Documentation ¶
Overview ¶
+kubebuilder:object:generate=true +groupName=nsxt_policy_ipsec_vpn_session.crossplane.io +versionName=v1alpha1
Index ¶
- Constants
- Variables
- type PolicyIpsecVpnSession
- func (mg *PolicyIpsecVpnSession) GetCondition(ct xpv1.ConditionType) xpv1.Condition
- func (tr *PolicyIpsecVpnSession) GetConnectionDetailsMapping() map[string]string
- func (mg *PolicyIpsecVpnSession) GetDeletionPolicy() xpv1.DeletionPolicy
- func (tr *PolicyIpsecVpnSession) GetID() string
- func (mg *PolicyIpsecVpnSession) GetManagementPolicy() xpv1.ManagementPolicy
- func (tr *PolicyIpsecVpnSession) GetObservation() (map[string]any, error)
- func (tr *PolicyIpsecVpnSession) GetParameters() (map[string]any, error)
- func (mg *PolicyIpsecVpnSession) GetProviderConfigReference() *xpv1.Reference
- func (mg *PolicyIpsecVpnSession) GetProviderReference() *xpv1.Reference
- func (mg *PolicyIpsecVpnSession) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo
- func (mg *PolicyIpsecVpnSession) GetTerraformResourceType() string
- func (tr *PolicyIpsecVpnSession) GetTerraformSchemaVersion() int
- func (mg *PolicyIpsecVpnSession) GetWriteConnectionSecretToReference() *xpv1.SecretReference
- func (tr *PolicyIpsecVpnSession) LateInitialize(attrs []byte) (bool, error)
- func (mg *PolicyIpsecVpnSession) SetConditions(c ...xpv1.Condition)
- func (mg *PolicyIpsecVpnSession) SetDeletionPolicy(r xpv1.DeletionPolicy)
- func (mg *PolicyIpsecVpnSession) SetManagementPolicy(r xpv1.ManagementPolicy)
- func (tr *PolicyIpsecVpnSession) SetObservation(obs map[string]any) error
- func (tr *PolicyIpsecVpnSession) SetParameters(params map[string]any) error
- func (mg *PolicyIpsecVpnSession) SetProviderConfigReference(r *xpv1.Reference)
- func (mg *PolicyIpsecVpnSession) SetProviderReference(r *xpv1.Reference)
- func (mg *PolicyIpsecVpnSession) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo)
- func (mg *PolicyIpsecVpnSession) SetWriteConnectionSecretToReference(r *xpv1.SecretReference)
- type PolicyIpsecVpnSessionList
- type PolicyIpsecVpnSessionObservation
- type PolicyIpsecVpnSessionParameters
- type PolicyIpsecVpnSessionSpec
- type PolicyIpsecVpnSessionStatus
- type RuleObservation
- type RuleParameters
- type TagObservation
- type TagParameters
Constants ¶
const ( CRDGroup = "nsxt_policy_ipsec_vpn_session.crossplane.io" CRDVersion = "v1alpha1" )
Package type metadata.
Variables ¶
var ( // CRDGroupVersion is the API Group Version used to register the objects CRDGroupVersion = schema.GroupVersion{Group: CRDGroup, Version: CRDVersion} // SchemeBuilder is used to add go types to the GroupVersionKind scheme SchemeBuilder = &scheme.Builder{GroupVersion: CRDGroupVersion} // AddToScheme adds the types in this group-version to the given scheme. AddToScheme = SchemeBuilder.AddToScheme )
var ( PolicyIpsecVpnSession_Kind = "PolicyIpsecVpnSession" PolicyIpsecVpnSession_GroupKind = schema.GroupKind{Group: CRDGroup, Kind: PolicyIpsecVpnSession_Kind}.String() PolicyIpsecVpnSession_KindAPIVersion = PolicyIpsecVpnSession_Kind + "." + CRDGroupVersion.String() PolicyIpsecVpnSession_GroupVersionKind = CRDGroupVersion.WithKind(PolicyIpsecVpnSession_Kind) )
Repository type metadata.
Functions ¶
This section is empty.
Types ¶
type PolicyIpsecVpnSession ¶
type PolicyIpsecVpnSession struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` // +kubebuilder:validation:XValidation:rule="self.managementPolicy == 'ObserveOnly' || has(self.forProvider.displayName)",message="displayName is a required parameter" // +kubebuilder:validation:XValidation:rule="self.managementPolicy == 'ObserveOnly' || has(self.forProvider.localEndpointPath)",message="localEndpointPath is a required parameter" // +kubebuilder:validation:XValidation:rule="self.managementPolicy == 'ObserveOnly' || has(self.forProvider.peerAddress)",message="peerAddress is a required parameter" // +kubebuilder:validation:XValidation:rule="self.managementPolicy == 'ObserveOnly' || has(self.forProvider.peerId)",message="peerId is a required parameter" // +kubebuilder:validation:XValidation:rule="self.managementPolicy == 'ObserveOnly' || has(self.forProvider.servicePath)",message="servicePath is a required parameter" // +kubebuilder:validation:XValidation:rule="self.managementPolicy == 'ObserveOnly' || has(self.forProvider.vpnType)",message="vpnType is a required parameter" Spec PolicyIpsecVpnSessionSpec `json:"spec"` Status PolicyIpsecVpnSessionStatus `json:"status,omitempty"` }
PolicyIpsecVpnSession is the Schema for the PolicyIpsecVpnSessions API. <no value> +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" +kubebuilder:subresource:status +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,nsxt}
func (*PolicyIpsecVpnSession) GetCondition ¶
func (mg *PolicyIpsecVpnSession) GetCondition(ct xpv1.ConditionType) xpv1.Condition
GetCondition of this PolicyIpsecVpnSession.
func (*PolicyIpsecVpnSession) GetConnectionDetailsMapping ¶
func (tr *PolicyIpsecVpnSession) GetConnectionDetailsMapping() map[string]string
GetConnectionDetailsMapping for this PolicyIpsecVpnSession
func (*PolicyIpsecVpnSession) GetDeletionPolicy ¶
func (mg *PolicyIpsecVpnSession) GetDeletionPolicy() xpv1.DeletionPolicy
GetDeletionPolicy of this PolicyIpsecVpnSession.
func (*PolicyIpsecVpnSession) GetID ¶
func (tr *PolicyIpsecVpnSession) GetID() string
GetID returns ID of underlying Terraform resource of this PolicyIpsecVpnSession
func (*PolicyIpsecVpnSession) GetManagementPolicy ¶
func (mg *PolicyIpsecVpnSession) GetManagementPolicy() xpv1.ManagementPolicy
GetManagementPolicy of this PolicyIpsecVpnSession.
func (*PolicyIpsecVpnSession) GetObservation ¶
func (tr *PolicyIpsecVpnSession) GetObservation() (map[string]any, error)
GetObservation of this PolicyIpsecVpnSession
func (*PolicyIpsecVpnSession) GetParameters ¶
func (tr *PolicyIpsecVpnSession) GetParameters() (map[string]any, error)
GetParameters of this PolicyIpsecVpnSession
func (*PolicyIpsecVpnSession) GetProviderConfigReference ¶
func (mg *PolicyIpsecVpnSession) GetProviderConfigReference() *xpv1.Reference
GetProviderConfigReference of this PolicyIpsecVpnSession.
func (*PolicyIpsecVpnSession) GetProviderReference ¶
func (mg *PolicyIpsecVpnSession) GetProviderReference() *xpv1.Reference
GetProviderReference of this PolicyIpsecVpnSession. Deprecated: Use GetProviderConfigReference.
func (*PolicyIpsecVpnSession) GetPublishConnectionDetailsTo ¶
func (mg *PolicyIpsecVpnSession) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo
GetPublishConnectionDetailsTo of this PolicyIpsecVpnSession.
func (*PolicyIpsecVpnSession) GetTerraformResourceType ¶
func (mg *PolicyIpsecVpnSession) GetTerraformResourceType() string
GetTerraformResourceType returns Terraform resource type for this PolicyIpsecVpnSession
func (*PolicyIpsecVpnSession) GetTerraformSchemaVersion ¶
func (tr *PolicyIpsecVpnSession) GetTerraformSchemaVersion() int
GetTerraformSchemaVersion returns the associated Terraform schema version
func (*PolicyIpsecVpnSession) GetWriteConnectionSecretToReference ¶
func (mg *PolicyIpsecVpnSession) GetWriteConnectionSecretToReference() *xpv1.SecretReference
GetWriteConnectionSecretToReference of this PolicyIpsecVpnSession.
func (*PolicyIpsecVpnSession) LateInitialize ¶
func (tr *PolicyIpsecVpnSession) LateInitialize(attrs []byte) (bool, error)
LateInitialize this PolicyIpsecVpnSession using its observed tfState. returns True if there are any spec changes for the resource.
func (*PolicyIpsecVpnSession) SetConditions ¶
func (mg *PolicyIpsecVpnSession) SetConditions(c ...xpv1.Condition)
SetConditions of this PolicyIpsecVpnSession.
func (*PolicyIpsecVpnSession) SetDeletionPolicy ¶
func (mg *PolicyIpsecVpnSession) SetDeletionPolicy(r xpv1.DeletionPolicy)
SetDeletionPolicy of this PolicyIpsecVpnSession.
func (*PolicyIpsecVpnSession) SetManagementPolicy ¶
func (mg *PolicyIpsecVpnSession) SetManagementPolicy(r xpv1.ManagementPolicy)
SetManagementPolicy of this PolicyIpsecVpnSession.
func (*PolicyIpsecVpnSession) SetObservation ¶
func (tr *PolicyIpsecVpnSession) SetObservation(obs map[string]any) error
SetObservation for this PolicyIpsecVpnSession
func (*PolicyIpsecVpnSession) SetParameters ¶
func (tr *PolicyIpsecVpnSession) SetParameters(params map[string]any) error
SetParameters for this PolicyIpsecVpnSession
func (*PolicyIpsecVpnSession) SetProviderConfigReference ¶
func (mg *PolicyIpsecVpnSession) SetProviderConfigReference(r *xpv1.Reference)
SetProviderConfigReference of this PolicyIpsecVpnSession.
func (*PolicyIpsecVpnSession) SetProviderReference ¶
func (mg *PolicyIpsecVpnSession) SetProviderReference(r *xpv1.Reference)
SetProviderReference of this PolicyIpsecVpnSession. Deprecated: Use SetProviderConfigReference.
func (*PolicyIpsecVpnSession) SetPublishConnectionDetailsTo ¶
func (mg *PolicyIpsecVpnSession) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo)
SetPublishConnectionDetailsTo of this PolicyIpsecVpnSession.
func (*PolicyIpsecVpnSession) SetWriteConnectionSecretToReference ¶
func (mg *PolicyIpsecVpnSession) SetWriteConnectionSecretToReference(r *xpv1.SecretReference)
SetWriteConnectionSecretToReference of this PolicyIpsecVpnSession.
type PolicyIpsecVpnSessionList ¶
type PolicyIpsecVpnSessionList struct { metav1.TypeMeta `json:",inline"` metav1.ListMeta `json:"metadata,omitempty"` Items []PolicyIpsecVpnSession `json:"items"` }
PolicyIpsecVpnSessionList contains a list of PolicyIpsecVpnSessions
func (*PolicyIpsecVpnSessionList) GetItems ¶
func (l *PolicyIpsecVpnSessionList) GetItems() []resource.Managed
GetItems of this PolicyIpsecVpnSessionList.
type PolicyIpsecVpnSessionObservation ¶
type PolicyIpsecVpnSessionObservation struct { // Peer authentication mode. PSK - In this mode a secret key shared between local and peer sites is to be used for authentication. The secret key can be a string with a maximum length of 128 characters. CERTIFICATE - In this mode a certificate defined at the global level is to be used for authentication. AuthenticationMode *string `json:"authenticationMode,omitempty" tf:"authentication_mode,omitempty"` // Compliance suite. ComplianceSuite *string `json:"complianceSuite,omitempty" tf:"compliance_suite,omitempty"` // Connection initiation mode used by local endpoint to establish ike connection with peer site. INITIATOR - In this mode local endpoint initiates tunnel setup and will also respond to incoming tunnel setup requests from peer gateway. RESPOND_ONLY - In this mode, local endpoint shall only respond to incoming tunnel setup requests. It shall not initiate the tunnel setup. ON_DEMAND - In this mode local endpoint will initiate tunnel creation once first packet matching the policy rule is received and will also respond to incoming initiation request. ConnectionInitiationMode *string `json:"connectionInitiationMode,omitempty" tf:"connection_initiation_mode,omitempty"` // Description for this resource Description *string `json:"description,omitempty" tf:"description,omitempty"` // The traffic direction apply to the MSS clamping Direction *string `json:"direction,omitempty" tf:"direction,omitempty"` // Display name for this resource DisplayName *string `json:"displayName,omitempty" tf:"display_name,omitempty"` // Policy path referencing dpd profile. DpdProfilePath *string `json:"dpdProfilePath,omitempty" tf:"dpd_profile_path,omitempty"` // Enable/Disable IPSec VPN session. Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` ID *string `json:"id,omitempty" tf:"id,omitempty"` // IP Tunnel interface (commonly referred as VTI) ip addresses. IPAddresses []*string `json:"ipAddresses,omitempty" tf:"ip_addresses,omitempty"` // Policy path referencing Ike profile. IkeProfilePath *string `json:"ikeProfilePath,omitempty" tf:"ike_profile_path,omitempty"` // Policy path referencing Local endpoint. LocalEndpointPath *string `json:"localEndpointPath,omitempty" tf:"local_endpoint_path,omitempty"` // Maximum amount of data the host will accept in a Tcp segment. MaxSegmentSize *float64 `json:"maxSegmentSize,omitempty" tf:"max_segment_size,omitempty"` // NSX ID for this resource NsxID *string `json:"nsxId,omitempty" tf:"nsx_id,omitempty"` // Policy path for this resource Path *string `json:"path,omitempty" tf:"path,omitempty"` // Public IPV4 address of the remote device terminating the VPN connection. PeerAddress *string `json:"peerAddress,omitempty" tf:"peer_address,omitempty"` // Peer ID to uniquely identify the peer site. The peer ID is the public IP address of the remote device terminating the VPN tunnel. When NAT is configured for the peer, enter the private IP address of the peer. PeerID *string `json:"peerId,omitempty" tf:"peer_id,omitempty"` // Subnet Prefix Length. PrefixLength *float64 `json:"prefixLength,omitempty" tf:"prefix_length,omitempty"` // The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected Revision *float64 `json:"revision,omitempty" tf:"revision,omitempty"` // For policy-based IPsec VPNs, a security policy specifies as its action the VPN tunnel to be used for transit traffic that meets the policy match criteria Rule []RuleObservation `json:"rule,omitempty" tf:"rule,omitempty"` // Policy path for IPSec VPN service ServicePath *string `json:"servicePath,omitempty" tf:"service_path,omitempty"` // Set of opaque identifiers meaningful to the user Tag []TagObservation `json:"tag,omitempty" tf:"tag,omitempty"` // Policy path referencing tunnel profile. TunnelProfilePath *string `json:"tunnelProfilePath,omitempty" tf:"tunnel_profile_path,omitempty"` // A Policy Based VPN requires to define protect rules that match local and peer subnets. IPSec security associations is negotiated for each pair of local and peer subnet. A Route Based VPN is more flexible, more powerful and recommended over policy based VPN. IP Tunnel port is created and all traffic routed via tunnel port is protected. Routes can be configured statically or can be learned through BGP. A route based VPN is must for establishing redundant VPN session to remote site. VPNType *string `json:"vpnType,omitempty" tf:"vpn_type,omitempty"` }
type PolicyIpsecVpnSessionParameters ¶
type PolicyIpsecVpnSessionParameters struct { // Peer authentication mode. PSK - In this mode a secret key shared between local and peer sites is to be used for authentication. The secret key can be a string with a maximum length of 128 characters. CERTIFICATE - In this mode a certificate defined at the global level is to be used for authentication. // +kubebuilder:validation:Optional AuthenticationMode *string `json:"authenticationMode,omitempty" tf:"authentication_mode,omitempty"` // Compliance suite. // +kubebuilder:validation:Optional ComplianceSuite *string `json:"complianceSuite,omitempty" tf:"compliance_suite,omitempty"` // Connection initiation mode used by local endpoint to establish ike connection with peer site. INITIATOR - In this mode local endpoint initiates tunnel setup and will also respond to incoming tunnel setup requests from peer gateway. RESPOND_ONLY - In this mode, local endpoint shall only respond to incoming tunnel setup requests. It shall not initiate the tunnel setup. ON_DEMAND - In this mode local endpoint will initiate tunnel creation once first packet matching the policy rule is received and will also respond to incoming initiation request. // +kubebuilder:validation:Optional ConnectionInitiationMode *string `json:"connectionInitiationMode,omitempty" tf:"connection_initiation_mode,omitempty"` // Description for this resource // +kubebuilder:validation:Optional Description *string `json:"description,omitempty" tf:"description,omitempty"` // The traffic direction apply to the MSS clamping // +kubebuilder:validation:Optional Direction *string `json:"direction,omitempty" tf:"direction,omitempty"` // Display name for this resource // +kubebuilder:validation:Optional DisplayName *string `json:"displayName,omitempty" tf:"display_name,omitempty"` // Policy path referencing dpd profile. // +kubebuilder:validation:Optional DpdProfilePath *string `json:"dpdProfilePath,omitempty" tf:"dpd_profile_path,omitempty"` // Enable/Disable IPSec VPN session. // +kubebuilder:validation:Optional Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` // IP Tunnel interface (commonly referred as VTI) ip addresses. // +kubebuilder:validation:Optional IPAddresses []*string `json:"ipAddresses,omitempty" tf:"ip_addresses,omitempty"` // Policy path referencing Ike profile. // +kubebuilder:validation:Optional IkeProfilePath *string `json:"ikeProfilePath,omitempty" tf:"ike_profile_path,omitempty"` // Policy path referencing Local endpoint. // +kubebuilder:validation:Optional LocalEndpointPath *string `json:"localEndpointPath,omitempty" tf:"local_endpoint_path,omitempty"` // Maximum amount of data the host will accept in a Tcp segment. // +kubebuilder:validation:Optional MaxSegmentSize *float64 `json:"maxSegmentSize,omitempty" tf:"max_segment_size,omitempty"` // NSX ID for this resource // +kubebuilder:validation:Optional NsxID *string `json:"nsxId,omitempty" tf:"nsx_id,omitempty"` // Public IPV4 address of the remote device terminating the VPN connection. // +kubebuilder:validation:Optional PeerAddress *string `json:"peerAddress,omitempty" tf:"peer_address,omitempty"` // Peer ID to uniquely identify the peer site. The peer ID is the public IP address of the remote device terminating the VPN tunnel. When NAT is configured for the peer, enter the private IP address of the peer. // +kubebuilder:validation:Optional PeerID *string `json:"peerId,omitempty" tf:"peer_id,omitempty"` // Subnet Prefix Length. // +kubebuilder:validation:Optional PrefixLength *float64 `json:"prefixLength,omitempty" tf:"prefix_length,omitempty"` // IPSec Pre-shared key. Maximum length of this field is 128 characters. // +kubebuilder:validation:Optional PskSecretRef *v1.SecretKeySelector `json:"pskSecretRef,omitempty" tf:"-"` // For policy-based IPsec VPNs, a security policy specifies as its action the VPN tunnel to be used for transit traffic that meets the policy match criteria // +kubebuilder:validation:Optional Rule []RuleParameters `json:"rule,omitempty" tf:"rule,omitempty"` // Policy path for IPSec VPN service // +kubebuilder:validation:Optional ServicePath *string `json:"servicePath,omitempty" tf:"service_path,omitempty"` // Set of opaque identifiers meaningful to the user // +kubebuilder:validation:Optional Tag []TagParameters `json:"tag,omitempty" tf:"tag,omitempty"` // Policy path referencing tunnel profile. // +kubebuilder:validation:Optional TunnelProfilePath *string `json:"tunnelProfilePath,omitempty" tf:"tunnel_profile_path,omitempty"` // A Policy Based VPN requires to define protect rules that match local and peer subnets. IPSec security associations is negotiated for each pair of local and peer subnet. A Route Based VPN is more flexible, more powerful and recommended over policy based VPN. IP Tunnel port is created and all traffic routed via tunnel port is protected. Routes can be configured statically or can be learned through BGP. A route based VPN is must for establishing redundant VPN session to remote site. // +kubebuilder:validation:Optional VPNType *string `json:"vpnType,omitempty" tf:"vpn_type,omitempty"` }
type PolicyIpsecVpnSessionSpec ¶
type PolicyIpsecVpnSessionSpec struct { v1.ResourceSpec `json:",inline"` ForProvider PolicyIpsecVpnSessionParameters `json:"forProvider"` }
PolicyIpsecVpnSessionSpec defines the desired state of PolicyIpsecVpnSession
type PolicyIpsecVpnSessionStatus ¶
type PolicyIpsecVpnSessionStatus struct { v1.ResourceStatus `json:",inline"` AtProvider PolicyIpsecVpnSessionObservation `json:"atProvider,omitempty"` }
PolicyIpsecVpnSessionStatus defines the observed state of PolicyIpsecVpnSession.
type RuleObservation ¶
type RuleObservation struct { // PROTECT - Protect rules are defined per policy based IPSec VPN session. BYPASS - Bypass rules are defined per IPSec VPN service and affects all policy based IPSec VPN sessions. Bypass rules are prioritized over protect rules. Action *string `json:"action,omitempty" tf:"action,omitempty"` // List of remote subnets Destinations []*string `json:"destinations,omitempty" tf:"destinations,omitempty"` // NSX ID for this resource NsxID *string `json:"nsxId,omitempty" tf:"nsx_id,omitempty"` // List of local subnets. Specifying no value is interpreted as 0.0.0.0/0. Sources []*string `json:"sources,omitempty" tf:"sources,omitempty"` }
type RuleParameters ¶
type RuleParameters struct { // PROTECT - Protect rules are defined per policy based IPSec VPN session. BYPASS - Bypass rules are defined per IPSec VPN service and affects all policy based IPSec VPN sessions. Bypass rules are prioritized over protect rules. // +kubebuilder:validation:Optional Action *string `json:"action,omitempty" tf:"action,omitempty"` // List of remote subnets // +kubebuilder:validation:Optional Destinations []*string `json:"destinations,omitempty" tf:"destinations,omitempty"` // List of local subnets. Specifying no value is interpreted as 0.0.0.0/0. // +kubebuilder:validation:Optional Sources []*string `json:"sources,omitempty" tf:"sources,omitempty"` }