XNetwork
upbound/configuration-eks@v0.0.1
Resources (16)
The following resources are composed to implement the referenced Composite Resource Definition (XRD).
Kind
Group
Version
VPC
ec2.aws.upbound.io
v1beta1
InternetGateway
ec2.aws.upbound.io
v1beta1
Subnet
ec2.aws.upbound.io
v1beta1
Subnet
ec2.aws.upbound.io
v1beta1
Subnet
ec2.aws.upbound.io
v1beta1
Subnet
ec2.aws.upbound.io
v1beta1
RouteTable
ec2.aws.upbound.io
v1beta1
Route
ec2.aws.upbound.io
v1beta1
MainRouteTableAssociation
ec2.aws.upbound.io
v1beta1
RouteTableAssociation
ec2.aws.upbound.io
v1beta1
RouteTableAssociation
ec2.aws.upbound.io
v1beta1
RouteTableAssociation
ec2.aws.upbound.io
v1beta1
RouteTableAssociation
ec2.aws.upbound.io
v1beta1
SecurityGroup
ec2.aws.upbound.io
v1beta1
SecurityGroupRule
ec2.aws.upbound.io
v1beta1
SecurityGroupRule
ec2.aws.upbound.io
v1beta1
YAML
Composition
kind: Composition
apiVersion: apiextensions.crossplane.io/v1
metadata:
name: xnetworks.aws.net.starter.org
creationTimestamp: null
labels:
provider: aws
spec:
compositeTypeRef:
apiVersion: net.starter.org/v1alpha1
kind: XNetwork
patchSets:
- name: network-id
patches:
- type: FromCompositeFieldPath
fromFieldPath: spec.id
toFieldPath: metadata.labels[aws.net.starter.org/network-id]
resources:
- name: platform-vcp
base:
apiVersion: ec2.aws.upbound.io/v1beta1
kind: VPC
spec:
forProvider:
cidrBlock: 192.168.0.0/16
enableDnsHostnames: true
enableDnsSupport: true
region: us-west-2
tags:
Name: platform-vpc
Owner: Platform Team
patches:
- type: PatchSet
patchSetName: network-id
- name: gateway
base:
apiVersion: ec2.aws.upbound.io/v1beta1
kind: InternetGateway
spec:
forProvider:
region: us-west-2
vpcIdSelector:
matchControllerRef: true
patches:
- type: PatchSet
patchSetName: network-id
- name: subnet-public-west-2a
base:
apiVersion: ec2.aws.upbound.io/v1beta1
kind: Subnet
metadata:
labels:
access: public
zone: us-west-2a
spec:
forProvider:
availabilityZone: us-west-2a
cidrBlock: 192.168.0.0/18
mapPublicIpOnLaunch: true
region: us-west-2
tags:
kubernetes.io/role/elb: "1"
vpcIdSelector:
matchControllerRef: true
patches:
- type: PatchSet
patchSetName: network-id
- type: ToCompositeFieldPath
fromFieldPath: metadata.annotations[crossplane.io/external-name]
toFieldPath: status.subnetIds[0]
- name: subnet-public-west-2b
base:
apiVersion: ec2.aws.upbound.io/v1beta1
kind: Subnet
metadata:
labels:
access: public
zone: us-west-2b
spec:
forProvider:
availabilityZone: us-west-2b
cidrBlock: 192.168.64.0/18
mapPublicIpOnLaunch: true
region: us-west-2
tags:
kubernetes.io/role/elb: "1"
vpcIdSelector:
matchControllerRef: true
patches:
- type: PatchSet
patchSetName: network-id
- type: ToCompositeFieldPath
fromFieldPath: metadata.annotations[crossplane.io/external-name]
toFieldPath: status.subnetIds[1]
- name: subnet-private-west-2a
base:
apiVersion: ec2.aws.upbound.io/v1beta1
kind: Subnet
metadata:
labels:
access: private
zone: us-west-2a
spec:
forProvider:
availabilityZone: us-west-2a
cidrBlock: 192.168.128.0/18
region: us-west-2
tags:
kubernetes.io/role/internal-elb: "1"
vpcIdSelector:
matchControllerRef: true
patches:
- type: PatchSet
patchSetName: network-id
- type: ToCompositeFieldPath
fromFieldPath: metadata.annotations[crossplane.io/external-name]
toFieldPath: status.subnetIds[2]
- name: subnet-private-west-2b
base:
apiVersion: ec2.aws.upbound.io/v1beta1
kind: Subnet
metadata:
labels:
access: private
zone: us-west-2b
spec:
forProvider:
availabilityZone: us-west-2b
cidrBlock: 192.168.192.0/18
region: us-west-2
tags:
kubernetes.io/role/internal-elb: "1"
vpcIdSelector:
matchControllerRef: true
patches:
- type: PatchSet
patchSetName: network-id
- type: ToCompositeFieldPath
fromFieldPath: metadata.annotations[crossplane.io/external-name]
toFieldPath: status.subnetIds[3]
- name: routeTable
base:
apiVersion: ec2.aws.upbound.io/v1beta1
kind: RouteTable
spec:
forProvider:
region: us-west-2
vpcIdSelector:
matchControllerRef: true
patches:
- type: PatchSet
patchSetName: network-id
- name: route
base:
apiVersion: ec2.aws.upbound.io/v1beta1
kind: Route
spec:
forProvider:
destinationCidrBlock: 0.0.0.0/0
gatewayIdSelector:
matchControllerRef: true
region: us-west-2
routeTableIdSelector:
matchControllerRef: true
patches:
- type: PatchSet
patchSetName: network-id
- name: mainRouteTableAssociation
base:
apiVersion: ec2.aws.upbound.io/v1beta1
kind: MainRouteTableAssociation
spec:
forProvider:
region: us-west-2
routeTableIdSelector:
matchControllerRef: true
vpcIdSelector:
matchControllerRef: true
patches:
- type: PatchSet
patchSetName: network-id
- name: RouteTableAssociation-public-a
base:
apiVersion: ec2.aws.upbound.io/v1beta1
kind: RouteTableAssociation
spec:
forProvider:
region: us-west-2
routeTableIdSelector:
matchControllerRef: true
subnetIdSelector:
matchControllerRef: true
matchLabels:
access: public
zone: us-west-2a
patches:
- type: PatchSet
patchSetName: network-id
- name: RouteTableAssociation-public-b
base:
apiVersion: ec2.aws.upbound.io/v1beta1
kind: RouteTableAssociation
spec:
forProvider:
region: us-west-2
routeTableIdSelector:
matchControllerRef: true
subnetIdSelector:
matchControllerRef: true
matchLabels:
access: public
zone: us-west-2b
patches:
- type: PatchSet
patchSetName: network-id
- name: RouteTableAssociation-private-a
base:
apiVersion: ec2.aws.upbound.io/v1beta1
kind: RouteTableAssociation
spec:
forProvider:
region: us-west-2
routeTableIdSelector:
matchControllerRef: true
subnetIdSelector:
matchControllerRef: true
matchLabels:
access: private
zone: us-west-2a
patches:
- type: PatchSet
patchSetName: network-id
- name: RouteTableAssociation-private-b
base:
apiVersion: ec2.aws.upbound.io/v1beta1
kind: RouteTableAssociation
spec:
forProvider:
region: us-west-2
routeTableIdSelector:
matchControllerRef: true
subnetIdSelector:
matchControllerRef: true
matchLabels:
access: private
zone: us-west-2b
patches:
- type: PatchSet
patchSetName: network-id
- name: securityGroup
base:
apiVersion: ec2.aws.upbound.io/v1beta1
kind: SecurityGroup
spec:
forProvider:
description: Allow access to databases
name: platform-ref-aws-cluster
region: us-west-2
vpcIdSelector:
matchControllerRef: true
patches:
- type: PatchSet
patchSetName: network-id
- type: ToCompositeFieldPath
fromFieldPath: metadata.annotations[crossplane.io/external-name]
toFieldPath: status.securityGroupIds[0]
- name: securityGroupRulePostgres
base:
apiVersion: ec2.aws.upbound.io/v1beta1
kind: SecurityGroupRule
spec:
forProvider:
cidrBlocks:
- 0.0.0.0/0
description: Everywhere
fromPort: 5432
protocol: tcp
region: us-west-2
securityGroupIdSelector:
matchControllerRef: true
toPort: 5432
type: ingress
patches:
- type: PatchSet
patchSetName: network-id
- name: securityGroupRuleMysql
base:
apiVersion: ec2.aws.upbound.io/v1beta1
kind: SecurityGroupRule
spec:
forProvider:
cidrBlocks:
- 0.0.0.0/0
description: Everywhere
fromPort: 3306
protocol: tcp
region: us-west-2
securityGroupIdSelector:
matchControllerRef: true
toPort: 3306
type: ingress
patches:
- type: PatchSet
patchSetName: network-id
writeConnectionSecretsToNamespace: upbound-system