Marketplace
upbound/configuration-aws-assume-gcp@v0.1.0
xirsas.aws.platform.upbound.io

xirsas.aws.platform.upbound.io

xirsas.aws.platform.upbound.io
upbound/configuration-aws-assume-gcp@v0.1.0xirsas.aws.platform.upbound.io
Type

Composition

Referenced XRD

XIRSA

Source Codegithub.com/upbound/configuration-aws-assume-gcp
YAML
kind: Composition
apiVersion: apiextensions.crossplane.io/v1
metadata:
  name: xirsas.aws.platform.upbound.io
  creationTimestamp: null
spec:
  compositeTypeRef:
    apiVersion: aws.platform.upbound.io/v1alpha1
    kind: XIRSA
  mode: Pipeline
  pipeline:
    - step: patch-and-transform
      functionRef:
        name: crossplane-contrib-function-patch-and-transform
      input:
        apiVersion: pt.fn.crossplane.io/v1beta1
        kind: Resources
        patchSets:
          - name: Name
            patches:
              - fromFieldPath: metadata.name
                toFieldPath: metadata.annotations[crossplane.io/external-name]
                type: FromCompositeFieldPath
          - name: providerConfigRef
            patches:
              - fromFieldPath: spec.parameters.providerConfigName
                toFieldPath: spec.providerConfigRef.name
                type: FromCompositeFieldPath
          - name: deletionPolicy
            patches:
              - fromFieldPath: spec.parameters.deletionPolicy
                toFieldPath: spec.deletionPolicy
                type: FromCompositeFieldPath
        resources:
          - base:
              apiVersion: iam.aws.upbound.io/v1beta1
              kind: Role
              metadata:
                labels:
                  resource: Role
            name: irsaRole
            patches:
              - patchSetName: Name
                type: PatchSet
              - patchSetName: providerConfigRef
                type: PatchSet
              - patchSetName: deletionPolicy
                type: PatchSet
              - fromFieldPath: status.atProvider.arn
                policy:
                  fromFieldPath: Optional
                toFieldPath: status.roleArn
                type: ToCompositeFieldPath
              - fromFieldPath: status.conditions
                policy:
                  fromFieldPath: Optional
                toFieldPath: status.observed.role.conditions
                type: ToCompositeFieldPath
              - combine:
                  strategy: string
                  string:
                    fmt: |
                      {
                        "Version": "2012-10-17",
                        "Statement": [
                          {
                            "Effect": "Allow",
                            "Principal": {
                              "Federated": "%s"
                            },
                            "Action": "sts:AssumeRoleWithWebIdentity",
                            "Condition": {
                              "%s": {
                                "%s:sub": "system:serviceaccount:%s:%s"
                              }
                            }
                          }
                        ]
                      }
                  variables:
                    - fromFieldPath: status.irsa.oidc_arn
                    - fromFieldPath: spec.parameters.condition
                    - fromFieldPath: status.irsa.oidc_host
                    - fromFieldPath: spec.parameters.serviceAccount.namespace
                    - fromFieldPath: spec.parameters.serviceAccount.name
                toFieldPath: spec.forProvider.assumeRolePolicy
                type: CombineFromComposite
          - base:
              apiVersion: iam.aws.upbound.io/v1beta1
              kind: Policy
              metadata:
                labels:
                  resource: Policy
            name: irsaPolicy
            patches:
              - patchSetName: providerConfigRef
                type: PatchSet
              - patchSetName: deletionPolicy
                type: PatchSet
              - fromFieldPath: spec.parameters.policyDocument
                toFieldPath: spec.forProvider.policy
                type: FromCompositeFieldPath
              - fromFieldPath: metadata.annotations[crossplane.io/external-name]
                toFieldPath: status.policyArn
                type: ToCompositeFieldPath
              - fromFieldPath: status.conditions
                policy:
                  fromFieldPath: Optional
                toFieldPath: status.observed.policy.conditions
                type: ToCompositeFieldPath
          - base:
              apiVersion: iam.aws.upbound.io/v1beta1
              kind: RolePolicyAttachment
              metadata:
                labels:
                  resource: RolePolicyAttachment
              spec:
                forProvider:
                  policyArnSelector:
                    matchControllerRef: true
                    matchLabels:
                      resource: Policy
                  roleSelector:
                    matchControllerRef: true
                    matchLabels:
                      resource: Role
            name: irsaAttachment
            patches:
              - patchSetName: providerConfigRef
                type: PatchSet
              - patchSetName: deletionPolicy
                type: PatchSet
              - fromFieldPath: status.conditions
                policy:
                  fromFieldPath: Optional
                toFieldPath: status.observed.rpa.conditions
                type: ToCompositeFieldPath
          - base:
              apiVersion: kubernetes.crossplane.io/v1alpha1
              kind: Object
              spec:
                deletionPolicy: Orphan
                forProvider:
                  manifest:
                    apiVersion: v1
                    kind: ConfigMap
                    metadata:
                      namespace: default
                managementPolicy: Observe
            name: irsaSettings
            patches:
              - fromFieldPath: spec.parameters.id
                toFieldPath: spec.providerConfigRef.name
                type: FromCompositeFieldPath
              - fromFieldPath: spec.parameters.id
                toFieldPath: metadata.annotations[crossplane.io/external-name]
                transforms:
                  - string:
                      fmt: "%s-irsa-settings"
                      type: Format
                    type: string
                type: FromCompositeFieldPath
              - fromFieldPath: spec.parameters.id
                toFieldPath: spec.forProvider.manifest.metadata.name
                transforms:
                  - string:
                      fmt: "%s-irsa-settings"
                      type: Format
                    type: string
                type: FromCompositeFieldPath
              - fromFieldPath: status.atProvider.manifest.data.oidc_arn
                policy:
                  fromFieldPath: Optional
                toFieldPath: status.irsa.oidc_arn
                type: ToCompositeFieldPath
              - fromFieldPath: status.atProvider.manifest.data.oidc_host
                policy:
                  fromFieldPath: Optional
                toFieldPath: status.irsa.oidc_host
                type: ToCompositeFieldPath
Discover the building blocks for your internal cloud platform.
© 2024 Upbound, Inc.
Solutions
Learn
Company
More