Add feature to create a Network Security Group in Azure #200
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -218,10 +218,193 @@ type Subnet struct { | |
| } | ||
|
|
||
| // +kubebuilder:object:root=true | ||
| // SubnetList contains a list of Subnet items | ||
| type SubnetList struct { | ||
| metav1.TypeMeta `json:",inline"` | ||
| metav1.ListMeta `json:"metadata,omitempty"` | ||
| Items []Subnet `json:"items"` | ||
| } | ||
|
|
||
| //Network Security Group structs | ||
| // SecurityRuleProtocol enumerates the values for security rule protocol. | ||
| type SecurityRuleProtocol string | ||
|
|
||
| // ApplicationSecurityGroupPropertiesFormat application security group properties. | ||
| type ApplicationSecurityGroupPropertiesFormat struct { | ||
| // ResourceGUID - READ-ONLY; The resource GUID property of the application security group resource. It uniquely identifies a resource, even if the user changes its name or migrate the resource across subscriptions or resource groups. | ||
| ResourceGUID string `json:"resourceGuid,omitempty"` | ||
| // ProvisioningState - READ-ONLY; The provisioning state of the application security group resource. Possible values are: 'Succeeded', 'Updating', 'Deleting', and 'Failed'. | ||
| ProvisioningState string `json:"provisioningState,omitempty"` | ||
| } | ||
|
|
||
| // ApplicationSecurityGroup an application security group in a resource group. | ||
| type ApplicationSecurityGroup struct { | ||
| // ApplicationSecurityGroupPropertiesFormat - Properties of the application security group. | ||
| Properties ApplicationSecurityGroupPropertiesFormat `json:"properties,omitempty"` | ||
| // Etag - READ-ONLY; A unique read-only string that changes whenever the resource is updated. | ||
| Etag string `json:"etag,omitempty"` | ||
| // ID - Resource ID. | ||
| ID string `json:"id,omitempty"` | ||
| // Name - READ-ONLY; Resource name. | ||
| Name string `json:"name,omitempty"` | ||
| // Type - READ-ONLY; Resource type. | ||
| Type string `json:"type,omitempty"` | ||
| // Location - Resource location. | ||
| Location string `json:"location,omitempty"` | ||
| } | ||
|
|
||
| // SecurityRuleAccess enumerates the values for security rule access. | ||
| type SecurityRuleAccess string | ||
|
|
||
| // SecurityRuleDirection enumerates the values for security rule direction. | ||
| type SecurityRuleDirection string | ||
|
|
||
| // SecurityRulePropertiesFormat security rule resource. | ||
| type SecurityRulePropertiesFormat struct { | ||
| // Description - A description for this rule. Restricted to 140 chars. | ||
| Description *string `json:"description,omitempty"` | ||
| // Protocol - Network protocol this rule applies to. | ||
| //Possible values include: 'SecurityRuleProtocolTCP', 'SecurityRuleProtocolUDP', 'SecurityRuleProtocolIcmp', 'SecurityRuleProtocolEsp', 'SecurityRuleProtocolAsterisk' | ||
| Protocol *SecurityRuleProtocol `json:"protocol,omitempty"` | ||
| // SourcePortRange - The source port or range. Integer or range between 0 and 65535. | ||
| //Asterisk '*' can also be used to match all ports. | ||
| SourcePortRange *string `json:"sourcePortRange,omitempty"` | ||
| // DestinationPortRange - The destination port or range. Integer or range between 0 and 65535. | ||
| //Asterisk '*' can also be used to match all ports. | ||
| DestinationPortRange *string `json:"destinationPortRange,omitempty"` | ||
| // SourceAddressPrefix - The CIDR or source IP range. Asterisk '*' can also be used to match all source IPs. | ||
| //Default tags such as 'VirtualNetwork', 'AzureLoadBalancer' and 'Internet' can also be used. | ||
| //If this is an ingress rule, specifies where network traffic originates from. | ||
| SourceAddressPrefix *string `json:"sourceAddressPrefix,omitempty"` | ||
| // SourceAddressPrefixes - The CIDR or source IP ranges. | ||
| SourceAddressPrefixes *[]string `json:"sourceAddressPrefixes,omitempty"` | ||
| // SourceApplicationSecurityGroups - The application security group specified as source. | ||
| SourceApplicationSecurityGroups *[]ApplicationSecurityGroup `json:"sourceApplicationSecurityGroups,omitempty"` | ||
| // DestinationAddressPrefix - The destination address prefix. CIDR or destination IP range. | ||
| //Asterisk '*' can also be used to match all source IPs. Default tags such as 'VirtualNetwork', 'AzureLoadBalancer' and 'Internet' can also be used. | ||
| DestinationAddressPrefix *string `json:"destinationAddressPrefix,omitempty"` | ||
| // DestinationAddressPrefixes - The destination address prefixes. CIDR or destination IP ranges. | ||
| DestinationAddressPrefixes *[]string `json:"destinationAddressPrefixes,omitempty"` | ||
| // DestinationApplicationSecurityGroups - The application security group specified as destination. | ||
| DestinationApplicationSecurityGroups *[]ApplicationSecurityGroup `json:"destinationApplicationSecurityGroups,omitempty"` | ||
| // SourcePortRanges - The source port ranges. | ||
| SourcePortRanges *[]string `json:"sourcePortRanges,omitempty"` | ||
| // DestinationPortRanges - The destination port ranges. | ||
| DestinationPortRanges *[]string `json:"destinationPortRanges,omitempty"` | ||
| // Access - The network traffic is allowed or denied. Possible values include: 'SecurityRuleAccessAllow', 'SecurityRuleAccessDeny' | ||
| Access *SecurityRuleAccess `json:"access,omitempty"` | ||
| // Priority - The priority of the rule. The value can be between 100 and 4096. | ||
| //The priority number must be unique for each rule in the collection. The lower the priority number, the higher the priority of the rule. | ||
| Priority *int32 `json:"priority,omitempty"` | ||
| // Direction - The direction of the rule. The direction specifies if rule will be evaluated on incoming or outgoing traffic. | ||
| //Possible values include: 'SecurityRuleDirectionInbound', 'SecurityRuleDirectionOutbound' | ||
| Direction *SecurityRuleDirection `json:"direction,omitempty"` | ||
| // ProvisioningState - The provisioning state of the public IP resource. Possible values are: 'Updating', 'Deleting', and 'Failed'. | ||
| ProvisioningState *string `json:"provisioningState,omitempty"` | ||
| } | ||
|
|
||
| // SecurityRule network security rule. | ||
| type SecurityRule struct { | ||
| // SecurityRulePropertiesFormat - Properties of the security rule. | ||
| Properties SecurityRulePropertiesFormat `json:"properties,omitempty"` | ||
| // Name - The name of the resource that is unique within a resource group. | ||
| //This name can be used to access the resource. | ||
| Name string `json:"name,omitempty"` | ||
| // Etag - A unique read-only string that changes whenever the resource is updated. | ||
| Etag string `json:"etag,omitempty"` | ||
| // ID - Resource ID. | ||
| ID string `json:"id,omitempty"` | ||
| } | ||
|
|
||
| // A SecurityGroupSpec defines the desired state of a SecurityGroup. | ||
| type SecurityGroupSpec struct { | ||
|
There was a problem hiding this comment. fields that are not imported from crossplane-runtime should be under There was a problem hiding this comment. Just curious to know what is the significance of adding forProvider as it seems to be a level addition to me , and this is also not present in Virtualnetwork Resource. There was a problem hiding this comment. we have added forProvided in the SecurityGroupSpec Struct also. |
||
| runtimev1alpha1.ResourceSpec `json:",inline"` | ||
| ForProvider SecurityGroupParameters `json:"forProvider"` | ||
| } | ||
|
|
||
| type SecurityGroupParameters struct { | ||
| // ResourceGroupName - Name of the SecurityGroup's resource group. | ||
| ResourceGroupName string `json:"resourceGroupName,omitempty"` | ||
|
|
||
| // ResourceGroupNameRef - A reference to the the SecurityGroup's resource | ||
| // group. | ||
| ResourceGroupNameRef *runtimev1alpha1.Reference `json:"resourceGroupNameRef,omitempty"` | ||
|
|
||
| // ResourceGroupNameSelector - Select a reference to the the Security | ||
| // group's resource group. | ||
| ResourceGroupNameSelector *runtimev1alpha1.Selector `json:"resourceGroupNameSelector,omitempty"` | ||
|
|
||
| // Location - Resource location. | ||
| Location string `json:"location"` | ||
|
|
||
| //SecurityGroPropertiesFormat - Properties of security group | ||
| SecurityGroupPropertiesFormat `json:"properties,omitempty"` | ||
|
|
||
| // Tags - Resource tags. | ||
| // +optional | ||
| Tags map[string]string `json:"tags,omitempty"` | ||
| } | ||
|
|
||
| // A SecurityGroupStatus represents the observed status of a SecurityGroup. | ||
| type SecurityGroupStatus struct { | ||
| runtimev1alpha1.ResourceStatus `json:",inline"` | ||
|
|
||
| // State of this SecurityGroup. | ||
| State string `json:"state,omitempty"` | ||
|
|
||
| // A Message providing detail about the state of this SecurityGroup, if | ||
| // any. | ||
| Message string `json:"message,omitempty"` | ||
|
|
||
| // ID of this SecurityGroup. | ||
| ID string `json:"id,omitempty"` | ||
|
|
||
| // Etag - A unique read-only string that changes whenever the resource is | ||
| // updated. | ||
| Etag string `json:"etag,omitempty"` | ||
|
|
||
| // ResourceGUID - The GUID of this SecurityGroup. | ||
| ResourceGUID string `json:"resourceGuid,omitempty"` | ||
|
|
||
| // Type of this SecurityGroup. | ||
| Type string `json:"type,omitempty"` | ||
| } | ||
|
|
||
| // SecurityGroupPropertiesFormat network Security Group resource. | ||
| type SecurityGroupPropertiesFormat struct { | ||
| // SecurityRules - A collection of security rules of the network security group. | ||
| SecurityRules *[]SecurityRule `json:"securityRules,omitempty"` | ||
| // DefaultSecurityRules - The default security rules of network security group. | ||
| DefaultSecurityRules *[]SecurityRule `json:"defaultSecurityRules,omitempty"` | ||
| // ResourceGUID - The resource GUID property of the network security group resource. | ||
| ResourceGUID *string `json:"resourceGuid,omitempty"` | ||
| // ProvisioningState - The provisioning state of the public IP resource. Possible values are: 'Updating', 'Deleting', and 'Failed'. | ||
| ProvisioningState *string `json:"provisioningState,omitempty"` | ||
| } | ||
|
|
||
| // +kubebuilder:object:root=true | ||
| // A SecurityGroup is a managed resource that represents an Azure Security | ||
| // Group. | ||
| // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" | ||
| // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" | ||
| // +kubebuilder:printcolumn:name="STATE",type="string",JSONPath=".status.state" | ||
| // +kubebuilder:printcolumn:name="LOCATION",type="string",JSONPath=".spec.location" | ||
| // +kubebuilder:printcolumn:name="RECLAIM-POLICY",type="string",JSONPath=".spec.reclaimPolicy" | ||
| // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" | ||
| // +kubebuilder:subresource:status | ||
| // +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,azure} | ||
| type SecurityGroup struct { | ||
| metav1.TypeMeta `json:",inline"` | ||
| metav1.ObjectMeta `json:"metadata,omitempty"` | ||
|
|
||
| Spec SecurityGroupSpec `json:"spec"` | ||
| Status SecurityGroupStatus `json:"status,omitempty"` | ||
| } | ||
|
|
||
| // +kubebuilder:object:root=true | ||
| // SecurityGroupList contains a list of Security Groups | ||
| type SecurityGroupList struct { | ||
| metav1.TypeMeta `json:",inline"` | ||
| metav1.ListMeta `json:"metadata,omitempty"` | ||
| Items []SecurityGroup `json:"items"` | ||
| } | ||
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should this be removed? Is it possible to create a
SecurityRuleindependent of aSecurityGroup? If so, it should be a separate resource type.