{ "description": "VPCEndpoint is the Schema for the VPCEndpoints API", "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, "kind": { "description": "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, "metadata": { "type": "object" }, "spec": { "description": "VpcEndpointSpec defines the desired state of VpcEndpoint.\n\nDescribes a VPC endpoint.", "properties": { "dnsOptions": { "description": "The DNS options for the endpoint.", "properties": { "dnsRecordIPType": { "type": "string" } }, "type": "object", "additionalProperties": false }, "ipAddressType": { "description": "The IP address type for the endpoint.", "type": "string" }, "policyDocument": { "description": "(Interface and gateway endpoints) A policy to attach to the endpoint that\ncontrols access to the service. The policy must be in valid JSON format.\nIf this parameter is not specified, we attach a default policy that allows\nfull access to the service.", "type": "string" }, "privateDNSEnabled": { "description": "(Interface endpoint) Indicates whether to associate a private hosted zone\nwith the specified VPC. The private hosted zone contains a record set for\nthe default public DNS name for the service for the Region (for example,\nkinesis.us-east-1.amazonaws.com), which resolves to the private IP addresses\nof the endpoint network interfaces in the VPC. This enables you to make requests\nto the default public DNS name for the service instead of the public DNS\nnames that are automatically generated by the VPC endpoint service.\n\nTo use a private hosted zone, you must set the following VPC attributes to\ntrue: enableDnsHostnames and enableDnsSupport. Use ModifyVpcAttribute to\nset the VPC attributes.\n\nDefault: true", "type": "boolean" }, "routeTableIDs": { "description": "(Gateway endpoint) The route table IDs.", "items": { "type": "string" }, "type": "array" }, "routeTableRefs": { "items": { "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference\ntype to provide more user friendly syntax for references using 'from' field\nEx:\nAPIIDRef:\n\n\tfrom:\n\t name: my-api", "properties": { "from": { "description": "AWSResourceReference provides all the values necessary to reference another\nk8s resource for finding the identifier(Id/ARN/Name)", "properties": { "name": { "type": "string" }, "namespace": { "type": "string" } }, "type": "object", "additionalProperties": false } }, "type": "object", "additionalProperties": false }, "type": "array" }, "securityGroupIDs": { "description": "(Interface endpoint) The IDs of the security groups to associate with the\nendpoint network interfaces. If this parameter is not specified, we use the\ndefault security group for the VPC.", "items": { "type": "string" }, "type": "array" }, "securityGroupRefs": { "items": { "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference\ntype to provide more user friendly syntax for references using 'from' field\nEx:\nAPIIDRef:\n\n\tfrom:\n\t name: my-api", "properties": { "from": { "description": "AWSResourceReference provides all the values necessary to reference another\nk8s resource for finding the identifier(Id/ARN/Name)", "properties": { "name": { "type": "string" }, "namespace": { "type": "string" } }, "type": "object", "additionalProperties": false } }, "type": "object", "additionalProperties": false }, "type": "array" }, "serviceName": { "description": "The name of the endpoint service.", "type": "string" }, "subnetIDs": { "description": "(Interface and Gateway Load Balancer endpoints) The IDs of the subnets in\nwhich to create endpoint network interfaces. For a Gateway Load Balancer\nendpoint, you can specify only one subnet.", "items": { "type": "string" }, "type": "array" }, "subnetRefs": { "items": { "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference\ntype to provide more user friendly syntax for references using 'from' field\nEx:\nAPIIDRef:\n\n\tfrom:\n\t name: my-api", "properties": { "from": { "description": "AWSResourceReference provides all the values necessary to reference another\nk8s resource for finding the identifier(Id/ARN/Name)", "properties": { "name": { "type": "string" }, "namespace": { "type": "string" } }, "type": "object", "additionalProperties": false } }, "type": "object", "additionalProperties": false }, "type": "array" }, "tags": { "description": "The tags. The value parameter is required, but if you don't want the tag\nto have a value, specify the parameter with no value, and we set the value\nto an empty string.", "items": { "description": "Describes a tag.", "properties": { "key": { "type": "string" }, "value": { "type": "string" } }, "type": "object", "additionalProperties": false }, "type": "array" }, "vpcEndpointType": { "description": "The type of endpoint.\n\nDefault: Gateway", "type": "string" }, "vpcID": { "description": "The ID of the VPC.", "type": "string" }, "vpcRef": { "description": "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference\ntype to provide more user friendly syntax for references using 'from' field\nEx:\nAPIIDRef:\n\n\tfrom:\n\t name: my-api", "properties": { "from": { "description": "AWSResourceReference provides all the values necessary to reference another\nk8s resource for finding the identifier(Id/ARN/Name)", "properties": { "name": { "type": "string" }, "namespace": { "type": "string" } }, "type": "object", "additionalProperties": false } }, "type": "object", "additionalProperties": false } }, "type": "object", "additionalProperties": false }, "status": { "description": "VPCEndpointStatus defines the observed state of VPCEndpoint", "properties": { "ackResourceMetadata": { "description": "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member\nthat is used to contain resource sync state, account ownership,\nconstructed ARN for the resource", "properties": { "arn": { "description": "ARN is the Amazon Resource Name for the resource. This is a\nglobally-unique identifier and is set only by the ACK service controller\nonce the controller has orchestrated the creation of the resource OR\nwhen it has verified that an \"adopted\" resource (a resource where the\nARN annotation was set by the Kubernetes user on the CR) exists and\nmatches the supplied CR's Spec field values.\nhttps://github.com/aws/aws-controllers-k8s/issues/270", "type": "string" }, "ownerAccountID": { "description": "OwnerAccountID is the AWS Account ID of the account that owns the\nbackend AWS service API resource.", "type": "string" }, "region": { "description": "Region is the AWS region in which the resource exists or will exist.", "type": "string" } }, "required": [ "ownerAccountID", "region" ], "type": "object", "additionalProperties": false }, "conditions": { "description": "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource", "items": { "description": "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource", "properties": { "lastTransitionTime": { "description": "Last time the condition transitioned from one status to another.", "format": "date-time", "type": "string" }, "message": { "description": "A human readable message indicating details about the transition.", "type": "string" }, "reason": { "description": "The reason for the condition's last transition.", "type": "string" }, "status": { "description": "Status of the condition, one of True, False, Unknown.", "type": "string" }, "type": { "description": "Type is the type of the Condition", "type": "string" } }, "required": [ "status", "type" ], "type": "object", "additionalProperties": false }, "type": "array" }, "creationTimestamp": { "description": "The date and time that the endpoint was created.", "format": "date-time", "type": "string" }, "dnsEntries": { "description": "(Interface endpoint) The DNS entries for the endpoint.", "items": { "description": "Describes a DNS entry.", "properties": { "dnsName": { "type": "string" }, "hostedZoneID": { "type": "string" } }, "type": "object", "additionalProperties": false }, "type": "array" }, "groups": { "description": "(Interface endpoint) Information about the security groups that are associated\nwith the network interface.", "items": { "description": "Describes a security group.", "properties": { "groupID": { "type": "string" }, "groupName": { "type": "string" } }, "type": "object", "additionalProperties": false }, "type": "array" }, "lastError": { "description": "The last error that occurred for endpoint.", "properties": { "code": { "type": "string" }, "message": { "type": "string" } }, "type": "object", "additionalProperties": false }, "networkInterfaceIDs": { "description": "(Interface endpoint) The network interfaces for the endpoint.", "items": { "type": "string" }, "type": "array" }, "ownerID": { "description": "The ID of the Amazon Web Services account that owns the endpoint.", "type": "string" }, "requesterManaged": { "description": "Indicates whether the endpoint is being managed by its service.", "type": "boolean" }, "state": { "description": "The state of the endpoint.", "type": "string" }, "vpcEndpointID": { "description": "The ID of the endpoint.", "type": "string" } }, "type": "object", "additionalProperties": false } }, "type": "object" }