectionPendingAcceptance(res) { 41 | res.ko.Spec.AcceptRequest = aws.Bool(false) 42 | } else if isVPCPeeringConnectionActive(res) || isVPCPeeringConnectionProvisioning(res) { 43 | res.ko.Spec.AcceptRequest = aws.Bool(true) 44 | } else if isVPCPeeringConnectionCreating(res) { 45 | return res, requeueWaitWhileCreating 46 | } 47 | -------------------------------------------------------------------------------- /test/e2e/.gitignore: -------------------------------------------------------------------------------- 1 | __pycache__/ 2 | *.py[cod] 3 | **/bootstrap.pkl -------------------------------------------------------------------------------- /test/e2e/__init__.py: -------------------------------------------------------------------------------- 1 | # Copyright Amazon.com Inc. or its affiliates. All Rights Reserved. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"). You may 4 | # not use this file except in compliance with the License. A copy of the 5 | # License is located at 6 | # 7 | # http://aws.amazon.com/apache2.0/ 8 | # 9 | # or in the "license" file accompanying this file. This file is distributed 10 | # on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 11 | # express or implied. See the License for the specific language governing 12 | # permissions and limitations under the License. 13 | 14 | import pytest 15 | from typing import Dict, Any 16 | from pathlib import Path 17 | 18 | from acktest.resources import load_resource_file 19 | 20 | SERVICE_NAME = "ec2" 21 | CRD_GROUP = "ec2.services.k8s.aws" 22 | CRD_VERSION = "v1alpha1" 23 | 24 | # PyTest marker for the current service 25 | service_marker = pytest.mark.service(arg=SERVICE_NAME) 26 | 27 | bootstrap_directory = Path(__file__).parent 28 | resource_directory = Path(__file__).parent / "resources" 29 | def load_ec2_resource(resource_name: str, additional_replacements: Dict[str, Any] = {}): 30 | """ Overrides the default `load_resource_file` to access the specific resources 31 | directory for the current service. 32 | """ 33 | return load_resource_file(resource_directory, resource_name, additional_replacements=additional_replacements) 34 | -------------------------------------------------------------------------------- /test/e2e/bootstrap_resources.py: -------------------------------------------------------------------------------- 1 | # Copyright Amazon.com Inc. or its affiliates. All Rights Reserved. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"). You may 4 | # not use this file except in compliance with the License. A copy of the 5 | # License is located at 6 | # 7 | # http://aws.amazon.com/apache2.0/ 8 | # 9 | # or in the "license" file accompanying this file. This file is distributed 10 | # on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 11 | # express or implied. See the License for the specific language governing 12 | # permissions and limitations under the License. 13 | """Declares the structure of the bootstrapped resources and provides a loader 14 | for them. 15 | """ 16 | from dataclasses import dataclass 17 | from acktest.bootstrapping import Resources 18 | from acktest.bootstrapping.elbv2 import NetworkLoadBalancer 19 | from acktest.bootstrapping.s3 import Bucket 20 | from acktest.bootstrapping.vpc import VPC 21 | from acktest.bootstrapping.vpc import TransitGateway 22 | from e2e import bootstrap_directory 23 | 24 | @dataclass 25 | class BootstrapResources(Resources): 26 | FlowLogsBucket: Bucket 27 | SharedTestVPC: VPC 28 | AdoptedVPC: VPC 29 | NetworkLoadBalancer: NetworkLoadBalancer 30 | TestTransitGateway: TransitGateway 31 | 32 | _bootstrap_resources = None 33 | 34 | def get_bootstrap_resources(bootstrap_file_name: str = "bootstrap.pkl") -> BootstrapResources: 35 | global _bootstrap_resources 36 | if _bootstrap_resources is None: 37 | _bootstrap_resources = BootstrapResources.deserialize(bootstrap_directory, bootstrap_file_name=bootstrap_file_name) 38 | return _bootstrap_resources 39 | -------------------------------------------------------------------------------- /test/e2e/replacement_values.py: -------------------------------------------------------------------------------- 1 | # Copyright Amazon.com Inc. or its affiliates. All Rights Reserved. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"). You may 4 | # not use this file except in compliance with the License. A copy of the 5 | # License is located at 6 | # 7 | # http://aws.amazon.com/apache2.0/ 8 | # 9 | # or in the "license" file accompanying this file. This file is distributed 10 | # on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 11 | # express or implied. See the License for the specific language governing 12 | # permissions and limitations under the License. 13 | """Stores the values used by each of the integration tests for replacing the 14 | ec2-specific test variables. 15 | """ 16 | 17 | REPLACEMENT_VALUES = { 18 | "ENABLE_DNS_SUPPORT": "False", 19 | "ENABLE_DNS_HOSTNAMES": "False", 20 | "DISALLOW_DEFAULT_SECURITY_GROUP_RULE": "False" 21 | } 22 | -------------------------------------------------------------------------------- /test/e2e/requirements.txt: -------------------------------------------------------------------------------- 1 | acktest @ git+https://github.com/aws-controllers-k8s/test-infra.git@72e9d798ad4f22e0e1ff4e227cfd69f7e301479a -------------------------------------------------------------------------------- /test/e2e/resources/capacity_reservation.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: ec2.services.k8s.aws/v1alpha1 2 | kind: CapacityReservation 3 | metadata: 4 | name: $RESERVATION_NAME 5 | spec: 6 | instanceType: $INSTANCE_TYPE 7 | instancePlatform: $INSTANCE_PLATFORM 8 | instanceCount: $INSTANCE_COUNT 9 | availabilityZone: "$AVAILABILITY_ZONE" 10 | tags: 11 | - key: $TAG_KEY 12 | value: $TAG_VALUE 13 | -------------------------------------------------------------------------------- /test/e2e/resources/dhcp_options.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: ec2.services.k8s.aws/v1alpha1 2 | kind: DHCPOptions 3 | metadata: 4 | name: $DHCP_OPTIONS_NAME 5 | spec: 6 | dhcpConfigurations: 7 | - key: $DHCP_KEY_1 8 | values: 9 | - $DHCP_VAL_1 10 | - key: $DHCP_KEY_2 11 | values: 12 | - $DHCP_VAL_2_1 13 | - $DHCP_VAL_2_2 14 | tags: 15 | - key: $TAG_KEY 16 | value: $TAG_VALUE 17 | -------------------------------------------------------------------------------- /test/e2e/resources/dhcp_options_vpc_ref.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: ec2.services.k8s.aws/v1alpha1 2 | kind: DHCPOptions 3 | metadata: 4 | name: $DHCP_OPTIONS_NAME 5 | spec: 6 | dhcpConfigurations: 7 | - key: $DHCP_KEY_1 8 | values: 9 | - $DHCP_VAL_1 10 | - key: $DHCP_KEY_2 11 | values: 12 | - $DHCP_VAL_2_1 13 | - $DHCP_VAL_2_2 14 | vpc: 15 | - $VPC_ID 16 | tags: 17 | - key: $TAG_KEY 18 | value: $TAG_VALUE 19 | 20 | -------------------------------------------------------------------------------- /test/e2e/resources/elastic_ip_address.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: ec2.services.k8s.aws/v1alpha1 2 | kind: ElasticIPAddress 3 | metadata: 4 | name: $ADDRESS_NAME 5 | spec: 6 | domain: vpc 7 | publicIPv4Pool: $PUBLIC_IPV4_POOL 8 | tags: 9 | - key: $TAG_KEY 10 | value: $TAG_VALUE -------------------------------------------------------------------------------- /test/e2e/resources/flow_log.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: ec2.services.k8s.aws/v1alpha1 2 | kind: FlowLog 3 | metadata: 4 | name: $FLOWLOG_NAME 5 | spec: 6 | resourceID: $RESOURCE_ID 7 | resourceType: $RESOURCE_TYPE 8 | logDestinationType: $LOG_DESTINATION_TYPE 9 | logDestination: $LOG_DESTINATION 10 | trafficType: $TRAFFIC_TYPE 11 | tags: 12 | - key: $TAG_KEY 13 | value: $TAG_VALUE 14 | -------------------------------------------------------------------------------- /test/e2e/resources/instance.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: ec2.services.k8s.aws/v1alpha1 2 | kind: Instance 3 | metadata: 4 | name: $INSTANCE_NAME 5 | spec: 6 | imageID: $INSTANCE_AMI_ID 7 | instanceType: $INSTANCE_TYPE 8 | subnetID: $INSTANCE_SUBNET_ID 9 | tags: 10 | - key: $INSTANCE_TAG_KEY 11 | value: $INSTANCE_TAG_VAL -------------------------------------------------------------------------------- /test/e2e/resources/internet_gateway.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: ec2.services.k8s.aws/v1alpha1 2 | kind: InternetGateway 3 | metadata: 4 | name: $INTERNET_GATEWAY_NAME 5 | spec: 6 | tags: 7 | - key: $TAG_KEY 8 | value: $TAG_VALUE -------------------------------------------------------------------------------- /test/e2e/resources/internet_gateway_ref.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: ec2.services.k8s.aws/v1alpha1 2 | kind: InternetGateway 3 | metadata: 4 | name: $INTERNET_GATEWAY_NAME 5 | spec: 6 | vpcRef: 7 | from: 8 | name: $VPC_NAME 9 | -------------------------------------------------------------------------------- /test/e2e/resources/internet_gateway_route_table.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: ec2.services.k8s.aws/v1alpha1 2 | kind: RouteTable 3 | metadata: 4 | name: $ROUTE_TABLE_NAME 5 | spec: 6 | vpcID: $VPC_ID 7 | tags: 8 | - key: $TAG_KEY 9 | value: $TAG_VALUE 10 | -------------------------------------------------------------------------------- /test/e2e/resources/internet_gateway_route_table_association.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: ec2.services.k8s.aws/v1alpha1 2 | kind: InternetGateway 3 | metadata: 4 | name: $INTERNET_GATEWAY_NAME 5 | spec: 6 | vpc: $VPC_ID 7 | -------------------------------------------------------------------------------- /test/e2e/resources/internet_gateway_vpc_attachment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: ec2.services.k8s.aws/v1alpha1 2 | kind: InternetGateway 3 | metadata: 4 | name: $INTERNET_GATEWAY_NAME 5 | spec: 6 | vpc: $VPC_ID -------------------------------------------------------------------------------- /test/e2e/resources/invalid/elastic_ip_invalid_combination.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: ec2.services.k8s.aws/v1alpha1 2 | kind: ElasticIPAddress 3 | metadata: 4 | name: $ADDRESS_NAME 5 | spec: 6 | domain: vpc 7 | publicIPv4Pool: $PUBLIC_IPV4_POOL 8 | address: $ADDRESS -------------------------------------------------------------------------------- /test/e2e/resources/invalid/flow_log_invalid_parameter.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: ec2.services.k8s.aws/v1alpha1 2 | kind: FlowLog 3 | metadata: 4 | name: $FLOWLOG_NAME 5 | spec: 6 | resourceID: $RESOURCE_ID 7 | resourceType: $RESOURCE_TYPE 8 | logDestinationType: $LOG_DESTINATION_TYPE 9 | trafficType: $TRAFFIC_TYPE 10 | tags: 11 | - key: $TAG_KEY 12 | value: $TAG_VALUE 13 | -------------------------------------------------------------------------------- /test/e2e/resources/launch_template.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: ec2.services.k8s.aws/v1alpha1 2 | kind: LaunchTemplate 3 | metadata: 4 | name: $LAUNCH_TEMPLATE_NAME 5 | spec: 6 | name: $LAUNCH_TEMPLATE_NAME 7 | data: 8 | instanceType: t2.nano 9 | monitoring: 10 | enabled: false 11 | tags: 12 | - key: $TAG_KEY 13 | value: $TAG_VALUE 14 | -------------------------------------------------------------------------------- /test/e2e/resources/nat_gateway.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: ec2.services.k8s.aws/v1alpha1 2 | kind: NATGateway 3 | metadata: 4 | name: $NAT_GATEWAY_NAME 5 | spec: 6 | allocationID: $ALLOCATION_ID 7 | subnetID: $SUBNET_ID 8 | tags: 9 | - key: $TAG_KEY 10 | value: $TAG_VALUE 11 | -------------------------------------------------------------------------------- /test/e2e/resources/network_acl.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: ec2.services.k8s.aws/v1alpha1 2 | kind: NetworkACL 3 | metadata: 4 | name: $NETWORK_ACL_NAME 5 | spec: 6 | entries: 7 | - cidrBlock: $CIDR_BLOCK 8 | egress: true 9 | portRange: 10 | from: 80 11 | to: 443 12 | protocol: "6" 13 | ruleAction: allow 14 | ruleNumber: 100 15 | vpcID: $VPC_ID 16 | tags: 17 | - key: $TAG_KEY 18 | value: $TAG_VALUE -------------------------------------------------------------------------------- /test/e2e/resources/network_acl_with_default_rules.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: ec2.services.k8s.aws/v1alpha1 2 | kind: NetworkACL 3 | metadata: 4 | name: $NETWORK_ACL_NAME 5 | spec: 6 | entries: 7 | # Default egress rule 8 | - cidrBlock: 0.0.0.0/0 9 | egress: true 10 | protocol: "-1" 11 | ruleAction: deny 12 | ruleNumber: 32767 13 | # Default ingress rule 14 | - cidrBlock: 0.0.0.0/0 15 | egress: false 16 | protocol: "-1" 17 | ruleAction: deny 18 | ruleNumber: 32767 19 | # Custom rule 20 | - cidrBlock: $CIDR_BLOCK 21 | egress: true 22 | portRange: 23 | from: 443 24 | to: 443 25 | protocol: "6" 26 | ruleAction: allow 27 | ruleNumber: 100 28 | vpcID: $VPC_ID 29 | -------------------------------------------------------------------------------- /test/e2e/resources/network_acl_with_subnet_assoc.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: ec2.services.k8s.aws/v1alpha1 2 | kind: NetworkACL 3 | metadata: 4 | name: $NETWORK_ACL_NAME 5 | spec: 6 | associations: 7 | - subnetID: $SUBNET_ID 8 | entries: 9 | - cidrBlock: $CIDR_BLOCK 10 | egress: true 11 | portRange: 12 | from: 80 13 | to: 443 14 | protocol: "6" 15 | ruleAction: allow 16 | ruleNumber: 100 17 | vpcID: $VPC_ID 18 | tags: 19 | - key: $TAG_KEY 20 | value: $TAG_VALUE 21 | -------------------------------------------------------------------------------- /test/e2e/resources/route_table.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: ec2.services.k8s.aws/v1alpha1 2 | kind: RouteTable 3 | metadata: 4 | name: $ROUTE_TABLE_NAME 5 | spec: 6 | routes: 7 | - destinationCIDRBlock: $DEST_CIDR_BLOCK 8 | gatewayID: $IGW_ID 9 | vpcID: $VPC_ID 10 | tags: 11 | - key: $TAG_KEY 12 | value: $TAG_VALUE -------------------------------------------------------------------------------- /test/e2e/resources/route_table_ref.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: ec2.services.k8s.aws/v1alpha1 2 | kind: RouteTable 3 | metadata: 4 | name: $ROUTE_TABLE_NAME 5 | spec: 6 | routes: 7 | - destinationCIDRBlock: $DEST_CIDR_BLOCK 8 | gatewayRef: 9 | from: 10 | name: $INTERNET_GATEWAY_NAME 11 | vpcRef: 12 | from: 13 | name: $VPC_NAME 14 | tags: 15 | - key: $TAG_KEY 16 | value: $TAG_VALUE -------------------------------------------------------------------------------- /test/e2e/resources/security_group.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: ec2.services.k8s.aws/v1alpha1 2 | kind: SecurityGroup 3 | metadata: 4 | name: $SECURITY_GROUP_NAME 5 | spec: 6 | description: $SECURITY_GROUP_DESCRIPTION 7 | name: $SECURITY_GROUP_NAME 8 | vpcID: $VPC_ID 9 | tags: 10 | - key: $TAG_KEY 11 | value: $TAG_VALUE -------------------------------------------------------------------------------- /test/e2e/resources/security_group_ref.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: ec2.services.k8s.aws/v1alpha1 2 | kind: SecurityGroup 3 | metadata: 4 | name: $SECURITY_GROUP_REF_NAME 5 | spec: 6 | description: $SECURITY_GROUP_DESCRIPTION 7 | name: $SECURITY_GROUP_REF_NAME 8 | vpcRef: 9 | from: 10 | name: $VPC_NAME -------------------------------------------------------------------------------- /test/e2e/resources/security_group_rule.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: ec2.services.k8s.aws/v1alpha1 2 | kind: SecurityGroup 3 | metadata: 4 | name: $SECURITY_GROUP_NAME 5 | spec: 6 | description: $SECURITY_GROUP_DESCRIPTION 7 | name: $SECURITY_GROUP_NAME 8 | vpcID: $VPC_ID 9 | ingressRules: 10 | - ipProtocol: $IP_PROTOCOL 11 | fromPort: $FROM_PORT 12 | toPort: $TO_PORT 13 | ipRanges: 14 | - cidrIP: $CIDR_IP 15 | description: $DESCRIPTION_INGRESS -------------------------------------------------------------------------------- /test/e2e/resources/security_group_with_sg_ref.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: ec2.services.k8s.aws/v1alpha1 2 | kind: SecurityGroup 3 | metadata: 4 | name: $SECURITY_GROUP_NAME 5 | spec: 6 | name: $SECURITY_GROUP_NAME 7 | description: test sg 8 | vpcID: $VPC_ID 9 | ingressRules: 10 | - fromPort: 443 11 | toPort: 443 12 | ipProtocol: tcp 13 | userIDGroupPairs: 14 | - description: test UID group pair 15 | groupRef: 16 | from: 17 | name: $SECURITY_GROUP_REF_NAME 18 | egressRules: 19 | - fromPort: 443 20 | toPort: 443 21 | ipProtocol: tcp 22 | userIDGroupPairs: 23 | - description: test UID group pair 24 | groupRef: 25 | from: 26 | name: $SECURITY_GROUP_REF_NAME 27 | -------------------------------------------------------------------------------- /test/e2e/resources/subnet.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: ec2.services.k8s.aws/v1alpha1 2 | kind: Subnet 3 | metadata: 4 | name: $SUBNET_NAME 5 | spec: 6 | cidrBlock: $CIDR_BLOCK 7 | vpcID: $VPC_ID 8 | tags: 9 | - key: $TAG_KEY 10 | value: $TAG_VALUE -------------------------------------------------------------------------------- /test/e2e/resources/subnet_adoption.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: ec2.services.k8s.aws/v1alpha1 2 | kind: Subnet 3 | metadata: 4 | name: $SUBNET_ADOPTION_NAME 5 | annotations: 6 | services.k8s.aws/adoption-policy: $ADOPTION_POLICY 7 | services.k8s.aws/adoption-fields: "$ADOPTION_FIELDS" 8 | services.k8s.aws/deletion-policy: retain 9 | -------------------------------------------------------------------------------- /test/e2e/resources/subnet_ref.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: ec2.services.k8s.aws/v1alpha1 2 | kind: Subnet 3 | metadata: 4 | name: $SUBNET_REF_NAME 5 | spec: 6 | cidrBlock: $SUBNET_CIDR_BLOCK 7 | vpcRef: 8 | from: 9 | name: $VPC_NAME -------------------------------------------------------------------------------- /test/e2e/resources/subnet_route_table_assocations.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: ec2.services.k8s.aws/v1alpha1 2 | kind: Subnet 3 | metadata: 4 | name: $SUBNET_NAME 5 | spec: 6 | cidrBlock: $CIDR_BLOCK 7 | vpcID: $VPC_ID 8 | routeTables: 9 | - $ROUTE_TABLE_ID -------------------------------------------------------------------------------- /test/e2e/resources/transitgateway.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: ec2.services.k8s.aws/v1alpha1 2 | kind: TransitGateway 3 | metadata: 4 | name: $TGW_NAME 5 | spec: 6 | tags: 7 | - key: $TAG_KEY 8 | value: $TAG_VALUE -------------------------------------------------------------------------------- /test/e2e/resources/transitgateway_vpc_attachment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: ec2.services.k8s.aws/v1alpha1 2 | kind: TransitGatewayVPCAttachment 3 | metadata: 4 | name: $TGWVA_NAME 5 | spec: 6 | vpcID: $VPC_ID 7 | subnetIDs: 8 | - $SUBNET_ID 9 | transitGatewayID: $TGW_ID 10 | tags: 11 | - key: $TAG_KEY 12 | value: $TAG_VALUE 13 | -------------------------------------------------------------------------------- /test/e2e/resources/vpc.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: ec2.services.k8s.aws/v1alpha1 2 | kind: VPC 3 | metadata: 4 | name: $VPC_NAME 5 | spec: 6 | cidrBlocks: 7 | - $CIDR_BLOCK 8 | enableDNSSupport: $ENABLE_DNS_SUPPORT 9 | enableDNSHostnames: $ENABLE_DNS_HOSTNAMES 10 | disallowSecurityGroupDefaultRules: $DISALLOW_DEFAULT_SECURITY_GROUP_RULE 11 | tags: 12 | - key: $TAG_KEY 13 | value: $TAG_VALUE -------------------------------------------------------------------------------- /test/e2e/resources/vpc_adoption.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: ec2.services.k8s.aws/v1alpha1 2 | kind: VPC 3 | metadata: 4 | name: $VPC_ADOPTION_NAME 5 | annotations: 6 | services.k8s.aws/adoption-policy: $ADOPTION_POLICY 7 | services.k8s.aws/adoption-fields: "$ADOPTION_FIELDS" 8 | services.k8s.aws/deletion-policy: retain 9 | -------------------------------------------------------------------------------- /test/e2e/resources/vpc_endpoint.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: ec2.services.k8s.aws/v1alpha1 2 | kind: VPCEndpoint 3 | metadata: 4 | name: $VPC_ENDPOINT_NAME 5 | spec: 6 | serviceName: $SERVICE_NAME 7 | vpcID: $VPC_ID 8 | tags: 9 | - key: $TAG_KEY 10 | value: $TAG_VALUE 11 | -------------------------------------------------------------------------------- /test/e2e/resources/vpc_endpoint_modify.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: ec2.services.k8s.aws/v1alpha1 2 | kind: VPCEndpoint 3 | metadata: 4 | name: $VPC_ENDPOINT_NAME 5 | spec: 6 | serviceName: $SERVICE_NAME 7 | vpcID: $VPC_ID 8 | vpcEndpointType: Interface 9 | subnetIDs: 10 | - $SUBNET_ID 11 | tags: 12 | - key: $TAG_KEY 13 | value: $TAG_VALUE 14 | -------------------------------------------------------------------------------- /test/e2e/resources/vpc_endpoint_ref.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: ec2.services.k8s.aws/v1alpha1 2 | kind: VPCEndpoint 3 | metadata: 4 | name: $VPC_ENDPOINT_REF_NAME 5 | spec: 6 | serviceName: $SERVICE_NAME 7 | vpcEndpointType: $VPC_ENDPOINT_TYPE 8 | vpcRef: 9 | from: 10 | name: $VPC_NAME 11 | subnetRefs: 12 | - from: 13 | name: $SUBNET_REF_NAME 14 | securityGroupRefs: 15 | - from: 16 | name: $SECURITY_GROUP_REF_NAME -------------------------------------------------------------------------------- /test/e2e/resources/vpc_endpoint_service_configuration.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: ec2.services.k8s.aws/v1alpha1 2 | kind: VPCEndpointServiceConfiguration 3 | metadata: 4 | name: $VPC_ENDPOINT_SERVICE_NAME 5 | spec: 6 | acceptanceRequired: $ACCEPTANCE_REQUIRED 7 | allowedPrincipals: 8 | - $ALLOWED_PRINCIPAL 9 | # gatewayLoadBalancerARNs: $GATEWAY_LOAD_BALANCER_ARN_SET 10 | networkLoadBalancerARNs: 11 | - $NETWORK_LOAD_BALANCER_ARN_SET 12 | supportedIPAddressTypes: 13 | - $SUPPORTED_IP_ADDRESS_TYPE_SET 14 | privateDNSName: $PRIVATE_DNS_NAME 15 | tags: 16 | - key: $TAG_KEY 17 | value: $TAG_VALUE -------------------------------------------------------------------------------- /test/e2e/resources/vpc_multicidr.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: ec2.services.k8s.aws/v1alpha1 2 | kind: VPC 3 | metadata: 4 | name: $VPC_NAME 5 | spec: 6 | cidrBlocks: 7 | - $PRIMARY_CIDR_BLOCK 8 | - $SECONDARY_CIDR_BLOCK 9 | enableDNSSupport: $ENABLE_DNS_SUPPORT 10 | enableDNSHostnames: $ENABLE_DNS_HOSTNAMES 11 | tags: 12 | - key: $TAG_KEY 13 | value: $TAG_VALUE -------------------------------------------------------------------------------- /test/e2e/resources/vpc_peering_connection.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: ec2.services.k8s.aws/v1alpha1 2 | kind: VPCPeeringConnection 3 | metadata: 4 | name: $VPC_PEERING_CONNECTION_NAME 5 | spec: 6 | vpcID: $VPC_ID 7 | peerVPCID: $PEER_VPC_ID 8 | acceptRequest: true 9 | tags: 10 | - key: $TAG_KEY 11 | value: $TAG_VALUE -------------------------------------------------------------------------------- /test/e2e/resources/vpc_peering_connection_peering_options.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: ec2.services.k8s.aws/v1alpha1 2 | kind: VPCPeeringConnection 3 | metadata: 4 | name: $VPC_PEERING_CONNECTION_NAME 5 | spec: 6 | vpcID: $VPC_ID 7 | peerVPCID: $PEER_VPC_ID 8 | acceptRequest: true 9 | requesterPeeringConnectionOptions: 10 | allowDNSResolutionFromRemoteVPC: true 11 | accepterPeeringConnectionOptions: 12 | allowDNSResolutionFromRemoteVPC: true -------------------------------------------------------------------------------- /test/e2e/resources/vpc_peering_connection_ref.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: ec2.services.k8s.aws/v1alpha1 2 | kind: VPCPeeringConnection 3 | metadata: 4 | name: $VPC_PEERING_CONNECTION_NAME 5 | spec: 6 | vpcRef: 7 | from: 8 | name: $VPC_REF_NAME 9 | peerVPCRef: 10 | from: 11 | name: $PEER_VPC_REF_NAME 12 | acceptRequest: true 13 | requesterPeeringConnectionOptions: 14 | allowDNSResolutionFromRemoteVPC: false 15 | accepterPeeringConnectionOptions: 16 | allowDNSResolutionFromRemoteVPC: false 17 | -------------------------------------------------------------------------------- /test/e2e/service_bootstrap.py: -------------------------------------------------------------------------------- 1 | # Copyright Amazon.com Inc. or its affiliates. All Rights Reserved. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"). You may 4 | # not use this file except in compliance with the License. A copy of the 5 | # License is located at 6 | # 7 | # http://aws.amazon.com/apache2.0/ 8 | # 9 | # or in the "license" file accompanying this file. This file is distributed 10 | # on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 11 | # express or implied. See the License for the specific language governing 12 | # permissions and limitations under the License. 13 | """Bootstraps the resources required to run EC2 integration tests. 14 | """ 15 | 16 | import logging 17 | 18 | from acktest.bootstrapping import Resources, BootstrapFailureException 19 | from acktest.bootstrapping.elbv2 import NetworkLoadBalancer 20 | from acktest.bootstrapping.vpc import VPC 21 | from acktest.bootstrapping.vpc import TransitGateway 22 | from acktest.bootstrapping.s3 import Bucket 23 | from e2e import bootstrap_directory 24 | from e2e.bootstrap_resources import BootstrapResources 25 | 26 | def service_bootstrap() -> Resources: 27 | logging.getLogger().setLevel(logging.INFO) 28 | 29 | resources = BootstrapResources( 30 | SharedTestVPC=VPC( 31 | name_prefix="e2e-test-vpc", 32 | num_public_subnet=2, 33 | num_private_subnet=0 34 | ), 35 | FlowLogsBucket=Bucket( 36 | "ack-ec2-controller-flow-log-tests", 37 | ), 38 | NetworkLoadBalancer=NetworkLoadBalancer("e2e-vpc-ep-service-test"), 39 | AdoptedVPC=VPC(name_prefix="e2e-adopted-vpc", num_public_subnet=1, num_private_subnet=0), 40 | TestTransitGateway=TransitGateway() 41 | ) 42 | 43 | try: 44 | resources.bootstrap() 45 | except BootstrapFailureException: 46 | exit(254) 47 | 48 | return resources 49 | 50 | if __name__ == "__main__": 51 | config = service_bootstrap() 52 | # Write config to current directory by default 53 | config.serialize(bootstrap_directory) 54 | -------------------------------------------------------------------------------- /test/e2e/service_cleanup.py: -------------------------------------------------------------------------------- 1 | # Copyright Amazon.com Inc. or its affiliates. All Rights Reserved. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"). You may 4 | # not use this file except in compliance with the License. A copy of the 5 | # License is located at 6 | # 7 | # http://aws.amazon.com/apache2.0/ 8 | # 9 | # or in the "license" file accompanying this file. This file is distributed 10 | # on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 11 | # express or implied. See the License for the specific language governing 12 | # permissions and limitations under the License. 13 | """Cleans up the resources created by the EC2 bootstrapping process. 14 | """ 15 | 16 | import logging 17 | 18 | from acktest.bootstrapping import Resources 19 | from e2e import bootstrap_directory 20 | 21 | def service_cleanup(): 22 | logging.getLogger().setLevel(logging.INFO) 23 | 24 | resources = Resources.deserialize(bootstrap_directory) 25 | resources.cleanup() 26 | 27 | if __name__ == "__main__": 28 | service_cleanup() -------------------------------------------------------------------------------- /test/e2e/tests/__init__.py: -------------------------------------------------------------------------------- 1 | # Copyright Amazon.com Inc. or its affiliates. All Rights Reserved. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"). You may 4 | # not use this file except in compliance with the License. A copy of the 5 | # License is located at 6 | # 7 | # http://aws.amazon.com/apache2.0/ 8 | # 9 | # or in the "license" file accompanying this file. This file is distributed 10 | # on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 11 | # express or implied. See the License for the specific language governing 12 | # permissions and limitations under the License. 13 | -------------------------------------------------------------------------------- /test/e2e/tests/test_subnet_adoption.py: -------------------------------------------------------------------------------- 1 | # Copyright Amazon.com Inc. or its affiliates. All Rights Reserved. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"). You may 4 | # not use this file except in compliance with the License. A copy of the 5 | # License is located at 6 | # 7 | # http://aws.amazon.com/apache2.0/ 8 | # 9 | # or in the "license" file accompanying this file. This file is distributed 10 | # on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 11 | # express or implied. See the License for the specific language governing 12 | # permissions and limitations under the License. 13 | 14 | """Integration tests for the Subnet Adoption API. 15 | """ 16 | 17 | import pytest 18 | import time 19 | import logging 20 | 21 | from acktest import tags 22 | from acktest.resources import random_suffix_name 23 | from acktest.k8s import resource as k8s 24 | from e2e import service_marker, CRD_GROUP, CRD_VERSION, load_ec2_resource 25 | from e2e.bootstrap_resources import get_bootstrap_resources 26 | from e2e.replacement_values import REPLACEMENT_VALUES 27 | from e2e.tests.helper import EC2Validator 28 | 29 | SUBNET_RESOURCE_PLURAL = "subnets" 30 | 31 | CREATE_WAIT_AFTER_SECONDS = 10 32 | UPDATE_WAIT_AFTER_SECONDS = 10 33 | DELETE_WAIT_AFTER_SECONDS = 10 34 | 35 | @pytest.fixture 36 | def subnet_adoption(request): 37 | replacements = REPLACEMENT_VALUES.copy() 38 | resource_name = random_suffix_name("subnet-adoption", 32) 39 | subnet_id = get_bootstrap_resources().AdoptedVPC.public_subnets.subnet_ids[0] 40 | replacements["SUBNET_ADOPTION_NAME"] = resource_name 41 | replacements["ADOPTION_POLICY"] = "adopt" 42 | replacements["ADOPTION_FIELDS"] = f"{{\\\"subnetID\\\": \\\"{subnet_id}\\\"}}" 43 | 44 | resource_data = load_ec2_resource( 45 | "subnet_adoption", 46 | additional_replacements=replacements, 47 | ) 48 | logging.debug(resource_data) 49 | 50 | ref = k8s.CustomResourceReference( 51 | CRD_GROUP, CRD_VERSION, SUBNET_RESOURCE_PLURAL, 52 | resource_name, namespace="default", 53 | ) 54 | k8s.create_custom_resource(ref, resource_data) 55 | time.sleep(CREATE_WAIT_AFTER_SECONDS) 56 | 57 | cr = k8s.wait_resource_consumed_by_controller(ref) 58 | assert cr is not None 59 | assert k8s.get_resource_exists(ref) 60 | 61 | yield (ref, cr) 62 | 63 | _, deleted = k8s.delete_custom_resource(ref, DELETE_WAIT_AFTER_SECONDS) 64 | assert deleted 65 | 66 | 67 | @service_marker 68 | @pytest.mark.canary 69 | class TestSubnetAdoption: 70 | def test_subnet_adopt_update(self, ec2_client, subnet_adoption): 71 | (ref, cr) = subnet_adoption 72 | 73 | assert cr is not None 74 | assert 'status' in cr 75 | assert 'subnetID' in cr['status'] 76 | resource_id = cr['status']['subnetID'] 77 | 78 | assert 'spec' in cr 79 | assert 'vpcID' in cr['spec'] 80 | assert 'mapPublicIPOnLaunch' in cr['spec'] 81 | mapPublicIPOnLaunch = not cr['spec']['mapPublicIPOnLaunch'] 82 | # Check Subnet exists in AWS 83 | ec2_validator = EC2Validator(ec2_client) 84 | ec2_validator.assert_subnet(resource_id) 85 | 86 | updates = { 87 | "spec": {"mapPublicIPOnLaunch": mapPublicIPOnLaunch}, 88 | } 89 | k8s.patch_custom_resource(ref, updates) 90 | time.sleep(UPDATE_WAIT_AFTER_SECONDS) 91 | 92 | assert k8s.wait_on_condition(ref, "ACK.ResourceSynced", "True", wait_periods=5) 93 | subnet = ec2_validator.get_subnet(resource_id) 94 | assert subnet['MapPublicIpOnLaunch'] == mapPublicIPOnLaunch 95 | --------------------------------------------------------------------------------