Marketplace
BrowsePublish
Marketplace
upbound/configuration-caas@v0.4.0
xirsas.aws.caas.upbound.io

xirsas.aws.caas.upbound.io

xirsas.aws.caas.upbound.io
upbound/configuration-caas@v0.4.0xirsas.aws.caas.upbound.io
Type

Composition

Referenced XRD

XIRSA

Source Codegithub.com/upbound/configuration-caas
Resources (4)

The following resources are composed to implement the referenced Composite Resource Definition (XRD).

Kind
Group
Version

Role

iam.aws.upbound.io
v1beta1

Policy

iam.aws.upbound.io
v1beta1

RolePolicyAttachment

iam.aws.upbound.io
v1beta1

Object

kubernetes.crossplane.io
v1alpha1
YAML
kind: Composition
apiVersion: apiextensions.crossplane.io/v1
metadata:
  name: xirsas.aws.caas.upbound.io
  creationTimestamp: null
spec:
  compositeTypeRef:
    apiVersion: aws.caas.upbound.io/v1alpha1
    kind: XIRSA
  patchSets:
    - name: Name
      patches:
        - type: FromCompositeFieldPath
          fromFieldPath: metadata.name
          toFieldPath: metadata.annotations[crossplane.io/external-name]
    - name: providerConfigRef
      patches:
        - type: FromCompositeFieldPath
          fromFieldPath: spec.parameters.providerConfigName
          toFieldPath: spec.providerConfigRef.name
    - name: deletionPolicy
      patches:
        - type: FromCompositeFieldPath
          fromFieldPath: spec.parameters.deletionPolicy
          toFieldPath: spec.deletionPolicy
  resources:
    - name: irsa-role
      base:
        apiVersion: iam.aws.upbound.io/v1beta1
        kind: Role
        metadata:
          labels:
            resource: Role
      patches:
        - type: PatchSet
          patchSetName: Name
        - type: PatchSet
          patchSetName: providerConfigRef
        - type: PatchSet
          patchSetName: deletionPolicy
        - type: ToCompositeFieldPath
          fromFieldPath: status.atProvider.arn
          toFieldPath: status.roleArn
          policy:
            fromFieldPath: Optional
        - type: ToCompositeFieldPath
          fromFieldPath: status.conditions
          toFieldPath: status.observed.role.conditions
          policy:
            fromFieldPath: Optional
        - type: CombineFromComposite
          combine:
            variables:
              - fromFieldPath: status.irsa.oidc_arn
              - fromFieldPath: spec.parameters.condition
              - fromFieldPath: status.irsa.oidc_host
              - fromFieldPath: spec.parameters.serviceAccount.namespace
              - fromFieldPath: spec.parameters.serviceAccount.name
            strategy: string
            string:
              fmt: |
                {
                  "Version": "2012-10-17",
                  "Statement": [
                    {
                      "Effect": "Allow",
                      "Principal": {
                        "Federated": "%s"
                      },
                      "Action": "sts:AssumeRoleWithWebIdentity",
                      "Condition": {
                        "%s": {
                          "%s:sub": "system:serviceaccount:%s:%s"
                        }
                      }
                    }
                  ]
                }
          toFieldPath: spec.forProvider.assumeRolePolicy
    - name: irsa-policy
      base:
        apiVersion: iam.aws.upbound.io/v1beta1
        kind: Policy
        metadata:
          labels:
            resource: Policy
      patches:
        - type: PatchSet
          patchSetName: providerConfigRef
        - type: PatchSet
          patchSetName: deletionPolicy
        - fromFieldPath: spec.parameters.policyDocument
          toFieldPath: spec.forProvider.policy
        - type: ToCompositeFieldPath
          fromFieldPath: metadata.annotations[crossplane.io/external-name]
          toFieldPath: status.policyArn
        - type: ToCompositeFieldPath
          fromFieldPath: status.conditions
          toFieldPath: status.observed.policy.conditions
          policy:
            fromFieldPath: Optional
    - name: irsa-attachment
      base:
        apiVersion: iam.aws.upbound.io/v1beta1
        kind: RolePolicyAttachment
        metadata:
          labels:
            resource: RolePolicyAttachment
        spec:
          forProvider:
            policyArnSelector:
              matchControllerRef: true
              matchLabels:
                resource: Policy
            roleSelector:
              matchControllerRef: true
              matchLabels:
                resource: Role
      patches:
        - type: PatchSet
          patchSetName: providerConfigRef
        - type: PatchSet
          patchSetName: deletionPolicy
        - type: ToCompositeFieldPath
          fromFieldPath: status.conditions
          toFieldPath: status.observed.rpa.conditions
          policy:
            fromFieldPath: Optional
    - name: irsa-settings
      base:
        apiVersion: kubernetes.crossplane.io/v1alpha1
        kind: Object
        spec:
          forProvider:
            manifest:
              apiVersion: v1
              kind: ConfigMap
              metadata:
                namespace: default
          managementPolicy: Observe
      patches:
        - fromFieldPath: spec.parameters.id
          toFieldPath: spec.providerConfigRef.name
        - type: PatchSet
          patchSetName: deletionPolicy
        - fromFieldPath: spec.parameters.id
          toFieldPath: metadata.annotations[crossplane.io/external-name]
          transforms:
            - type: string
              string:
                fmt: "%s-irsa-settings"
        - fromFieldPath: spec.parameters.id
          toFieldPath: spec.forProvider.manifest.metadata.name
          transforms:
            - type: string
              string:
                fmt: "%s-irsa-settings"
        - type: ToCompositeFieldPath
          fromFieldPath: status.atProvider.manifest.data.oidc_arn
          toFieldPath: status.irsa.oidc_arn
          policy:
            fromFieldPath: Optional
        - type: ToCompositeFieldPath
          fromFieldPath: status.atProvider.manifest.data.oidc_host
          toFieldPath: status.irsa.oidc_host
          policy:
            fromFieldPath: Optional
Marketplace

Discover the building blocks for your internal cloud platform.

© 2024 Upbound, Inc.

SolutionsProvidersConfigurations
LearnDocumentationTry for Free
MorePrivacy PolicyTerms & Conditions
Marketplace

© 2024 Upbound, Inc.

Marketplace

Discover the building blocksfor your internal cloud platform.