From 1e6176238d76121b008d7e529f22cf59b285d72f Mon Sep 17 00:00:00 2001 From: michaelhtm <98621731+michaelhtm@users.noreply.github.com> Date: Fri, 15 Nov 2024 15:29:10 -0800 Subject: [PATCH] Add support for `UserPool` resource * Generated `UserPool` resource * Added e2e tests --- apis/v1alpha1/ack-generate-metadata.yaml | 6 +- apis/v1alpha1/generator.yaml | 20 +- apis/v1alpha1/types.go | 552 +++++ apis/v1alpha1/user_pool.go | 233 ++ apis/v1alpha1/zz_generated.deepcopy.go | 2121 +++++++++++++++++ cmd/controller/main.go | 2 + ...typrovider.services.k8s.aws_userpools.yaml | 569 +++++ config/crd/kustomization.yaml | 1 + config/rbac/cluster-role-controller.yaml | 20 + config/rbac/role-reader.yaml | 1 + config/rbac/role-writer.yaml | 2 + generator.yaml | 20 +- helm/Chart.yaml | 4 +- ...typrovider.services.k8s.aws_userpools.yaml | 569 +++++ helm/templates/NOTES.txt | 2 +- helm/templates/_helpers.tpl | 20 + helm/templates/role-reader.yaml | 1 + helm/templates/role-writer.yaml | 2 + pkg/resource/user_pool/delta.go | 532 +++++ pkg/resource/user_pool/descriptor.go | 155 ++ pkg/resource/user_pool/identifiers.go | 55 + pkg/resource/user_pool/manager.go | 350 +++ pkg/resource/user_pool/manager_factory.go | 100 + pkg/resource/user_pool/references.go | 56 + pkg/resource/user_pool/resource.go | 100 + pkg/resource/user_pool/sdk.go | 1777 ++++++++++++++ test/e2e/conftest.py | 2 +- test/e2e/resources/userpool_simple.yaml | 8 + test/e2e/tests/helper.py | 30 + test/e2e/tests/test_userpool.py | 101 + 30 files changed, 7402 insertions(+), 9 deletions(-) create mode 100644 apis/v1alpha1/user_pool.go create mode 100644 apis/v1alpha1/zz_generated.deepcopy.go create mode 100644 config/crd/bases/cognitoidentityprovider.services.k8s.aws_userpools.yaml create mode 100644 helm/crds/cognitoidentityprovider.services.k8s.aws_userpools.yaml create mode 100644 pkg/resource/user_pool/delta.go create mode 100644 pkg/resource/user_pool/descriptor.go create mode 100644 pkg/resource/user_pool/identifiers.go create mode 100644 pkg/resource/user_pool/manager.go create mode 100644 pkg/resource/user_pool/manager_factory.go create mode 100644 pkg/resource/user_pool/references.go create mode 100644 pkg/resource/user_pool/resource.go create mode 100644 pkg/resource/user_pool/sdk.go create mode 100644 test/e2e/resources/userpool_simple.yaml create mode 100644 test/e2e/tests/helper.py create mode 100644 test/e2e/tests/test_userpool.py diff --git a/apis/v1alpha1/ack-generate-metadata.yaml b/apis/v1alpha1/ack-generate-metadata.yaml index 09f87a6..1b5ede2 100755 --- a/apis/v1alpha1/ack-generate-metadata.yaml +++ b/apis/v1alpha1/ack-generate-metadata.yaml @@ -1,13 +1,13 @@ ack_generate_info: - build_date: "2024-11-15T19:53:45Z" + build_date: "2024-11-15T23:36:00Z" build_hash: 9715a2a715317a76ae83825294ca50cde9afd97b go_version: go1.23.2 version: v0.39.1-4-g9715a2a -api_directory_checksum: 3c718e588645205aa297da56b813815c9a165fdc +api_directory_checksum: cb6d663daa7931e5d0e513a7aec41187dca6c130 api_version: v1alpha1 aws_sdk_go_version: v1.55.5 generator_config_info: - file_checksum: 0851303ddd76fce99f089e98958c137469194cac + file_checksum: 9c4644d6a6eb2184931c8672a8e9b15439538f98 original_file_name: generator.yaml last_modification: reason: API generation diff --git a/apis/v1alpha1/generator.yaml b/apis/v1alpha1/generator.yaml index c083078..21b05bd 100644 --- a/apis/v1alpha1/generator.yaml +++ b/apis/v1alpha1/generator.yaml @@ -4,7 +4,25 @@ ignore: - IdentityProvider - ResourceServer - UserImportJob - - UserPool - UserPoolClient - UserPoolDomain model_name: cognito-idp + +resources: + UserPool: + renames: + operations: + DescribeUserPool: + input_fields: + UserPoolId: Id + UpdateUserPool: + input_fields: + UserPoolId: Id + DeleteUserPool: + input_fields: + UserPoolId: Id + CreateUserPool: + input_fields: + PoolName: Name + tags: + ignore: true \ No newline at end of file diff --git a/apis/v1alpha1/types.go b/apis/v1alpha1/types.go index 9b23f5e..eb13ea8 100644 --- a/apis/v1alpha1/types.go +++ b/apis/v1alpha1/types.go @@ -27,3 +27,555 @@ var ( _ = &aws.JSONValue{} _ = ackv1alpha1.AWSAccountID("") ) + +// The data type for AccountRecoverySetting. +type AccountRecoverySettingType struct { + RecoveryMechanisms []*RecoveryOptionType `json:"recoveryMechanisms,omitempty"` +} + +// The configuration for creating a new user profile. +type AdminCreateUserConfigType struct { + AllowAdminCreateUserOnly *bool `json:"allowAdminCreateUserOnly,omitempty"` + // The message template structure. + InviteMessageTemplate *MessageTemplateType `json:"inviteMessageTemplate,omitempty"` + UnusedAccountValidityDays *int64 `json:"unusedAccountValidityDays,omitempty"` +} + +// The Amazon Pinpoint analytics configuration necessary to collect metrics +// for a user pool. +// +// In Regions where Amazon Pinpoint isn't available, user pools only support +// sending events to Amazon Pinpoint projects in us-east-1. In Regions where +// Amazon Pinpoint is available, user pools support sending events to Amazon +// Pinpoint projects within that same Region. +type AnalyticsConfigurationType struct { + ApplicationARN *string `json:"applicationARN,omitempty"` + ExternalID *string `json:"externalID,omitempty"` + RoleARN *string `json:"roleARN,omitempty"` + UserDataShared *bool `json:"userDataShared,omitempty"` +} + +// An Amazon Pinpoint analytics endpoint. +// +// An endpoint uniquely identifies a mobile device, email address, or phone +// number that can receive messages from Amazon Pinpoint analytics. For more +// information about Amazon Web Services Regions that can contain Amazon Pinpoint +// resources for use with Amazon Cognito user pools, see Using Amazon Pinpoint +// analytics with Amazon Cognito user pools (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-pinpoint-integration.html). +type AnalyticsMetadataType struct { + AnalyticsEndpointID *string `json:"analyticsEndpointID,omitempty"` +} + +// The authentication event type. +type AuthEventType struct { + CreationDate *metav1.Time `json:"creationDate,omitempty"` + EventID *string `json:"eventID,omitempty"` +} + +// The authentication result. +type AuthenticationResultType struct { + ExpiresIn *int64 `json:"expiresIn,omitempty"` + TokenType *string `json:"tokenType,omitempty"` +} + +// The CloudWatch logging destination of a user pool detailed activity logging +// configuration. +type CloudWatchLogsConfigurationType struct { + LogGroupARN *string `json:"logGroupARN,omitempty"` +} + +// The delivery details for an email or SMS message that Amazon Cognito sent +// for authentication or verification. +type CodeDeliveryDetailsType struct { + Destination *string `json:"destination,omitempty"` +} + +// Contextual user data type used for evaluating the risk of an unexpected event +// by Amazon Cognito advanced security. +type ContextDataType struct { + EncodedData *string `json:"encodedData,omitempty"` + IPAddress *string `json:"ipAddress,omitempty"` + ServerName *string `json:"serverName,omitempty"` + ServerPath *string `json:"serverPath,omitempty"` +} + +// The configuration for a custom domain that hosts the sign-up and sign-in +// webpages for your application. +type CustomDomainConfigType struct { + CertificateARN *string `json:"certificateARN,omitempty"` +} + +// The properties of a custom email sender Lambda trigger. +type CustomEmailLambdaVersionConfigType struct { + LambdaARN *string `json:"lambdaARN,omitempty"` + LambdaVersion *string `json:"lambdaVersion,omitempty"` +} + +// The properties of a custom SMS sender Lambda trigger. +type CustomSMSLambdaVersionConfigType struct { + LambdaARN *string `json:"lambdaARN,omitempty"` + LambdaVersion *string `json:"lambdaVersion,omitempty"` +} + +// The device-remembering configuration for a user pool. A DescribeUserPool +// (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeUserPool.html) +// request returns a null value for this object when the user pool isn't configured +// to remember devices. When device remembering is active, you can remember +// a user's device with a ConfirmDevice (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_ConfirmDevice.html) +// API request. Additionally. when the property DeviceOnlyRememberedOnUserPrompt +// is true, you must follow ConfirmDevice with an UpdateDeviceStatus (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateDeviceStatus.html) +// API request that sets the user's device to remembered or not_remembered. +// +// To sign in with a remembered device, include DEVICE_KEY in the authentication +// parameters in your user's InitiateAuth (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_InitiateAuth.html) +// request. If your app doesn't include a DEVICE_KEY parameter, the response +// (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_InitiateAuth.html#API_InitiateAuth_ResponseSyntax) +// from Amazon Cognito includes newly-generated DEVICE_KEY and DEVICE_GROUP_KEY +// values under NewDeviceMetadata. Store these values to use in future device-authentication +// requests. +// +// When you provide a value for any property of DeviceConfiguration, you activate +// the device remembering for the user pool. +type DeviceConfigurationType struct { + ChallengeRequiredOnNewDevice *bool `json:"challengeRequiredOnNewDevice,omitempty"` + DeviceOnlyRememberedOnUserPrompt *bool `json:"deviceOnlyRememberedOnUserPrompt,omitempty"` +} + +// The device verifier against which it is authenticated. +type DeviceSecretVerifierConfigType struct { + PasswordVerifier *string `json:"passwordVerifier,omitempty"` + Salt *string `json:"salt,omitempty"` +} + +// The device type. +type DeviceType struct { + DeviceCreateDate *metav1.Time `json:"deviceCreateDate,omitempty"` + DeviceLastAuthenticatedDate *metav1.Time `json:"deviceLastAuthenticatedDate,omitempty"` + DeviceLastModifiedDate *metav1.Time `json:"deviceLastModifiedDate,omitempty"` +} + +// A container for information about a domain. +type DomainDescriptionType struct { + CloudFrontDistribution *string `json:"cloudFrontDistribution,omitempty"` + Domain *string `json:"domain,omitempty"` + UserPoolID *string `json:"userPoolID,omitempty"` +} + +// The email configuration of your user pool. The email configuration type sets +// your preferred sending method, Amazon Web Services Region, and sender for +// messages from your user pool. +// +// Amazon Cognito can send email messages with Amazon Simple Email Service resources +// in the Amazon Web Services Region where you created your user pool, and in +// alternate Regions in some cases. For more information on the supported Regions, +// see Email settings for Amazon Cognito user pools (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-email.html). +type EmailConfigurationType struct { + ConfigurationSet *string `json:"configurationSet,omitempty"` + EmailSendingAccount *string `json:"emailSendingAccount,omitempty"` + From *string `json:"from,omitempty"` + ReplyToEmailAddress *string `json:"replyToEmailAddress,omitempty"` + SourceARN *string `json:"sourceARN,omitempty"` +} + +// Specifies the user context data captured at the time of an event request. +type EventContextDataType struct { + City *string `json:"city,omitempty"` + Country *string `json:"country,omitempty"` + DeviceName *string `json:"deviceName,omitempty"` + IPAddress *string `json:"ipAddress,omitempty"` + Timezone *string `json:"timezone,omitempty"` +} + +// Specifies the event feedback type. +type EventFeedbackType struct { + FeedbackDate *metav1.Time `json:"feedbackDate,omitempty"` + Provider *string `json:"provider,omitempty"` +} + +// The event risk type. +type EventRiskType struct { + CompromisedCredentialsDetected *bool `json:"compromisedCredentialsDetected,omitempty"` +} + +// The group type. +type GroupType struct { + CreationDate *metav1.Time `json:"creationDate,omitempty"` + LastModifiedDate *metav1.Time `json:"lastModifiedDate,omitempty"` + RoleARN *string `json:"roleARN,omitempty"` + UserPoolID *string `json:"userPoolID,omitempty"` +} + +// The HTTP header. +type HTTPHeader struct { + HeaderName *string `json:"headerName,omitempty"` + HeaderValue *string `json:"headerValue,omitempty"` +} + +// A container for information about an IdP. +type IdentityProviderType struct { + CreationDate *metav1.Time `json:"creationDate,omitempty"` + LastModifiedDate *metav1.Time `json:"lastModifiedDate,omitempty"` + UserPoolID *string `json:"userPoolID,omitempty"` +} + +// Specifies the configuration for Lambda triggers. +type LambdaConfigType struct { + CreateAuthChallenge *string `json:"createAuthChallenge,omitempty"` + // The properties of a custom email sender Lambda trigger. + CustomEmailSender *CustomEmailLambdaVersionConfigType `json:"customEmailSender,omitempty"` + CustomMessage *string `json:"customMessage,omitempty"` + // The properties of a custom SMS sender Lambda trigger. + CustomSMSSender *CustomSMSLambdaVersionConfigType `json:"customSMSSender,omitempty"` + DefineAuthChallenge *string `json:"defineAuthChallenge,omitempty"` + KMSKeyID *string `json:"kmsKeyID,omitempty"` + PostAuthentication *string `json:"postAuthentication,omitempty"` + PostConfirmation *string `json:"postConfirmation,omitempty"` + PreAuthentication *string `json:"preAuthentication,omitempty"` + PreSignUp *string `json:"preSignUp,omitempty"` + PreTokenGeneration *string `json:"preTokenGeneration,omitempty"` + // The properties of a pre token generation Lambda trigger. + PreTokenGenerationConfig *PreTokenGenerationVersionConfigType `json:"preTokenGenerationConfig,omitempty"` + UserMigration *string `json:"userMigration,omitempty"` + VerifyAuthChallengeResponse *string `json:"verifyAuthChallengeResponse,omitempty"` +} + +// The logging parameters of a user pool. +type LogDeliveryConfigurationType struct { + UserPoolID *string `json:"userPoolID,omitempty"` +} + +// The message template structure. +type MessageTemplateType struct { + EmailMessage *string `json:"emailMessage,omitempty"` + EmailSubject *string `json:"emailSubject,omitempty"` + SMSMessage *string `json:"sMSMessage,omitempty"` +} + +// The new device metadata type. +type NewDeviceMetadataType struct { + DeviceGroupKey *string `json:"deviceGroupKey,omitempty"` +} + +// The notify configuration type. +type NotifyConfigurationType struct { + From *string `json:"from,omitempty"` + ReplyTo *string `json:"replyTo,omitempty"` + SourceARN *string `json:"sourceARN,omitempty"` +} + +// The minimum and maximum values of an attribute that is of the number data +// type. +type NumberAttributeConstraintsType struct { + MaxValue *string `json:"maxValue,omitempty"` + MinValue *string `json:"minValue,omitempty"` +} + +// The password policy type. +type PasswordPolicyType struct { + MinimumLength *int64 `json:"minimumLength,omitempty"` + RequireLowercase *bool `json:"requireLowercase,omitempty"` + RequireNumbers *bool `json:"requireNumbers,omitempty"` + RequireSymbols *bool `json:"requireSymbols,omitempty"` + RequireUppercase *bool `json:"requireUppercase,omitempty"` + TemporaryPasswordValidityDays *int64 `json:"temporaryPasswordValidityDays,omitempty"` +} + +// The properties of a pre token generation Lambda trigger. +type PreTokenGenerationVersionConfigType struct { + LambdaARN *string `json:"lambdaARN,omitempty"` + LambdaVersion *string `json:"lambdaVersion,omitempty"` +} + +// A container for IdP details. +type ProviderDescription struct { + CreationDate *metav1.Time `json:"creationDate,omitempty"` + LastModifiedDate *metav1.Time `json:"lastModifiedDate,omitempty"` +} + +// A container for information about an IdP for a user pool. +type ProviderUserIdentifierType struct { + ProviderAttributeName *string `json:"providerAttributeName,omitempty"` + ProviderAttributeValue *string `json:"providerAttributeValue,omitempty"` +} + +// A map containing a priority as a key, and recovery method name as a value. +type RecoveryOptionType struct { + Name *string `json:"name,omitempty"` + Priority *int64 `json:"priority,omitempty"` +} + +// A container for information about a resource server for a user pool. +type ResourceServerType struct { + UserPoolID *string `json:"userPoolID,omitempty"` +} + +// The risk configuration type. +type RiskConfigurationType struct { + LastModifiedDate *metav1.Time `json:"lastModifiedDate,omitempty"` + UserPoolID *string `json:"userPoolID,omitempty"` +} + +// The type used for enabling SMS multi-factor authentication (MFA) at the user +// level. Phone numbers don't need to be verified to be used for SMS MFA. If +// an MFA type is activated for a user, the user will be prompted for MFA during +// all sign-in attempts, unless device tracking is turned on and the device +// has been trusted. If you would like MFA to be applied selectively based on +// the assessed risk level of sign-in attempts, deactivate MFA for users and +// turn on Adaptive Authentication for the user pool. +type SMSMFASettingsType struct { + Enabled *bool `json:"enabled,omitempty"` + PreferredMFA *bool `json:"preferredMFA,omitempty"` +} + +// A list of the user attributes and their properties in your user pool. The +// attribute schema contains standard attributes, custom attributes with a custom: +// prefix, and developer attributes with a dev: prefix. For more information, +// see User pool attributes (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-attributes.html). +// +// Developer-only attributes are a legacy feature of user pools, are read-only +// to all app clients. You can create and update developer-only attributes only +// with IAM-authenticated API operations. Use app client read/write permissions +// instead. +type SchemaAttributeType struct { + AttributeDataType *string `json:"attributeDataType,omitempty"` + DeveloperOnlyAttribute *bool `json:"developerOnlyAttribute,omitempty"` + Mutable *bool `json:"mutable,omitempty"` + Name *string `json:"name,omitempty"` + // The minimum and maximum values of an attribute that is of the number data + // type. + NumberAttributeConstraints *NumberAttributeConstraintsType `json:"numberAttributeConstraints,omitempty"` + Required *bool `json:"required,omitempty"` + // The constraints associated with a string attribute. + StringAttributeConstraints *StringAttributeConstraintsType `json:"stringAttributeConstraints,omitempty"` +} + +// The SMS configuration type is the settings that your Amazon Cognito user +// pool must use to send an SMS message from your Amazon Web Services account +// through Amazon Simple Notification Service. To send SMS messages with Amazon +// SNS in the Amazon Web Services Region that you want, the Amazon Cognito user +// pool uses an Identity and Access Management (IAM) role in your Amazon Web +// Services account. +type SmsConfigurationType struct { + ExternalID *string `json:"externalID,omitempty"` + SNSCallerARN *string `json:"snsCallerARN,omitempty"` + SNSRegion *string `json:"snsRegion,omitempty"` +} + +// The SMS text message multi-factor authentication (MFA) configuration type. +type SmsMFAConfigType struct { + SmsAuthenticationMessage *string `json:"smsAuthenticationMessage,omitempty"` + // The SMS configuration type is the settings that your Amazon Cognito user + // pool must use to send an SMS message from your Amazon Web Services account + // through Amazon Simple Notification Service. To send SMS messages with Amazon + // SNS in the Amazon Web Services Region that you want, the Amazon Cognito user + // pool uses an Identity and Access Management (IAM) role in your Amazon Web + // Services account. + SmsConfiguration *SmsConfigurationType `json:"smsConfiguration,omitempty"` +} + +// The type used for enabling software token MFA at the user pool level. +type SoftwareTokenMFAConfigType struct { + Enabled *bool `json:"enabled,omitempty"` +} + +// The type used for enabling software token MFA at the user level. If an MFA +// type is activated for a user, the user will be prompted for MFA during all +// sign-in attempts, unless device tracking is turned on and the device has +// been trusted. If you want MFA to be applied selectively based on the assessed +// risk level of sign-in attempts, deactivate MFA for users and turn on Adaptive +// Authentication for the user pool. +type SoftwareTokenMFASettingsType struct { + Enabled *bool `json:"enabled,omitempty"` + PreferredMFA *bool `json:"preferredMFA,omitempty"` +} + +// The constraints associated with a string attribute. +type StringAttributeConstraintsType struct { + MaxLength *string `json:"maxLength,omitempty"` + MinLength *string `json:"minLength,omitempty"` +} + +// A container for the UI customization information for a user pool's built-in +// app UI. +type UICustomizationType struct { + CreationDate *metav1.Time `json:"creationDate,omitempty"` + LastModifiedDate *metav1.Time `json:"lastModifiedDate,omitempty"` + UserPoolID *string `json:"userPoolID,omitempty"` +} + +// The settings for updates to user attributes. These settings include the property +// AttributesRequireVerificationBeforeUpdate, a user-pool setting that tells +// Amazon Cognito how to handle changes to the value of your users' email address +// and phone number attributes. For more information, see Verifying updates +// to email addresses and phone numbers (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-email-phone-verification.html#user-pool-settings-verifications-verify-attribute-updates). +type UserAttributeUpdateSettingsType struct { + AttributesRequireVerificationBeforeUpdate []*string `json:"attributesRequireVerificationBeforeUpdate,omitempty"` +} + +// Contextual data, such as the user's device fingerprint, IP address, or location, +// used for evaluating the risk of an unexpected event by Amazon Cognito advanced +// security. +type UserContextDataType struct { + EncodedData *string `json:"encodedData,omitempty"` + IPAddress *string `json:"ipAddress,omitempty"` +} + +// The user import job type. +type UserImportJobType struct { + CloudWatchLogsRoleARN *string `json:"cloudWatchLogsRoleARN,omitempty"` + CompletionDate *metav1.Time `json:"completionDate,omitempty"` + CreationDate *metav1.Time `json:"creationDate,omitempty"` + StartDate *metav1.Time `json:"startDate,omitempty"` + UserPoolID *string `json:"userPoolID,omitempty"` +} + +// User pool add-ons. Contains settings for activation of advanced security +// features. To log user security information but take no action, set to AUDIT. +// To configure automatic security responses to risky traffic to your user pool, +// set to ENFORCED. +// +// For more information, see Adding advanced security to a user pool (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-advanced-security.html). +type UserPoolAddOnsType struct { + AdvancedSecurityMode *string `json:"advancedSecurityMode,omitempty"` +} + +// The description of the user pool client. +type UserPoolClientDescription struct { + UserPoolID *string `json:"userPoolID,omitempty"` +} + +// Contains information about a user pool client. +type UserPoolClientType struct { + AllowedOAuthFlowsUserPoolClient *bool `json:"allowedOAuthFlowsUserPoolClient,omitempty"` + CreationDate *metav1.Time `json:"creationDate,omitempty"` + EnablePropagateAdditionalUserContextData *bool `json:"enablePropagateAdditionalUserContextData,omitempty"` + EnableTokenRevocation *bool `json:"enableTokenRevocation,omitempty"` + LastModifiedDate *metav1.Time `json:"lastModifiedDate,omitempty"` + UserPoolID *string `json:"userPoolID,omitempty"` +} + +// A user pool description. +type UserPoolDescriptionType struct { + CreationDate *metav1.Time `json:"creationDate,omitempty"` + ID *string `json:"id,omitempty"` + // Specifies the configuration for Lambda triggers. + LambdaConfig *LambdaConfigType `json:"lambdaConfig,omitempty"` + LastModifiedDate *metav1.Time `json:"lastModifiedDate,omitempty"` + Name *string `json:"name,omitempty"` + Status *string `json:"status,omitempty"` +} + +// The policy associated with a user pool. +type UserPoolPolicyType struct { + // The password policy type. + PasswordPolicy *PasswordPolicyType `json:"passwordPolicy,omitempty"` +} + +// A container for information about the user pool. +type UserPoolType struct { + // The data type for AccountRecoverySetting. + AccountRecoverySetting *AccountRecoverySettingType `json:"accountRecoverySetting,omitempty"` + // The configuration for creating a new user profile. + AdminCreateUserConfig *AdminCreateUserConfigType `json:"adminCreateUserConfig,omitempty"` + AliasAttributes []*string `json:"aliasAttributes,omitempty"` + ARN *string `json:"arn,omitempty"` + AutoVerifiedAttributes []*string `json:"autoVerifiedAttributes,omitempty"` + CreationDate *metav1.Time `json:"creationDate,omitempty"` + CustomDomain *string `json:"customDomain,omitempty"` + DeletionProtection *string `json:"deletionProtection,omitempty"` + // The device-remembering configuration for a user pool. A DescribeUserPool + // (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeUserPool.html) + // request returns a null value for this object when the user pool isn't configured + // to remember devices. When device remembering is active, you can remember + // a user's device with a ConfirmDevice (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_ConfirmDevice.html) + // API request. Additionally. when the property DeviceOnlyRememberedOnUserPrompt + // is true, you must follow ConfirmDevice with an UpdateDeviceStatus (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateDeviceStatus.html) + // API request that sets the user's device to remembered or not_remembered. + // + // To sign in with a remembered device, include DEVICE_KEY in the authentication + // parameters in your user's InitiateAuth (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_InitiateAuth.html) + // request. If your app doesn't include a DEVICE_KEY parameter, the response + // (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_InitiateAuth.html#API_InitiateAuth_ResponseSyntax) + // from Amazon Cognito includes newly-generated DEVICE_KEY and DEVICE_GROUP_KEY + // values under NewDeviceMetadata. Store these values to use in future device-authentication + // requests. + // + // When you provide a value for any property of DeviceConfiguration, you activate + // the device remembering for the user pool. + DeviceConfiguration *DeviceConfigurationType `json:"deviceConfiguration,omitempty"` + Domain *string `json:"domain,omitempty"` + // The email configuration of your user pool. The email configuration type sets + // your preferred sending method, Amazon Web Services Region, and sender for + // messages from your user pool. + // + // Amazon Cognito can send email messages with Amazon Simple Email Service resources + // in the Amazon Web Services Region where you created your user pool, and in + // alternate Regions in some cases. For more information on the supported Regions, + // see Email settings for Amazon Cognito user pools (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-email.html). + EmailConfiguration *EmailConfigurationType `json:"emailConfiguration,omitempty"` + EmailConfigurationFailure *string `json:"emailConfigurationFailure,omitempty"` + EmailVerificationMessage *string `json:"emailVerificationMessage,omitempty"` + EmailVerificationSubject *string `json:"emailVerificationSubject,omitempty"` + EstimatedNumberOfUsers *int64 `json:"estimatedNumberOfUsers,omitempty"` + ID *string `json:"id,omitempty"` + // Specifies the configuration for Lambda triggers. + LambdaConfig *LambdaConfigType `json:"lambdaConfig,omitempty"` + LastModifiedDate *metav1.Time `json:"lastModifiedDate,omitempty"` + MFAConfiguration *string `json:"mfaConfiguration,omitempty"` + Name *string `json:"name,omitempty"` + // The policy associated with a user pool. + Policies *UserPoolPolicyType `json:"policies,omitempty"` + SchemaAttributes []*SchemaAttributeType `json:"schemaAttributes,omitempty"` + SmsAuthenticationMessage *string `json:"smsAuthenticationMessage,omitempty"` + // The SMS configuration type is the settings that your Amazon Cognito user + // pool must use to send an SMS message from your Amazon Web Services account + // through Amazon Simple Notification Service. To send SMS messages with Amazon + // SNS in the Amazon Web Services Region that you want, the Amazon Cognito user + // pool uses an Identity and Access Management (IAM) role in your Amazon Web + // Services account. + SmsConfiguration *SmsConfigurationType `json:"smsConfiguration,omitempty"` + SmsConfigurationFailure *string `json:"smsConfigurationFailure,omitempty"` + SmsVerificationMessage *string `json:"smsVerificationMessage,omitempty"` + Status *string `json:"status,omitempty"` + // The settings for updates to user attributes. These settings include the property + // AttributesRequireVerificationBeforeUpdate, a user-pool setting that tells + // Amazon Cognito how to handle changes to the value of your users' email address + // and phone number attributes. For more information, see Verifying updates + // to email addresses and phone numbers (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-email-phone-verification.html#user-pool-settings-verifications-verify-attribute-updates). + UserAttributeUpdateSettings *UserAttributeUpdateSettingsType `json:"userAttributeUpdateSettings,omitempty"` + // User pool add-ons. Contains settings for activation of advanced security + // features. To log user security information but take no action, set to AUDIT. + // To configure automatic security responses to risky traffic to your user pool, + // set to ENFORCED. + // + // For more information, see Adding advanced security to a user pool (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-advanced-security.html). + UserPoolAddOns *UserPoolAddOnsType `json:"userPoolAddOns,omitempty"` + UserPoolTags map[string]*string `json:"userPoolTags,omitempty"` + UsernameAttributes []*string `json:"usernameAttributes,omitempty"` + // The username configuration type. + UsernameConfiguration *UsernameConfigurationType `json:"usernameConfiguration,omitempty"` + // The template for verification messages. + VerificationMessageTemplate *VerificationMessageTemplateType `json:"verificationMessageTemplate,omitempty"` +} + +// A user profile in a Amazon Cognito user pool. +type UserType struct { + Enabled *bool `json:"enabled,omitempty"` + UserCreateDate *metav1.Time `json:"userCreateDate,omitempty"` + UserLastModifiedDate *metav1.Time `json:"userLastModifiedDate,omitempty"` +} + +// The username configuration type. +type UsernameConfigurationType struct { + CaseSensitive *bool `json:"caseSensitive,omitempty"` +} + +// The template for verification messages. +type VerificationMessageTemplateType struct { + DefaultEmailOption *string `json:"defaultEmailOption,omitempty"` + EmailMessage *string `json:"emailMessage,omitempty"` + EmailMessageByLink *string `json:"emailMessageByLink,omitempty"` + EmailSubject *string `json:"emailSubject,omitempty"` + EmailSubjectByLink *string `json:"emailSubjectByLink,omitempty"` + SmsMessage *string `json:"smsMessage,omitempty"` +} diff --git a/apis/v1alpha1/user_pool.go b/apis/v1alpha1/user_pool.go new file mode 100644 index 0000000..5396863 --- /dev/null +++ b/apis/v1alpha1/user_pool.go @@ -0,0 +1,233 @@ +// Copyright Amazon.com Inc. or its affiliates. All Rights Reserved. +// +// Licensed under the Apache License, Version 2.0 (the "License"). You may +// not use this file except in compliance with the License. A copy of the +// License is located at +// +// http://aws.amazon.com/apache2.0/ +// +// or in the "license" file accompanying this file. This file is distributed +// on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either +// express or implied. See the License for the specific language governing +// permissions and limitations under the License. + +// Code generated by ack-generate. DO NOT EDIT. + +package v1alpha1 + +import ( + ackv1alpha1 "github.com/aws-controllers-k8s/runtime/apis/core/v1alpha1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +// UserPoolSpec defines the desired state of UserPool. +type UserPoolSpec struct { + + // The available verified method a user can use to recover their password when + // they call ForgotPassword. You can use this setting to define a preferred + // method when a user has more than one method available. With this setting, + // SMS doesn't qualify for a valid password recovery mechanism if the user also + // has SMS multi-factor authentication (MFA) activated. In the absence of this + // setting, Amazon Cognito uses the legacy behavior to determine the recovery + // method where SMS is preferred through email. + AccountRecoverySetting *AccountRecoverySettingType `json:"accountRecoverySetting,omitempty"` + // The configuration for AdminCreateUser requests. + AdminCreateUserConfig *AdminCreateUserConfigType `json:"adminCreateUserConfig,omitempty"` + // Attributes supported as an alias for this user pool. Possible values: phone_number, + // email, or preferred_username. + AliasAttributes []*string `json:"aliasAttributes,omitempty"` + // The attributes to be auto-verified. Possible values: email, phone_number. + AutoVerifiedAttributes []*string `json:"autoVerifiedAttributes,omitempty"` + // When active, DeletionProtection prevents accidental deletion of your user + // pool. Before you can delete a user pool that you have protected against deletion, + // you must deactivate this feature. + // + // When you try to delete a protected user pool in a DeleteUserPool API request, + // Amazon Cognito returns an InvalidParameterException error. To delete a protected + // user pool, send a new DeleteUserPool request after you deactivate deletion + // protection in an UpdateUserPool API request. + DeletionProtection *string `json:"deletionProtection,omitempty"` + // The device-remembering configuration for a user pool. A null value indicates + // that you have deactivated device remembering in your user pool. + // + // When you provide a value for any DeviceConfiguration field, you activate + // the Amazon Cognito device-remembering feature. + DeviceConfiguration *DeviceConfigurationType `json:"deviceConfiguration,omitempty"` + // The email configuration of your user pool. The email configuration type sets + // your preferred sending method, Amazon Web Services Region, and sender for + // messages from your user pool. + EmailConfiguration *EmailConfigurationType `json:"emailConfiguration,omitempty"` + // This parameter is no longer used. See VerificationMessageTemplateType (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_VerificationMessageTemplateType.html). + EmailVerificationMessage *string `json:"emailVerificationMessage,omitempty"` + // This parameter is no longer used. See VerificationMessageTemplateType (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_VerificationMessageTemplateType.html). + EmailVerificationSubject *string `json:"emailVerificationSubject,omitempty"` + // The Lambda trigger configuration information for the new user pool. + // + // In a push model, event sources (such as Amazon S3 and custom applications) + // need permission to invoke a function. So you must make an extra call to add + // permission for these event sources to invoke your Lambda function. + // + // For more information on using the Lambda API to add permission, see AddPermission + // (https://docs.aws.amazon.com/lambda/latest/dg/API_AddPermission.html). + // + // For adding permission using the CLI, see add-permission (https://docs.aws.amazon.com/cli/latest/reference/lambda/add-permission.html). + LambdaConfig *LambdaConfigType `json:"lambdaConfig,omitempty"` + // Specifies MFA configuration details. + MFAConfiguration *string `json:"mfaConfiguration,omitempty"` + // A string used to name the user pool. + // +kubebuilder:validation:Required + Name *string `json:"name"` + // The policies associated with the new user pool. + Policies *UserPoolPolicyType `json:"policies,omitempty"` + // An array of schema attributes for the new user pool. These attributes can + // be standard or custom attributes. + Schema []*SchemaAttributeType `json:"schema,omitempty"` + // A string representing the SMS authentication message. + SmsAuthenticationMessage *string `json:"smsAuthenticationMessage,omitempty"` + // The SMS configuration with the settings that your Amazon Cognito user pool + // must use to send an SMS message from your Amazon Web Services account through + // Amazon Simple Notification Service. To send SMS messages with Amazon SNS + // in the Amazon Web Services Region that you want, the Amazon Cognito user + // pool uses an Identity and Access Management (IAM) role in your Amazon Web + // Services account. + SmsConfiguration *SmsConfigurationType `json:"smsConfiguration,omitempty"` + // This parameter is no longer used. See VerificationMessageTemplateType (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_VerificationMessageTemplateType.html). + SmsVerificationMessage *string `json:"smsVerificationMessage,omitempty"` + // The settings for updates to user attributes. These settings include the property + // AttributesRequireVerificationBeforeUpdate, a user-pool setting that tells + // Amazon Cognito how to handle changes to the value of your users' email address + // and phone number attributes. For more information, see Verifying updates + // to email addresses and phone numbers (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-email-phone-verification.html#user-pool-settings-verifications-verify-attribute-updates). + UserAttributeUpdateSettings *UserAttributeUpdateSettingsType `json:"userAttributeUpdateSettings,omitempty"` + // User pool add-ons. Contains settings for activation of advanced security + // features. To log user security information but take no action, set to AUDIT. + // To configure automatic security responses to risky traffic to your user pool, + // set to ENFORCED. + // + // For more information, see Adding advanced security to a user pool (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-advanced-security.html). + UserPoolAddOns *UserPoolAddOnsType `json:"userPoolAddOns,omitempty"` + // The tag keys and values to assign to the user pool. A tag is a label that + // you can use to categorize and manage user pools in different ways, such as + // by purpose, owner, environment, or other criteria. + UserPoolTags map[string]*string `json:"userPoolTags,omitempty"` + // Specifies whether a user can use an email address or phone number as a username + // when they sign up. + UsernameAttributes []*string `json:"usernameAttributes,omitempty"` + // Case sensitivity on the username input for the selected sign-in option. When + // case sensitivity is set to False (case insensitive), users can sign in with + // any combination of capital and lowercase letters. For example, username, + // USERNAME, or UserName, or for email, email@example.com or EMaiL@eXamplE.Com. + // For most use cases, set case sensitivity to False (case insensitive) as a + // best practice. When usernames and email addresses are case insensitive, Amazon + // Cognito treats any variation in case as the same user, and prevents a case + // variation from being assigned to the same attribute for a different user. + // + // This configuration is immutable after you set it. For more information, see + // UsernameConfigurationType (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UsernameConfigurationType.html). + UsernameConfiguration *UsernameConfigurationType `json:"usernameConfiguration,omitempty"` + // The template for the verification message that the user sees when the app + // requests permission to access the user's information. + VerificationMessageTemplate *VerificationMessageTemplateType `json:"verificationMessageTemplate,omitempty"` +} + +// UserPoolStatus defines the observed state of UserPool +type UserPoolStatus struct { + // All CRs managed by ACK have a common `Status.ACKResourceMetadata` member + // that is used to contain resource sync state, account ownership, + // constructed ARN for the resource + // +kubebuilder:validation:Optional + ACKResourceMetadata *ackv1alpha1.ResourceMetadata `json:"ackResourceMetadata"` + // All CRS managed by ACK have a common `Status.Conditions` member that + // contains a collection of `ackv1alpha1.Condition` objects that describe + // the various terminal states of the CR and its backend AWS service API + // resource + // +kubebuilder:validation:Optional + Conditions []*ackv1alpha1.Condition `json:"conditions"` + // The date and time when the item was created. Amazon Cognito returns this + // timestamp in UNIX epoch time format. Your SDK might render the output in + // a human-readable format like ISO 8601 or a Java Date object. + // +kubebuilder:validation:Optional + CreationDate *metav1.Time `json:"creationDate,omitempty"` + // A custom domain name that you provide to Amazon Cognito. This parameter applies + // only if you use a custom domain to host the sign-up and sign-in pages for + // your application. An example of a custom domain name might be auth.example.com. + // + // For more information about adding a custom domain to your user pool, see + // Using Your Own Domain for the Hosted UI (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-add-custom-domain.html). + // +kubebuilder:validation:Optional + CustomDomain *string `json:"customDomain,omitempty"` + // The domain prefix, if the user pool has a domain associated with it. + // +kubebuilder:validation:Optional + Domain *string `json:"domain,omitempty"` + // Deprecated. Review error codes from API requests with EventSource:cognito-idp.amazonaws.com + // in CloudTrail for information about problems with user pool email configuration. + // +kubebuilder:validation:Optional + EmailConfigurationFailure *string `json:"emailConfigurationFailure,omitempty"` + // A number estimating the size of the user pool. + // +kubebuilder:validation:Optional + EstimatedNumberOfUsers *int64 `json:"estimatedNumberOfUsers,omitempty"` + // The ID of the user pool. + // +kubebuilder:validation:Optional + ID *string `json:"id,omitempty"` + // The date and time when the item was modified. Amazon Cognito returns this + // timestamp in UNIX epoch time format. Your SDK might render the output in + // a human-readable format like ISO 8601 or a Java Date object. + // +kubebuilder:validation:Optional + LastModifiedDate *metav1.Time `json:"lastModifiedDate,omitempty"` + // A list of the user attributes and their properties in your user pool. The + // attribute schema contains standard attributes, custom attributes with a custom: + // prefix, and developer attributes with a dev: prefix. For more information, + // see User pool attributes (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-attributes.html). + // + // Developer-only attributes are a legacy feature of user pools, are read-only + // to all app clients. You can create and update developer-only attributes only + // with IAM-authenticated API operations. Use app client read/write permissions + // instead. + // +kubebuilder:validation:Optional + SchemaAttributes []*SchemaAttributeType `json:"schemaAttributes,omitempty"` + // The reason why the SMS configuration can't send the messages to your users. + // + // This message might include comma-separated values to describe why your SMS + // configuration can't send messages to user pool end users. + // + // InvalidSmsRoleAccessPolicyException + // + // The Identity and Access Management role that Amazon Cognito uses to send + // SMS messages isn't properly configured. For more information, see SmsConfigurationType + // (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_SmsConfigurationType.html). + // + // SNSSandbox + // + // The Amazon Web Services account is in the SNS SMS Sandbox and messages will + // only reach verified end users. This parameter won’t get populated with + // SNSSandbox if the user creating the user pool doesn’t have SNS permissions. + // To learn how to move your Amazon Web Services account out of the sandbox, + // see Moving out of the SMS sandbox (https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox-moving-to-production.html). + // +kubebuilder:validation:Optional + SmsConfigurationFailure *string `json:"smsConfigurationFailure,omitempty"` + // This parameter is no longer used. + // +kubebuilder:validation:Optional + Status *string `json:"status,omitempty"` +} + +// UserPool is the Schema for the UserPools API +// +kubebuilder:object:root=true +// +kubebuilder:subresource:status +type UserPool struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + Spec UserPoolSpec `json:"spec,omitempty"` + Status UserPoolStatus `json:"status,omitempty"` +} + +// UserPoolList contains a list of UserPool +// +kubebuilder:object:root=true +type UserPoolList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + Items []UserPool `json:"items"` +} + +func init() { + SchemeBuilder.Register(&UserPool{}, &UserPoolList{}) +} diff --git a/apis/v1alpha1/zz_generated.deepcopy.go b/apis/v1alpha1/zz_generated.deepcopy.go new file mode 100644 index 0000000..ee186f1 --- /dev/null +++ b/apis/v1alpha1/zz_generated.deepcopy.go @@ -0,0 +1,2121 @@ +//go:build !ignore_autogenerated + +// Copyright Amazon.com Inc. or its affiliates. All Rights Reserved. +// +// Licensed under the Apache License, Version 2.0 (the "License"). You may +// not use this file except in compliance with the License. A copy of the +// License is located at +// +// http://aws.amazon.com/apache2.0/ +// +// or in the "license" file accompanying this file. This file is distributed +// on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either +// express or implied. See the License for the specific language governing +// permissions and limitations under the License. + +// Code generated by ack-generate. DO NOT EDIT. + +// Code generated by controller-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + corev1alpha1 "github.com/aws-controllers-k8s/runtime/apis/core/v1alpha1" + runtime "k8s.io/apimachinery/pkg/runtime" +) + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *AccountRecoverySettingType) DeepCopyInto(out *AccountRecoverySettingType) { + *out = *in + if in.RecoveryMechanisms != nil { + in, out := &in.RecoveryMechanisms, &out.RecoveryMechanisms + *out = make([]*RecoveryOptionType, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(RecoveryOptionType) + (*in).DeepCopyInto(*out) + } + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AccountRecoverySettingType. +func (in *AccountRecoverySettingType) DeepCopy() *AccountRecoverySettingType { + if in == nil { + return nil + } + out := new(AccountRecoverySettingType) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *AdminCreateUserConfigType) DeepCopyInto(out *AdminCreateUserConfigType) { + *out = *in + if in.AllowAdminCreateUserOnly != nil { + in, out := &in.AllowAdminCreateUserOnly, &out.AllowAdminCreateUserOnly + *out = new(bool) + **out = **in + } + if in.InviteMessageTemplate != nil { + in, out := &in.InviteMessageTemplate, &out.InviteMessageTemplate + *out = new(MessageTemplateType) + (*in).DeepCopyInto(*out) + } + if in.UnusedAccountValidityDays != nil { + in, out := &in.UnusedAccountValidityDays, &out.UnusedAccountValidityDays + *out = new(int64) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AdminCreateUserConfigType. +func (in *AdminCreateUserConfigType) DeepCopy() *AdminCreateUserConfigType { + if in == nil { + return nil + } + out := new(AdminCreateUserConfigType) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *AnalyticsConfigurationType) DeepCopyInto(out *AnalyticsConfigurationType) { + *out = *in + if in.ApplicationARN != nil { + in, out := &in.ApplicationARN, &out.ApplicationARN + *out = new(string) + **out = **in + } + if in.ExternalID != nil { + in, out := &in.ExternalID, &out.ExternalID + *out = new(string) + **out = **in + } + if in.RoleARN != nil { + in, out := &in.RoleARN, &out.RoleARN + *out = new(string) + **out = **in + } + if in.UserDataShared != nil { + in, out := &in.UserDataShared, &out.UserDataShared + *out = new(bool) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AnalyticsConfigurationType. +func (in *AnalyticsConfigurationType) DeepCopy() *AnalyticsConfigurationType { + if in == nil { + return nil + } + out := new(AnalyticsConfigurationType) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *AnalyticsMetadataType) DeepCopyInto(out *AnalyticsMetadataType) { + *out = *in + if in.AnalyticsEndpointID != nil { + in, out := &in.AnalyticsEndpointID, &out.AnalyticsEndpointID + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AnalyticsMetadataType. +func (in *AnalyticsMetadataType) DeepCopy() *AnalyticsMetadataType { + if in == nil { + return nil + } + out := new(AnalyticsMetadataType) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *AuthEventType) DeepCopyInto(out *AuthEventType) { + *out = *in + if in.CreationDate != nil { + in, out := &in.CreationDate, &out.CreationDate + *out = (*in).DeepCopy() + } + if in.EventID != nil { + in, out := &in.EventID, &out.EventID + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthEventType. +func (in *AuthEventType) DeepCopy() *AuthEventType { + if in == nil { + return nil + } + out := new(AuthEventType) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *AuthenticationResultType) DeepCopyInto(out *AuthenticationResultType) { + *out = *in + if in.ExpiresIn != nil { + in, out := &in.ExpiresIn, &out.ExpiresIn + *out = new(int64) + **out = **in + } + if in.TokenType != nil { + in, out := &in.TokenType, &out.TokenType + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthenticationResultType. +func (in *AuthenticationResultType) DeepCopy() *AuthenticationResultType { + if in == nil { + return nil + } + out := new(AuthenticationResultType) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CloudWatchLogsConfigurationType) DeepCopyInto(out *CloudWatchLogsConfigurationType) { + *out = *in + if in.LogGroupARN != nil { + in, out := &in.LogGroupARN, &out.LogGroupARN + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CloudWatchLogsConfigurationType. +func (in *CloudWatchLogsConfigurationType) DeepCopy() *CloudWatchLogsConfigurationType { + if in == nil { + return nil + } + out := new(CloudWatchLogsConfigurationType) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CodeDeliveryDetailsType) DeepCopyInto(out *CodeDeliveryDetailsType) { + *out = *in + if in.Destination != nil { + in, out := &in.Destination, &out.Destination + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CodeDeliveryDetailsType. +func (in *CodeDeliveryDetailsType) DeepCopy() *CodeDeliveryDetailsType { + if in == nil { + return nil + } + out := new(CodeDeliveryDetailsType) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ContextDataType) DeepCopyInto(out *ContextDataType) { + *out = *in + if in.EncodedData != nil { + in, out := &in.EncodedData, &out.EncodedData + *out = new(string) + **out = **in + } + if in.IPAddress != nil { + in, out := &in.IPAddress, &out.IPAddress + *out = new(string) + **out = **in + } + if in.ServerName != nil { + in, out := &in.ServerName, &out.ServerName + *out = new(string) + **out = **in + } + if in.ServerPath != nil { + in, out := &in.ServerPath, &out.ServerPath + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ContextDataType. +func (in *ContextDataType) DeepCopy() *ContextDataType { + if in == nil { + return nil + } + out := new(ContextDataType) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CustomDomainConfigType) DeepCopyInto(out *CustomDomainConfigType) { + *out = *in + if in.CertificateARN != nil { + in, out := &in.CertificateARN, &out.CertificateARN + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CustomDomainConfigType. +func (in *CustomDomainConfigType) DeepCopy() *CustomDomainConfigType { + if in == nil { + return nil + } + out := new(CustomDomainConfigType) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CustomEmailLambdaVersionConfigType) DeepCopyInto(out *CustomEmailLambdaVersionConfigType) { + *out = *in + if in.LambdaARN != nil { + in, out := &in.LambdaARN, &out.LambdaARN + *out = new(string) + **out = **in + } + if in.LambdaVersion != nil { + in, out := &in.LambdaVersion, &out.LambdaVersion + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CustomEmailLambdaVersionConfigType. +func (in *CustomEmailLambdaVersionConfigType) DeepCopy() *CustomEmailLambdaVersionConfigType { + if in == nil { + return nil + } + out := new(CustomEmailLambdaVersionConfigType) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CustomSMSLambdaVersionConfigType) DeepCopyInto(out *CustomSMSLambdaVersionConfigType) { + *out = *in + if in.LambdaARN != nil { + in, out := &in.LambdaARN, &out.LambdaARN + *out = new(string) + **out = **in + } + if in.LambdaVersion != nil { + in, out := &in.LambdaVersion, &out.LambdaVersion + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CustomSMSLambdaVersionConfigType. +func (in *CustomSMSLambdaVersionConfigType) DeepCopy() *CustomSMSLambdaVersionConfigType { + if in == nil { + return nil + } + out := new(CustomSMSLambdaVersionConfigType) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *DeviceConfigurationType) DeepCopyInto(out *DeviceConfigurationType) { + *out = *in + if in.ChallengeRequiredOnNewDevice != nil { + in, out := &in.ChallengeRequiredOnNewDevice, &out.ChallengeRequiredOnNewDevice + *out = new(bool) + **out = **in + } + if in.DeviceOnlyRememberedOnUserPrompt != nil { + in, out := &in.DeviceOnlyRememberedOnUserPrompt, &out.DeviceOnlyRememberedOnUserPrompt + *out = new(bool) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeviceConfigurationType. +func (in *DeviceConfigurationType) DeepCopy() *DeviceConfigurationType { + if in == nil { + return nil + } + out := new(DeviceConfigurationType) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *DeviceSecretVerifierConfigType) DeepCopyInto(out *DeviceSecretVerifierConfigType) { + *out = *in + if in.PasswordVerifier != nil { + in, out := &in.PasswordVerifier, &out.PasswordVerifier + *out = new(string) + **out = **in + } + if in.Salt != nil { + in, out := &in.Salt, &out.Salt + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeviceSecretVerifierConfigType. +func (in *DeviceSecretVerifierConfigType) DeepCopy() *DeviceSecretVerifierConfigType { + if in == nil { + return nil + } + out := new(DeviceSecretVerifierConfigType) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *DeviceType) DeepCopyInto(out *DeviceType) { + *out = *in + if in.DeviceCreateDate != nil { + in, out := &in.DeviceCreateDate, &out.DeviceCreateDate + *out = (*in).DeepCopy() + } + if in.DeviceLastAuthenticatedDate != nil { + in, out := &in.DeviceLastAuthenticatedDate, &out.DeviceLastAuthenticatedDate + *out = (*in).DeepCopy() + } + if in.DeviceLastModifiedDate != nil { + in, out := &in.DeviceLastModifiedDate, &out.DeviceLastModifiedDate + *out = (*in).DeepCopy() + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeviceType. +func (in *DeviceType) DeepCopy() *DeviceType { + if in == nil { + return nil + } + out := new(DeviceType) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *DomainDescriptionType) DeepCopyInto(out *DomainDescriptionType) { + *out = *in + if in.CloudFrontDistribution != nil { + in, out := &in.CloudFrontDistribution, &out.CloudFrontDistribution + *out = new(string) + **out = **in + } + if in.Domain != nil { + in, out := &in.Domain, &out.Domain + *out = new(string) + **out = **in + } + if in.UserPoolID != nil { + in, out := &in.UserPoolID, &out.UserPoolID + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DomainDescriptionType. +func (in *DomainDescriptionType) DeepCopy() *DomainDescriptionType { + if in == nil { + return nil + } + out := new(DomainDescriptionType) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *EmailConfigurationType) DeepCopyInto(out *EmailConfigurationType) { + *out = *in + if in.ConfigurationSet != nil { + in, out := &in.ConfigurationSet, &out.ConfigurationSet + *out = new(string) + **out = **in + } + if in.EmailSendingAccount != nil { + in, out := &in.EmailSendingAccount, &out.EmailSendingAccount + *out = new(string) + **out = **in + } + if in.From != nil { + in, out := &in.From, &out.From + *out = new(string) + **out = **in + } + if in.ReplyToEmailAddress != nil { + in, out := &in.ReplyToEmailAddress, &out.ReplyToEmailAddress + *out = new(string) + **out = **in + } + if in.SourceARN != nil { + in, out := &in.SourceARN, &out.SourceARN + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EmailConfigurationType. +func (in *EmailConfigurationType) DeepCopy() *EmailConfigurationType { + if in == nil { + return nil + } + out := new(EmailConfigurationType) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *EventContextDataType) DeepCopyInto(out *EventContextDataType) { + *out = *in + if in.City != nil { + in, out := &in.City, &out.City + *out = new(string) + **out = **in + } + if in.Country != nil { + in, out := &in.Country, &out.Country + *out = new(string) + **out = **in + } + if in.DeviceName != nil { + in, out := &in.DeviceName, &out.DeviceName + *out = new(string) + **out = **in + } + if in.IPAddress != nil { + in, out := &in.IPAddress, &out.IPAddress + *out = new(string) + **out = **in + } + if in.Timezone != nil { + in, out := &in.Timezone, &out.Timezone + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EventContextDataType. +func (in *EventContextDataType) DeepCopy() *EventContextDataType { + if in == nil { + return nil + } + out := new(EventContextDataType) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *EventFeedbackType) DeepCopyInto(out *EventFeedbackType) { + *out = *in + if in.FeedbackDate != nil { + in, out := &in.FeedbackDate, &out.FeedbackDate + *out = (*in).DeepCopy() + } + if in.Provider != nil { + in, out := &in.Provider, &out.Provider + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EventFeedbackType. +func (in *EventFeedbackType) DeepCopy() *EventFeedbackType { + if in == nil { + return nil + } + out := new(EventFeedbackType) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *EventRiskType) DeepCopyInto(out *EventRiskType) { + *out = *in + if in.CompromisedCredentialsDetected != nil { + in, out := &in.CompromisedCredentialsDetected, &out.CompromisedCredentialsDetected + *out = new(bool) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EventRiskType. +func (in *EventRiskType) DeepCopy() *EventRiskType { + if in == nil { + return nil + } + out := new(EventRiskType) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *GroupType) DeepCopyInto(out *GroupType) { + *out = *in + if in.CreationDate != nil { + in, out := &in.CreationDate, &out.CreationDate + *out = (*in).DeepCopy() + } + if in.LastModifiedDate != nil { + in, out := &in.LastModifiedDate, &out.LastModifiedDate + *out = (*in).DeepCopy() + } + if in.RoleARN != nil { + in, out := &in.RoleARN, &out.RoleARN + *out = new(string) + **out = **in + } + if in.UserPoolID != nil { + in, out := &in.UserPoolID, &out.UserPoolID + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GroupType. +func (in *GroupType) DeepCopy() *GroupType { + if in == nil { + return nil + } + out := new(GroupType) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *HTTPHeader) DeepCopyInto(out *HTTPHeader) { + *out = *in + if in.HeaderName != nil { + in, out := &in.HeaderName, &out.HeaderName + *out = new(string) + **out = **in + } + if in.HeaderValue != nil { + in, out := &in.HeaderValue, &out.HeaderValue + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HTTPHeader. +func (in *HTTPHeader) DeepCopy() *HTTPHeader { + if in == nil { + return nil + } + out := new(HTTPHeader) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IdentityProviderType) DeepCopyInto(out *IdentityProviderType) { + *out = *in + if in.CreationDate != nil { + in, out := &in.CreationDate, &out.CreationDate + *out = (*in).DeepCopy() + } + if in.LastModifiedDate != nil { + in, out := &in.LastModifiedDate, &out.LastModifiedDate + *out = (*in).DeepCopy() + } + if in.UserPoolID != nil { + in, out := &in.UserPoolID, &out.UserPoolID + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IdentityProviderType. +func (in *IdentityProviderType) DeepCopy() *IdentityProviderType { + if in == nil { + return nil + } + out := new(IdentityProviderType) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *LambdaConfigType) DeepCopyInto(out *LambdaConfigType) { + *out = *in + if in.CreateAuthChallenge != nil { + in, out := &in.CreateAuthChallenge, &out.CreateAuthChallenge + *out = new(string) + **out = **in + } + if in.CustomEmailSender != nil { + in, out := &in.CustomEmailSender, &out.CustomEmailSender + *out = new(CustomEmailLambdaVersionConfigType) + (*in).DeepCopyInto(*out) + } + if in.CustomMessage != nil { + in, out := &in.CustomMessage, &out.CustomMessage + *out = new(string) + **out = **in + } + if in.CustomSMSSender != nil { + in, out := &in.CustomSMSSender, &out.CustomSMSSender + *out = new(CustomSMSLambdaVersionConfigType) + (*in).DeepCopyInto(*out) + } + if in.DefineAuthChallenge != nil { + in, out := &in.DefineAuthChallenge, &out.DefineAuthChallenge + *out = new(string) + **out = **in + } + if in.KMSKeyID != nil { + in, out := &in.KMSKeyID, &out.KMSKeyID + *out = new(string) + **out = **in + } + if in.PostAuthentication != nil { + in, out := &in.PostAuthentication, &out.PostAuthentication + *out = new(string) + **out = **in + } + if in.PostConfirmation != nil { + in, out := &in.PostConfirmation, &out.PostConfirmation + *out = new(string) + **out = **in + } + if in.PreAuthentication != nil { + in, out := &in.PreAuthentication, &out.PreAuthentication + *out = new(string) + **out = **in + } + if in.PreSignUp != nil { + in, out := &in.PreSignUp, &out.PreSignUp + *out = new(string) + **out = **in + } + if in.PreTokenGeneration != nil { + in, out := &in.PreTokenGeneration, &out.PreTokenGeneration + *out = new(string) + **out = **in + } + if in.PreTokenGenerationConfig != nil { + in, out := &in.PreTokenGenerationConfig, &out.PreTokenGenerationConfig + *out = new(PreTokenGenerationVersionConfigType) + (*in).DeepCopyInto(*out) + } + if in.UserMigration != nil { + in, out := &in.UserMigration, &out.UserMigration + *out = new(string) + **out = **in + } + if in.VerifyAuthChallengeResponse != nil { + in, out := &in.VerifyAuthChallengeResponse, &out.VerifyAuthChallengeResponse + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LambdaConfigType. +func (in *LambdaConfigType) DeepCopy() *LambdaConfigType { + if in == nil { + return nil + } + out := new(LambdaConfigType) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *LogDeliveryConfigurationType) DeepCopyInto(out *LogDeliveryConfigurationType) { + *out = *in + if in.UserPoolID != nil { + in, out := &in.UserPoolID, &out.UserPoolID + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LogDeliveryConfigurationType. +func (in *LogDeliveryConfigurationType) DeepCopy() *LogDeliveryConfigurationType { + if in == nil { + return nil + } + out := new(LogDeliveryConfigurationType) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MessageTemplateType) DeepCopyInto(out *MessageTemplateType) { + *out = *in + if in.EmailMessage != nil { + in, out := &in.EmailMessage, &out.EmailMessage + *out = new(string) + **out = **in + } + if in.EmailSubject != nil { + in, out := &in.EmailSubject, &out.EmailSubject + *out = new(string) + **out = **in + } + if in.SMSMessage != nil { + in, out := &in.SMSMessage, &out.SMSMessage + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MessageTemplateType. +func (in *MessageTemplateType) DeepCopy() *MessageTemplateType { + if in == nil { + return nil + } + out := new(MessageTemplateType) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *NewDeviceMetadataType) DeepCopyInto(out *NewDeviceMetadataType) { + *out = *in + if in.DeviceGroupKey != nil { + in, out := &in.DeviceGroupKey, &out.DeviceGroupKey + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NewDeviceMetadataType. +func (in *NewDeviceMetadataType) DeepCopy() *NewDeviceMetadataType { + if in == nil { + return nil + } + out := new(NewDeviceMetadataType) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *NotifyConfigurationType) DeepCopyInto(out *NotifyConfigurationType) { + *out = *in + if in.From != nil { + in, out := &in.From, &out.From + *out = new(string) + **out = **in + } + if in.ReplyTo != nil { + in, out := &in.ReplyTo, &out.ReplyTo + *out = new(string) + **out = **in + } + if in.SourceARN != nil { + in, out := &in.SourceARN, &out.SourceARN + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NotifyConfigurationType. +func (in *NotifyConfigurationType) DeepCopy() *NotifyConfigurationType { + if in == nil { + return nil + } + out := new(NotifyConfigurationType) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *NumberAttributeConstraintsType) DeepCopyInto(out *NumberAttributeConstraintsType) { + *out = *in + if in.MaxValue != nil { + in, out := &in.MaxValue, &out.MaxValue + *out = new(string) + **out = **in + } + if in.MinValue != nil { + in, out := &in.MinValue, &out.MinValue + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NumberAttributeConstraintsType. +func (in *NumberAttributeConstraintsType) DeepCopy() *NumberAttributeConstraintsType { + if in == nil { + return nil + } + out := new(NumberAttributeConstraintsType) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PasswordPolicyType) DeepCopyInto(out *PasswordPolicyType) { + *out = *in + if in.MinimumLength != nil { + in, out := &in.MinimumLength, &out.MinimumLength + *out = new(int64) + **out = **in + } + if in.RequireLowercase != nil { + in, out := &in.RequireLowercase, &out.RequireLowercase + *out = new(bool) + **out = **in + } + if in.RequireNumbers != nil { + in, out := &in.RequireNumbers, &out.RequireNumbers + *out = new(bool) + **out = **in + } + if in.RequireSymbols != nil { + in, out := &in.RequireSymbols, &out.RequireSymbols + *out = new(bool) + **out = **in + } + if in.RequireUppercase != nil { + in, out := &in.RequireUppercase, &out.RequireUppercase + *out = new(bool) + **out = **in + } + if in.TemporaryPasswordValidityDays != nil { + in, out := &in.TemporaryPasswordValidityDays, &out.TemporaryPasswordValidityDays + *out = new(int64) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PasswordPolicyType. +func (in *PasswordPolicyType) DeepCopy() *PasswordPolicyType { + if in == nil { + return nil + } + out := new(PasswordPolicyType) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PreTokenGenerationVersionConfigType) DeepCopyInto(out *PreTokenGenerationVersionConfigType) { + *out = *in + if in.LambdaARN != nil { + in, out := &in.LambdaARN, &out.LambdaARN + *out = new(string) + **out = **in + } + if in.LambdaVersion != nil { + in, out := &in.LambdaVersion, &out.LambdaVersion + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PreTokenGenerationVersionConfigType. +func (in *PreTokenGenerationVersionConfigType) DeepCopy() *PreTokenGenerationVersionConfigType { + if in == nil { + return nil + } + out := new(PreTokenGenerationVersionConfigType) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ProviderDescription) DeepCopyInto(out *ProviderDescription) { + *out = *in + if in.CreationDate != nil { + in, out := &in.CreationDate, &out.CreationDate + *out = (*in).DeepCopy() + } + if in.LastModifiedDate != nil { + in, out := &in.LastModifiedDate, &out.LastModifiedDate + *out = (*in).DeepCopy() + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProviderDescription. +func (in *ProviderDescription) DeepCopy() *ProviderDescription { + if in == nil { + return nil + } + out := new(ProviderDescription) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ProviderUserIdentifierType) DeepCopyInto(out *ProviderUserIdentifierType) { + *out = *in + if in.ProviderAttributeName != nil { + in, out := &in.ProviderAttributeName, &out.ProviderAttributeName + *out = new(string) + **out = **in + } + if in.ProviderAttributeValue != nil { + in, out := &in.ProviderAttributeValue, &out.ProviderAttributeValue + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProviderUserIdentifierType. +func (in *ProviderUserIdentifierType) DeepCopy() *ProviderUserIdentifierType { + if in == nil { + return nil + } + out := new(ProviderUserIdentifierType) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RecoveryOptionType) DeepCopyInto(out *RecoveryOptionType) { + *out = *in + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.Priority != nil { + in, out := &in.Priority, &out.Priority + *out = new(int64) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RecoveryOptionType. +func (in *RecoveryOptionType) DeepCopy() *RecoveryOptionType { + if in == nil { + return nil + } + out := new(RecoveryOptionType) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ResourceServerType) DeepCopyInto(out *ResourceServerType) { + *out = *in + if in.UserPoolID != nil { + in, out := &in.UserPoolID, &out.UserPoolID + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResourceServerType. +func (in *ResourceServerType) DeepCopy() *ResourceServerType { + if in == nil { + return nil + } + out := new(ResourceServerType) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RiskConfigurationType) DeepCopyInto(out *RiskConfigurationType) { + *out = *in + if in.LastModifiedDate != nil { + in, out := &in.LastModifiedDate, &out.LastModifiedDate + *out = (*in).DeepCopy() + } + if in.UserPoolID != nil { + in, out := &in.UserPoolID, &out.UserPoolID + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RiskConfigurationType. +func (in *RiskConfigurationType) DeepCopy() *RiskConfigurationType { + if in == nil { + return nil + } + out := new(RiskConfigurationType) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *SMSMFASettingsType) DeepCopyInto(out *SMSMFASettingsType) { + *out = *in + if in.Enabled != nil { + in, out := &in.Enabled, &out.Enabled + *out = new(bool) + **out = **in + } + if in.PreferredMFA != nil { + in, out := &in.PreferredMFA, &out.PreferredMFA + *out = new(bool) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SMSMFASettingsType. +func (in *SMSMFASettingsType) DeepCopy() *SMSMFASettingsType { + if in == nil { + return nil + } + out := new(SMSMFASettingsType) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *SchemaAttributeType) DeepCopyInto(out *SchemaAttributeType) { + *out = *in + if in.AttributeDataType != nil { + in, out := &in.AttributeDataType, &out.AttributeDataType + *out = new(string) + **out = **in + } + if in.DeveloperOnlyAttribute != nil { + in, out := &in.DeveloperOnlyAttribute, &out.DeveloperOnlyAttribute + *out = new(bool) + **out = **in + } + if in.Mutable != nil { + in, out := &in.Mutable, &out.Mutable + *out = new(bool) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.NumberAttributeConstraints != nil { + in, out := &in.NumberAttributeConstraints, &out.NumberAttributeConstraints + *out = new(NumberAttributeConstraintsType) + (*in).DeepCopyInto(*out) + } + if in.Required != nil { + in, out := &in.Required, &out.Required + *out = new(bool) + **out = **in + } + if in.StringAttributeConstraints != nil { + in, out := &in.StringAttributeConstraints, &out.StringAttributeConstraints + *out = new(StringAttributeConstraintsType) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SchemaAttributeType. +func (in *SchemaAttributeType) DeepCopy() *SchemaAttributeType { + if in == nil { + return nil + } + out := new(SchemaAttributeType) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *SmsConfigurationType) DeepCopyInto(out *SmsConfigurationType) { + *out = *in + if in.ExternalID != nil { + in, out := &in.ExternalID, &out.ExternalID + *out = new(string) + **out = **in + } + if in.SNSCallerARN != nil { + in, out := &in.SNSCallerARN, &out.SNSCallerARN + *out = new(string) + **out = **in + } + if in.SNSRegion != nil { + in, out := &in.SNSRegion, &out.SNSRegion + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SmsConfigurationType. +func (in *SmsConfigurationType) DeepCopy() *SmsConfigurationType { + if in == nil { + return nil + } + out := new(SmsConfigurationType) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *SmsMFAConfigType) DeepCopyInto(out *SmsMFAConfigType) { + *out = *in + if in.SmsAuthenticationMessage != nil { + in, out := &in.SmsAuthenticationMessage, &out.SmsAuthenticationMessage + *out = new(string) + **out = **in + } + if in.SmsConfiguration != nil { + in, out := &in.SmsConfiguration, &out.SmsConfiguration + *out = new(SmsConfigurationType) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SmsMFAConfigType. +func (in *SmsMFAConfigType) DeepCopy() *SmsMFAConfigType { + if in == nil { + return nil + } + out := new(SmsMFAConfigType) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *SoftwareTokenMFAConfigType) DeepCopyInto(out *SoftwareTokenMFAConfigType) { + *out = *in + if in.Enabled != nil { + in, out := &in.Enabled, &out.Enabled + *out = new(bool) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SoftwareTokenMFAConfigType. +func (in *SoftwareTokenMFAConfigType) DeepCopy() *SoftwareTokenMFAConfigType { + if in == nil { + return nil + } + out := new(SoftwareTokenMFAConfigType) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *SoftwareTokenMFASettingsType) DeepCopyInto(out *SoftwareTokenMFASettingsType) { + *out = *in + if in.Enabled != nil { + in, out := &in.Enabled, &out.Enabled + *out = new(bool) + **out = **in + } + if in.PreferredMFA != nil { + in, out := &in.PreferredMFA, &out.PreferredMFA + *out = new(bool) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SoftwareTokenMFASettingsType. +func (in *SoftwareTokenMFASettingsType) DeepCopy() *SoftwareTokenMFASettingsType { + if in == nil { + return nil + } + out := new(SoftwareTokenMFASettingsType) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *StringAttributeConstraintsType) DeepCopyInto(out *StringAttributeConstraintsType) { + *out = *in + if in.MaxLength != nil { + in, out := &in.MaxLength, &out.MaxLength + *out = new(string) + **out = **in + } + if in.MinLength != nil { + in, out := &in.MinLength, &out.MinLength + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new StringAttributeConstraintsType. +func (in *StringAttributeConstraintsType) DeepCopy() *StringAttributeConstraintsType { + if in == nil { + return nil + } + out := new(StringAttributeConstraintsType) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *UICustomizationType) DeepCopyInto(out *UICustomizationType) { + *out = *in + if in.CreationDate != nil { + in, out := &in.CreationDate, &out.CreationDate + *out = (*in).DeepCopy() + } + if in.LastModifiedDate != nil { + in, out := &in.LastModifiedDate, &out.LastModifiedDate + *out = (*in).DeepCopy() + } + if in.UserPoolID != nil { + in, out := &in.UserPoolID, &out.UserPoolID + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UICustomizationType. +func (in *UICustomizationType) DeepCopy() *UICustomizationType { + if in == nil { + return nil + } + out := new(UICustomizationType) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *UserAttributeUpdateSettingsType) DeepCopyInto(out *UserAttributeUpdateSettingsType) { + *out = *in + if in.AttributesRequireVerificationBeforeUpdate != nil { + in, out := &in.AttributesRequireVerificationBeforeUpdate, &out.AttributesRequireVerificationBeforeUpdate + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UserAttributeUpdateSettingsType. +func (in *UserAttributeUpdateSettingsType) DeepCopy() *UserAttributeUpdateSettingsType { + if in == nil { + return nil + } + out := new(UserAttributeUpdateSettingsType) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *UserContextDataType) DeepCopyInto(out *UserContextDataType) { + *out = *in + if in.EncodedData != nil { + in, out := &in.EncodedData, &out.EncodedData + *out = new(string) + **out = **in + } + if in.IPAddress != nil { + in, out := &in.IPAddress, &out.IPAddress + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UserContextDataType. +func (in *UserContextDataType) DeepCopy() *UserContextDataType { + if in == nil { + return nil + } + out := new(UserContextDataType) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *UserImportJobType) DeepCopyInto(out *UserImportJobType) { + *out = *in + if in.CloudWatchLogsRoleARN != nil { + in, out := &in.CloudWatchLogsRoleARN, &out.CloudWatchLogsRoleARN + *out = new(string) + **out = **in + } + if in.CompletionDate != nil { + in, out := &in.CompletionDate, &out.CompletionDate + *out = (*in).DeepCopy() + } + if in.CreationDate != nil { + in, out := &in.CreationDate, &out.CreationDate + *out = (*in).DeepCopy() + } + if in.StartDate != nil { + in, out := &in.StartDate, &out.StartDate + *out = (*in).DeepCopy() + } + if in.UserPoolID != nil { + in, out := &in.UserPoolID, &out.UserPoolID + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UserImportJobType. +func (in *UserImportJobType) DeepCopy() *UserImportJobType { + if in == nil { + return nil + } + out := new(UserImportJobType) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *UserPool) DeepCopyInto(out *UserPool) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UserPool. +func (in *UserPool) DeepCopy() *UserPool { + if in == nil { + return nil + } + out := new(UserPool) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *UserPool) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *UserPoolAddOnsType) DeepCopyInto(out *UserPoolAddOnsType) { + *out = *in + if in.AdvancedSecurityMode != nil { + in, out := &in.AdvancedSecurityMode, &out.AdvancedSecurityMode + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UserPoolAddOnsType. +func (in *UserPoolAddOnsType) DeepCopy() *UserPoolAddOnsType { + if in == nil { + return nil + } + out := new(UserPoolAddOnsType) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *UserPoolClientDescription) DeepCopyInto(out *UserPoolClientDescription) { + *out = *in + if in.UserPoolID != nil { + in, out := &in.UserPoolID, &out.UserPoolID + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UserPoolClientDescription. +func (in *UserPoolClientDescription) DeepCopy() *UserPoolClientDescription { + if in == nil { + return nil + } + out := new(UserPoolClientDescription) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *UserPoolClientType) DeepCopyInto(out *UserPoolClientType) { + *out = *in + if in.AllowedOAuthFlowsUserPoolClient != nil { + in, out := &in.AllowedOAuthFlowsUserPoolClient, &out.AllowedOAuthFlowsUserPoolClient + *out = new(bool) + **out = **in + } + if in.CreationDate != nil { + in, out := &in.CreationDate, &out.CreationDate + *out = (*in).DeepCopy() + } + if in.EnablePropagateAdditionalUserContextData != nil { + in, out := &in.EnablePropagateAdditionalUserContextData, &out.EnablePropagateAdditionalUserContextData + *out = new(bool) + **out = **in + } + if in.EnableTokenRevocation != nil { + in, out := &in.EnableTokenRevocation, &out.EnableTokenRevocation + *out = new(bool) + **out = **in + } + if in.LastModifiedDate != nil { + in, out := &in.LastModifiedDate, &out.LastModifiedDate + *out = (*in).DeepCopy() + } + if in.UserPoolID != nil { + in, out := &in.UserPoolID, &out.UserPoolID + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UserPoolClientType. +func (in *UserPoolClientType) DeepCopy() *UserPoolClientType { + if in == nil { + return nil + } + out := new(UserPoolClientType) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *UserPoolDescriptionType) DeepCopyInto(out *UserPoolDescriptionType) { + *out = *in + if in.CreationDate != nil { + in, out := &in.CreationDate, &out.CreationDate + *out = (*in).DeepCopy() + } + if in.ID != nil { + in, out := &in.ID, &out.ID + *out = new(string) + **out = **in + } + if in.LambdaConfig != nil { + in, out := &in.LambdaConfig, &out.LambdaConfig + *out = new(LambdaConfigType) + (*in).DeepCopyInto(*out) + } + if in.LastModifiedDate != nil { + in, out := &in.LastModifiedDate, &out.LastModifiedDate + *out = (*in).DeepCopy() + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.Status != nil { + in, out := &in.Status, &out.Status + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UserPoolDescriptionType. +func (in *UserPoolDescriptionType) DeepCopy() *UserPoolDescriptionType { + if in == nil { + return nil + } + out := new(UserPoolDescriptionType) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *UserPoolList) DeepCopyInto(out *UserPoolList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]UserPool, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UserPoolList. +func (in *UserPoolList) DeepCopy() *UserPoolList { + if in == nil { + return nil + } + out := new(UserPoolList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *UserPoolList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *UserPoolPolicyType) DeepCopyInto(out *UserPoolPolicyType) { + *out = *in + if in.PasswordPolicy != nil { + in, out := &in.PasswordPolicy, &out.PasswordPolicy + *out = new(PasswordPolicyType) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UserPoolPolicyType. +func (in *UserPoolPolicyType) DeepCopy() *UserPoolPolicyType { + if in == nil { + return nil + } + out := new(UserPoolPolicyType) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *UserPoolSpec) DeepCopyInto(out *UserPoolSpec) { + *out = *in + if in.AccountRecoverySetting != nil { + in, out := &in.AccountRecoverySetting, &out.AccountRecoverySetting + *out = new(AccountRecoverySettingType) + (*in).DeepCopyInto(*out) + } + if in.AdminCreateUserConfig != nil { + in, out := &in.AdminCreateUserConfig, &out.AdminCreateUserConfig + *out = new(AdminCreateUserConfigType) + (*in).DeepCopyInto(*out) + } + if in.AliasAttributes != nil { + in, out := &in.AliasAttributes, &out.AliasAttributes + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.AutoVerifiedAttributes != nil { + in, out := &in.AutoVerifiedAttributes, &out.AutoVerifiedAttributes + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.DeletionProtection != nil { + in, out := &in.DeletionProtection, &out.DeletionProtection + *out = new(string) + **out = **in + } + if in.DeviceConfiguration != nil { + in, out := &in.DeviceConfiguration, &out.DeviceConfiguration + *out = new(DeviceConfigurationType) + (*in).DeepCopyInto(*out) + } + if in.EmailConfiguration != nil { + in, out := &in.EmailConfiguration, &out.EmailConfiguration + *out = new(EmailConfigurationType) + (*in).DeepCopyInto(*out) + } + if in.EmailVerificationMessage != nil { + in, out := &in.EmailVerificationMessage, &out.EmailVerificationMessage + *out = new(string) + **out = **in + } + if in.EmailVerificationSubject != nil { + in, out := &in.EmailVerificationSubject, &out.EmailVerificationSubject + *out = new(string) + **out = **in + } + if in.LambdaConfig != nil { + in, out := &in.LambdaConfig, &out.LambdaConfig + *out = new(LambdaConfigType) + (*in).DeepCopyInto(*out) + } + if in.MFAConfiguration != nil { + in, out := &in.MFAConfiguration, &out.MFAConfiguration + *out = new(string) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.Policies != nil { + in, out := &in.Policies, &out.Policies + *out = new(UserPoolPolicyType) + (*in).DeepCopyInto(*out) + } + if in.Schema != nil { + in, out := &in.Schema, &out.Schema + *out = make([]*SchemaAttributeType, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(SchemaAttributeType) + (*in).DeepCopyInto(*out) + } + } + } + if in.SmsAuthenticationMessage != nil { + in, out := &in.SmsAuthenticationMessage, &out.SmsAuthenticationMessage + *out = new(string) + **out = **in + } + if in.SmsConfiguration != nil { + in, out := &in.SmsConfiguration, &out.SmsConfiguration + *out = new(SmsConfigurationType) + (*in).DeepCopyInto(*out) + } + if in.SmsVerificationMessage != nil { + in, out := &in.SmsVerificationMessage, &out.SmsVerificationMessage + *out = new(string) + **out = **in + } + if in.UserAttributeUpdateSettings != nil { + in, out := &in.UserAttributeUpdateSettings, &out.UserAttributeUpdateSettings + *out = new(UserAttributeUpdateSettingsType) + (*in).DeepCopyInto(*out) + } + if in.UserPoolAddOns != nil { + in, out := &in.UserPoolAddOns, &out.UserPoolAddOns + *out = new(UserPoolAddOnsType) + (*in).DeepCopyInto(*out) + } + if in.UserPoolTags != nil { + in, out := &in.UserPoolTags, &out.UserPoolTags + *out = make(map[string]*string, len(*in)) + for key, val := range *in { + var outVal *string + if val == nil { + (*out)[key] = nil + } else { + inVal := (*in)[key] + in, out := &inVal, &outVal + *out = new(string) + **out = **in + } + (*out)[key] = outVal + } + } + if in.UsernameAttributes != nil { + in, out := &in.UsernameAttributes, &out.UsernameAttributes + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.UsernameConfiguration != nil { + in, out := &in.UsernameConfiguration, &out.UsernameConfiguration + *out = new(UsernameConfigurationType) + (*in).DeepCopyInto(*out) + } + if in.VerificationMessageTemplate != nil { + in, out := &in.VerificationMessageTemplate, &out.VerificationMessageTemplate + *out = new(VerificationMessageTemplateType) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UserPoolSpec. +func (in *UserPoolSpec) DeepCopy() *UserPoolSpec { + if in == nil { + return nil + } + out := new(UserPoolSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *UserPoolStatus) DeepCopyInto(out *UserPoolStatus) { + *out = *in + if in.ACKResourceMetadata != nil { + in, out := &in.ACKResourceMetadata, &out.ACKResourceMetadata + *out = new(corev1alpha1.ResourceMetadata) + (*in).DeepCopyInto(*out) + } + if in.Conditions != nil { + in, out := &in.Conditions, &out.Conditions + *out = make([]*corev1alpha1.Condition, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(corev1alpha1.Condition) + (*in).DeepCopyInto(*out) + } + } + } + if in.CreationDate != nil { + in, out := &in.CreationDate, &out.CreationDate + *out = (*in).DeepCopy() + } + if in.CustomDomain != nil { + in, out := &in.CustomDomain, &out.CustomDomain + *out = new(string) + **out = **in + } + if in.Domain != nil { + in, out := &in.Domain, &out.Domain + *out = new(string) + **out = **in + } + if in.EmailConfigurationFailure != nil { + in, out := &in.EmailConfigurationFailure, &out.EmailConfigurationFailure + *out = new(string) + **out = **in + } + if in.EstimatedNumberOfUsers != nil { + in, out := &in.EstimatedNumberOfUsers, &out.EstimatedNumberOfUsers + *out = new(int64) + **out = **in + } + if in.ID != nil { + in, out := &in.ID, &out.ID + *out = new(string) + **out = **in + } + if in.LastModifiedDate != nil { + in, out := &in.LastModifiedDate, &out.LastModifiedDate + *out = (*in).DeepCopy() + } + if in.SchemaAttributes != nil { + in, out := &in.SchemaAttributes, &out.SchemaAttributes + *out = make([]*SchemaAttributeType, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(SchemaAttributeType) + (*in).DeepCopyInto(*out) + } + } + } + if in.SmsConfigurationFailure != nil { + in, out := &in.SmsConfigurationFailure, &out.SmsConfigurationFailure + *out = new(string) + **out = **in + } + if in.Status != nil { + in, out := &in.Status, &out.Status + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UserPoolStatus. +func (in *UserPoolStatus) DeepCopy() *UserPoolStatus { + if in == nil { + return nil + } + out := new(UserPoolStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *UserPoolType) DeepCopyInto(out *UserPoolType) { + *out = *in + if in.AccountRecoverySetting != nil { + in, out := &in.AccountRecoverySetting, &out.AccountRecoverySetting + *out = new(AccountRecoverySettingType) + (*in).DeepCopyInto(*out) + } + if in.AdminCreateUserConfig != nil { + in, out := &in.AdminCreateUserConfig, &out.AdminCreateUserConfig + *out = new(AdminCreateUserConfigType) + (*in).DeepCopyInto(*out) + } + if in.AliasAttributes != nil { + in, out := &in.AliasAttributes, &out.AliasAttributes + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.ARN != nil { + in, out := &in.ARN, &out.ARN + *out = new(string) + **out = **in + } + if in.AutoVerifiedAttributes != nil { + in, out := &in.AutoVerifiedAttributes, &out.AutoVerifiedAttributes + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.CreationDate != nil { + in, out := &in.CreationDate, &out.CreationDate + *out = (*in).DeepCopy() + } + if in.CustomDomain != nil { + in, out := &in.CustomDomain, &out.CustomDomain + *out = new(string) + **out = **in + } + if in.DeletionProtection != nil { + in, out := &in.DeletionProtection, &out.DeletionProtection + *out = new(string) + **out = **in + } + if in.DeviceConfiguration != nil { + in, out := &in.DeviceConfiguration, &out.DeviceConfiguration + *out = new(DeviceConfigurationType) + (*in).DeepCopyInto(*out) + } + if in.Domain != nil { + in, out := &in.Domain, &out.Domain + *out = new(string) + **out = **in + } + if in.EmailConfiguration != nil { + in, out := &in.EmailConfiguration, &out.EmailConfiguration + *out = new(EmailConfigurationType) + (*in).DeepCopyInto(*out) + } + if in.EmailConfigurationFailure != nil { + in, out := &in.EmailConfigurationFailure, &out.EmailConfigurationFailure + *out = new(string) + **out = **in + } + if in.EmailVerificationMessage != nil { + in, out := &in.EmailVerificationMessage, &out.EmailVerificationMessage + *out = new(string) + **out = **in + } + if in.EmailVerificationSubject != nil { + in, out := &in.EmailVerificationSubject, &out.EmailVerificationSubject + *out = new(string) + **out = **in + } + if in.EstimatedNumberOfUsers != nil { + in, out := &in.EstimatedNumberOfUsers, &out.EstimatedNumberOfUsers + *out = new(int64) + **out = **in + } + if in.ID != nil { + in, out := &in.ID, &out.ID + *out = new(string) + **out = **in + } + if in.LambdaConfig != nil { + in, out := &in.LambdaConfig, &out.LambdaConfig + *out = new(LambdaConfigType) + (*in).DeepCopyInto(*out) + } + if in.LastModifiedDate != nil { + in, out := &in.LastModifiedDate, &out.LastModifiedDate + *out = (*in).DeepCopy() + } + if in.MFAConfiguration != nil { + in, out := &in.MFAConfiguration, &out.MFAConfiguration + *out = new(string) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.Policies != nil { + in, out := &in.Policies, &out.Policies + *out = new(UserPoolPolicyType) + (*in).DeepCopyInto(*out) + } + if in.SchemaAttributes != nil { + in, out := &in.SchemaAttributes, &out.SchemaAttributes + *out = make([]*SchemaAttributeType, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(SchemaAttributeType) + (*in).DeepCopyInto(*out) + } + } + } + if in.SmsAuthenticationMessage != nil { + in, out := &in.SmsAuthenticationMessage, &out.SmsAuthenticationMessage + *out = new(string) + **out = **in + } + if in.SmsConfiguration != nil { + in, out := &in.SmsConfiguration, &out.SmsConfiguration + *out = new(SmsConfigurationType) + (*in).DeepCopyInto(*out) + } + if in.SmsConfigurationFailure != nil { + in, out := &in.SmsConfigurationFailure, &out.SmsConfigurationFailure + *out = new(string) + **out = **in + } + if in.SmsVerificationMessage != nil { + in, out := &in.SmsVerificationMessage, &out.SmsVerificationMessage + *out = new(string) + **out = **in + } + if in.Status != nil { + in, out := &in.Status, &out.Status + *out = new(string) + **out = **in + } + if in.UserAttributeUpdateSettings != nil { + in, out := &in.UserAttributeUpdateSettings, &out.UserAttributeUpdateSettings + *out = new(UserAttributeUpdateSettingsType) + (*in).DeepCopyInto(*out) + } + if in.UserPoolAddOns != nil { + in, out := &in.UserPoolAddOns, &out.UserPoolAddOns + *out = new(UserPoolAddOnsType) + (*in).DeepCopyInto(*out) + } + if in.UserPoolTags != nil { + in, out := &in.UserPoolTags, &out.UserPoolTags + *out = make(map[string]*string, len(*in)) + for key, val := range *in { + var outVal *string + if val == nil { + (*out)[key] = nil + } else { + inVal := (*in)[key] + in, out := &inVal, &outVal + *out = new(string) + **out = **in + } + (*out)[key] = outVal + } + } + if in.UsernameAttributes != nil { + in, out := &in.UsernameAttributes, &out.UsernameAttributes + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.UsernameConfiguration != nil { + in, out := &in.UsernameConfiguration, &out.UsernameConfiguration + *out = new(UsernameConfigurationType) + (*in).DeepCopyInto(*out) + } + if in.VerificationMessageTemplate != nil { + in, out := &in.VerificationMessageTemplate, &out.VerificationMessageTemplate + *out = new(VerificationMessageTemplateType) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UserPoolType. +func (in *UserPoolType) DeepCopy() *UserPoolType { + if in == nil { + return nil + } + out := new(UserPoolType) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *UserType) DeepCopyInto(out *UserType) { + *out = *in + if in.Enabled != nil { + in, out := &in.Enabled, &out.Enabled + *out = new(bool) + **out = **in + } + if in.UserCreateDate != nil { + in, out := &in.UserCreateDate, &out.UserCreateDate + *out = (*in).DeepCopy() + } + if in.UserLastModifiedDate != nil { + in, out := &in.UserLastModifiedDate, &out.UserLastModifiedDate + *out = (*in).DeepCopy() + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UserType. +func (in *UserType) DeepCopy() *UserType { + if in == nil { + return nil + } + out := new(UserType) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *UsernameConfigurationType) DeepCopyInto(out *UsernameConfigurationType) { + *out = *in + if in.CaseSensitive != nil { + in, out := &in.CaseSensitive, &out.CaseSensitive + *out = new(bool) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UsernameConfigurationType. +func (in *UsernameConfigurationType) DeepCopy() *UsernameConfigurationType { + if in == nil { + return nil + } + out := new(UsernameConfigurationType) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *VerificationMessageTemplateType) DeepCopyInto(out *VerificationMessageTemplateType) { + *out = *in + if in.DefaultEmailOption != nil { + in, out := &in.DefaultEmailOption, &out.DefaultEmailOption + *out = new(string) + **out = **in + } + if in.EmailMessage != nil { + in, out := &in.EmailMessage, &out.EmailMessage + *out = new(string) + **out = **in + } + if in.EmailMessageByLink != nil { + in, out := &in.EmailMessageByLink, &out.EmailMessageByLink + *out = new(string) + **out = **in + } + if in.EmailSubject != nil { + in, out := &in.EmailSubject, &out.EmailSubject + *out = new(string) + **out = **in + } + if in.EmailSubjectByLink != nil { + in, out := &in.EmailSubjectByLink, &out.EmailSubjectByLink + *out = new(string) + **out = **in + } + if in.SmsMessage != nil { + in, out := &in.SmsMessage, &out.SmsMessage + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VerificationMessageTemplateType. +func (in *VerificationMessageTemplateType) DeepCopy() *VerificationMessageTemplateType { + if in == nil { + return nil + } + out := new(VerificationMessageTemplateType) + in.DeepCopyInto(out) + return out +} diff --git a/cmd/controller/main.go b/cmd/controller/main.go index 373863d..e6467e8 100644 --- a/cmd/controller/main.go +++ b/cmd/controller/main.go @@ -39,6 +39,8 @@ import ( svcresource "github.com/aws-controllers-k8s/cognitoidentityprovider-controller/pkg/resource" svcsdk "github.com/aws/aws-sdk-go/service/cognitoidentityprovider" + _ "github.com/aws-controllers-k8s/cognitoidentityprovider-controller/pkg/resource/user_pool" + "github.com/aws-controllers-k8s/cognitoidentityprovider-controller/pkg/version" ) diff --git a/config/crd/bases/cognitoidentityprovider.services.k8s.aws_userpools.yaml b/config/crd/bases/cognitoidentityprovider.services.k8s.aws_userpools.yaml new file mode 100644 index 0000000..24f7fe3 --- /dev/null +++ b/config/crd/bases/cognitoidentityprovider.services.k8s.aws_userpools.yaml @@ -0,0 +1,569 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.16.2 + name: userpools.cognitoidentityprovider.services.k8s.aws +spec: + group: cognitoidentityprovider.services.k8s.aws + names: + kind: UserPool + listKind: UserPoolList + plural: userpools + singular: userpool + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: UserPool is the Schema for the UserPools API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: UserPoolSpec defines the desired state of UserPool. + properties: + accountRecoverySetting: + description: |- + The available verified method a user can use to recover their password when + they call ForgotPassword. You can use this setting to define a preferred + method when a user has more than one method available. With this setting, + SMS doesn't qualify for a valid password recovery mechanism if the user also + has SMS multi-factor authentication (MFA) activated. In the absence of this + setting, Amazon Cognito uses the legacy behavior to determine the recovery + method where SMS is preferred through email. + properties: + recoveryMechanisms: + items: + description: A map containing a priority as a key, and recovery + method name as a value. + properties: + name: + type: string + priority: + format: int64 + type: integer + type: object + type: array + type: object + adminCreateUserConfig: + description: The configuration for AdminCreateUser requests. + properties: + allowAdminCreateUserOnly: + type: boolean + inviteMessageTemplate: + description: The message template structure. + properties: + emailMessage: + type: string + emailSubject: + type: string + sMSMessage: + type: string + type: object + unusedAccountValidityDays: + format: int64 + type: integer + type: object + aliasAttributes: + description: |- + Attributes supported as an alias for this user pool. Possible values: phone_number, + email, or preferred_username. + items: + type: string + type: array + autoVerifiedAttributes: + description: 'The attributes to be auto-verified. Possible values: + email, phone_number.' + items: + type: string + type: array + deletionProtection: + description: |- + When active, DeletionProtection prevents accidental deletion of your user + pool. Before you can delete a user pool that you have protected against deletion, + you must deactivate this feature. + + When you try to delete a protected user pool in a DeleteUserPool API request, + Amazon Cognito returns an InvalidParameterException error. To delete a protected + user pool, send a new DeleteUserPool request after you deactivate deletion + protection in an UpdateUserPool API request. + type: string + deviceConfiguration: + description: |- + The device-remembering configuration for a user pool. A null value indicates + that you have deactivated device remembering in your user pool. + + When you provide a value for any DeviceConfiguration field, you activate + the Amazon Cognito device-remembering feature. + properties: + challengeRequiredOnNewDevice: + type: boolean + deviceOnlyRememberedOnUserPrompt: + type: boolean + type: object + emailConfiguration: + description: |- + The email configuration of your user pool. The email configuration type sets + your preferred sending method, Amazon Web Services Region, and sender for + messages from your user pool. + properties: + configurationSet: + type: string + emailSendingAccount: + type: string + from: + type: string + replyToEmailAddress: + type: string + sourceARN: + type: string + type: object + emailVerificationMessage: + description: This parameter is no longer used. See VerificationMessageTemplateType + (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_VerificationMessageTemplateType.html). + type: string + emailVerificationSubject: + description: This parameter is no longer used. See VerificationMessageTemplateType + (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_VerificationMessageTemplateType.html). + type: string + lambdaConfig: + description: |- + The Lambda trigger configuration information for the new user pool. + + In a push model, event sources (such as Amazon S3 and custom applications) + need permission to invoke a function. So you must make an extra call to add + permission for these event sources to invoke your Lambda function. + + For more information on using the Lambda API to add permission, see AddPermission + (https://docs.aws.amazon.com/lambda/latest/dg/API_AddPermission.html). + + For adding permission using the CLI, see add-permission (https://docs.aws.amazon.com/cli/latest/reference/lambda/add-permission.html). + properties: + createAuthChallenge: + type: string + customEmailSender: + description: The properties of a custom email sender Lambda trigger. + properties: + lambdaARN: + type: string + lambdaVersion: + type: string + type: object + customMessage: + type: string + customSMSSender: + description: The properties of a custom SMS sender Lambda trigger. + properties: + lambdaARN: + type: string + lambdaVersion: + type: string + type: object + defineAuthChallenge: + type: string + kmsKeyID: + type: string + postAuthentication: + type: string + postConfirmation: + type: string + preAuthentication: + type: string + preSignUp: + type: string + preTokenGeneration: + type: string + preTokenGenerationConfig: + description: The properties of a pre token generation Lambda trigger. + properties: + lambdaARN: + type: string + lambdaVersion: + type: string + type: object + userMigration: + type: string + verifyAuthChallengeResponse: + type: string + type: object + mfaConfiguration: + description: Specifies MFA configuration details. + type: string + name: + description: A string used to name the user pool. + type: string + policies: + description: The policies associated with the new user pool. + properties: + passwordPolicy: + description: The password policy type. + properties: + minimumLength: + format: int64 + type: integer + requireLowercase: + type: boolean + requireNumbers: + type: boolean + requireSymbols: + type: boolean + requireUppercase: + type: boolean + temporaryPasswordValidityDays: + format: int64 + type: integer + type: object + type: object + schema: + description: |- + An array of schema attributes for the new user pool. These attributes can + be standard or custom attributes. + items: + description: |- + A list of the user attributes and their properties in your user pool. The + attribute schema contains standard attributes, custom attributes with a custom: + prefix, and developer attributes with a dev: prefix. For more information, + see User pool attributes (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-attributes.html). + + Developer-only attributes are a legacy feature of user pools, are read-only + to all app clients. You can create and update developer-only attributes only + with IAM-authenticated API operations. Use app client read/write permissions + instead. + properties: + attributeDataType: + type: string + developerOnlyAttribute: + type: boolean + mutable: + type: boolean + name: + type: string + numberAttributeConstraints: + description: |- + The minimum and maximum values of an attribute that is of the number data + type. + properties: + maxValue: + type: string + minValue: + type: string + type: object + required: + type: boolean + stringAttributeConstraints: + description: The constraints associated with a string attribute. + properties: + maxLength: + type: string + minLength: + type: string + type: object + type: object + type: array + smsAuthenticationMessage: + description: A string representing the SMS authentication message. + type: string + smsConfiguration: + description: |- + The SMS configuration with the settings that your Amazon Cognito user pool + must use to send an SMS message from your Amazon Web Services account through + Amazon Simple Notification Service. To send SMS messages with Amazon SNS + in the Amazon Web Services Region that you want, the Amazon Cognito user + pool uses an Identity and Access Management (IAM) role in your Amazon Web + Services account. + properties: + externalID: + type: string + snsCallerARN: + type: string + snsRegion: + type: string + type: object + smsVerificationMessage: + description: This parameter is no longer used. See VerificationMessageTemplateType + (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_VerificationMessageTemplateType.html). + type: string + userAttributeUpdateSettings: + description: |- + The settings for updates to user attributes. These settings include the property + AttributesRequireVerificationBeforeUpdate, a user-pool setting that tells + Amazon Cognito how to handle changes to the value of your users' email address + and phone number attributes. For more information, see Verifying updates + to email addresses and phone numbers (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-email-phone-verification.html#user-pool-settings-verifications-verify-attribute-updates). + properties: + attributesRequireVerificationBeforeUpdate: + items: + type: string + type: array + type: object + userPoolAddOns: + description: |- + User pool add-ons. Contains settings for activation of advanced security + features. To log user security information but take no action, set to AUDIT. + To configure automatic security responses to risky traffic to your user pool, + set to ENFORCED. + + For more information, see Adding advanced security to a user pool (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-advanced-security.html). + properties: + advancedSecurityMode: + type: string + type: object + userPoolTags: + additionalProperties: + type: string + description: |- + The tag keys and values to assign to the user pool. A tag is a label that + you can use to categorize and manage user pools in different ways, such as + by purpose, owner, environment, or other criteria. + type: object + usernameAttributes: + description: |- + Specifies whether a user can use an email address or phone number as a username + when they sign up. + items: + type: string + type: array + usernameConfiguration: + description: |- + Case sensitivity on the username input for the selected sign-in option. When + case sensitivity is set to False (case insensitive), users can sign in with + any combination of capital and lowercase letters. For example, username, + USERNAME, or UserName, or for email, email@example.com or EMaiL@eXamplE.Com. + For most use cases, set case sensitivity to False (case insensitive) as a + best practice. When usernames and email addresses are case insensitive, Amazon + Cognito treats any variation in case as the same user, and prevents a case + variation from being assigned to the same attribute for a different user. + + This configuration is immutable after you set it. For more information, see + UsernameConfigurationType (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UsernameConfigurationType.html). + properties: + caseSensitive: + type: boolean + type: object + verificationMessageTemplate: + description: |- + The template for the verification message that the user sees when the app + requests permission to access the user's information. + properties: + defaultEmailOption: + type: string + emailMessage: + type: string + emailMessageByLink: + type: string + emailSubject: + type: string + emailSubjectByLink: + type: string + smsMessage: + type: string + type: object + required: + - name + type: object + status: + description: UserPoolStatus defines the observed state of UserPool + properties: + ackResourceMetadata: + description: |- + All CRs managed by ACK have a common `Status.ACKResourceMetadata` member + that is used to contain resource sync state, account ownership, + constructed ARN for the resource + properties: + arn: + description: |- + ARN is the Amazon Resource Name for the resource. This is a + globally-unique identifier and is set only by the ACK service controller + once the controller has orchestrated the creation of the resource OR + when it has verified that an "adopted" resource (a resource where the + ARN annotation was set by the Kubernetes user on the CR) exists and + matches the supplied CR's Spec field values. + https://github.com/aws/aws-controllers-k8s/issues/270 + type: string + ownerAccountID: + description: |- + OwnerAccountID is the AWS Account ID of the account that owns the + backend AWS service API resource. + type: string + region: + description: Region is the AWS region in which the resource exists + or will exist. + type: string + required: + - ownerAccountID + - region + type: object + conditions: + description: |- + All CRS managed by ACK have a common `Status.Conditions` member that + contains a collection of `ackv1alpha1.Condition` objects that describe + the various terminal states of the CR and its backend AWS service API + resource + items: + description: |- + Condition is the common struct used by all CRDs managed by ACK service + controllers to indicate terminal states of the CR and its backend AWS + service API resource + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type is the type of the Condition + type: string + required: + - status + - type + type: object + type: array + creationDate: + description: |- + The date and time when the item was created. Amazon Cognito returns this + timestamp in UNIX epoch time format. Your SDK might render the output in + a human-readable format like ISO 8601 or a Java Date object. + format: date-time + type: string + customDomain: + description: |- + A custom domain name that you provide to Amazon Cognito. This parameter applies + only if you use a custom domain to host the sign-up and sign-in pages for + your application. An example of a custom domain name might be auth.example.com. + + For more information about adding a custom domain to your user pool, see + Using Your Own Domain for the Hosted UI (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-add-custom-domain.html). + type: string + domain: + description: The domain prefix, if the user pool has a domain associated + with it. + type: string + emailConfigurationFailure: + description: |- + Deprecated. Review error codes from API requests with EventSource:cognito-idp.amazonaws.com + in CloudTrail for information about problems with user pool email configuration. + type: string + estimatedNumberOfUsers: + description: A number estimating the size of the user pool. + format: int64 + type: integer + id: + description: The ID of the user pool. + type: string + lastModifiedDate: + description: |- + The date and time when the item was modified. Amazon Cognito returns this + timestamp in UNIX epoch time format. Your SDK might render the output in + a human-readable format like ISO 8601 or a Java Date object. + format: date-time + type: string + schemaAttributes: + description: |- + A list of the user attributes and their properties in your user pool. The + attribute schema contains standard attributes, custom attributes with a custom: + prefix, and developer attributes with a dev: prefix. For more information, + see User pool attributes (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-attributes.html). + + Developer-only attributes are a legacy feature of user pools, are read-only + to all app clients. You can create and update developer-only attributes only + with IAM-authenticated API operations. Use app client read/write permissions + instead. + items: + description: |- + A list of the user attributes and their properties in your user pool. The + attribute schema contains standard attributes, custom attributes with a custom: + prefix, and developer attributes with a dev: prefix. For more information, + see User pool attributes (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-attributes.html). + + Developer-only attributes are a legacy feature of user pools, are read-only + to all app clients. You can create and update developer-only attributes only + with IAM-authenticated API operations. Use app client read/write permissions + instead. + properties: + attributeDataType: + type: string + developerOnlyAttribute: + type: boolean + mutable: + type: boolean + name: + type: string + numberAttributeConstraints: + description: |- + The minimum and maximum values of an attribute that is of the number data + type. + properties: + maxValue: + type: string + minValue: + type: string + type: object + required: + type: boolean + stringAttributeConstraints: + description: The constraints associated with a string attribute. + properties: + maxLength: + type: string + minLength: + type: string + type: object + type: object + type: array + smsConfigurationFailure: + description: |- + The reason why the SMS configuration can't send the messages to your users. + + This message might include comma-separated values to describe why your SMS + configuration can't send messages to user pool end users. + + InvalidSmsRoleAccessPolicyException + + The Identity and Access Management role that Amazon Cognito uses to send + SMS messages isn't properly configured. For more information, see SmsConfigurationType + (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_SmsConfigurationType.html). + + SNSSandbox + + The Amazon Web Services account is in the SNS SMS Sandbox and messages will + only reach verified end users. This parameter won’t get populated with + SNSSandbox if the user creating the user pool doesn’t have SNS permissions. + To learn how to move your Amazon Web Services account out of the sandbox, + see Moving out of the SMS sandbox (https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox-moving-to-production.html). + type: string + status: + description: This parameter is no longer used. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/config/crd/kustomization.yaml b/config/crd/kustomization.yaml index ea0b795..a7c89de 100644 --- a/config/crd/kustomization.yaml +++ b/config/crd/kustomization.yaml @@ -2,3 +2,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - common + - bases/cognitoidentityprovider.services.k8s.aws_userpools.yaml diff --git a/config/rbac/cluster-role-controller.yaml b/config/rbac/cluster-role-controller.yaml index 5f28376..edf95ed 100644 --- a/config/rbac/cluster-role-controller.yaml +++ b/config/rbac/cluster-role-controller.yaml @@ -22,6 +22,26 @@ rules: - get - list - watch +- apiGroups: + - cognitoidentityprovider.services.k8s.aws + resources: + - userpools + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - cognitoidentityprovider.services.k8s.aws + resources: + - userpools/status + verbs: + - get + - patch + - update - apiGroups: - services.k8s.aws resources: diff --git a/config/rbac/role-reader.yaml b/config/rbac/role-reader.yaml index 817f4d9..f11f66f 100644 --- a/config/rbac/role-reader.yaml +++ b/config/rbac/role-reader.yaml @@ -9,6 +9,7 @@ rules: - apiGroups: - cognitoidentityprovider.services.k8s.aws resources: + - userpools verbs: - get - list diff --git a/config/rbac/role-writer.yaml b/config/rbac/role-writer.yaml index 072848a..02c5241 100644 --- a/config/rbac/role-writer.yaml +++ b/config/rbac/role-writer.yaml @@ -9,6 +9,7 @@ rules: - apiGroups: - cognitoidentityprovider.services.k8s.aws resources: + - userpools verbs: - create - delete @@ -20,6 +21,7 @@ rules: - apiGroups: - cognitoidentityprovider.services.k8s.aws resources: + - userpools verbs: - get - patch diff --git a/generator.yaml b/generator.yaml index c083078..21b05bd 100644 --- a/generator.yaml +++ b/generator.yaml @@ -4,7 +4,25 @@ ignore: - IdentityProvider - ResourceServer - UserImportJob - - UserPool - UserPoolClient - UserPoolDomain model_name: cognito-idp + +resources: + UserPool: + renames: + operations: + DescribeUserPool: + input_fields: + UserPoolId: Id + UpdateUserPool: + input_fields: + UserPoolId: Id + DeleteUserPool: + input_fields: + UserPoolId: Id + CreateUserPool: + input_fields: + PoolName: Name + tags: + ignore: true \ No newline at end of file diff --git a/helm/Chart.yaml b/helm/Chart.yaml index f31ae98..75db086 100644 --- a/helm/Chart.yaml +++ b/helm/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v1 name: cognitoidentityprovider-chart -description: A Helm chart for the ACK service controller for () +description: A Helm chart for the ACK service controller for Amazon Cognito Identity Provider (Cognito Identity Provider) version: 0.0.0-non-release-version appVersion: 0.0.0-non-release-version home: https://github.com/aws-controllers-k8s/cognitoidentityprovider-controller @@ -10,7 +10,7 @@ sources: maintainers: - name: ACK Admins url: https://github.com/orgs/aws-controllers-k8s/teams/ack-admin - - name: Admins + - name: Cognito Identity Provider Admins url: https://github.com/orgs/aws-controllers-k8s/teams/cognitoidentityprovider-maintainer keywords: - aws diff --git a/helm/crds/cognitoidentityprovider.services.k8s.aws_userpools.yaml b/helm/crds/cognitoidentityprovider.services.k8s.aws_userpools.yaml new file mode 100644 index 0000000..24f7fe3 --- /dev/null +++ b/helm/crds/cognitoidentityprovider.services.k8s.aws_userpools.yaml @@ -0,0 +1,569 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.16.2 + name: userpools.cognitoidentityprovider.services.k8s.aws +spec: + group: cognitoidentityprovider.services.k8s.aws + names: + kind: UserPool + listKind: UserPoolList + plural: userpools + singular: userpool + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: UserPool is the Schema for the UserPools API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: UserPoolSpec defines the desired state of UserPool. + properties: + accountRecoverySetting: + description: |- + The available verified method a user can use to recover their password when + they call ForgotPassword. You can use this setting to define a preferred + method when a user has more than one method available. With this setting, + SMS doesn't qualify for a valid password recovery mechanism if the user also + has SMS multi-factor authentication (MFA) activated. In the absence of this + setting, Amazon Cognito uses the legacy behavior to determine the recovery + method where SMS is preferred through email. + properties: + recoveryMechanisms: + items: + description: A map containing a priority as a key, and recovery + method name as a value. + properties: + name: + type: string + priority: + format: int64 + type: integer + type: object + type: array + type: object + adminCreateUserConfig: + description: The configuration for AdminCreateUser requests. + properties: + allowAdminCreateUserOnly: + type: boolean + inviteMessageTemplate: + description: The message template structure. + properties: + emailMessage: + type: string + emailSubject: + type: string + sMSMessage: + type: string + type: object + unusedAccountValidityDays: + format: int64 + type: integer + type: object + aliasAttributes: + description: |- + Attributes supported as an alias for this user pool. Possible values: phone_number, + email, or preferred_username. + items: + type: string + type: array + autoVerifiedAttributes: + description: 'The attributes to be auto-verified. Possible values: + email, phone_number.' + items: + type: string + type: array + deletionProtection: + description: |- + When active, DeletionProtection prevents accidental deletion of your user + pool. Before you can delete a user pool that you have protected against deletion, + you must deactivate this feature. + + When you try to delete a protected user pool in a DeleteUserPool API request, + Amazon Cognito returns an InvalidParameterException error. To delete a protected + user pool, send a new DeleteUserPool request after you deactivate deletion + protection in an UpdateUserPool API request. + type: string + deviceConfiguration: + description: |- + The device-remembering configuration for a user pool. A null value indicates + that you have deactivated device remembering in your user pool. + + When you provide a value for any DeviceConfiguration field, you activate + the Amazon Cognito device-remembering feature. + properties: + challengeRequiredOnNewDevice: + type: boolean + deviceOnlyRememberedOnUserPrompt: + type: boolean + type: object + emailConfiguration: + description: |- + The email configuration of your user pool. The email configuration type sets + your preferred sending method, Amazon Web Services Region, and sender for + messages from your user pool. + properties: + configurationSet: + type: string + emailSendingAccount: + type: string + from: + type: string + replyToEmailAddress: + type: string + sourceARN: + type: string + type: object + emailVerificationMessage: + description: This parameter is no longer used. See VerificationMessageTemplateType + (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_VerificationMessageTemplateType.html). + type: string + emailVerificationSubject: + description: This parameter is no longer used. See VerificationMessageTemplateType + (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_VerificationMessageTemplateType.html). + type: string + lambdaConfig: + description: |- + The Lambda trigger configuration information for the new user pool. + + In a push model, event sources (such as Amazon S3 and custom applications) + need permission to invoke a function. So you must make an extra call to add + permission for these event sources to invoke your Lambda function. + + For more information on using the Lambda API to add permission, see AddPermission + (https://docs.aws.amazon.com/lambda/latest/dg/API_AddPermission.html). + + For adding permission using the CLI, see add-permission (https://docs.aws.amazon.com/cli/latest/reference/lambda/add-permission.html). + properties: + createAuthChallenge: + type: string + customEmailSender: + description: The properties of a custom email sender Lambda trigger. + properties: + lambdaARN: + type: string + lambdaVersion: + type: string + type: object + customMessage: + type: string + customSMSSender: + description: The properties of a custom SMS sender Lambda trigger. + properties: + lambdaARN: + type: string + lambdaVersion: + type: string + type: object + defineAuthChallenge: + type: string + kmsKeyID: + type: string + postAuthentication: + type: string + postConfirmation: + type: string + preAuthentication: + type: string + preSignUp: + type: string + preTokenGeneration: + type: string + preTokenGenerationConfig: + description: The properties of a pre token generation Lambda trigger. + properties: + lambdaARN: + type: string + lambdaVersion: + type: string + type: object + userMigration: + type: string + verifyAuthChallengeResponse: + type: string + type: object + mfaConfiguration: + description: Specifies MFA configuration details. + type: string + name: + description: A string used to name the user pool. + type: string + policies: + description: The policies associated with the new user pool. + properties: + passwordPolicy: + description: The password policy type. + properties: + minimumLength: + format: int64 + type: integer + requireLowercase: + type: boolean + requireNumbers: + type: boolean + requireSymbols: + type: boolean + requireUppercase: + type: boolean + temporaryPasswordValidityDays: + format: int64 + type: integer + type: object + type: object + schema: + description: |- + An array of schema attributes for the new user pool. These attributes can + be standard or custom attributes. + items: + description: |- + A list of the user attributes and their properties in your user pool. The + attribute schema contains standard attributes, custom attributes with a custom: + prefix, and developer attributes with a dev: prefix. For more information, + see User pool attributes (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-attributes.html). + + Developer-only attributes are a legacy feature of user pools, are read-only + to all app clients. You can create and update developer-only attributes only + with IAM-authenticated API operations. Use app client read/write permissions + instead. + properties: + attributeDataType: + type: string + developerOnlyAttribute: + type: boolean + mutable: + type: boolean + name: + type: string + numberAttributeConstraints: + description: |- + The minimum and maximum values of an attribute that is of the number data + type. + properties: + maxValue: + type: string + minValue: + type: string + type: object + required: + type: boolean + stringAttributeConstraints: + description: The constraints associated with a string attribute. + properties: + maxLength: + type: string + minLength: + type: string + type: object + type: object + type: array + smsAuthenticationMessage: + description: A string representing the SMS authentication message. + type: string + smsConfiguration: + description: |- + The SMS configuration with the settings that your Amazon Cognito user pool + must use to send an SMS message from your Amazon Web Services account through + Amazon Simple Notification Service. To send SMS messages with Amazon SNS + in the Amazon Web Services Region that you want, the Amazon Cognito user + pool uses an Identity and Access Management (IAM) role in your Amazon Web + Services account. + properties: + externalID: + type: string + snsCallerARN: + type: string + snsRegion: + type: string + type: object + smsVerificationMessage: + description: This parameter is no longer used. See VerificationMessageTemplateType + (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_VerificationMessageTemplateType.html). + type: string + userAttributeUpdateSettings: + description: |- + The settings for updates to user attributes. These settings include the property + AttributesRequireVerificationBeforeUpdate, a user-pool setting that tells + Amazon Cognito how to handle changes to the value of your users' email address + and phone number attributes. For more information, see Verifying updates + to email addresses and phone numbers (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-email-phone-verification.html#user-pool-settings-verifications-verify-attribute-updates). + properties: + attributesRequireVerificationBeforeUpdate: + items: + type: string + type: array + type: object + userPoolAddOns: + description: |- + User pool add-ons. Contains settings for activation of advanced security + features. To log user security information but take no action, set to AUDIT. + To configure automatic security responses to risky traffic to your user pool, + set to ENFORCED. + + For more information, see Adding advanced security to a user pool (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-advanced-security.html). + properties: + advancedSecurityMode: + type: string + type: object + userPoolTags: + additionalProperties: + type: string + description: |- + The tag keys and values to assign to the user pool. A tag is a label that + you can use to categorize and manage user pools in different ways, such as + by purpose, owner, environment, or other criteria. + type: object + usernameAttributes: + description: |- + Specifies whether a user can use an email address or phone number as a username + when they sign up. + items: + type: string + type: array + usernameConfiguration: + description: |- + Case sensitivity on the username input for the selected sign-in option. When + case sensitivity is set to False (case insensitive), users can sign in with + any combination of capital and lowercase letters. For example, username, + USERNAME, or UserName, or for email, email@example.com or EMaiL@eXamplE.Com. + For most use cases, set case sensitivity to False (case insensitive) as a + best practice. When usernames and email addresses are case insensitive, Amazon + Cognito treats any variation in case as the same user, and prevents a case + variation from being assigned to the same attribute for a different user. + + This configuration is immutable after you set it. For more information, see + UsernameConfigurationType (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UsernameConfigurationType.html). + properties: + caseSensitive: + type: boolean + type: object + verificationMessageTemplate: + description: |- + The template for the verification message that the user sees when the app + requests permission to access the user's information. + properties: + defaultEmailOption: + type: string + emailMessage: + type: string + emailMessageByLink: + type: string + emailSubject: + type: string + emailSubjectByLink: + type: string + smsMessage: + type: string + type: object + required: + - name + type: object + status: + description: UserPoolStatus defines the observed state of UserPool + properties: + ackResourceMetadata: + description: |- + All CRs managed by ACK have a common `Status.ACKResourceMetadata` member + that is used to contain resource sync state, account ownership, + constructed ARN for the resource + properties: + arn: + description: |- + ARN is the Amazon Resource Name for the resource. This is a + globally-unique identifier and is set only by the ACK service controller + once the controller has orchestrated the creation of the resource OR + when it has verified that an "adopted" resource (a resource where the + ARN annotation was set by the Kubernetes user on the CR) exists and + matches the supplied CR's Spec field values. + https://github.com/aws/aws-controllers-k8s/issues/270 + type: string + ownerAccountID: + description: |- + OwnerAccountID is the AWS Account ID of the account that owns the + backend AWS service API resource. + type: string + region: + description: Region is the AWS region in which the resource exists + or will exist. + type: string + required: + - ownerAccountID + - region + type: object + conditions: + description: |- + All CRS managed by ACK have a common `Status.Conditions` member that + contains a collection of `ackv1alpha1.Condition` objects that describe + the various terminal states of the CR and its backend AWS service API + resource + items: + description: |- + Condition is the common struct used by all CRDs managed by ACK service + controllers to indicate terminal states of the CR and its backend AWS + service API resource + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type is the type of the Condition + type: string + required: + - status + - type + type: object + type: array + creationDate: + description: |- + The date and time when the item was created. Amazon Cognito returns this + timestamp in UNIX epoch time format. Your SDK might render the output in + a human-readable format like ISO 8601 or a Java Date object. + format: date-time + type: string + customDomain: + description: |- + A custom domain name that you provide to Amazon Cognito. This parameter applies + only if you use a custom domain to host the sign-up and sign-in pages for + your application. An example of a custom domain name might be auth.example.com. + + For more information about adding a custom domain to your user pool, see + Using Your Own Domain for the Hosted UI (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-add-custom-domain.html). + type: string + domain: + description: The domain prefix, if the user pool has a domain associated + with it. + type: string + emailConfigurationFailure: + description: |- + Deprecated. Review error codes from API requests with EventSource:cognito-idp.amazonaws.com + in CloudTrail for information about problems with user pool email configuration. + type: string + estimatedNumberOfUsers: + description: A number estimating the size of the user pool. + format: int64 + type: integer + id: + description: The ID of the user pool. + type: string + lastModifiedDate: + description: |- + The date and time when the item was modified. Amazon Cognito returns this + timestamp in UNIX epoch time format. Your SDK might render the output in + a human-readable format like ISO 8601 or a Java Date object. + format: date-time + type: string + schemaAttributes: + description: |- + A list of the user attributes and their properties in your user pool. The + attribute schema contains standard attributes, custom attributes with a custom: + prefix, and developer attributes with a dev: prefix. For more information, + see User pool attributes (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-attributes.html). + + Developer-only attributes are a legacy feature of user pools, are read-only + to all app clients. You can create and update developer-only attributes only + with IAM-authenticated API operations. Use app client read/write permissions + instead. + items: + description: |- + A list of the user attributes and their properties in your user pool. The + attribute schema contains standard attributes, custom attributes with a custom: + prefix, and developer attributes with a dev: prefix. For more information, + see User pool attributes (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-attributes.html). + + Developer-only attributes are a legacy feature of user pools, are read-only + to all app clients. You can create and update developer-only attributes only + with IAM-authenticated API operations. Use app client read/write permissions + instead. + properties: + attributeDataType: + type: string + developerOnlyAttribute: + type: boolean + mutable: + type: boolean + name: + type: string + numberAttributeConstraints: + description: |- + The minimum and maximum values of an attribute that is of the number data + type. + properties: + maxValue: + type: string + minValue: + type: string + type: object + required: + type: boolean + stringAttributeConstraints: + description: The constraints associated with a string attribute. + properties: + maxLength: + type: string + minLength: + type: string + type: object + type: object + type: array + smsConfigurationFailure: + description: |- + The reason why the SMS configuration can't send the messages to your users. + + This message might include comma-separated values to describe why your SMS + configuration can't send messages to user pool end users. + + InvalidSmsRoleAccessPolicyException + + The Identity and Access Management role that Amazon Cognito uses to send + SMS messages isn't properly configured. For more information, see SmsConfigurationType + (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_SmsConfigurationType.html). + + SNSSandbox + + The Amazon Web Services account is in the SNS SMS Sandbox and messages will + only reach verified end users. This parameter won’t get populated with + SNSSandbox if the user creating the user pool doesn’t have SNS permissions. + To learn how to move your Amazon Web Services account out of the sandbox, + see Moving out of the SMS sandbox (https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox-moving-to-production.html). + type: string + status: + description: This parameter is no longer used. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/helm/templates/NOTES.txt b/helm/templates/NOTES.txt index 690310f..115a4d3 100644 --- a/helm/templates/NOTES.txt +++ b/helm/templates/NOTES.txt @@ -4,7 +4,7 @@ This chart deploys "public.ecr.aws/aws-controllers-k8s/cognitoidentityprovider-c Check its status by running: kubectl --namespace {{ .Release.Namespace }} get pods -l "app.kubernetes.io/instance={{ .Release.Name }}" -You are now able to create () resources! +You are now able to create Amazon Cognito Identity Provider (Cognito Identity Provider) resources! The controller is running in "{{ .Values.installScope }}" mode. The controller is configured to manage AWS resources in region: "{{ .Values.aws.region }}" diff --git a/helm/templates/_helpers.tpl b/helm/templates/_helpers.tpl index 496f1eb..c95a561 100644 --- a/helm/templates/_helpers.tpl +++ b/helm/templates/_helpers.tpl @@ -69,6 +69,26 @@ rules: - get - list - watch +- apiGroups: + - cognitoidentityprovider.services.k8s.aws + resources: + - userpools + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - cognitoidentityprovider.services.k8s.aws + resources: + - userpools/status + verbs: + - get + - patch + - update - apiGroups: - services.k8s.aws resources: diff --git a/helm/templates/role-reader.yaml b/helm/templates/role-reader.yaml index ad4dc65..4ac447a 100644 --- a/helm/templates/role-reader.yaml +++ b/helm/templates/role-reader.yaml @@ -9,6 +9,7 @@ rules: - apiGroups: - cognitoidentityprovider.services.k8s.aws resources: + - userpools verbs: - get - list diff --git a/helm/templates/role-writer.yaml b/helm/templates/role-writer.yaml index 3d4898e..ee290ef 100644 --- a/helm/templates/role-writer.yaml +++ b/helm/templates/role-writer.yaml @@ -9,6 +9,7 @@ rules: - apiGroups: - cognitoidentityprovider.services.k8s.aws resources: + - userpools verbs: - create - delete @@ -20,6 +21,7 @@ rules: - apiGroups: - cognitoidentityprovider.services.k8s.aws resources: + - userpools verbs: - get - patch diff --git a/pkg/resource/user_pool/delta.go b/pkg/resource/user_pool/delta.go new file mode 100644 index 0000000..e42258d --- /dev/null +++ b/pkg/resource/user_pool/delta.go @@ -0,0 +1,532 @@ +// Copyright Amazon.com Inc. or its affiliates. All Rights Reserved. +// +// Licensed under the Apache License, Version 2.0 (the "License"). You may +// not use this file except in compliance with the License. A copy of the +// License is located at +// +// http://aws.amazon.com/apache2.0/ +// +// or in the "license" file accompanying this file. This file is distributed +// on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either +// express or implied. See the License for the specific language governing +// permissions and limitations under the License. + +// Code generated by ack-generate. DO NOT EDIT. + +package user_pool + +import ( + "bytes" + "reflect" + + ackcompare "github.com/aws-controllers-k8s/runtime/pkg/compare" + acktags "github.com/aws-controllers-k8s/runtime/pkg/tags" +) + +// Hack to avoid import errors during build... +var ( + _ = &bytes.Buffer{} + _ = &reflect.Method{} + _ = &acktags.Tags{} +) + +// newResourceDelta returns a new `ackcompare.Delta` used to compare two +// resources +func newResourceDelta( + a *resource, + b *resource, +) *ackcompare.Delta { + delta := ackcompare.NewDelta() + if (a == nil && b != nil) || + (a != nil && b == nil) { + delta.Add("", a, b) + return delta + } + + if ackcompare.HasNilDifference(a.ko.Spec.AccountRecoverySetting, b.ko.Spec.AccountRecoverySetting) { + delta.Add("Spec.AccountRecoverySetting", a.ko.Spec.AccountRecoverySetting, b.ko.Spec.AccountRecoverySetting) + } else if a.ko.Spec.AccountRecoverySetting != nil && b.ko.Spec.AccountRecoverySetting != nil { + if len(a.ko.Spec.AccountRecoverySetting.RecoveryMechanisms) != len(b.ko.Spec.AccountRecoverySetting.RecoveryMechanisms) { + delta.Add("Spec.AccountRecoverySetting.RecoveryMechanisms", a.ko.Spec.AccountRecoverySetting.RecoveryMechanisms, b.ko.Spec.AccountRecoverySetting.RecoveryMechanisms) + } else if len(a.ko.Spec.AccountRecoverySetting.RecoveryMechanisms) > 0 { + if !reflect.DeepEqual(a.ko.Spec.AccountRecoverySetting.RecoveryMechanisms, b.ko.Spec.AccountRecoverySetting.RecoveryMechanisms) { + delta.Add("Spec.AccountRecoverySetting.RecoveryMechanisms", a.ko.Spec.AccountRecoverySetting.RecoveryMechanisms, b.ko.Spec.AccountRecoverySetting.RecoveryMechanisms) + } + } + } + if ackcompare.HasNilDifference(a.ko.Spec.AdminCreateUserConfig, b.ko.Spec.AdminCreateUserConfig) { + delta.Add("Spec.AdminCreateUserConfig", a.ko.Spec.AdminCreateUserConfig, b.ko.Spec.AdminCreateUserConfig) + } else if a.ko.Spec.AdminCreateUserConfig != nil && b.ko.Spec.AdminCreateUserConfig != nil { + if ackcompare.HasNilDifference(a.ko.Spec.AdminCreateUserConfig.AllowAdminCreateUserOnly, b.ko.Spec.AdminCreateUserConfig.AllowAdminCreateUserOnly) { + delta.Add("Spec.AdminCreateUserConfig.AllowAdminCreateUserOnly", a.ko.Spec.AdminCreateUserConfig.AllowAdminCreateUserOnly, b.ko.Spec.AdminCreateUserConfig.AllowAdminCreateUserOnly) + } else if a.ko.Spec.AdminCreateUserConfig.AllowAdminCreateUserOnly != nil && b.ko.Spec.AdminCreateUserConfig.AllowAdminCreateUserOnly != nil { + if *a.ko.Spec.AdminCreateUserConfig.AllowAdminCreateUserOnly != *b.ko.Spec.AdminCreateUserConfig.AllowAdminCreateUserOnly { + delta.Add("Spec.AdminCreateUserConfig.AllowAdminCreateUserOnly", a.ko.Spec.AdminCreateUserConfig.AllowAdminCreateUserOnly, b.ko.Spec.AdminCreateUserConfig.AllowAdminCreateUserOnly) + } + } + if ackcompare.HasNilDifference(a.ko.Spec.AdminCreateUserConfig.InviteMessageTemplate, b.ko.Spec.AdminCreateUserConfig.InviteMessageTemplate) { + delta.Add("Spec.AdminCreateUserConfig.InviteMessageTemplate", a.ko.Spec.AdminCreateUserConfig.InviteMessageTemplate, b.ko.Spec.AdminCreateUserConfig.InviteMessageTemplate) + } else if a.ko.Spec.AdminCreateUserConfig.InviteMessageTemplate != nil && b.ko.Spec.AdminCreateUserConfig.InviteMessageTemplate != nil { + if ackcompare.HasNilDifference(a.ko.Spec.AdminCreateUserConfig.InviteMessageTemplate.EmailMessage, b.ko.Spec.AdminCreateUserConfig.InviteMessageTemplate.EmailMessage) { + delta.Add("Spec.AdminCreateUserConfig.InviteMessageTemplate.EmailMessage", a.ko.Spec.AdminCreateUserConfig.InviteMessageTemplate.EmailMessage, b.ko.Spec.AdminCreateUserConfig.InviteMessageTemplate.EmailMessage) + } else if a.ko.Spec.AdminCreateUserConfig.InviteMessageTemplate.EmailMessage != nil && b.ko.Spec.AdminCreateUserConfig.InviteMessageTemplate.EmailMessage != nil { + if *a.ko.Spec.AdminCreateUserConfig.InviteMessageTemplate.EmailMessage != *b.ko.Spec.AdminCreateUserConfig.InviteMessageTemplate.EmailMessage { + delta.Add("Spec.AdminCreateUserConfig.InviteMessageTemplate.EmailMessage", a.ko.Spec.AdminCreateUserConfig.InviteMessageTemplate.EmailMessage, b.ko.Spec.AdminCreateUserConfig.InviteMessageTemplate.EmailMessage) + } + } + if ackcompare.HasNilDifference(a.ko.Spec.AdminCreateUserConfig.InviteMessageTemplate.EmailSubject, b.ko.Spec.AdminCreateUserConfig.InviteMessageTemplate.EmailSubject) { + delta.Add("Spec.AdminCreateUserConfig.InviteMessageTemplate.EmailSubject", a.ko.Spec.AdminCreateUserConfig.InviteMessageTemplate.EmailSubject, b.ko.Spec.AdminCreateUserConfig.InviteMessageTemplate.EmailSubject) + } else if a.ko.Spec.AdminCreateUserConfig.InviteMessageTemplate.EmailSubject != nil && b.ko.Spec.AdminCreateUserConfig.InviteMessageTemplate.EmailSubject != nil { + if *a.ko.Spec.AdminCreateUserConfig.InviteMessageTemplate.EmailSubject != *b.ko.Spec.AdminCreateUserConfig.InviteMessageTemplate.EmailSubject { + delta.Add("Spec.AdminCreateUserConfig.InviteMessageTemplate.EmailSubject", a.ko.Spec.AdminCreateUserConfig.InviteMessageTemplate.EmailSubject, b.ko.Spec.AdminCreateUserConfig.InviteMessageTemplate.EmailSubject) + } + } + if ackcompare.HasNilDifference(a.ko.Spec.AdminCreateUserConfig.InviteMessageTemplate.SMSMessage, b.ko.Spec.AdminCreateUserConfig.InviteMessageTemplate.SMSMessage) { + delta.Add("Spec.AdminCreateUserConfig.InviteMessageTemplate.SMSMessage", a.ko.Spec.AdminCreateUserConfig.InviteMessageTemplate.SMSMessage, b.ko.Spec.AdminCreateUserConfig.InviteMessageTemplate.SMSMessage) + } else if a.ko.Spec.AdminCreateUserConfig.InviteMessageTemplate.SMSMessage != nil && b.ko.Spec.AdminCreateUserConfig.InviteMessageTemplate.SMSMessage != nil { + if *a.ko.Spec.AdminCreateUserConfig.InviteMessageTemplate.SMSMessage != *b.ko.Spec.AdminCreateUserConfig.InviteMessageTemplate.SMSMessage { + delta.Add("Spec.AdminCreateUserConfig.InviteMessageTemplate.SMSMessage", a.ko.Spec.AdminCreateUserConfig.InviteMessageTemplate.SMSMessage, b.ko.Spec.AdminCreateUserConfig.InviteMessageTemplate.SMSMessage) + } + } + } + if ackcompare.HasNilDifference(a.ko.Spec.AdminCreateUserConfig.UnusedAccountValidityDays, b.ko.Spec.AdminCreateUserConfig.UnusedAccountValidityDays) { + delta.Add("Spec.AdminCreateUserConfig.UnusedAccountValidityDays", a.ko.Spec.AdminCreateUserConfig.UnusedAccountValidityDays, b.ko.Spec.AdminCreateUserConfig.UnusedAccountValidityDays) + } else if a.ko.Spec.AdminCreateUserConfig.UnusedAccountValidityDays != nil && b.ko.Spec.AdminCreateUserConfig.UnusedAccountValidityDays != nil { + if *a.ko.Spec.AdminCreateUserConfig.UnusedAccountValidityDays != *b.ko.Spec.AdminCreateUserConfig.UnusedAccountValidityDays { + delta.Add("Spec.AdminCreateUserConfig.UnusedAccountValidityDays", a.ko.Spec.AdminCreateUserConfig.UnusedAccountValidityDays, b.ko.Spec.AdminCreateUserConfig.UnusedAccountValidityDays) + } + } + } + if len(a.ko.Spec.AliasAttributes) != len(b.ko.Spec.AliasAttributes) { + delta.Add("Spec.AliasAttributes", a.ko.Spec.AliasAttributes, b.ko.Spec.AliasAttributes) + } else if len(a.ko.Spec.AliasAttributes) > 0 { + if !ackcompare.SliceStringPEqual(a.ko.Spec.AliasAttributes, b.ko.Spec.AliasAttributes) { + delta.Add("Spec.AliasAttributes", a.ko.Spec.AliasAttributes, b.ko.Spec.AliasAttributes) + } + } + if len(a.ko.Spec.AutoVerifiedAttributes) != len(b.ko.Spec.AutoVerifiedAttributes) { + delta.Add("Spec.AutoVerifiedAttributes", a.ko.Spec.AutoVerifiedAttributes, b.ko.Spec.AutoVerifiedAttributes) + } else if len(a.ko.Spec.AutoVerifiedAttributes) > 0 { + if !ackcompare.SliceStringPEqual(a.ko.Spec.AutoVerifiedAttributes, b.ko.Spec.AutoVerifiedAttributes) { + delta.Add("Spec.AutoVerifiedAttributes", a.ko.Spec.AutoVerifiedAttributes, b.ko.Spec.AutoVerifiedAttributes) + } + } + if ackcompare.HasNilDifference(a.ko.Spec.DeletionProtection, b.ko.Spec.DeletionProtection) { + delta.Add("Spec.DeletionProtection", a.ko.Spec.DeletionProtection, b.ko.Spec.DeletionProtection) + } else if a.ko.Spec.DeletionProtection != nil && b.ko.Spec.DeletionProtection != nil { + if *a.ko.Spec.DeletionProtection != *b.ko.Spec.DeletionProtection { + delta.Add("Spec.DeletionProtection", a.ko.Spec.DeletionProtection, b.ko.Spec.DeletionProtection) + } + } + if ackcompare.HasNilDifference(a.ko.Spec.DeviceConfiguration, b.ko.Spec.DeviceConfiguration) { + delta.Add("Spec.DeviceConfiguration", a.ko.Spec.DeviceConfiguration, b.ko.Spec.DeviceConfiguration) + } else if a.ko.Spec.DeviceConfiguration != nil && b.ko.Spec.DeviceConfiguration != nil { + if ackcompare.HasNilDifference(a.ko.Spec.DeviceConfiguration.ChallengeRequiredOnNewDevice, b.ko.Spec.DeviceConfiguration.ChallengeRequiredOnNewDevice) { + delta.Add("Spec.DeviceConfiguration.ChallengeRequiredOnNewDevice", a.ko.Spec.DeviceConfiguration.ChallengeRequiredOnNewDevice, b.ko.Spec.DeviceConfiguration.ChallengeRequiredOnNewDevice) + } else if a.ko.Spec.DeviceConfiguration.ChallengeRequiredOnNewDevice != nil && b.ko.Spec.DeviceConfiguration.ChallengeRequiredOnNewDevice != nil { + if *a.ko.Spec.DeviceConfiguration.ChallengeRequiredOnNewDevice != *b.ko.Spec.DeviceConfiguration.ChallengeRequiredOnNewDevice { + delta.Add("Spec.DeviceConfiguration.ChallengeRequiredOnNewDevice", a.ko.Spec.DeviceConfiguration.ChallengeRequiredOnNewDevice, b.ko.Spec.DeviceConfiguration.ChallengeRequiredOnNewDevice) + } + } + if ackcompare.HasNilDifference(a.ko.Spec.DeviceConfiguration.DeviceOnlyRememberedOnUserPrompt, b.ko.Spec.DeviceConfiguration.DeviceOnlyRememberedOnUserPrompt) { + delta.Add("Spec.DeviceConfiguration.DeviceOnlyRememberedOnUserPrompt", a.ko.Spec.DeviceConfiguration.DeviceOnlyRememberedOnUserPrompt, b.ko.Spec.DeviceConfiguration.DeviceOnlyRememberedOnUserPrompt) + } else if a.ko.Spec.DeviceConfiguration.DeviceOnlyRememberedOnUserPrompt != nil && b.ko.Spec.DeviceConfiguration.DeviceOnlyRememberedOnUserPrompt != nil { + if *a.ko.Spec.DeviceConfiguration.DeviceOnlyRememberedOnUserPrompt != *b.ko.Spec.DeviceConfiguration.DeviceOnlyRememberedOnUserPrompt { + delta.Add("Spec.DeviceConfiguration.DeviceOnlyRememberedOnUserPrompt", a.ko.Spec.DeviceConfiguration.DeviceOnlyRememberedOnUserPrompt, b.ko.Spec.DeviceConfiguration.DeviceOnlyRememberedOnUserPrompt) + } + } + } + if ackcompare.HasNilDifference(a.ko.Spec.EmailConfiguration, b.ko.Spec.EmailConfiguration) { + delta.Add("Spec.EmailConfiguration", a.ko.Spec.EmailConfiguration, b.ko.Spec.EmailConfiguration) + } else if a.ko.Spec.EmailConfiguration != nil && b.ko.Spec.EmailConfiguration != nil { + if ackcompare.HasNilDifference(a.ko.Spec.EmailConfiguration.ConfigurationSet, b.ko.Spec.EmailConfiguration.ConfigurationSet) { + delta.Add("Spec.EmailConfiguration.ConfigurationSet", a.ko.Spec.EmailConfiguration.ConfigurationSet, b.ko.Spec.EmailConfiguration.ConfigurationSet) + } else if a.ko.Spec.EmailConfiguration.ConfigurationSet != nil && b.ko.Spec.EmailConfiguration.ConfigurationSet != nil { + if *a.ko.Spec.EmailConfiguration.ConfigurationSet != *b.ko.Spec.EmailConfiguration.ConfigurationSet { + delta.Add("Spec.EmailConfiguration.ConfigurationSet", a.ko.Spec.EmailConfiguration.ConfigurationSet, b.ko.Spec.EmailConfiguration.ConfigurationSet) + } + } + if ackcompare.HasNilDifference(a.ko.Spec.EmailConfiguration.EmailSendingAccount, b.ko.Spec.EmailConfiguration.EmailSendingAccount) { + delta.Add("Spec.EmailConfiguration.EmailSendingAccount", a.ko.Spec.EmailConfiguration.EmailSendingAccount, b.ko.Spec.EmailConfiguration.EmailSendingAccount) + } else if a.ko.Spec.EmailConfiguration.EmailSendingAccount != nil && b.ko.Spec.EmailConfiguration.EmailSendingAccount != nil { + if *a.ko.Spec.EmailConfiguration.EmailSendingAccount != *b.ko.Spec.EmailConfiguration.EmailSendingAccount { + delta.Add("Spec.EmailConfiguration.EmailSendingAccount", a.ko.Spec.EmailConfiguration.EmailSendingAccount, b.ko.Spec.EmailConfiguration.EmailSendingAccount) + } + } + if ackcompare.HasNilDifference(a.ko.Spec.EmailConfiguration.From, b.ko.Spec.EmailConfiguration.From) { + delta.Add("Spec.EmailConfiguration.From", a.ko.Spec.EmailConfiguration.From, b.ko.Spec.EmailConfiguration.From) + } else if a.ko.Spec.EmailConfiguration.From != nil && b.ko.Spec.EmailConfiguration.From != nil { + if *a.ko.Spec.EmailConfiguration.From != *b.ko.Spec.EmailConfiguration.From { + delta.Add("Spec.EmailConfiguration.From", a.ko.Spec.EmailConfiguration.From, b.ko.Spec.EmailConfiguration.From) + } + } + if ackcompare.HasNilDifference(a.ko.Spec.EmailConfiguration.ReplyToEmailAddress, b.ko.Spec.EmailConfiguration.ReplyToEmailAddress) { + delta.Add("Spec.EmailConfiguration.ReplyToEmailAddress", a.ko.Spec.EmailConfiguration.ReplyToEmailAddress, b.ko.Spec.EmailConfiguration.ReplyToEmailAddress) + } else if a.ko.Spec.EmailConfiguration.ReplyToEmailAddress != nil && b.ko.Spec.EmailConfiguration.ReplyToEmailAddress != nil { + if *a.ko.Spec.EmailConfiguration.ReplyToEmailAddress != *b.ko.Spec.EmailConfiguration.ReplyToEmailAddress { + delta.Add("Spec.EmailConfiguration.ReplyToEmailAddress", a.ko.Spec.EmailConfiguration.ReplyToEmailAddress, b.ko.Spec.EmailConfiguration.ReplyToEmailAddress) + } + } + if ackcompare.HasNilDifference(a.ko.Spec.EmailConfiguration.SourceARN, b.ko.Spec.EmailConfiguration.SourceARN) { + delta.Add("Spec.EmailConfiguration.SourceARN", a.ko.Spec.EmailConfiguration.SourceARN, b.ko.Spec.EmailConfiguration.SourceARN) + } else if a.ko.Spec.EmailConfiguration.SourceARN != nil && b.ko.Spec.EmailConfiguration.SourceARN != nil { + if *a.ko.Spec.EmailConfiguration.SourceARN != *b.ko.Spec.EmailConfiguration.SourceARN { + delta.Add("Spec.EmailConfiguration.SourceARN", a.ko.Spec.EmailConfiguration.SourceARN, b.ko.Spec.EmailConfiguration.SourceARN) + } + } + } + if ackcompare.HasNilDifference(a.ko.Spec.EmailVerificationMessage, b.ko.Spec.EmailVerificationMessage) { + delta.Add("Spec.EmailVerificationMessage", a.ko.Spec.EmailVerificationMessage, b.ko.Spec.EmailVerificationMessage) + } else if a.ko.Spec.EmailVerificationMessage != nil && b.ko.Spec.EmailVerificationMessage != nil { + if *a.ko.Spec.EmailVerificationMessage != *b.ko.Spec.EmailVerificationMessage { + delta.Add("Spec.EmailVerificationMessage", a.ko.Spec.EmailVerificationMessage, b.ko.Spec.EmailVerificationMessage) + } + } + if ackcompare.HasNilDifference(a.ko.Spec.EmailVerificationSubject, b.ko.Spec.EmailVerificationSubject) { + delta.Add("Spec.EmailVerificationSubject", a.ko.Spec.EmailVerificationSubject, b.ko.Spec.EmailVerificationSubject) + } else if a.ko.Spec.EmailVerificationSubject != nil && b.ko.Spec.EmailVerificationSubject != nil { + if *a.ko.Spec.EmailVerificationSubject != *b.ko.Spec.EmailVerificationSubject { + delta.Add("Spec.EmailVerificationSubject", a.ko.Spec.EmailVerificationSubject, b.ko.Spec.EmailVerificationSubject) + } + } + if ackcompare.HasNilDifference(a.ko.Spec.LambdaConfig, b.ko.Spec.LambdaConfig) { + delta.Add("Spec.LambdaConfig", a.ko.Spec.LambdaConfig, b.ko.Spec.LambdaConfig) + } else if a.ko.Spec.LambdaConfig != nil && b.ko.Spec.LambdaConfig != nil { + if ackcompare.HasNilDifference(a.ko.Spec.LambdaConfig.CreateAuthChallenge, b.ko.Spec.LambdaConfig.CreateAuthChallenge) { + delta.Add("Spec.LambdaConfig.CreateAuthChallenge", a.ko.Spec.LambdaConfig.CreateAuthChallenge, b.ko.Spec.LambdaConfig.CreateAuthChallenge) + } else if a.ko.Spec.LambdaConfig.CreateAuthChallenge != nil && b.ko.Spec.LambdaConfig.CreateAuthChallenge != nil { + if *a.ko.Spec.LambdaConfig.CreateAuthChallenge != *b.ko.Spec.LambdaConfig.CreateAuthChallenge { + delta.Add("Spec.LambdaConfig.CreateAuthChallenge", a.ko.Spec.LambdaConfig.CreateAuthChallenge, b.ko.Spec.LambdaConfig.CreateAuthChallenge) + } + } + if ackcompare.HasNilDifference(a.ko.Spec.LambdaConfig.CustomEmailSender, b.ko.Spec.LambdaConfig.CustomEmailSender) { + delta.Add("Spec.LambdaConfig.CustomEmailSender", a.ko.Spec.LambdaConfig.CustomEmailSender, b.ko.Spec.LambdaConfig.CustomEmailSender) + } else if a.ko.Spec.LambdaConfig.CustomEmailSender != nil && b.ko.Spec.LambdaConfig.CustomEmailSender != nil { + if ackcompare.HasNilDifference(a.ko.Spec.LambdaConfig.CustomEmailSender.LambdaARN, b.ko.Spec.LambdaConfig.CustomEmailSender.LambdaARN) { + delta.Add("Spec.LambdaConfig.CustomEmailSender.LambdaARN", a.ko.Spec.LambdaConfig.CustomEmailSender.LambdaARN, b.ko.Spec.LambdaConfig.CustomEmailSender.LambdaARN) + } else if a.ko.Spec.LambdaConfig.CustomEmailSender.LambdaARN != nil && b.ko.Spec.LambdaConfig.CustomEmailSender.LambdaARN != nil { + if *a.ko.Spec.LambdaConfig.CustomEmailSender.LambdaARN != *b.ko.Spec.LambdaConfig.CustomEmailSender.LambdaARN { + delta.Add("Spec.LambdaConfig.CustomEmailSender.LambdaARN", a.ko.Spec.LambdaConfig.CustomEmailSender.LambdaARN, b.ko.Spec.LambdaConfig.CustomEmailSender.LambdaARN) + } + } + if ackcompare.HasNilDifference(a.ko.Spec.LambdaConfig.CustomEmailSender.LambdaVersion, b.ko.Spec.LambdaConfig.CustomEmailSender.LambdaVersion) { + delta.Add("Spec.LambdaConfig.CustomEmailSender.LambdaVersion", a.ko.Spec.LambdaConfig.CustomEmailSender.LambdaVersion, b.ko.Spec.LambdaConfig.CustomEmailSender.LambdaVersion) + } else if a.ko.Spec.LambdaConfig.CustomEmailSender.LambdaVersion != nil && b.ko.Spec.LambdaConfig.CustomEmailSender.LambdaVersion != nil { + if *a.ko.Spec.LambdaConfig.CustomEmailSender.LambdaVersion != *b.ko.Spec.LambdaConfig.CustomEmailSender.LambdaVersion { + delta.Add("Spec.LambdaConfig.CustomEmailSender.LambdaVersion", a.ko.Spec.LambdaConfig.CustomEmailSender.LambdaVersion, b.ko.Spec.LambdaConfig.CustomEmailSender.LambdaVersion) + } + } + } + if ackcompare.HasNilDifference(a.ko.Spec.LambdaConfig.CustomMessage, b.ko.Spec.LambdaConfig.CustomMessage) { + delta.Add("Spec.LambdaConfig.CustomMessage", a.ko.Spec.LambdaConfig.CustomMessage, b.ko.Spec.LambdaConfig.CustomMessage) + } else if a.ko.Spec.LambdaConfig.CustomMessage != nil && b.ko.Spec.LambdaConfig.CustomMessage != nil { + if *a.ko.Spec.LambdaConfig.CustomMessage != *b.ko.Spec.LambdaConfig.CustomMessage { + delta.Add("Spec.LambdaConfig.CustomMessage", a.ko.Spec.LambdaConfig.CustomMessage, b.ko.Spec.LambdaConfig.CustomMessage) + } + } + if ackcompare.HasNilDifference(a.ko.Spec.LambdaConfig.CustomSMSSender, b.ko.Spec.LambdaConfig.CustomSMSSender) { + delta.Add("Spec.LambdaConfig.CustomSMSSender", a.ko.Spec.LambdaConfig.CustomSMSSender, b.ko.Spec.LambdaConfig.CustomSMSSender) + } else if a.ko.Spec.LambdaConfig.CustomSMSSender != nil && b.ko.Spec.LambdaConfig.CustomSMSSender != nil { + if ackcompare.HasNilDifference(a.ko.Spec.LambdaConfig.CustomSMSSender.LambdaARN, b.ko.Spec.LambdaConfig.CustomSMSSender.LambdaARN) { + delta.Add("Spec.LambdaConfig.CustomSMSSender.LambdaARN", a.ko.Spec.LambdaConfig.CustomSMSSender.LambdaARN, b.ko.Spec.LambdaConfig.CustomSMSSender.LambdaARN) + } else if a.ko.Spec.LambdaConfig.CustomSMSSender.LambdaARN != nil && b.ko.Spec.LambdaConfig.CustomSMSSender.LambdaARN != nil { + if *a.ko.Spec.LambdaConfig.CustomSMSSender.LambdaARN != *b.ko.Spec.LambdaConfig.CustomSMSSender.LambdaARN { + delta.Add("Spec.LambdaConfig.CustomSMSSender.LambdaARN", a.ko.Spec.LambdaConfig.CustomSMSSender.LambdaARN, b.ko.Spec.LambdaConfig.CustomSMSSender.LambdaARN) + } + } + if ackcompare.HasNilDifference(a.ko.Spec.LambdaConfig.CustomSMSSender.LambdaVersion, b.ko.Spec.LambdaConfig.CustomSMSSender.LambdaVersion) { + delta.Add("Spec.LambdaConfig.CustomSMSSender.LambdaVersion", a.ko.Spec.LambdaConfig.CustomSMSSender.LambdaVersion, b.ko.Spec.LambdaConfig.CustomSMSSender.LambdaVersion) + } else if a.ko.Spec.LambdaConfig.CustomSMSSender.LambdaVersion != nil && b.ko.Spec.LambdaConfig.CustomSMSSender.LambdaVersion != nil { + if *a.ko.Spec.LambdaConfig.CustomSMSSender.LambdaVersion != *b.ko.Spec.LambdaConfig.CustomSMSSender.LambdaVersion { + delta.Add("Spec.LambdaConfig.CustomSMSSender.LambdaVersion", a.ko.Spec.LambdaConfig.CustomSMSSender.LambdaVersion, b.ko.Spec.LambdaConfig.CustomSMSSender.LambdaVersion) + } + } + } + if ackcompare.HasNilDifference(a.ko.Spec.LambdaConfig.DefineAuthChallenge, b.ko.Spec.LambdaConfig.DefineAuthChallenge) { + delta.Add("Spec.LambdaConfig.DefineAuthChallenge", a.ko.Spec.LambdaConfig.DefineAuthChallenge, b.ko.Spec.LambdaConfig.DefineAuthChallenge) + } else if a.ko.Spec.LambdaConfig.DefineAuthChallenge != nil && b.ko.Spec.LambdaConfig.DefineAuthChallenge != nil { + if *a.ko.Spec.LambdaConfig.DefineAuthChallenge != *b.ko.Spec.LambdaConfig.DefineAuthChallenge { + delta.Add("Spec.LambdaConfig.DefineAuthChallenge", a.ko.Spec.LambdaConfig.DefineAuthChallenge, b.ko.Spec.LambdaConfig.DefineAuthChallenge) + } + } + if ackcompare.HasNilDifference(a.ko.Spec.LambdaConfig.KMSKeyID, b.ko.Spec.LambdaConfig.KMSKeyID) { + delta.Add("Spec.LambdaConfig.KMSKeyID", a.ko.Spec.LambdaConfig.KMSKeyID, b.ko.Spec.LambdaConfig.KMSKeyID) + } else if a.ko.Spec.LambdaConfig.KMSKeyID != nil && b.ko.Spec.LambdaConfig.KMSKeyID != nil { + if *a.ko.Spec.LambdaConfig.KMSKeyID != *b.ko.Spec.LambdaConfig.KMSKeyID { + delta.Add("Spec.LambdaConfig.KMSKeyID", a.ko.Spec.LambdaConfig.KMSKeyID, b.ko.Spec.LambdaConfig.KMSKeyID) + } + } + if ackcompare.HasNilDifference(a.ko.Spec.LambdaConfig.PostAuthentication, b.ko.Spec.LambdaConfig.PostAuthentication) { + delta.Add("Spec.LambdaConfig.PostAuthentication", a.ko.Spec.LambdaConfig.PostAuthentication, b.ko.Spec.LambdaConfig.PostAuthentication) + } else if a.ko.Spec.LambdaConfig.PostAuthentication != nil && b.ko.Spec.LambdaConfig.PostAuthentication != nil { + if *a.ko.Spec.LambdaConfig.PostAuthentication != *b.ko.Spec.LambdaConfig.PostAuthentication { + delta.Add("Spec.LambdaConfig.PostAuthentication", a.ko.Spec.LambdaConfig.PostAuthentication, b.ko.Spec.LambdaConfig.PostAuthentication) + } + } + if ackcompare.HasNilDifference(a.ko.Spec.LambdaConfig.PostConfirmation, b.ko.Spec.LambdaConfig.PostConfirmation) { + delta.Add("Spec.LambdaConfig.PostConfirmation", a.ko.Spec.LambdaConfig.PostConfirmation, b.ko.Spec.LambdaConfig.PostConfirmation) + } else if a.ko.Spec.LambdaConfig.PostConfirmation != nil && b.ko.Spec.LambdaConfig.PostConfirmation != nil { + if *a.ko.Spec.LambdaConfig.PostConfirmation != *b.ko.Spec.LambdaConfig.PostConfirmation { + delta.Add("Spec.LambdaConfig.PostConfirmation", a.ko.Spec.LambdaConfig.PostConfirmation, b.ko.Spec.LambdaConfig.PostConfirmation) + } + } + if ackcompare.HasNilDifference(a.ko.Spec.LambdaConfig.PreAuthentication, b.ko.Spec.LambdaConfig.PreAuthentication) { + delta.Add("Spec.LambdaConfig.PreAuthentication", a.ko.Spec.LambdaConfig.PreAuthentication, b.ko.Spec.LambdaConfig.PreAuthentication) + } else if a.ko.Spec.LambdaConfig.PreAuthentication != nil && b.ko.Spec.LambdaConfig.PreAuthentication != nil { + if *a.ko.Spec.LambdaConfig.PreAuthentication != *b.ko.Spec.LambdaConfig.PreAuthentication { + delta.Add("Spec.LambdaConfig.PreAuthentication", a.ko.Spec.LambdaConfig.PreAuthentication, b.ko.Spec.LambdaConfig.PreAuthentication) + } + } + if ackcompare.HasNilDifference(a.ko.Spec.LambdaConfig.PreSignUp, b.ko.Spec.LambdaConfig.PreSignUp) { + delta.Add("Spec.LambdaConfig.PreSignUp", a.ko.Spec.LambdaConfig.PreSignUp, b.ko.Spec.LambdaConfig.PreSignUp) + } else if a.ko.Spec.LambdaConfig.PreSignUp != nil && b.ko.Spec.LambdaConfig.PreSignUp != nil { + if *a.ko.Spec.LambdaConfig.PreSignUp != *b.ko.Spec.LambdaConfig.PreSignUp { + delta.Add("Spec.LambdaConfig.PreSignUp", a.ko.Spec.LambdaConfig.PreSignUp, b.ko.Spec.LambdaConfig.PreSignUp) + } + } + if ackcompare.HasNilDifference(a.ko.Spec.LambdaConfig.PreTokenGeneration, b.ko.Spec.LambdaConfig.PreTokenGeneration) { + delta.Add("Spec.LambdaConfig.PreTokenGeneration", a.ko.Spec.LambdaConfig.PreTokenGeneration, b.ko.Spec.LambdaConfig.PreTokenGeneration) + } else if a.ko.Spec.LambdaConfig.PreTokenGeneration != nil && b.ko.Spec.LambdaConfig.PreTokenGeneration != nil { + if *a.ko.Spec.LambdaConfig.PreTokenGeneration != *b.ko.Spec.LambdaConfig.PreTokenGeneration { + delta.Add("Spec.LambdaConfig.PreTokenGeneration", a.ko.Spec.LambdaConfig.PreTokenGeneration, b.ko.Spec.LambdaConfig.PreTokenGeneration) + } + } + if ackcompare.HasNilDifference(a.ko.Spec.LambdaConfig.PreTokenGenerationConfig, b.ko.Spec.LambdaConfig.PreTokenGenerationConfig) { + delta.Add("Spec.LambdaConfig.PreTokenGenerationConfig", a.ko.Spec.LambdaConfig.PreTokenGenerationConfig, b.ko.Spec.LambdaConfig.PreTokenGenerationConfig) + } else if a.ko.Spec.LambdaConfig.PreTokenGenerationConfig != nil && b.ko.Spec.LambdaConfig.PreTokenGenerationConfig != nil { + if ackcompare.HasNilDifference(a.ko.Spec.LambdaConfig.PreTokenGenerationConfig.LambdaARN, b.ko.Spec.LambdaConfig.PreTokenGenerationConfig.LambdaARN) { + delta.Add("Spec.LambdaConfig.PreTokenGenerationConfig.LambdaARN", a.ko.Spec.LambdaConfig.PreTokenGenerationConfig.LambdaARN, b.ko.Spec.LambdaConfig.PreTokenGenerationConfig.LambdaARN) + } else if a.ko.Spec.LambdaConfig.PreTokenGenerationConfig.LambdaARN != nil && b.ko.Spec.LambdaConfig.PreTokenGenerationConfig.LambdaARN != nil { + if *a.ko.Spec.LambdaConfig.PreTokenGenerationConfig.LambdaARN != *b.ko.Spec.LambdaConfig.PreTokenGenerationConfig.LambdaARN { + delta.Add("Spec.LambdaConfig.PreTokenGenerationConfig.LambdaARN", a.ko.Spec.LambdaConfig.PreTokenGenerationConfig.LambdaARN, b.ko.Spec.LambdaConfig.PreTokenGenerationConfig.LambdaARN) + } + } + if ackcompare.HasNilDifference(a.ko.Spec.LambdaConfig.PreTokenGenerationConfig.LambdaVersion, b.ko.Spec.LambdaConfig.PreTokenGenerationConfig.LambdaVersion) { + delta.Add("Spec.LambdaConfig.PreTokenGenerationConfig.LambdaVersion", a.ko.Spec.LambdaConfig.PreTokenGenerationConfig.LambdaVersion, b.ko.Spec.LambdaConfig.PreTokenGenerationConfig.LambdaVersion) + } else if a.ko.Spec.LambdaConfig.PreTokenGenerationConfig.LambdaVersion != nil && b.ko.Spec.LambdaConfig.PreTokenGenerationConfig.LambdaVersion != nil { + if *a.ko.Spec.LambdaConfig.PreTokenGenerationConfig.LambdaVersion != *b.ko.Spec.LambdaConfig.PreTokenGenerationConfig.LambdaVersion { + delta.Add("Spec.LambdaConfig.PreTokenGenerationConfig.LambdaVersion", a.ko.Spec.LambdaConfig.PreTokenGenerationConfig.LambdaVersion, b.ko.Spec.LambdaConfig.PreTokenGenerationConfig.LambdaVersion) + } + } + } + if ackcompare.HasNilDifference(a.ko.Spec.LambdaConfig.UserMigration, b.ko.Spec.LambdaConfig.UserMigration) { + delta.Add("Spec.LambdaConfig.UserMigration", a.ko.Spec.LambdaConfig.UserMigration, b.ko.Spec.LambdaConfig.UserMigration) + } else if a.ko.Spec.LambdaConfig.UserMigration != nil && b.ko.Spec.LambdaConfig.UserMigration != nil { + if *a.ko.Spec.LambdaConfig.UserMigration != *b.ko.Spec.LambdaConfig.UserMigration { + delta.Add("Spec.LambdaConfig.UserMigration", a.ko.Spec.LambdaConfig.UserMigration, b.ko.Spec.LambdaConfig.UserMigration) + } + } + if ackcompare.HasNilDifference(a.ko.Spec.LambdaConfig.VerifyAuthChallengeResponse, b.ko.Spec.LambdaConfig.VerifyAuthChallengeResponse) { + delta.Add("Spec.LambdaConfig.VerifyAuthChallengeResponse", a.ko.Spec.LambdaConfig.VerifyAuthChallengeResponse, b.ko.Spec.LambdaConfig.VerifyAuthChallengeResponse) + } else if a.ko.Spec.LambdaConfig.VerifyAuthChallengeResponse != nil && b.ko.Spec.LambdaConfig.VerifyAuthChallengeResponse != nil { + if *a.ko.Spec.LambdaConfig.VerifyAuthChallengeResponse != *b.ko.Spec.LambdaConfig.VerifyAuthChallengeResponse { + delta.Add("Spec.LambdaConfig.VerifyAuthChallengeResponse", a.ko.Spec.LambdaConfig.VerifyAuthChallengeResponse, b.ko.Spec.LambdaConfig.VerifyAuthChallengeResponse) + } + } + } + if ackcompare.HasNilDifference(a.ko.Spec.MFAConfiguration, b.ko.Spec.MFAConfiguration) { + delta.Add("Spec.MFAConfiguration", a.ko.Spec.MFAConfiguration, b.ko.Spec.MFAConfiguration) + } else if a.ko.Spec.MFAConfiguration != nil && b.ko.Spec.MFAConfiguration != nil { + if *a.ko.Spec.MFAConfiguration != *b.ko.Spec.MFAConfiguration { + delta.Add("Spec.MFAConfiguration", a.ko.Spec.MFAConfiguration, b.ko.Spec.MFAConfiguration) + } + } + if ackcompare.HasNilDifference(a.ko.Spec.Name, b.ko.Spec.Name) { + delta.Add("Spec.Name", a.ko.Spec.Name, b.ko.Spec.Name) + } else if a.ko.Spec.Name != nil && b.ko.Spec.Name != nil { + if *a.ko.Spec.Name != *b.ko.Spec.Name { + delta.Add("Spec.Name", a.ko.Spec.Name, b.ko.Spec.Name) + } + } + if ackcompare.HasNilDifference(a.ko.Spec.Policies, b.ko.Spec.Policies) { + delta.Add("Spec.Policies", a.ko.Spec.Policies, b.ko.Spec.Policies) + } else if a.ko.Spec.Policies != nil && b.ko.Spec.Policies != nil { + if ackcompare.HasNilDifference(a.ko.Spec.Policies.PasswordPolicy, b.ko.Spec.Policies.PasswordPolicy) { + delta.Add("Spec.Policies.PasswordPolicy", a.ko.Spec.Policies.PasswordPolicy, b.ko.Spec.Policies.PasswordPolicy) + } else if a.ko.Spec.Policies.PasswordPolicy != nil && b.ko.Spec.Policies.PasswordPolicy != nil { + if ackcompare.HasNilDifference(a.ko.Spec.Policies.PasswordPolicy.MinimumLength, b.ko.Spec.Policies.PasswordPolicy.MinimumLength) { + delta.Add("Spec.Policies.PasswordPolicy.MinimumLength", a.ko.Spec.Policies.PasswordPolicy.MinimumLength, b.ko.Spec.Policies.PasswordPolicy.MinimumLength) + } else if a.ko.Spec.Policies.PasswordPolicy.MinimumLength != nil && b.ko.Spec.Policies.PasswordPolicy.MinimumLength != nil { + if *a.ko.Spec.Policies.PasswordPolicy.MinimumLength != *b.ko.Spec.Policies.PasswordPolicy.MinimumLength { + delta.Add("Spec.Policies.PasswordPolicy.MinimumLength", a.ko.Spec.Policies.PasswordPolicy.MinimumLength, b.ko.Spec.Policies.PasswordPolicy.MinimumLength) + } + } + if ackcompare.HasNilDifference(a.ko.Spec.Policies.PasswordPolicy.RequireLowercase, b.ko.Spec.Policies.PasswordPolicy.RequireLowercase) { + delta.Add("Spec.Policies.PasswordPolicy.RequireLowercase", a.ko.Spec.Policies.PasswordPolicy.RequireLowercase, b.ko.Spec.Policies.PasswordPolicy.RequireLowercase) + } else if a.ko.Spec.Policies.PasswordPolicy.RequireLowercase != nil && b.ko.Spec.Policies.PasswordPolicy.RequireLowercase != nil { + if *a.ko.Spec.Policies.PasswordPolicy.RequireLowercase != *b.ko.Spec.Policies.PasswordPolicy.RequireLowercase { + delta.Add("Spec.Policies.PasswordPolicy.RequireLowercase", a.ko.Spec.Policies.PasswordPolicy.RequireLowercase, b.ko.Spec.Policies.PasswordPolicy.RequireLowercase) + } + } + if ackcompare.HasNilDifference(a.ko.Spec.Policies.PasswordPolicy.RequireNumbers, b.ko.Spec.Policies.PasswordPolicy.RequireNumbers) { + delta.Add("Spec.Policies.PasswordPolicy.RequireNumbers", a.ko.Spec.Policies.PasswordPolicy.RequireNumbers, b.ko.Spec.Policies.PasswordPolicy.RequireNumbers) + } else if a.ko.Spec.Policies.PasswordPolicy.RequireNumbers != nil && b.ko.Spec.Policies.PasswordPolicy.RequireNumbers != nil { + if *a.ko.Spec.Policies.PasswordPolicy.RequireNumbers != *b.ko.Spec.Policies.PasswordPolicy.RequireNumbers { + delta.Add("Spec.Policies.PasswordPolicy.RequireNumbers", a.ko.Spec.Policies.PasswordPolicy.RequireNumbers, b.ko.Spec.Policies.PasswordPolicy.RequireNumbers) + } + } + if ackcompare.HasNilDifference(a.ko.Spec.Policies.PasswordPolicy.RequireSymbols, b.ko.Spec.Policies.PasswordPolicy.RequireSymbols) { + delta.Add("Spec.Policies.PasswordPolicy.RequireSymbols", a.ko.Spec.Policies.PasswordPolicy.RequireSymbols, b.ko.Spec.Policies.PasswordPolicy.RequireSymbols) + } else if a.ko.Spec.Policies.PasswordPolicy.RequireSymbols != nil && b.ko.Spec.Policies.PasswordPolicy.RequireSymbols != nil { + if *a.ko.Spec.Policies.PasswordPolicy.RequireSymbols != *b.ko.Spec.Policies.PasswordPolicy.RequireSymbols { + delta.Add("Spec.Policies.PasswordPolicy.RequireSymbols", a.ko.Spec.Policies.PasswordPolicy.RequireSymbols, b.ko.Spec.Policies.PasswordPolicy.RequireSymbols) + } + } + if ackcompare.HasNilDifference(a.ko.Spec.Policies.PasswordPolicy.RequireUppercase, b.ko.Spec.Policies.PasswordPolicy.RequireUppercase) { + delta.Add("Spec.Policies.PasswordPolicy.RequireUppercase", a.ko.Spec.Policies.PasswordPolicy.RequireUppercase, b.ko.Spec.Policies.PasswordPolicy.RequireUppercase) + } else if a.ko.Spec.Policies.PasswordPolicy.RequireUppercase != nil && b.ko.Spec.Policies.PasswordPolicy.RequireUppercase != nil { + if *a.ko.Spec.Policies.PasswordPolicy.RequireUppercase != *b.ko.Spec.Policies.PasswordPolicy.RequireUppercase { + delta.Add("Spec.Policies.PasswordPolicy.RequireUppercase", a.ko.Spec.Policies.PasswordPolicy.RequireUppercase, b.ko.Spec.Policies.PasswordPolicy.RequireUppercase) + } + } + if ackcompare.HasNilDifference(a.ko.Spec.Policies.PasswordPolicy.TemporaryPasswordValidityDays, b.ko.Spec.Policies.PasswordPolicy.TemporaryPasswordValidityDays) { + delta.Add("Spec.Policies.PasswordPolicy.TemporaryPasswordValidityDays", a.ko.Spec.Policies.PasswordPolicy.TemporaryPasswordValidityDays, b.ko.Spec.Policies.PasswordPolicy.TemporaryPasswordValidityDays) + } else if a.ko.Spec.Policies.PasswordPolicy.TemporaryPasswordValidityDays != nil && b.ko.Spec.Policies.PasswordPolicy.TemporaryPasswordValidityDays != nil { + if *a.ko.Spec.Policies.PasswordPolicy.TemporaryPasswordValidityDays != *b.ko.Spec.Policies.PasswordPolicy.TemporaryPasswordValidityDays { + delta.Add("Spec.Policies.PasswordPolicy.TemporaryPasswordValidityDays", a.ko.Spec.Policies.PasswordPolicy.TemporaryPasswordValidityDays, b.ko.Spec.Policies.PasswordPolicy.TemporaryPasswordValidityDays) + } + } + } + } + if len(a.ko.Spec.Schema) != len(b.ko.Spec.Schema) { + delta.Add("Spec.Schema", a.ko.Spec.Schema, b.ko.Spec.Schema) + } else if len(a.ko.Spec.Schema) > 0 { + if !reflect.DeepEqual(a.ko.Spec.Schema, b.ko.Spec.Schema) { + delta.Add("Spec.Schema", a.ko.Spec.Schema, b.ko.Spec.Schema) + } + } + if ackcompare.HasNilDifference(a.ko.Spec.SmsAuthenticationMessage, b.ko.Spec.SmsAuthenticationMessage) { + delta.Add("Spec.SmsAuthenticationMessage", a.ko.Spec.SmsAuthenticationMessage, b.ko.Spec.SmsAuthenticationMessage) + } else if a.ko.Spec.SmsAuthenticationMessage != nil && b.ko.Spec.SmsAuthenticationMessage != nil { + if *a.ko.Spec.SmsAuthenticationMessage != *b.ko.Spec.SmsAuthenticationMessage { + delta.Add("Spec.SmsAuthenticationMessage", a.ko.Spec.SmsAuthenticationMessage, b.ko.Spec.SmsAuthenticationMessage) + } + } + if ackcompare.HasNilDifference(a.ko.Spec.SmsConfiguration, b.ko.Spec.SmsConfiguration) { + delta.Add("Spec.SmsConfiguration", a.ko.Spec.SmsConfiguration, b.ko.Spec.SmsConfiguration) + } else if a.ko.Spec.SmsConfiguration != nil && b.ko.Spec.SmsConfiguration != nil { + if ackcompare.HasNilDifference(a.ko.Spec.SmsConfiguration.ExternalID, b.ko.Spec.SmsConfiguration.ExternalID) { + delta.Add("Spec.SmsConfiguration.ExternalID", a.ko.Spec.SmsConfiguration.ExternalID, b.ko.Spec.SmsConfiguration.ExternalID) + } else if a.ko.Spec.SmsConfiguration.ExternalID != nil && b.ko.Spec.SmsConfiguration.ExternalID != nil { + if *a.ko.Spec.SmsConfiguration.ExternalID != *b.ko.Spec.SmsConfiguration.ExternalID { + delta.Add("Spec.SmsConfiguration.ExternalID", a.ko.Spec.SmsConfiguration.ExternalID, b.ko.Spec.SmsConfiguration.ExternalID) + } + } + if ackcompare.HasNilDifference(a.ko.Spec.SmsConfiguration.SNSCallerARN, b.ko.Spec.SmsConfiguration.SNSCallerARN) { + delta.Add("Spec.SmsConfiguration.SNSCallerARN", a.ko.Spec.SmsConfiguration.SNSCallerARN, b.ko.Spec.SmsConfiguration.SNSCallerARN) + } else if a.ko.Spec.SmsConfiguration.SNSCallerARN != nil && b.ko.Spec.SmsConfiguration.SNSCallerARN != nil { + if *a.ko.Spec.SmsConfiguration.SNSCallerARN != *b.ko.Spec.SmsConfiguration.SNSCallerARN { + delta.Add("Spec.SmsConfiguration.SNSCallerARN", a.ko.Spec.SmsConfiguration.SNSCallerARN, b.ko.Spec.SmsConfiguration.SNSCallerARN) + } + } + if ackcompare.HasNilDifference(a.ko.Spec.SmsConfiguration.SNSRegion, b.ko.Spec.SmsConfiguration.SNSRegion) { + delta.Add("Spec.SmsConfiguration.SNSRegion", a.ko.Spec.SmsConfiguration.SNSRegion, b.ko.Spec.SmsConfiguration.SNSRegion) + } else if a.ko.Spec.SmsConfiguration.SNSRegion != nil && b.ko.Spec.SmsConfiguration.SNSRegion != nil { + if *a.ko.Spec.SmsConfiguration.SNSRegion != *b.ko.Spec.SmsConfiguration.SNSRegion { + delta.Add("Spec.SmsConfiguration.SNSRegion", a.ko.Spec.SmsConfiguration.SNSRegion, b.ko.Spec.SmsConfiguration.SNSRegion) + } + } + } + if ackcompare.HasNilDifference(a.ko.Spec.SmsVerificationMessage, b.ko.Spec.SmsVerificationMessage) { + delta.Add("Spec.SmsVerificationMessage", a.ko.Spec.SmsVerificationMessage, b.ko.Spec.SmsVerificationMessage) + } else if a.ko.Spec.SmsVerificationMessage != nil && b.ko.Spec.SmsVerificationMessage != nil { + if *a.ko.Spec.SmsVerificationMessage != *b.ko.Spec.SmsVerificationMessage { + delta.Add("Spec.SmsVerificationMessage", a.ko.Spec.SmsVerificationMessage, b.ko.Spec.SmsVerificationMessage) + } + } + if ackcompare.HasNilDifference(a.ko.Spec.UserAttributeUpdateSettings, b.ko.Spec.UserAttributeUpdateSettings) { + delta.Add("Spec.UserAttributeUpdateSettings", a.ko.Spec.UserAttributeUpdateSettings, b.ko.Spec.UserAttributeUpdateSettings) + } else if a.ko.Spec.UserAttributeUpdateSettings != nil && b.ko.Spec.UserAttributeUpdateSettings != nil { + if len(a.ko.Spec.UserAttributeUpdateSettings.AttributesRequireVerificationBeforeUpdate) != len(b.ko.Spec.UserAttributeUpdateSettings.AttributesRequireVerificationBeforeUpdate) { + delta.Add("Spec.UserAttributeUpdateSettings.AttributesRequireVerificationBeforeUpdate", a.ko.Spec.UserAttributeUpdateSettings.AttributesRequireVerificationBeforeUpdate, b.ko.Spec.UserAttributeUpdateSettings.AttributesRequireVerificationBeforeUpdate) + } else if len(a.ko.Spec.UserAttributeUpdateSettings.AttributesRequireVerificationBeforeUpdate) > 0 { + if !ackcompare.SliceStringPEqual(a.ko.Spec.UserAttributeUpdateSettings.AttributesRequireVerificationBeforeUpdate, b.ko.Spec.UserAttributeUpdateSettings.AttributesRequireVerificationBeforeUpdate) { + delta.Add("Spec.UserAttributeUpdateSettings.AttributesRequireVerificationBeforeUpdate", a.ko.Spec.UserAttributeUpdateSettings.AttributesRequireVerificationBeforeUpdate, b.ko.Spec.UserAttributeUpdateSettings.AttributesRequireVerificationBeforeUpdate) + } + } + } + if ackcompare.HasNilDifference(a.ko.Spec.UserPoolAddOns, b.ko.Spec.UserPoolAddOns) { + delta.Add("Spec.UserPoolAddOns", a.ko.Spec.UserPoolAddOns, b.ko.Spec.UserPoolAddOns) + } else if a.ko.Spec.UserPoolAddOns != nil && b.ko.Spec.UserPoolAddOns != nil { + if ackcompare.HasNilDifference(a.ko.Spec.UserPoolAddOns.AdvancedSecurityMode, b.ko.Spec.UserPoolAddOns.AdvancedSecurityMode) { + delta.Add("Spec.UserPoolAddOns.AdvancedSecurityMode", a.ko.Spec.UserPoolAddOns.AdvancedSecurityMode, b.ko.Spec.UserPoolAddOns.AdvancedSecurityMode) + } else if a.ko.Spec.UserPoolAddOns.AdvancedSecurityMode != nil && b.ko.Spec.UserPoolAddOns.AdvancedSecurityMode != nil { + if *a.ko.Spec.UserPoolAddOns.AdvancedSecurityMode != *b.ko.Spec.UserPoolAddOns.AdvancedSecurityMode { + delta.Add("Spec.UserPoolAddOns.AdvancedSecurityMode", a.ko.Spec.UserPoolAddOns.AdvancedSecurityMode, b.ko.Spec.UserPoolAddOns.AdvancedSecurityMode) + } + } + } + if len(a.ko.Spec.UserPoolTags) != len(b.ko.Spec.UserPoolTags) { + delta.Add("Spec.UserPoolTags", a.ko.Spec.UserPoolTags, b.ko.Spec.UserPoolTags) + } else if len(a.ko.Spec.UserPoolTags) > 0 { + if !ackcompare.MapStringStringPEqual(a.ko.Spec.UserPoolTags, b.ko.Spec.UserPoolTags) { + delta.Add("Spec.UserPoolTags", a.ko.Spec.UserPoolTags, b.ko.Spec.UserPoolTags) + } + } + if len(a.ko.Spec.UsernameAttributes) != len(b.ko.Spec.UsernameAttributes) { + delta.Add("Spec.UsernameAttributes", a.ko.Spec.UsernameAttributes, b.ko.Spec.UsernameAttributes) + } else if len(a.ko.Spec.UsernameAttributes) > 0 { + if !ackcompare.SliceStringPEqual(a.ko.Spec.UsernameAttributes, b.ko.Spec.UsernameAttributes) { + delta.Add("Spec.UsernameAttributes", a.ko.Spec.UsernameAttributes, b.ko.Spec.UsernameAttributes) + } + } + if ackcompare.HasNilDifference(a.ko.Spec.UsernameConfiguration, b.ko.Spec.UsernameConfiguration) { + delta.Add("Spec.UsernameConfiguration", a.ko.Spec.UsernameConfiguration, b.ko.Spec.UsernameConfiguration) + } else if a.ko.Spec.UsernameConfiguration != nil && b.ko.Spec.UsernameConfiguration != nil { + if ackcompare.HasNilDifference(a.ko.Spec.UsernameConfiguration.CaseSensitive, b.ko.Spec.UsernameConfiguration.CaseSensitive) { + delta.Add("Spec.UsernameConfiguration.CaseSensitive", a.ko.Spec.UsernameConfiguration.CaseSensitive, b.ko.Spec.UsernameConfiguration.CaseSensitive) + } else if a.ko.Spec.UsernameConfiguration.CaseSensitive != nil && b.ko.Spec.UsernameConfiguration.CaseSensitive != nil { + if *a.ko.Spec.UsernameConfiguration.CaseSensitive != *b.ko.Spec.UsernameConfiguration.CaseSensitive { + delta.Add("Spec.UsernameConfiguration.CaseSensitive", a.ko.Spec.UsernameConfiguration.CaseSensitive, b.ko.Spec.UsernameConfiguration.CaseSensitive) + } + } + } + if ackcompare.HasNilDifference(a.ko.Spec.VerificationMessageTemplate, b.ko.Spec.VerificationMessageTemplate) { + delta.Add("Spec.VerificationMessageTemplate", a.ko.Spec.VerificationMessageTemplate, b.ko.Spec.VerificationMessageTemplate) + } else if a.ko.Spec.VerificationMessageTemplate != nil && b.ko.Spec.VerificationMessageTemplate != nil { + if ackcompare.HasNilDifference(a.ko.Spec.VerificationMessageTemplate.DefaultEmailOption, b.ko.Spec.VerificationMessageTemplate.DefaultEmailOption) { + delta.Add("Spec.VerificationMessageTemplate.DefaultEmailOption", a.ko.Spec.VerificationMessageTemplate.DefaultEmailOption, b.ko.Spec.VerificationMessageTemplate.DefaultEmailOption) + } else if a.ko.Spec.VerificationMessageTemplate.DefaultEmailOption != nil && b.ko.Spec.VerificationMessageTemplate.DefaultEmailOption != nil { + if *a.ko.Spec.VerificationMessageTemplate.DefaultEmailOption != *b.ko.Spec.VerificationMessageTemplate.DefaultEmailOption { + delta.Add("Spec.VerificationMessageTemplate.DefaultEmailOption", a.ko.Spec.VerificationMessageTemplate.DefaultEmailOption, b.ko.Spec.VerificationMessageTemplate.DefaultEmailOption) + } + } + if ackcompare.HasNilDifference(a.ko.Spec.VerificationMessageTemplate.EmailMessage, b.ko.Spec.VerificationMessageTemplate.EmailMessage) { + delta.Add("Spec.VerificationMessageTemplate.EmailMessage", a.ko.Spec.VerificationMessageTemplate.EmailMessage, b.ko.Spec.VerificationMessageTemplate.EmailMessage) + } else if a.ko.Spec.VerificationMessageTemplate.EmailMessage != nil && b.ko.Spec.VerificationMessageTemplate.EmailMessage != nil { + if *a.ko.Spec.VerificationMessageTemplate.EmailMessage != *b.ko.Spec.VerificationMessageTemplate.EmailMessage { + delta.Add("Spec.VerificationMessageTemplate.EmailMessage", a.ko.Spec.VerificationMessageTemplate.EmailMessage, b.ko.Spec.VerificationMessageTemplate.EmailMessage) + } + } + if ackcompare.HasNilDifference(a.ko.Spec.VerificationMessageTemplate.EmailMessageByLink, b.ko.Spec.VerificationMessageTemplate.EmailMessageByLink) { + delta.Add("Spec.VerificationMessageTemplate.EmailMessageByLink", a.ko.Spec.VerificationMessageTemplate.EmailMessageByLink, b.ko.Spec.VerificationMessageTemplate.EmailMessageByLink) + } else if a.ko.Spec.VerificationMessageTemplate.EmailMessageByLink != nil && b.ko.Spec.VerificationMessageTemplate.EmailMessageByLink != nil { + if *a.ko.Spec.VerificationMessageTemplate.EmailMessageByLink != *b.ko.Spec.VerificationMessageTemplate.EmailMessageByLink { + delta.Add("Spec.VerificationMessageTemplate.EmailMessageByLink", a.ko.Spec.VerificationMessageTemplate.EmailMessageByLink, b.ko.Spec.VerificationMessageTemplate.EmailMessageByLink) + } + } + if ackcompare.HasNilDifference(a.ko.Spec.VerificationMessageTemplate.EmailSubject, b.ko.Spec.VerificationMessageTemplate.EmailSubject) { + delta.Add("Spec.VerificationMessageTemplate.EmailSubject", a.ko.Spec.VerificationMessageTemplate.EmailSubject, b.ko.Spec.VerificationMessageTemplate.EmailSubject) + } else if a.ko.Spec.VerificationMessageTemplate.EmailSubject != nil && b.ko.Spec.VerificationMessageTemplate.EmailSubject != nil { + if *a.ko.Spec.VerificationMessageTemplate.EmailSubject != *b.ko.Spec.VerificationMessageTemplate.EmailSubject { + delta.Add("Spec.VerificationMessageTemplate.EmailSubject", a.ko.Spec.VerificationMessageTemplate.EmailSubject, b.ko.Spec.VerificationMessageTemplate.EmailSubject) + } + } + if ackcompare.HasNilDifference(a.ko.Spec.VerificationMessageTemplate.EmailSubjectByLink, b.ko.Spec.VerificationMessageTemplate.EmailSubjectByLink) { + delta.Add("Spec.VerificationMessageTemplate.EmailSubjectByLink", a.ko.Spec.VerificationMessageTemplate.EmailSubjectByLink, b.ko.Spec.VerificationMessageTemplate.EmailSubjectByLink) + } else if a.ko.Spec.VerificationMessageTemplate.EmailSubjectByLink != nil && b.ko.Spec.VerificationMessageTemplate.EmailSubjectByLink != nil { + if *a.ko.Spec.VerificationMessageTemplate.EmailSubjectByLink != *b.ko.Spec.VerificationMessageTemplate.EmailSubjectByLink { + delta.Add("Spec.VerificationMessageTemplate.EmailSubjectByLink", a.ko.Spec.VerificationMessageTemplate.EmailSubjectByLink, b.ko.Spec.VerificationMessageTemplate.EmailSubjectByLink) + } + } + if ackcompare.HasNilDifference(a.ko.Spec.VerificationMessageTemplate.SmsMessage, b.ko.Spec.VerificationMessageTemplate.SmsMessage) { + delta.Add("Spec.VerificationMessageTemplate.SmsMessage", a.ko.Spec.VerificationMessageTemplate.SmsMessage, b.ko.Spec.VerificationMessageTemplate.SmsMessage) + } else if a.ko.Spec.VerificationMessageTemplate.SmsMessage != nil && b.ko.Spec.VerificationMessageTemplate.SmsMessage != nil { + if *a.ko.Spec.VerificationMessageTemplate.SmsMessage != *b.ko.Spec.VerificationMessageTemplate.SmsMessage { + delta.Add("Spec.VerificationMessageTemplate.SmsMessage", a.ko.Spec.VerificationMessageTemplate.SmsMessage, b.ko.Spec.VerificationMessageTemplate.SmsMessage) + } + } + } + + return delta +} diff --git a/pkg/resource/user_pool/descriptor.go b/pkg/resource/user_pool/descriptor.go new file mode 100644 index 0000000..1e278b8 --- /dev/null +++ b/pkg/resource/user_pool/descriptor.go @@ -0,0 +1,155 @@ +// Copyright Amazon.com Inc. or its affiliates. All Rights Reserved. +// +// Licensed under the Apache License, Version 2.0 (the "License"). You may +// not use this file except in compliance with the License. A copy of the +// License is located at +// +// http://aws.amazon.com/apache2.0/ +// +// or in the "license" file accompanying this file. This file is distributed +// on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either +// express or implied. See the License for the specific language governing +// permissions and limitations under the License. + +// Code generated by ack-generate. DO NOT EDIT. + +package user_pool + +import ( + ackv1alpha1 "github.com/aws-controllers-k8s/runtime/apis/core/v1alpha1" + ackcompare "github.com/aws-controllers-k8s/runtime/pkg/compare" + acktypes "github.com/aws-controllers-k8s/runtime/pkg/types" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime/schema" + rtclient "sigs.k8s.io/controller-runtime/pkg/client" + k8sctrlutil "sigs.k8s.io/controller-runtime/pkg/controller/controllerutil" + + svcapitypes "github.com/aws-controllers-k8s/cognitoidentityprovider-controller/apis/v1alpha1" +) + +const ( + FinalizerString = "finalizers.cognitoidentityprovider.services.k8s.aws/UserPool" +) + +var ( + GroupVersionResource = svcapitypes.GroupVersion.WithResource("userpools") + GroupKind = metav1.GroupKind{ + Group: "cognitoidentityprovider.services.k8s.aws", + Kind: "UserPool", + } +) + +// resourceDescriptor implements the +// `aws-service-operator-k8s/pkg/types.AWSResourceDescriptor` interface +type resourceDescriptor struct { +} + +// GroupVersionKind returns a Kubernetes schema.GroupVersionKind struct that +// describes the API Group, Version and Kind of CRs described by the descriptor +func (d *resourceDescriptor) GroupVersionKind() schema.GroupVersionKind { + return svcapitypes.GroupVersion.WithKind(GroupKind.Kind) +} + +// EmptyRuntimeObject returns an empty object prototype that may be used in +// apimachinery and k8s client operations +func (d *resourceDescriptor) EmptyRuntimeObject() rtclient.Object { + return &svcapitypes.UserPool{} +} + +// ResourceFromRuntimeObject returns an AWSResource that has been initialized +// with the supplied runtime.Object +func (d *resourceDescriptor) ResourceFromRuntimeObject( + obj rtclient.Object, +) acktypes.AWSResource { + return &resource{ + ko: obj.(*svcapitypes.UserPool), + } +} + +// Delta returns an `ackcompare.Delta` object containing the difference between +// one `AWSResource` and another. +func (d *resourceDescriptor) Delta(a, b acktypes.AWSResource) *ackcompare.Delta { + return newResourceDelta(a.(*resource), b.(*resource)) +} + +// IsManaged returns true if the supplied AWSResource is under the management +// of an ACK service controller. What this means in practice is that the +// underlying custom resource (CR) in the AWSResource has had a +// resource-specific finalizer associated with it. +func (d *resourceDescriptor) IsManaged( + res acktypes.AWSResource, +) bool { + obj := res.RuntimeObject() + if obj == nil { + // Should not happen. If it does, there is a bug in the code + panic("nil RuntimeMetaObject in AWSResource") + } + // Remove use of custom code once + // https://github.com/kubernetes-sigs/controller-runtime/issues/994 is + // fixed. This should be able to be: + // + // return k8sctrlutil.ContainsFinalizer(obj, FinalizerString) + return containsFinalizer(obj, FinalizerString) +} + +// Remove once https://github.com/kubernetes-sigs/controller-runtime/issues/994 +// is fixed. +func containsFinalizer(obj rtclient.Object, finalizer string) bool { + f := obj.GetFinalizers() + for _, e := range f { + if e == finalizer { + return true + } + } + return false +} + +// MarkManaged places the supplied resource under the management of ACK. What +// this typically means is that the resource manager will decorate the +// underlying custom resource (CR) with a finalizer that indicates ACK is +// managing the resource and the underlying CR may not be deleted until ACK is +// finished cleaning up any backend AWS service resources associated with the +// CR. +func (d *resourceDescriptor) MarkManaged( + res acktypes.AWSResource, +) { + obj := res.RuntimeObject() + if obj == nil { + // Should not happen. If it does, there is a bug in the code + panic("nil RuntimeMetaObject in AWSResource") + } + k8sctrlutil.AddFinalizer(obj, FinalizerString) +} + +// MarkUnmanaged removes the supplied resource from management by ACK. What +// this typically means is that the resource manager will remove a finalizer +// underlying custom resource (CR) that indicates ACK is managing the resource. +// This will allow the Kubernetes API server to delete the underlying CR. +func (d *resourceDescriptor) MarkUnmanaged( + res acktypes.AWSResource, +) { + obj := res.RuntimeObject() + if obj == nil { + // Should not happen. If it does, there is a bug in the code + panic("nil RuntimeMetaObject in AWSResource") + } + k8sctrlutil.RemoveFinalizer(obj, FinalizerString) +} + +// MarkAdopted places descriptors on the custom resource that indicate the +// resource was not created from within ACK. +func (d *resourceDescriptor) MarkAdopted( + res acktypes.AWSResource, +) { + obj := res.RuntimeObject() + if obj == nil { + // Should not happen. If it does, there is a bug in the code + panic("nil RuntimeObject in AWSResource") + } + curr := obj.GetAnnotations() + if curr == nil { + curr = make(map[string]string) + } + curr[ackv1alpha1.AnnotationAdopted] = "true" + obj.SetAnnotations(curr) +} diff --git a/pkg/resource/user_pool/identifiers.go b/pkg/resource/user_pool/identifiers.go new file mode 100644 index 0000000..0ac360c --- /dev/null +++ b/pkg/resource/user_pool/identifiers.go @@ -0,0 +1,55 @@ +// Copyright Amazon.com Inc. or its affiliates. All Rights Reserved. +// +// Licensed under the Apache License, Version 2.0 (the "License"). You may +// not use this file except in compliance with the License. A copy of the +// License is located at +// +// http://aws.amazon.com/apache2.0/ +// +// or in the "license" file accompanying this file. This file is distributed +// on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either +// express or implied. See the License for the specific language governing +// permissions and limitations under the License. + +// Code generated by ack-generate. DO NOT EDIT. + +package user_pool + +import ( + ackv1alpha1 "github.com/aws-controllers-k8s/runtime/apis/core/v1alpha1" +) + +// resourceIdentifiers implements the +// `aws-service-operator-k8s/pkg/types.AWSResourceIdentifiers` interface +type resourceIdentifiers struct { + meta *ackv1alpha1.ResourceMetadata +} + +// ARN returns the AWS Resource Name for the backend AWS resource. If nil, +// this means the resource has not yet been created in the backend AWS +// service. +func (ri *resourceIdentifiers) ARN() *ackv1alpha1.AWSResourceName { + if ri.meta != nil { + return ri.meta.ARN + } + return nil +} + +// OwnerAccountID returns the AWS account identifier in which the +// backend AWS resource resides, or nil if this information is not known +// for the resource +func (ri *resourceIdentifiers) OwnerAccountID() *ackv1alpha1.AWSAccountID { + if ri.meta != nil { + return ri.meta.OwnerAccountID + } + return nil +} + +// Region returns the AWS region in which the resource exists, or +// nil if this information is not known. +func (ri *resourceIdentifiers) Region() *ackv1alpha1.AWSRegion { + if ri.meta != nil { + return ri.meta.Region + } + return nil +} diff --git a/pkg/resource/user_pool/manager.go b/pkg/resource/user_pool/manager.go new file mode 100644 index 0000000..c883b46 --- /dev/null +++ b/pkg/resource/user_pool/manager.go @@ -0,0 +1,350 @@ +// Copyright Amazon.com Inc. or its affiliates. All Rights Reserved. +// +// Licensed under the Apache License, Version 2.0 (the "License"). You may +// not use this file except in compliance with the License. A copy of the +// License is located at +// +// http://aws.amazon.com/apache2.0/ +// +// or in the "license" file accompanying this file. This file is distributed +// on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either +// express or implied. See the License for the specific language governing +// permissions and limitations under the License. + +// Code generated by ack-generate. DO NOT EDIT. + +package user_pool + +import ( + "context" + "fmt" + "time" + + ackv1alpha1 "github.com/aws-controllers-k8s/runtime/apis/core/v1alpha1" + ackcompare "github.com/aws-controllers-k8s/runtime/pkg/compare" + ackcondition "github.com/aws-controllers-k8s/runtime/pkg/condition" + ackcfg "github.com/aws-controllers-k8s/runtime/pkg/config" + ackerr "github.com/aws-controllers-k8s/runtime/pkg/errors" + ackmetrics "github.com/aws-controllers-k8s/runtime/pkg/metrics" + ackrequeue "github.com/aws-controllers-k8s/runtime/pkg/requeue" + ackrt "github.com/aws-controllers-k8s/runtime/pkg/runtime" + ackrtlog "github.com/aws-controllers-k8s/runtime/pkg/runtime/log" + acktags "github.com/aws-controllers-k8s/runtime/pkg/tags" + acktypes "github.com/aws-controllers-k8s/runtime/pkg/types" + ackutil "github.com/aws-controllers-k8s/runtime/pkg/util" + "github.com/aws/aws-sdk-go/aws/session" + svcsdk "github.com/aws/aws-sdk-go/service/cognitoidentityprovider" + svcsdkapi "github.com/aws/aws-sdk-go/service/cognitoidentityprovider/cognitoidentityprovideriface" + "github.com/go-logr/logr" + corev1 "k8s.io/api/core/v1" + + svcapitypes "github.com/aws-controllers-k8s/cognitoidentityprovider-controller/apis/v1alpha1" +) + +var ( + _ = ackutil.InStrings + _ = acktags.NewTags() + _ = ackrt.MissingImageTagValue + _ = svcapitypes.UserPool{} +) + +// +kubebuilder:rbac:groups=cognitoidentityprovider.services.k8s.aws,resources=userpools,verbs=get;list;watch;create;update;patch;delete +// +kubebuilder:rbac:groups=cognitoidentityprovider.services.k8s.aws,resources=userpools/status,verbs=get;update;patch + +var lateInitializeFieldNames = []string{} + +// resourceManager is responsible for providing a consistent way to perform +// CRUD operations in a backend AWS service API for Book custom resources. +type resourceManager struct { + // cfg is a copy of the ackcfg.Config object passed on start of the service + // controller + cfg ackcfg.Config + // log refers to the logr.Logger object handling logging for the service + // controller + log logr.Logger + // metrics contains a collection of Prometheus metric objects that the + // service controller and its reconcilers track + metrics *ackmetrics.Metrics + // rr is the Reconciler which can be used for various utility + // functions such as querying for Secret values given a SecretReference + rr acktypes.Reconciler + // awsAccountID is the AWS account identifier that contains the resources + // managed by this resource manager + awsAccountID ackv1alpha1.AWSAccountID + // The AWS Region that this resource manager targets + awsRegion ackv1alpha1.AWSRegion + // sess is the AWS SDK Session object used to communicate with the backend + // AWS service API + sess *session.Session + // sdk is a pointer to the AWS service API interface exposed by the + // aws-sdk-go/services/{alias}/{alias}iface package. + sdkapi svcsdkapi.CognitoIdentityProviderAPI +} + +// concreteResource returns a pointer to a resource from the supplied +// generic AWSResource interface +func (rm *resourceManager) concreteResource( + res acktypes.AWSResource, +) *resource { + // cast the generic interface into a pointer type specific to the concrete + // implementing resource type managed by this resource manager + return res.(*resource) +} + +// ReadOne returns the currently-observed state of the supplied AWSResource in +// the backend AWS service API. +func (rm *resourceManager) ReadOne( + ctx context.Context, + res acktypes.AWSResource, +) (acktypes.AWSResource, error) { + r := rm.concreteResource(res) + if r.ko == nil { + // Should never happen... if it does, it's buggy code. + panic("resource manager's ReadOne() method received resource with nil CR object") + } + observed, err := rm.sdkFind(ctx, r) + if err != nil { + if observed != nil { + return rm.onError(observed, err) + } + return rm.onError(r, err) + } + return rm.onSuccess(observed) +} + +// Create attempts to create the supplied AWSResource in the backend AWS +// service API, returning an AWSResource representing the newly-created +// resource +func (rm *resourceManager) Create( + ctx context.Context, + res acktypes.AWSResource, +) (acktypes.AWSResource, error) { + r := rm.concreteResource(res) + if r.ko == nil { + // Should never happen... if it does, it's buggy code. + panic("resource manager's Create() method received resource with nil CR object") + } + created, err := rm.sdkCreate(ctx, r) + if err != nil { + if created != nil { + return rm.onError(created, err) + } + return rm.onError(r, err) + } + return rm.onSuccess(created) +} + +// Update attempts to mutate the supplied desired AWSResource in the backend AWS +// service API, returning an AWSResource representing the newly-mutated +// resource. +// Note for specialized logic implementers can check to see how the latest +// observed resource differs from the supplied desired state. The +// higher-level reonciler determines whether or not the desired differs +// from the latest observed and decides whether to call the resource +// manager's Update method +func (rm *resourceManager) Update( + ctx context.Context, + resDesired acktypes.AWSResource, + resLatest acktypes.AWSResource, + delta *ackcompare.Delta, +) (acktypes.AWSResource, error) { + desired := rm.concreteResource(resDesired) + latest := rm.concreteResource(resLatest) + if desired.ko == nil || latest.ko == nil { + // Should never happen... if it does, it's buggy code. + panic("resource manager's Update() method received resource with nil CR object") + } + updated, err := rm.sdkUpdate(ctx, desired, latest, delta) + if err != nil { + if updated != nil { + return rm.onError(updated, err) + } + return rm.onError(latest, err) + } + return rm.onSuccess(updated) +} + +// Delete attempts to destroy the supplied AWSResource in the backend AWS +// service API, returning an AWSResource representing the +// resource being deleted (if delete is asynchronous and takes time) +func (rm *resourceManager) Delete( + ctx context.Context, + res acktypes.AWSResource, +) (acktypes.AWSResource, error) { + r := rm.concreteResource(res) + if r.ko == nil { + // Should never happen... if it does, it's buggy code. + panic("resource manager's Update() method received resource with nil CR object") + } + observed, err := rm.sdkDelete(ctx, r) + if err != nil { + if observed != nil { + return rm.onError(observed, err) + } + return rm.onError(r, err) + } + + return rm.onSuccess(observed) +} + +// ARNFromName returns an AWS Resource Name from a given string name. This +// is useful for constructing ARNs for APIs that require ARNs in their +// GetAttributes operations but all we have (for new CRs at least) is a +// name for the resource +func (rm *resourceManager) ARNFromName(name string) string { + return fmt.Sprintf( + "arn:aws:cognitoidentityprovider:%s:%s:%s", + rm.awsRegion, + rm.awsAccountID, + name, + ) +} + +// LateInitialize returns an acktypes.AWSResource after setting the late initialized +// fields from the readOne call. This method will initialize the optional fields +// which were not provided by the k8s user but were defaulted by the AWS service. +// If there are no such fields to be initialized, the returned object is similar to +// object passed in the parameter. +func (rm *resourceManager) LateInitialize( + ctx context.Context, + latest acktypes.AWSResource, +) (acktypes.AWSResource, error) { + rlog := ackrtlog.FromContext(ctx) + // If there are no fields to late initialize, do nothing + if len(lateInitializeFieldNames) == 0 { + rlog.Debug("no late initialization required.") + return latest, nil + } + latestCopy := latest.DeepCopy() + lateInitConditionReason := "" + lateInitConditionMessage := "" + observed, err := rm.ReadOne(ctx, latestCopy) + if err != nil { + lateInitConditionMessage = "Unable to complete Read operation required for late initialization" + lateInitConditionReason = "Late Initialization Failure" + ackcondition.SetLateInitialized(latestCopy, corev1.ConditionFalse, &lateInitConditionMessage, &lateInitConditionReason) + ackcondition.SetSynced(latestCopy, corev1.ConditionFalse, nil, nil) + return latestCopy, err + } + lateInitializedRes := rm.lateInitializeFromReadOneOutput(observed, latestCopy) + incompleteInitialization := rm.incompleteLateInitialization(lateInitializedRes) + if incompleteInitialization { + // Add the condition with LateInitialized=False + lateInitConditionMessage = "Late initialization did not complete, requeuing with delay of 5 seconds" + lateInitConditionReason = "Delayed Late Initialization" + ackcondition.SetLateInitialized(lateInitializedRes, corev1.ConditionFalse, &lateInitConditionMessage, &lateInitConditionReason) + ackcondition.SetSynced(lateInitializedRes, corev1.ConditionFalse, nil, nil) + return lateInitializedRes, ackrequeue.NeededAfter(nil, time.Duration(5)*time.Second) + } + // Set LateInitialized condition to True + lateInitConditionMessage = "Late initialization successful" + lateInitConditionReason = "Late initialization successful" + ackcondition.SetLateInitialized(lateInitializedRes, corev1.ConditionTrue, &lateInitConditionMessage, &lateInitConditionReason) + return lateInitializedRes, nil +} + +// incompleteLateInitialization return true if there are fields which were supposed to be +// late initialized but are not. If all the fields are late initialized, false is returned +func (rm *resourceManager) incompleteLateInitialization( + res acktypes.AWSResource, +) bool { + return false +} + +// lateInitializeFromReadOneOutput late initializes the 'latest' resource from the 'observed' +// resource and returns 'latest' resource +func (rm *resourceManager) lateInitializeFromReadOneOutput( + observed acktypes.AWSResource, + latest acktypes.AWSResource, +) acktypes.AWSResource { + return latest +} + +// IsSynced returns true if the resource is synced. +func (rm *resourceManager) IsSynced(ctx context.Context, res acktypes.AWSResource) (bool, error) { + r := rm.concreteResource(res) + if r.ko == nil { + // Should never happen... if it does, it's buggy code. + panic("resource manager's IsSynced() method received resource with nil CR object") + } + + return true, nil +} + +// EnsureTags ensures that tags are present inside the AWSResource. +// If the AWSResource does not have any existing resource tags, the 'tags' +// field is initialized and the controller tags are added. +// If the AWSResource has existing resource tags, then controller tags are +// added to the existing resource tags without overriding them. +// If the AWSResource does not support tags, only then the controller tags +// will not be added to the AWSResource. +func (rm *resourceManager) EnsureTags( + ctx context.Context, + res acktypes.AWSResource, + md acktypes.ServiceControllerMetadata, +) error { + + return nil +} + +// newResourceManager returns a new struct implementing +// acktypes.AWSResourceManager +func newResourceManager( + cfg ackcfg.Config, + log logr.Logger, + metrics *ackmetrics.Metrics, + rr acktypes.Reconciler, + sess *session.Session, + id ackv1alpha1.AWSAccountID, + region ackv1alpha1.AWSRegion, +) (*resourceManager, error) { + return &resourceManager{ + cfg: cfg, + log: log, + metrics: metrics, + rr: rr, + awsAccountID: id, + awsRegion: region, + sess: sess, + sdkapi: svcsdk.New(sess), + }, nil +} + +// onError updates resource conditions and returns updated resource +// it returns nil if no condition is updated. +func (rm *resourceManager) onError( + r *resource, + err error, +) (acktypes.AWSResource, error) { + if r == nil { + return nil, err + } + r1, updated := rm.updateConditions(r, false, err) + if !updated { + return r, err + } + for _, condition := range r1.Conditions() { + if condition.Type == ackv1alpha1.ConditionTypeTerminal && + condition.Status == corev1.ConditionTrue { + // resource is in Terminal condition + // return Terminal error + return r1, ackerr.Terminal + } + } + return r1, err +} + +// onSuccess updates resource conditions and returns updated resource +// it returns the supplied resource if no condition is updated. +func (rm *resourceManager) onSuccess( + r *resource, +) (acktypes.AWSResource, error) { + if r == nil { + return nil, nil + } + r1, updated := rm.updateConditions(r, true, nil) + if !updated { + return r, nil + } + return r1, nil +} diff --git a/pkg/resource/user_pool/manager_factory.go b/pkg/resource/user_pool/manager_factory.go new file mode 100644 index 0000000..15506e7 --- /dev/null +++ b/pkg/resource/user_pool/manager_factory.go @@ -0,0 +1,100 @@ +// Copyright Amazon.com Inc. or its affiliates. All Rights Reserved. +// +// Licensed under the Apache License, Version 2.0 (the "License"). You may +// not use this file except in compliance with the License. A copy of the +// License is located at +// +// http://aws.amazon.com/apache2.0/ +// +// or in the "license" file accompanying this file. This file is distributed +// on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either +// express or implied. See the License for the specific language governing +// permissions and limitations under the License. + +// Code generated by ack-generate. DO NOT EDIT. + +package user_pool + +import ( + "fmt" + "sync" + + ackv1alpha1 "github.com/aws-controllers-k8s/runtime/apis/core/v1alpha1" + ackcfg "github.com/aws-controllers-k8s/runtime/pkg/config" + ackmetrics "github.com/aws-controllers-k8s/runtime/pkg/metrics" + acktypes "github.com/aws-controllers-k8s/runtime/pkg/types" + "github.com/aws/aws-sdk-go/aws/session" + "github.com/go-logr/logr" + + svcresource "github.com/aws-controllers-k8s/cognitoidentityprovider-controller/pkg/resource" +) + +// resourceManagerFactory produces resourceManager objects. It implements the +// `types.AWSResourceManagerFactory` interface. +type resourceManagerFactory struct { + sync.RWMutex + // rmCache contains resource managers for a particular AWS account ID + rmCache map[string]*resourceManager +} + +// ResourcePrototype returns an AWSResource that resource managers produced by +// this factory will handle +func (f *resourceManagerFactory) ResourceDescriptor() acktypes.AWSResourceDescriptor { + return &resourceDescriptor{} +} + +// ManagerFor returns a resource manager object that can manage resources for a +// supplied AWS account +func (f *resourceManagerFactory) ManagerFor( + cfg ackcfg.Config, + log logr.Logger, + metrics *ackmetrics.Metrics, + rr acktypes.Reconciler, + sess *session.Session, + id ackv1alpha1.AWSAccountID, + region ackv1alpha1.AWSRegion, + roleARN ackv1alpha1.AWSResourceName, +) (acktypes.AWSResourceManager, error) { + // We use the account ID, region, and role ARN to uniquely identify a + // resource manager. This helps us to avoid creating multiple resource + // managers for the same account/region/roleARN combination. + rmId := fmt.Sprintf("%s/%s/%s", id, region, roleARN) + f.RLock() + rm, found := f.rmCache[rmId] + f.RUnlock() + + if found { + return rm, nil + } + + f.Lock() + defer f.Unlock() + + rm, err := newResourceManager(cfg, log, metrics, rr, sess, id, region) + if err != nil { + return nil, err + } + f.rmCache[rmId] = rm + return rm, nil +} + +// IsAdoptable returns true if the resource is able to be adopted +func (f *resourceManagerFactory) IsAdoptable() bool { + return true +} + +// RequeueOnSuccessSeconds returns true if the resource should be requeued after specified seconds +// Default is false which means resource will not be requeued after success. +func (f *resourceManagerFactory) RequeueOnSuccessSeconds() int { + return 0 +} + +func newResourceManagerFactory() *resourceManagerFactory { + return &resourceManagerFactory{ + rmCache: map[string]*resourceManager{}, + } +} + +func init() { + svcresource.RegisterManagerFactory(newResourceManagerFactory()) +} diff --git a/pkg/resource/user_pool/references.go b/pkg/resource/user_pool/references.go new file mode 100644 index 0000000..7df84d6 --- /dev/null +++ b/pkg/resource/user_pool/references.go @@ -0,0 +1,56 @@ +// Copyright Amazon.com Inc. or its affiliates. All Rights Reserved. +// +// Licensed under the Apache License, Version 2.0 (the "License"). You may +// not use this file except in compliance with the License. A copy of the +// License is located at +// +// http://aws.amazon.com/apache2.0/ +// +// or in the "license" file accompanying this file. This file is distributed +// on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either +// express or implied. See the License for the specific language governing +// permissions and limitations under the License. + +// Code generated by ack-generate. DO NOT EDIT. + +package user_pool + +import ( + "context" + "sigs.k8s.io/controller-runtime/pkg/client" + + acktypes "github.com/aws-controllers-k8s/runtime/pkg/types" + + svcapitypes "github.com/aws-controllers-k8s/cognitoidentityprovider-controller/apis/v1alpha1" +) + +// ClearResolvedReferences removes any reference values that were made +// concrete in the spec. It returns a copy of the input AWSResource which +// contains the original *Ref values, but none of their respective concrete +// values. +func (rm *resourceManager) ClearResolvedReferences(res acktypes.AWSResource) acktypes.AWSResource { + ko := rm.concreteResource(res).ko.DeepCopy() + + return &resource{ko} +} + +// ResolveReferences finds if there are any Reference field(s) present +// inside AWSResource passed in the parameter and attempts to resolve those +// reference field(s) into their respective target field(s). It returns a +// copy of the input AWSResource with resolved reference(s), a boolean which +// is set to true if the resource contains any references (regardless of if +// they are resolved successfully) and an error if the passed AWSResource's +// reference field(s) could not be resolved. +func (rm *resourceManager) ResolveReferences( + ctx context.Context, + apiReader client.Reader, + res acktypes.AWSResource, +) (acktypes.AWSResource, bool, error) { + return res, false, nil +} + +// validateReferenceFields validates the reference field and corresponding +// identifier field. +func validateReferenceFields(ko *svcapitypes.UserPool) error { + return nil +} diff --git a/pkg/resource/user_pool/resource.go b/pkg/resource/user_pool/resource.go new file mode 100644 index 0000000..a68f9b2 --- /dev/null +++ b/pkg/resource/user_pool/resource.go @@ -0,0 +1,100 @@ +// Copyright Amazon.com Inc. or its affiliates. All Rights Reserved. +// +// Licensed under the Apache License, Version 2.0 (the "License"). You may +// not use this file except in compliance with the License. A copy of the +// License is located at +// +// http://aws.amazon.com/apache2.0/ +// +// or in the "license" file accompanying this file. This file is distributed +// on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either +// express or implied. See the License for the specific language governing +// permissions and limitations under the License. + +// Code generated by ack-generate. DO NOT EDIT. + +package user_pool + +import ( + ackv1alpha1 "github.com/aws-controllers-k8s/runtime/apis/core/v1alpha1" + ackerrors "github.com/aws-controllers-k8s/runtime/pkg/errors" + acktypes "github.com/aws-controllers-k8s/runtime/pkg/types" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + rtclient "sigs.k8s.io/controller-runtime/pkg/client" + + svcapitypes "github.com/aws-controllers-k8s/cognitoidentityprovider-controller/apis/v1alpha1" +) + +// Hack to avoid import errors during build... +var ( + _ = &ackerrors.MissingNameIdentifier +) + +// resource implements the `aws-controller-k8s/runtime/pkg/types.AWSResource` +// interface +type resource struct { + // The Kubernetes-native CR representing the resource + ko *svcapitypes.UserPool +} + +// Identifiers returns an AWSResourceIdentifiers object containing various +// identifying information, including the AWS account ID that owns the +// resource, the resource's AWS Resource Name (ARN) +func (r *resource) Identifiers() acktypes.AWSResourceIdentifiers { + return &resourceIdentifiers{r.ko.Status.ACKResourceMetadata} +} + +// IsBeingDeleted returns true if the Kubernetes resource has a non-zero +// deletion timestamp +func (r *resource) IsBeingDeleted() bool { + return !r.ko.DeletionTimestamp.IsZero() +} + +// RuntimeObject returns the Kubernetes apimachinery/runtime representation of +// the AWSResource +func (r *resource) RuntimeObject() rtclient.Object { + return r.ko +} + +// MetaObject returns the Kubernetes apimachinery/apis/meta/v1.Object +// representation of the AWSResource +func (r *resource) MetaObject() metav1.Object { + return r.ko.GetObjectMeta() +} + +// Conditions returns the ACK Conditions collection for the AWSResource +func (r *resource) Conditions() []*ackv1alpha1.Condition { + return r.ko.Status.Conditions +} + +// ReplaceConditions sets the Conditions status field for the resource +func (r *resource) ReplaceConditions(conditions []*ackv1alpha1.Condition) { + r.ko.Status.Conditions = conditions +} + +// SetObjectMeta sets the ObjectMeta field for the resource +func (r *resource) SetObjectMeta(meta metav1.ObjectMeta) { + r.ko.ObjectMeta = meta +} + +// SetStatus will set the Status field for the resource +func (r *resource) SetStatus(desired acktypes.AWSResource) { + r.ko.Status = desired.(*resource).ko.Status +} + +// SetIdentifiers sets the Spec or Status field that is referenced as the unique +// resource identifier +func (r *resource) SetIdentifiers(identifier *ackv1alpha1.AWSIdentifiers) error { + if identifier.NameOrID == "" { + return ackerrors.MissingNameIdentifier + } + r.ko.Status.ID = &identifier.NameOrID + + return nil +} + +// DeepCopy will return a copy of the resource +func (r *resource) DeepCopy() acktypes.AWSResource { + koCopy := r.ko.DeepCopy() + return &resource{koCopy} +} diff --git a/pkg/resource/user_pool/sdk.go b/pkg/resource/user_pool/sdk.go new file mode 100644 index 0000000..2ebd4db --- /dev/null +++ b/pkg/resource/user_pool/sdk.go @@ -0,0 +1,1777 @@ +// Copyright Amazon.com Inc. or its affiliates. All Rights Reserved. +// +// Licensed under the Apache License, Version 2.0 (the "License"). You may +// not use this file except in compliance with the License. A copy of the +// License is located at +// +// http://aws.amazon.com/apache2.0/ +// +// or in the "license" file accompanying this file. This file is distributed +// on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either +// express or implied. See the License for the specific language governing +// permissions and limitations under the License. + +// Code generated by ack-generate. DO NOT EDIT. + +package user_pool + +import ( + "context" + "errors" + "fmt" + "reflect" + "strings" + + ackv1alpha1 "github.com/aws-controllers-k8s/runtime/apis/core/v1alpha1" + ackcompare "github.com/aws-controllers-k8s/runtime/pkg/compare" + ackcondition "github.com/aws-controllers-k8s/runtime/pkg/condition" + ackerr "github.com/aws-controllers-k8s/runtime/pkg/errors" + ackrequeue "github.com/aws-controllers-k8s/runtime/pkg/requeue" + ackrtlog "github.com/aws-controllers-k8s/runtime/pkg/runtime/log" + "github.com/aws/aws-sdk-go/aws" + svcsdk "github.com/aws/aws-sdk-go/service/cognitoidentityprovider" + corev1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + + svcapitypes "github.com/aws-controllers-k8s/cognitoidentityprovider-controller/apis/v1alpha1" +) + +// Hack to avoid import errors during build... +var ( + _ = &metav1.Time{} + _ = strings.ToLower("") + _ = &aws.JSONValue{} + _ = &svcsdk.CognitoIdentityProvider{} + _ = &svcapitypes.UserPool{} + _ = ackv1alpha1.AWSAccountID("") + _ = &ackerr.NotFound + _ = &ackcondition.NotManagedMessage + _ = &reflect.Value{} + _ = fmt.Sprintf("") + _ = &ackrequeue.NoRequeue{} +) + +// sdkFind returns SDK-specific information about a supplied resource +func (rm *resourceManager) sdkFind( + ctx context.Context, + r *resource, +) (latest *resource, err error) { + rlog := ackrtlog.FromContext(ctx) + exit := rlog.Trace("rm.sdkFind") + defer func() { + exit(err) + }() + // If any required fields in the input shape are missing, AWS resource is + // not created yet. Return NotFound here to indicate to callers that the + // resource isn't yet created. + if rm.requiredFieldsMissingFromReadOneInput(r) { + return nil, ackerr.NotFound + } + + input, err := rm.newDescribeRequestPayload(r) + if err != nil { + return nil, err + } + + var resp *svcsdk.DescribeUserPoolOutput + resp, err = rm.sdkapi.DescribeUserPoolWithContext(ctx, input) + rm.metrics.RecordAPICall("READ_ONE", "DescribeUserPool", err) + if err != nil { + if reqErr, ok := ackerr.AWSRequestFailure(err); ok && reqErr.StatusCode() == 404 { + return nil, ackerr.NotFound + } + if awsErr, ok := ackerr.AWSError(err); ok && awsErr.Code() == "UNKNOWN" { + return nil, ackerr.NotFound + } + return nil, err + } + + // Merge in the information we read from the API call above to the copy of + // the original Kubernetes object we passed to the function + ko := r.ko.DeepCopy() + + if resp.UserPool.AccountRecoverySetting != nil { + f0 := &svcapitypes.AccountRecoverySettingType{} + if resp.UserPool.AccountRecoverySetting.RecoveryMechanisms != nil { + f0f0 := []*svcapitypes.RecoveryOptionType{} + for _, f0f0iter := range resp.UserPool.AccountRecoverySetting.RecoveryMechanisms { + f0f0elem := &svcapitypes.RecoveryOptionType{} + if f0f0iter.Name != nil { + f0f0elem.Name = f0f0iter.Name + } + if f0f0iter.Priority != nil { + f0f0elem.Priority = f0f0iter.Priority + } + f0f0 = append(f0f0, f0f0elem) + } + f0.RecoveryMechanisms = f0f0 + } + ko.Spec.AccountRecoverySetting = f0 + } else { + ko.Spec.AccountRecoverySetting = nil + } + if resp.UserPool.AdminCreateUserConfig != nil { + f1 := &svcapitypes.AdminCreateUserConfigType{} + if resp.UserPool.AdminCreateUserConfig.AllowAdminCreateUserOnly != nil { + f1.AllowAdminCreateUserOnly = resp.UserPool.AdminCreateUserConfig.AllowAdminCreateUserOnly + } + if resp.UserPool.AdminCreateUserConfig.InviteMessageTemplate != nil { + f1f1 := &svcapitypes.MessageTemplateType{} + if resp.UserPool.AdminCreateUserConfig.InviteMessageTemplate.EmailMessage != nil { + f1f1.EmailMessage = resp.UserPool.AdminCreateUserConfig.InviteMessageTemplate.EmailMessage + } + if resp.UserPool.AdminCreateUserConfig.InviteMessageTemplate.EmailSubject != nil { + f1f1.EmailSubject = resp.UserPool.AdminCreateUserConfig.InviteMessageTemplate.EmailSubject + } + if resp.UserPool.AdminCreateUserConfig.InviteMessageTemplate.SMSMessage != nil { + f1f1.SMSMessage = resp.UserPool.AdminCreateUserConfig.InviteMessageTemplate.SMSMessage + } + f1.InviteMessageTemplate = f1f1 + } + if resp.UserPool.AdminCreateUserConfig.UnusedAccountValidityDays != nil { + f1.UnusedAccountValidityDays = resp.UserPool.AdminCreateUserConfig.UnusedAccountValidityDays + } + ko.Spec.AdminCreateUserConfig = f1 + } else { + ko.Spec.AdminCreateUserConfig = nil + } + if resp.UserPool.AliasAttributes != nil { + f2 := []*string{} + for _, f2iter := range resp.UserPool.AliasAttributes { + var f2elem string + f2elem = *f2iter + f2 = append(f2, &f2elem) + } + ko.Spec.AliasAttributes = f2 + } else { + ko.Spec.AliasAttributes = nil + } + if ko.Status.ACKResourceMetadata == nil { + ko.Status.ACKResourceMetadata = &ackv1alpha1.ResourceMetadata{} + } + if resp.UserPool.Arn != nil { + arn := ackv1alpha1.AWSResourceName(*resp.UserPool.Arn) + ko.Status.ACKResourceMetadata.ARN = &arn + } + if resp.UserPool.AutoVerifiedAttributes != nil { + f4 := []*string{} + for _, f4iter := range resp.UserPool.AutoVerifiedAttributes { + var f4elem string + f4elem = *f4iter + f4 = append(f4, &f4elem) + } + ko.Spec.AutoVerifiedAttributes = f4 + } else { + ko.Spec.AutoVerifiedAttributes = nil + } + if resp.UserPool.CreationDate != nil { + ko.Status.CreationDate = &metav1.Time{*resp.UserPool.CreationDate} + } else { + ko.Status.CreationDate = nil + } + if resp.UserPool.CustomDomain != nil { + ko.Status.CustomDomain = resp.UserPool.CustomDomain + } else { + ko.Status.CustomDomain = nil + } + if resp.UserPool.DeletionProtection != nil { + ko.Spec.DeletionProtection = resp.UserPool.DeletionProtection + } else { + ko.Spec.DeletionProtection = nil + } + if resp.UserPool.DeviceConfiguration != nil { + f8 := &svcapitypes.DeviceConfigurationType{} + if resp.UserPool.DeviceConfiguration.ChallengeRequiredOnNewDevice != nil { + f8.ChallengeRequiredOnNewDevice = resp.UserPool.DeviceConfiguration.ChallengeRequiredOnNewDevice + } + if resp.UserPool.DeviceConfiguration.DeviceOnlyRememberedOnUserPrompt != nil { + f8.DeviceOnlyRememberedOnUserPrompt = resp.UserPool.DeviceConfiguration.DeviceOnlyRememberedOnUserPrompt + } + ko.Spec.DeviceConfiguration = f8 + } else { + ko.Spec.DeviceConfiguration = nil + } + if resp.UserPool.Domain != nil { + ko.Status.Domain = resp.UserPool.Domain + } else { + ko.Status.Domain = nil + } + if resp.UserPool.EmailConfiguration != nil { + f10 := &svcapitypes.EmailConfigurationType{} + if resp.UserPool.EmailConfiguration.ConfigurationSet != nil { + f10.ConfigurationSet = resp.UserPool.EmailConfiguration.ConfigurationSet + } + if resp.UserPool.EmailConfiguration.EmailSendingAccount != nil { + f10.EmailSendingAccount = resp.UserPool.EmailConfiguration.EmailSendingAccount + } + if resp.UserPool.EmailConfiguration.From != nil { + f10.From = resp.UserPool.EmailConfiguration.From + } + if resp.UserPool.EmailConfiguration.ReplyToEmailAddress != nil { + f10.ReplyToEmailAddress = resp.UserPool.EmailConfiguration.ReplyToEmailAddress + } + if resp.UserPool.EmailConfiguration.SourceArn != nil { + f10.SourceARN = resp.UserPool.EmailConfiguration.SourceArn + } + ko.Spec.EmailConfiguration = f10 + } else { + ko.Spec.EmailConfiguration = nil + } + if resp.UserPool.EmailConfigurationFailure != nil { + ko.Status.EmailConfigurationFailure = resp.UserPool.EmailConfigurationFailure + } else { + ko.Status.EmailConfigurationFailure = nil + } + if resp.UserPool.EmailVerificationMessage != nil { + ko.Spec.EmailVerificationMessage = resp.UserPool.EmailVerificationMessage + } else { + ko.Spec.EmailVerificationMessage = nil + } + if resp.UserPool.EmailVerificationSubject != nil { + ko.Spec.EmailVerificationSubject = resp.UserPool.EmailVerificationSubject + } else { + ko.Spec.EmailVerificationSubject = nil + } + if resp.UserPool.EstimatedNumberOfUsers != nil { + ko.Status.EstimatedNumberOfUsers = resp.UserPool.EstimatedNumberOfUsers + } else { + ko.Status.EstimatedNumberOfUsers = nil + } + if resp.UserPool.Id != nil { + ko.Status.ID = resp.UserPool.Id + } else { + ko.Status.ID = nil + } + if resp.UserPool.LambdaConfig != nil { + f16 := &svcapitypes.LambdaConfigType{} + if resp.UserPool.LambdaConfig.CreateAuthChallenge != nil { + f16.CreateAuthChallenge = resp.UserPool.LambdaConfig.CreateAuthChallenge + } + if resp.UserPool.LambdaConfig.CustomEmailSender != nil { + f16f1 := &svcapitypes.CustomEmailLambdaVersionConfigType{} + if resp.UserPool.LambdaConfig.CustomEmailSender.LambdaArn != nil { + f16f1.LambdaARN = resp.UserPool.LambdaConfig.CustomEmailSender.LambdaArn + } + if resp.UserPool.LambdaConfig.CustomEmailSender.LambdaVersion != nil { + f16f1.LambdaVersion = resp.UserPool.LambdaConfig.CustomEmailSender.LambdaVersion + } + f16.CustomEmailSender = f16f1 + } + if resp.UserPool.LambdaConfig.CustomMessage != nil { + f16.CustomMessage = resp.UserPool.LambdaConfig.CustomMessage + } + if resp.UserPool.LambdaConfig.CustomSMSSender != nil { + f16f3 := &svcapitypes.CustomSMSLambdaVersionConfigType{} + if resp.UserPool.LambdaConfig.CustomSMSSender.LambdaArn != nil { + f16f3.LambdaARN = resp.UserPool.LambdaConfig.CustomSMSSender.LambdaArn + } + if resp.UserPool.LambdaConfig.CustomSMSSender.LambdaVersion != nil { + f16f3.LambdaVersion = resp.UserPool.LambdaConfig.CustomSMSSender.LambdaVersion + } + f16.CustomSMSSender = f16f3 + } + if resp.UserPool.LambdaConfig.DefineAuthChallenge != nil { + f16.DefineAuthChallenge = resp.UserPool.LambdaConfig.DefineAuthChallenge + } + if resp.UserPool.LambdaConfig.KMSKeyID != nil { + f16.KMSKeyID = resp.UserPool.LambdaConfig.KMSKeyID + } + if resp.UserPool.LambdaConfig.PostAuthentication != nil { + f16.PostAuthentication = resp.UserPool.LambdaConfig.PostAuthentication + } + if resp.UserPool.LambdaConfig.PostConfirmation != nil { + f16.PostConfirmation = resp.UserPool.LambdaConfig.PostConfirmation + } + if resp.UserPool.LambdaConfig.PreAuthentication != nil { + f16.PreAuthentication = resp.UserPool.LambdaConfig.PreAuthentication + } + if resp.UserPool.LambdaConfig.PreSignUp != nil { + f16.PreSignUp = resp.UserPool.LambdaConfig.PreSignUp + } + if resp.UserPool.LambdaConfig.PreTokenGeneration != nil { + f16.PreTokenGeneration = resp.UserPool.LambdaConfig.PreTokenGeneration + } + if resp.UserPool.LambdaConfig.PreTokenGenerationConfig != nil { + f16f11 := &svcapitypes.PreTokenGenerationVersionConfigType{} + if resp.UserPool.LambdaConfig.PreTokenGenerationConfig.LambdaArn != nil { + f16f11.LambdaARN = resp.UserPool.LambdaConfig.PreTokenGenerationConfig.LambdaArn + } + if resp.UserPool.LambdaConfig.PreTokenGenerationConfig.LambdaVersion != nil { + f16f11.LambdaVersion = resp.UserPool.LambdaConfig.PreTokenGenerationConfig.LambdaVersion + } + f16.PreTokenGenerationConfig = f16f11 + } + if resp.UserPool.LambdaConfig.UserMigration != nil { + f16.UserMigration = resp.UserPool.LambdaConfig.UserMigration + } + if resp.UserPool.LambdaConfig.VerifyAuthChallengeResponse != nil { + f16.VerifyAuthChallengeResponse = resp.UserPool.LambdaConfig.VerifyAuthChallengeResponse + } + ko.Spec.LambdaConfig = f16 + } else { + ko.Spec.LambdaConfig = nil + } + if resp.UserPool.LastModifiedDate != nil { + ko.Status.LastModifiedDate = &metav1.Time{*resp.UserPool.LastModifiedDate} + } else { + ko.Status.LastModifiedDate = nil + } + if resp.UserPool.MfaConfiguration != nil { + ko.Spec.MFAConfiguration = resp.UserPool.MfaConfiguration + } else { + ko.Spec.MFAConfiguration = nil + } + if resp.UserPool.Name != nil { + ko.Spec.Name = resp.UserPool.Name + } else { + ko.Spec.Name = nil + } + if resp.UserPool.Policies != nil { + f20 := &svcapitypes.UserPoolPolicyType{} + if resp.UserPool.Policies.PasswordPolicy != nil { + f20f0 := &svcapitypes.PasswordPolicyType{} + if resp.UserPool.Policies.PasswordPolicy.MinimumLength != nil { + f20f0.MinimumLength = resp.UserPool.Policies.PasswordPolicy.MinimumLength + } + if resp.UserPool.Policies.PasswordPolicy.RequireLowercase != nil { + f20f0.RequireLowercase = resp.UserPool.Policies.PasswordPolicy.RequireLowercase + } + if resp.UserPool.Policies.PasswordPolicy.RequireNumbers != nil { + f20f0.RequireNumbers = resp.UserPool.Policies.PasswordPolicy.RequireNumbers + } + if resp.UserPool.Policies.PasswordPolicy.RequireSymbols != nil { + f20f0.RequireSymbols = resp.UserPool.Policies.PasswordPolicy.RequireSymbols + } + if resp.UserPool.Policies.PasswordPolicy.RequireUppercase != nil { + f20f0.RequireUppercase = resp.UserPool.Policies.PasswordPolicy.RequireUppercase + } + if resp.UserPool.Policies.PasswordPolicy.TemporaryPasswordValidityDays != nil { + f20f0.TemporaryPasswordValidityDays = resp.UserPool.Policies.PasswordPolicy.TemporaryPasswordValidityDays + } + f20.PasswordPolicy = f20f0 + } + ko.Spec.Policies = f20 + } else { + ko.Spec.Policies = nil + } + if resp.UserPool.SchemaAttributes != nil { + f21 := []*svcapitypes.SchemaAttributeType{} + for _, f21iter := range resp.UserPool.SchemaAttributes { + f21elem := &svcapitypes.SchemaAttributeType{} + if f21iter.AttributeDataType != nil { + f21elem.AttributeDataType = f21iter.AttributeDataType + } + if f21iter.DeveloperOnlyAttribute != nil { + f21elem.DeveloperOnlyAttribute = f21iter.DeveloperOnlyAttribute + } + if f21iter.Mutable != nil { + f21elem.Mutable = f21iter.Mutable + } + if f21iter.Name != nil { + f21elem.Name = f21iter.Name + } + if f21iter.NumberAttributeConstraints != nil { + f21elemf4 := &svcapitypes.NumberAttributeConstraintsType{} + if f21iter.NumberAttributeConstraints.MaxValue != nil { + f21elemf4.MaxValue = f21iter.NumberAttributeConstraints.MaxValue + } + if f21iter.NumberAttributeConstraints.MinValue != nil { + f21elemf4.MinValue = f21iter.NumberAttributeConstraints.MinValue + } + f21elem.NumberAttributeConstraints = f21elemf4 + } + if f21iter.Required != nil { + f21elem.Required = f21iter.Required + } + if f21iter.StringAttributeConstraints != nil { + f21elemf6 := &svcapitypes.StringAttributeConstraintsType{} + if f21iter.StringAttributeConstraints.MaxLength != nil { + f21elemf6.MaxLength = f21iter.StringAttributeConstraints.MaxLength + } + if f21iter.StringAttributeConstraints.MinLength != nil { + f21elemf6.MinLength = f21iter.StringAttributeConstraints.MinLength + } + f21elem.StringAttributeConstraints = f21elemf6 + } + f21 = append(f21, f21elem) + } + ko.Status.SchemaAttributes = f21 + } else { + ko.Status.SchemaAttributes = nil + } + if resp.UserPool.SmsAuthenticationMessage != nil { + ko.Spec.SmsAuthenticationMessage = resp.UserPool.SmsAuthenticationMessage + } else { + ko.Spec.SmsAuthenticationMessage = nil + } + if resp.UserPool.SmsConfiguration != nil { + f23 := &svcapitypes.SmsConfigurationType{} + if resp.UserPool.SmsConfiguration.ExternalId != nil { + f23.ExternalID = resp.UserPool.SmsConfiguration.ExternalId + } + if resp.UserPool.SmsConfiguration.SnsCallerArn != nil { + f23.SNSCallerARN = resp.UserPool.SmsConfiguration.SnsCallerArn + } + if resp.UserPool.SmsConfiguration.SnsRegion != nil { + f23.SNSRegion = resp.UserPool.SmsConfiguration.SnsRegion + } + ko.Spec.SmsConfiguration = f23 + } else { + ko.Spec.SmsConfiguration = nil + } + if resp.UserPool.SmsConfigurationFailure != nil { + ko.Status.SmsConfigurationFailure = resp.UserPool.SmsConfigurationFailure + } else { + ko.Status.SmsConfigurationFailure = nil + } + if resp.UserPool.SmsVerificationMessage != nil { + ko.Spec.SmsVerificationMessage = resp.UserPool.SmsVerificationMessage + } else { + ko.Spec.SmsVerificationMessage = nil + } + if resp.UserPool.Status != nil { + ko.Status.Status = resp.UserPool.Status + } else { + ko.Status.Status = nil + } + if resp.UserPool.UserAttributeUpdateSettings != nil { + f27 := &svcapitypes.UserAttributeUpdateSettingsType{} + if resp.UserPool.UserAttributeUpdateSettings.AttributesRequireVerificationBeforeUpdate != nil { + f27f0 := []*string{} + for _, f27f0iter := range resp.UserPool.UserAttributeUpdateSettings.AttributesRequireVerificationBeforeUpdate { + var f27f0elem string + f27f0elem = *f27f0iter + f27f0 = append(f27f0, &f27f0elem) + } + f27.AttributesRequireVerificationBeforeUpdate = f27f0 + } + ko.Spec.UserAttributeUpdateSettings = f27 + } else { + ko.Spec.UserAttributeUpdateSettings = nil + } + if resp.UserPool.UserPoolAddOns != nil { + f28 := &svcapitypes.UserPoolAddOnsType{} + if resp.UserPool.UserPoolAddOns.AdvancedSecurityMode != nil { + f28.AdvancedSecurityMode = resp.UserPool.UserPoolAddOns.AdvancedSecurityMode + } + ko.Spec.UserPoolAddOns = f28 + } else { + ko.Spec.UserPoolAddOns = nil + } + if resp.UserPool.UserPoolTags != nil { + f29 := map[string]*string{} + for f29key, f29valiter := range resp.UserPool.UserPoolTags { + var f29val string + f29val = *f29valiter + f29[f29key] = &f29val + } + ko.Spec.UserPoolTags = f29 + } else { + ko.Spec.UserPoolTags = nil + } + if resp.UserPool.UsernameAttributes != nil { + f30 := []*string{} + for _, f30iter := range resp.UserPool.UsernameAttributes { + var f30elem string + f30elem = *f30iter + f30 = append(f30, &f30elem) + } + ko.Spec.UsernameAttributes = f30 + } else { + ko.Spec.UsernameAttributes = nil + } + if resp.UserPool.UsernameConfiguration != nil { + f31 := &svcapitypes.UsernameConfigurationType{} + if resp.UserPool.UsernameConfiguration.CaseSensitive != nil { + f31.CaseSensitive = resp.UserPool.UsernameConfiguration.CaseSensitive + } + ko.Spec.UsernameConfiguration = f31 + } else { + ko.Spec.UsernameConfiguration = nil + } + if resp.UserPool.VerificationMessageTemplate != nil { + f32 := &svcapitypes.VerificationMessageTemplateType{} + if resp.UserPool.VerificationMessageTemplate.DefaultEmailOption != nil { + f32.DefaultEmailOption = resp.UserPool.VerificationMessageTemplate.DefaultEmailOption + } + if resp.UserPool.VerificationMessageTemplate.EmailMessage != nil { + f32.EmailMessage = resp.UserPool.VerificationMessageTemplate.EmailMessage + } + if resp.UserPool.VerificationMessageTemplate.EmailMessageByLink != nil { + f32.EmailMessageByLink = resp.UserPool.VerificationMessageTemplate.EmailMessageByLink + } + if resp.UserPool.VerificationMessageTemplate.EmailSubject != nil { + f32.EmailSubject = resp.UserPool.VerificationMessageTemplate.EmailSubject + } + if resp.UserPool.VerificationMessageTemplate.EmailSubjectByLink != nil { + f32.EmailSubjectByLink = resp.UserPool.VerificationMessageTemplate.EmailSubjectByLink + } + if resp.UserPool.VerificationMessageTemplate.SmsMessage != nil { + f32.SmsMessage = resp.UserPool.VerificationMessageTemplate.SmsMessage + } + ko.Spec.VerificationMessageTemplate = f32 + } else { + ko.Spec.VerificationMessageTemplate = nil + } + + rm.setStatusDefaults(ko) + return &resource{ko}, nil +} + +// requiredFieldsMissingFromReadOneInput returns true if there are any fields +// for the ReadOne Input shape that are required but not present in the +// resource's Spec or Status +func (rm *resourceManager) requiredFieldsMissingFromReadOneInput( + r *resource, +) bool { + return r.ko.Status.ID == nil + +} + +// newDescribeRequestPayload returns SDK-specific struct for the HTTP request +// payload of the Describe API call for the resource +func (rm *resourceManager) newDescribeRequestPayload( + r *resource, +) (*svcsdk.DescribeUserPoolInput, error) { + res := &svcsdk.DescribeUserPoolInput{} + + if r.ko.Status.ID != nil { + res.SetUserPoolId(*r.ko.Status.ID) + } + + return res, nil +} + +// sdkCreate creates the supplied resource in the backend AWS service API and +// returns a copy of the resource with resource fields (in both Spec and +// Status) filled in with values from the CREATE API operation's Output shape. +func (rm *resourceManager) sdkCreate( + ctx context.Context, + desired *resource, +) (created *resource, err error) { + rlog := ackrtlog.FromContext(ctx) + exit := rlog.Trace("rm.sdkCreate") + defer func() { + exit(err) + }() + input, err := rm.newCreateRequestPayload(ctx, desired) + if err != nil { + return nil, err + } + + var resp *svcsdk.CreateUserPoolOutput + _ = resp + resp, err = rm.sdkapi.CreateUserPoolWithContext(ctx, input) + rm.metrics.RecordAPICall("CREATE", "CreateUserPool", err) + if err != nil { + return nil, err + } + // Merge in the information we read from the API call above to the copy of + // the original Kubernetes object we passed to the function + ko := desired.ko.DeepCopy() + + if resp.UserPool.AccountRecoverySetting != nil { + f0 := &svcapitypes.AccountRecoverySettingType{} + if resp.UserPool.AccountRecoverySetting.RecoveryMechanisms != nil { + f0f0 := []*svcapitypes.RecoveryOptionType{} + for _, f0f0iter := range resp.UserPool.AccountRecoverySetting.RecoveryMechanisms { + f0f0elem := &svcapitypes.RecoveryOptionType{} + if f0f0iter.Name != nil { + f0f0elem.Name = f0f0iter.Name + } + if f0f0iter.Priority != nil { + f0f0elem.Priority = f0f0iter.Priority + } + f0f0 = append(f0f0, f0f0elem) + } + f0.RecoveryMechanisms = f0f0 + } + ko.Spec.AccountRecoverySetting = f0 + } else { + ko.Spec.AccountRecoverySetting = nil + } + if resp.UserPool.AdminCreateUserConfig != nil { + f1 := &svcapitypes.AdminCreateUserConfigType{} + if resp.UserPool.AdminCreateUserConfig.AllowAdminCreateUserOnly != nil { + f1.AllowAdminCreateUserOnly = resp.UserPool.AdminCreateUserConfig.AllowAdminCreateUserOnly + } + if resp.UserPool.AdminCreateUserConfig.InviteMessageTemplate != nil { + f1f1 := &svcapitypes.MessageTemplateType{} + if resp.UserPool.AdminCreateUserConfig.InviteMessageTemplate.EmailMessage != nil { + f1f1.EmailMessage = resp.UserPool.AdminCreateUserConfig.InviteMessageTemplate.EmailMessage + } + if resp.UserPool.AdminCreateUserConfig.InviteMessageTemplate.EmailSubject != nil { + f1f1.EmailSubject = resp.UserPool.AdminCreateUserConfig.InviteMessageTemplate.EmailSubject + } + if resp.UserPool.AdminCreateUserConfig.InviteMessageTemplate.SMSMessage != nil { + f1f1.SMSMessage = resp.UserPool.AdminCreateUserConfig.InviteMessageTemplate.SMSMessage + } + f1.InviteMessageTemplate = f1f1 + } + if resp.UserPool.AdminCreateUserConfig.UnusedAccountValidityDays != nil { + f1.UnusedAccountValidityDays = resp.UserPool.AdminCreateUserConfig.UnusedAccountValidityDays + } + ko.Spec.AdminCreateUserConfig = f1 + } else { + ko.Spec.AdminCreateUserConfig = nil + } + if resp.UserPool.AliasAttributes != nil { + f2 := []*string{} + for _, f2iter := range resp.UserPool.AliasAttributes { + var f2elem string + f2elem = *f2iter + f2 = append(f2, &f2elem) + } + ko.Spec.AliasAttributes = f2 + } else { + ko.Spec.AliasAttributes = nil + } + if ko.Status.ACKResourceMetadata == nil { + ko.Status.ACKResourceMetadata = &ackv1alpha1.ResourceMetadata{} + } + if resp.UserPool.Arn != nil { + arn := ackv1alpha1.AWSResourceName(*resp.UserPool.Arn) + ko.Status.ACKResourceMetadata.ARN = &arn + } + if resp.UserPool.AutoVerifiedAttributes != nil { + f4 := []*string{} + for _, f4iter := range resp.UserPool.AutoVerifiedAttributes { + var f4elem string + f4elem = *f4iter + f4 = append(f4, &f4elem) + } + ko.Spec.AutoVerifiedAttributes = f4 + } else { + ko.Spec.AutoVerifiedAttributes = nil + } + if resp.UserPool.CreationDate != nil { + ko.Status.CreationDate = &metav1.Time{*resp.UserPool.CreationDate} + } else { + ko.Status.CreationDate = nil + } + if resp.UserPool.CustomDomain != nil { + ko.Status.CustomDomain = resp.UserPool.CustomDomain + } else { + ko.Status.CustomDomain = nil + } + if resp.UserPool.DeletionProtection != nil { + ko.Spec.DeletionProtection = resp.UserPool.DeletionProtection + } else { + ko.Spec.DeletionProtection = nil + } + if resp.UserPool.DeviceConfiguration != nil { + f8 := &svcapitypes.DeviceConfigurationType{} + if resp.UserPool.DeviceConfiguration.ChallengeRequiredOnNewDevice != nil { + f8.ChallengeRequiredOnNewDevice = resp.UserPool.DeviceConfiguration.ChallengeRequiredOnNewDevice + } + if resp.UserPool.DeviceConfiguration.DeviceOnlyRememberedOnUserPrompt != nil { + f8.DeviceOnlyRememberedOnUserPrompt = resp.UserPool.DeviceConfiguration.DeviceOnlyRememberedOnUserPrompt + } + ko.Spec.DeviceConfiguration = f8 + } else { + ko.Spec.DeviceConfiguration = nil + } + if resp.UserPool.Domain != nil { + ko.Status.Domain = resp.UserPool.Domain + } else { + ko.Status.Domain = nil + } + if resp.UserPool.EmailConfiguration != nil { + f10 := &svcapitypes.EmailConfigurationType{} + if resp.UserPool.EmailConfiguration.ConfigurationSet != nil { + f10.ConfigurationSet = resp.UserPool.EmailConfiguration.ConfigurationSet + } + if resp.UserPool.EmailConfiguration.EmailSendingAccount != nil { + f10.EmailSendingAccount = resp.UserPool.EmailConfiguration.EmailSendingAccount + } + if resp.UserPool.EmailConfiguration.From != nil { + f10.From = resp.UserPool.EmailConfiguration.From + } + if resp.UserPool.EmailConfiguration.ReplyToEmailAddress != nil { + f10.ReplyToEmailAddress = resp.UserPool.EmailConfiguration.ReplyToEmailAddress + } + if resp.UserPool.EmailConfiguration.SourceArn != nil { + f10.SourceARN = resp.UserPool.EmailConfiguration.SourceArn + } + ko.Spec.EmailConfiguration = f10 + } else { + ko.Spec.EmailConfiguration = nil + } + if resp.UserPool.EmailConfigurationFailure != nil { + ko.Status.EmailConfigurationFailure = resp.UserPool.EmailConfigurationFailure + } else { + ko.Status.EmailConfigurationFailure = nil + } + if resp.UserPool.EmailVerificationMessage != nil { + ko.Spec.EmailVerificationMessage = resp.UserPool.EmailVerificationMessage + } else { + ko.Spec.EmailVerificationMessage = nil + } + if resp.UserPool.EmailVerificationSubject != nil { + ko.Spec.EmailVerificationSubject = resp.UserPool.EmailVerificationSubject + } else { + ko.Spec.EmailVerificationSubject = nil + } + if resp.UserPool.EstimatedNumberOfUsers != nil { + ko.Status.EstimatedNumberOfUsers = resp.UserPool.EstimatedNumberOfUsers + } else { + ko.Status.EstimatedNumberOfUsers = nil + } + if resp.UserPool.Id != nil { + ko.Status.ID = resp.UserPool.Id + } else { + ko.Status.ID = nil + } + if resp.UserPool.LambdaConfig != nil { + f16 := &svcapitypes.LambdaConfigType{} + if resp.UserPool.LambdaConfig.CreateAuthChallenge != nil { + f16.CreateAuthChallenge = resp.UserPool.LambdaConfig.CreateAuthChallenge + } + if resp.UserPool.LambdaConfig.CustomEmailSender != nil { + f16f1 := &svcapitypes.CustomEmailLambdaVersionConfigType{} + if resp.UserPool.LambdaConfig.CustomEmailSender.LambdaArn != nil { + f16f1.LambdaARN = resp.UserPool.LambdaConfig.CustomEmailSender.LambdaArn + } + if resp.UserPool.LambdaConfig.CustomEmailSender.LambdaVersion != nil { + f16f1.LambdaVersion = resp.UserPool.LambdaConfig.CustomEmailSender.LambdaVersion + } + f16.CustomEmailSender = f16f1 + } + if resp.UserPool.LambdaConfig.CustomMessage != nil { + f16.CustomMessage = resp.UserPool.LambdaConfig.CustomMessage + } + if resp.UserPool.LambdaConfig.CustomSMSSender != nil { + f16f3 := &svcapitypes.CustomSMSLambdaVersionConfigType{} + if resp.UserPool.LambdaConfig.CustomSMSSender.LambdaArn != nil { + f16f3.LambdaARN = resp.UserPool.LambdaConfig.CustomSMSSender.LambdaArn + } + if resp.UserPool.LambdaConfig.CustomSMSSender.LambdaVersion != nil { + f16f3.LambdaVersion = resp.UserPool.LambdaConfig.CustomSMSSender.LambdaVersion + } + f16.CustomSMSSender = f16f3 + } + if resp.UserPool.LambdaConfig.DefineAuthChallenge != nil { + f16.DefineAuthChallenge = resp.UserPool.LambdaConfig.DefineAuthChallenge + } + if resp.UserPool.LambdaConfig.KMSKeyID != nil { + f16.KMSKeyID = resp.UserPool.LambdaConfig.KMSKeyID + } + if resp.UserPool.LambdaConfig.PostAuthentication != nil { + f16.PostAuthentication = resp.UserPool.LambdaConfig.PostAuthentication + } + if resp.UserPool.LambdaConfig.PostConfirmation != nil { + f16.PostConfirmation = resp.UserPool.LambdaConfig.PostConfirmation + } + if resp.UserPool.LambdaConfig.PreAuthentication != nil { + f16.PreAuthentication = resp.UserPool.LambdaConfig.PreAuthentication + } + if resp.UserPool.LambdaConfig.PreSignUp != nil { + f16.PreSignUp = resp.UserPool.LambdaConfig.PreSignUp + } + if resp.UserPool.LambdaConfig.PreTokenGeneration != nil { + f16.PreTokenGeneration = resp.UserPool.LambdaConfig.PreTokenGeneration + } + if resp.UserPool.LambdaConfig.PreTokenGenerationConfig != nil { + f16f11 := &svcapitypes.PreTokenGenerationVersionConfigType{} + if resp.UserPool.LambdaConfig.PreTokenGenerationConfig.LambdaArn != nil { + f16f11.LambdaARN = resp.UserPool.LambdaConfig.PreTokenGenerationConfig.LambdaArn + } + if resp.UserPool.LambdaConfig.PreTokenGenerationConfig.LambdaVersion != nil { + f16f11.LambdaVersion = resp.UserPool.LambdaConfig.PreTokenGenerationConfig.LambdaVersion + } + f16.PreTokenGenerationConfig = f16f11 + } + if resp.UserPool.LambdaConfig.UserMigration != nil { + f16.UserMigration = resp.UserPool.LambdaConfig.UserMigration + } + if resp.UserPool.LambdaConfig.VerifyAuthChallengeResponse != nil { + f16.VerifyAuthChallengeResponse = resp.UserPool.LambdaConfig.VerifyAuthChallengeResponse + } + ko.Spec.LambdaConfig = f16 + } else { + ko.Spec.LambdaConfig = nil + } + if resp.UserPool.LastModifiedDate != nil { + ko.Status.LastModifiedDate = &metav1.Time{*resp.UserPool.LastModifiedDate} + } else { + ko.Status.LastModifiedDate = nil + } + if resp.UserPool.MfaConfiguration != nil { + ko.Spec.MFAConfiguration = resp.UserPool.MfaConfiguration + } else { + ko.Spec.MFAConfiguration = nil + } + if resp.UserPool.Name != nil { + ko.Spec.Name = resp.UserPool.Name + } else { + ko.Spec.Name = nil + } + if resp.UserPool.Policies != nil { + f20 := &svcapitypes.UserPoolPolicyType{} + if resp.UserPool.Policies.PasswordPolicy != nil { + f20f0 := &svcapitypes.PasswordPolicyType{} + if resp.UserPool.Policies.PasswordPolicy.MinimumLength != nil { + f20f0.MinimumLength = resp.UserPool.Policies.PasswordPolicy.MinimumLength + } + if resp.UserPool.Policies.PasswordPolicy.RequireLowercase != nil { + f20f0.RequireLowercase = resp.UserPool.Policies.PasswordPolicy.RequireLowercase + } + if resp.UserPool.Policies.PasswordPolicy.RequireNumbers != nil { + f20f0.RequireNumbers = resp.UserPool.Policies.PasswordPolicy.RequireNumbers + } + if resp.UserPool.Policies.PasswordPolicy.RequireSymbols != nil { + f20f0.RequireSymbols = resp.UserPool.Policies.PasswordPolicy.RequireSymbols + } + if resp.UserPool.Policies.PasswordPolicy.RequireUppercase != nil { + f20f0.RequireUppercase = resp.UserPool.Policies.PasswordPolicy.RequireUppercase + } + if resp.UserPool.Policies.PasswordPolicy.TemporaryPasswordValidityDays != nil { + f20f0.TemporaryPasswordValidityDays = resp.UserPool.Policies.PasswordPolicy.TemporaryPasswordValidityDays + } + f20.PasswordPolicy = f20f0 + } + ko.Spec.Policies = f20 + } else { + ko.Spec.Policies = nil + } + if resp.UserPool.SchemaAttributes != nil { + f21 := []*svcapitypes.SchemaAttributeType{} + for _, f21iter := range resp.UserPool.SchemaAttributes { + f21elem := &svcapitypes.SchemaAttributeType{} + if f21iter.AttributeDataType != nil { + f21elem.AttributeDataType = f21iter.AttributeDataType + } + if f21iter.DeveloperOnlyAttribute != nil { + f21elem.DeveloperOnlyAttribute = f21iter.DeveloperOnlyAttribute + } + if f21iter.Mutable != nil { + f21elem.Mutable = f21iter.Mutable + } + if f21iter.Name != nil { + f21elem.Name = f21iter.Name + } + if f21iter.NumberAttributeConstraints != nil { + f21elemf4 := &svcapitypes.NumberAttributeConstraintsType{} + if f21iter.NumberAttributeConstraints.MaxValue != nil { + f21elemf4.MaxValue = f21iter.NumberAttributeConstraints.MaxValue + } + if f21iter.NumberAttributeConstraints.MinValue != nil { + f21elemf4.MinValue = f21iter.NumberAttributeConstraints.MinValue + } + f21elem.NumberAttributeConstraints = f21elemf4 + } + if f21iter.Required != nil { + f21elem.Required = f21iter.Required + } + if f21iter.StringAttributeConstraints != nil { + f21elemf6 := &svcapitypes.StringAttributeConstraintsType{} + if f21iter.StringAttributeConstraints.MaxLength != nil { + f21elemf6.MaxLength = f21iter.StringAttributeConstraints.MaxLength + } + if f21iter.StringAttributeConstraints.MinLength != nil { + f21elemf6.MinLength = f21iter.StringAttributeConstraints.MinLength + } + f21elem.StringAttributeConstraints = f21elemf6 + } + f21 = append(f21, f21elem) + } + ko.Status.SchemaAttributes = f21 + } else { + ko.Status.SchemaAttributes = nil + } + if resp.UserPool.SmsAuthenticationMessage != nil { + ko.Spec.SmsAuthenticationMessage = resp.UserPool.SmsAuthenticationMessage + } else { + ko.Spec.SmsAuthenticationMessage = nil + } + if resp.UserPool.SmsConfiguration != nil { + f23 := &svcapitypes.SmsConfigurationType{} + if resp.UserPool.SmsConfiguration.ExternalId != nil { + f23.ExternalID = resp.UserPool.SmsConfiguration.ExternalId + } + if resp.UserPool.SmsConfiguration.SnsCallerArn != nil { + f23.SNSCallerARN = resp.UserPool.SmsConfiguration.SnsCallerArn + } + if resp.UserPool.SmsConfiguration.SnsRegion != nil { + f23.SNSRegion = resp.UserPool.SmsConfiguration.SnsRegion + } + ko.Spec.SmsConfiguration = f23 + } else { + ko.Spec.SmsConfiguration = nil + } + if resp.UserPool.SmsConfigurationFailure != nil { + ko.Status.SmsConfigurationFailure = resp.UserPool.SmsConfigurationFailure + } else { + ko.Status.SmsConfigurationFailure = nil + } + if resp.UserPool.SmsVerificationMessage != nil { + ko.Spec.SmsVerificationMessage = resp.UserPool.SmsVerificationMessage + } else { + ko.Spec.SmsVerificationMessage = nil + } + if resp.UserPool.Status != nil { + ko.Status.Status = resp.UserPool.Status + } else { + ko.Status.Status = nil + } + if resp.UserPool.UserAttributeUpdateSettings != nil { + f27 := &svcapitypes.UserAttributeUpdateSettingsType{} + if resp.UserPool.UserAttributeUpdateSettings.AttributesRequireVerificationBeforeUpdate != nil { + f27f0 := []*string{} + for _, f27f0iter := range resp.UserPool.UserAttributeUpdateSettings.AttributesRequireVerificationBeforeUpdate { + var f27f0elem string + f27f0elem = *f27f0iter + f27f0 = append(f27f0, &f27f0elem) + } + f27.AttributesRequireVerificationBeforeUpdate = f27f0 + } + ko.Spec.UserAttributeUpdateSettings = f27 + } else { + ko.Spec.UserAttributeUpdateSettings = nil + } + if resp.UserPool.UserPoolAddOns != nil { + f28 := &svcapitypes.UserPoolAddOnsType{} + if resp.UserPool.UserPoolAddOns.AdvancedSecurityMode != nil { + f28.AdvancedSecurityMode = resp.UserPool.UserPoolAddOns.AdvancedSecurityMode + } + ko.Spec.UserPoolAddOns = f28 + } else { + ko.Spec.UserPoolAddOns = nil + } + if resp.UserPool.UserPoolTags != nil { + f29 := map[string]*string{} + for f29key, f29valiter := range resp.UserPool.UserPoolTags { + var f29val string + f29val = *f29valiter + f29[f29key] = &f29val + } + ko.Spec.UserPoolTags = f29 + } else { + ko.Spec.UserPoolTags = nil + } + if resp.UserPool.UsernameAttributes != nil { + f30 := []*string{} + for _, f30iter := range resp.UserPool.UsernameAttributes { + var f30elem string + f30elem = *f30iter + f30 = append(f30, &f30elem) + } + ko.Spec.UsernameAttributes = f30 + } else { + ko.Spec.UsernameAttributes = nil + } + if resp.UserPool.UsernameConfiguration != nil { + f31 := &svcapitypes.UsernameConfigurationType{} + if resp.UserPool.UsernameConfiguration.CaseSensitive != nil { + f31.CaseSensitive = resp.UserPool.UsernameConfiguration.CaseSensitive + } + ko.Spec.UsernameConfiguration = f31 + } else { + ko.Spec.UsernameConfiguration = nil + } + if resp.UserPool.VerificationMessageTemplate != nil { + f32 := &svcapitypes.VerificationMessageTemplateType{} + if resp.UserPool.VerificationMessageTemplate.DefaultEmailOption != nil { + f32.DefaultEmailOption = resp.UserPool.VerificationMessageTemplate.DefaultEmailOption + } + if resp.UserPool.VerificationMessageTemplate.EmailMessage != nil { + f32.EmailMessage = resp.UserPool.VerificationMessageTemplate.EmailMessage + } + if resp.UserPool.VerificationMessageTemplate.EmailMessageByLink != nil { + f32.EmailMessageByLink = resp.UserPool.VerificationMessageTemplate.EmailMessageByLink + } + if resp.UserPool.VerificationMessageTemplate.EmailSubject != nil { + f32.EmailSubject = resp.UserPool.VerificationMessageTemplate.EmailSubject + } + if resp.UserPool.VerificationMessageTemplate.EmailSubjectByLink != nil { + f32.EmailSubjectByLink = resp.UserPool.VerificationMessageTemplate.EmailSubjectByLink + } + if resp.UserPool.VerificationMessageTemplate.SmsMessage != nil { + f32.SmsMessage = resp.UserPool.VerificationMessageTemplate.SmsMessage + } + ko.Spec.VerificationMessageTemplate = f32 + } else { + ko.Spec.VerificationMessageTemplate = nil + } + + rm.setStatusDefaults(ko) + return &resource{ko}, nil +} + +// newCreateRequestPayload returns an SDK-specific struct for the HTTP request +// payload of the Create API call for the resource +func (rm *resourceManager) newCreateRequestPayload( + ctx context.Context, + r *resource, +) (*svcsdk.CreateUserPoolInput, error) { + res := &svcsdk.CreateUserPoolInput{} + + if r.ko.Spec.AccountRecoverySetting != nil { + f0 := &svcsdk.AccountRecoverySettingType{} + if r.ko.Spec.AccountRecoverySetting.RecoveryMechanisms != nil { + f0f0 := []*svcsdk.RecoveryOptionType{} + for _, f0f0iter := range r.ko.Spec.AccountRecoverySetting.RecoveryMechanisms { + f0f0elem := &svcsdk.RecoveryOptionType{} + if f0f0iter.Name != nil { + f0f0elem.SetName(*f0f0iter.Name) + } + if f0f0iter.Priority != nil { + f0f0elem.SetPriority(*f0f0iter.Priority) + } + f0f0 = append(f0f0, f0f0elem) + } + f0.SetRecoveryMechanisms(f0f0) + } + res.SetAccountRecoverySetting(f0) + } + if r.ko.Spec.AdminCreateUserConfig != nil { + f1 := &svcsdk.AdminCreateUserConfigType{} + if r.ko.Spec.AdminCreateUserConfig.AllowAdminCreateUserOnly != nil { + f1.SetAllowAdminCreateUserOnly(*r.ko.Spec.AdminCreateUserConfig.AllowAdminCreateUserOnly) + } + if r.ko.Spec.AdminCreateUserConfig.InviteMessageTemplate != nil { + f1f1 := &svcsdk.MessageTemplateType{} + if r.ko.Spec.AdminCreateUserConfig.InviteMessageTemplate.EmailMessage != nil { + f1f1.SetEmailMessage(*r.ko.Spec.AdminCreateUserConfig.InviteMessageTemplate.EmailMessage) + } + if r.ko.Spec.AdminCreateUserConfig.InviteMessageTemplate.EmailSubject != nil { + f1f1.SetEmailSubject(*r.ko.Spec.AdminCreateUserConfig.InviteMessageTemplate.EmailSubject) + } + if r.ko.Spec.AdminCreateUserConfig.InviteMessageTemplate.SMSMessage != nil { + f1f1.SetSMSMessage(*r.ko.Spec.AdminCreateUserConfig.InviteMessageTemplate.SMSMessage) + } + f1.SetInviteMessageTemplate(f1f1) + } + if r.ko.Spec.AdminCreateUserConfig.UnusedAccountValidityDays != nil { + f1.SetUnusedAccountValidityDays(*r.ko.Spec.AdminCreateUserConfig.UnusedAccountValidityDays) + } + res.SetAdminCreateUserConfig(f1) + } + if r.ko.Spec.AliasAttributes != nil { + f2 := []*string{} + for _, f2iter := range r.ko.Spec.AliasAttributes { + var f2elem string + f2elem = *f2iter + f2 = append(f2, &f2elem) + } + res.SetAliasAttributes(f2) + } + if r.ko.Spec.AutoVerifiedAttributes != nil { + f3 := []*string{} + for _, f3iter := range r.ko.Spec.AutoVerifiedAttributes { + var f3elem string + f3elem = *f3iter + f3 = append(f3, &f3elem) + } + res.SetAutoVerifiedAttributes(f3) + } + if r.ko.Spec.DeletionProtection != nil { + res.SetDeletionProtection(*r.ko.Spec.DeletionProtection) + } + if r.ko.Spec.DeviceConfiguration != nil { + f5 := &svcsdk.DeviceConfigurationType{} + if r.ko.Spec.DeviceConfiguration.ChallengeRequiredOnNewDevice != nil { + f5.SetChallengeRequiredOnNewDevice(*r.ko.Spec.DeviceConfiguration.ChallengeRequiredOnNewDevice) + } + if r.ko.Spec.DeviceConfiguration.DeviceOnlyRememberedOnUserPrompt != nil { + f5.SetDeviceOnlyRememberedOnUserPrompt(*r.ko.Spec.DeviceConfiguration.DeviceOnlyRememberedOnUserPrompt) + } + res.SetDeviceConfiguration(f5) + } + if r.ko.Spec.EmailConfiguration != nil { + f6 := &svcsdk.EmailConfigurationType{} + if r.ko.Spec.EmailConfiguration.ConfigurationSet != nil { + f6.SetConfigurationSet(*r.ko.Spec.EmailConfiguration.ConfigurationSet) + } + if r.ko.Spec.EmailConfiguration.EmailSendingAccount != nil { + f6.SetEmailSendingAccount(*r.ko.Spec.EmailConfiguration.EmailSendingAccount) + } + if r.ko.Spec.EmailConfiguration.From != nil { + f6.SetFrom(*r.ko.Spec.EmailConfiguration.From) + } + if r.ko.Spec.EmailConfiguration.ReplyToEmailAddress != nil { + f6.SetReplyToEmailAddress(*r.ko.Spec.EmailConfiguration.ReplyToEmailAddress) + } + if r.ko.Spec.EmailConfiguration.SourceARN != nil { + f6.SetSourceArn(*r.ko.Spec.EmailConfiguration.SourceARN) + } + res.SetEmailConfiguration(f6) + } + if r.ko.Spec.EmailVerificationMessage != nil { + res.SetEmailVerificationMessage(*r.ko.Spec.EmailVerificationMessage) + } + if r.ko.Spec.EmailVerificationSubject != nil { + res.SetEmailVerificationSubject(*r.ko.Spec.EmailVerificationSubject) + } + if r.ko.Spec.LambdaConfig != nil { + f9 := &svcsdk.LambdaConfigType{} + if r.ko.Spec.LambdaConfig.CreateAuthChallenge != nil { + f9.SetCreateAuthChallenge(*r.ko.Spec.LambdaConfig.CreateAuthChallenge) + } + if r.ko.Spec.LambdaConfig.CustomEmailSender != nil { + f9f1 := &svcsdk.CustomEmailLambdaVersionConfigType{} + if r.ko.Spec.LambdaConfig.CustomEmailSender.LambdaARN != nil { + f9f1.SetLambdaArn(*r.ko.Spec.LambdaConfig.CustomEmailSender.LambdaARN) + } + if r.ko.Spec.LambdaConfig.CustomEmailSender.LambdaVersion != nil { + f9f1.SetLambdaVersion(*r.ko.Spec.LambdaConfig.CustomEmailSender.LambdaVersion) + } + f9.SetCustomEmailSender(f9f1) + } + if r.ko.Spec.LambdaConfig.CustomMessage != nil { + f9.SetCustomMessage(*r.ko.Spec.LambdaConfig.CustomMessage) + } + if r.ko.Spec.LambdaConfig.CustomSMSSender != nil { + f9f3 := &svcsdk.CustomSMSLambdaVersionConfigType{} + if r.ko.Spec.LambdaConfig.CustomSMSSender.LambdaARN != nil { + f9f3.SetLambdaArn(*r.ko.Spec.LambdaConfig.CustomSMSSender.LambdaARN) + } + if r.ko.Spec.LambdaConfig.CustomSMSSender.LambdaVersion != nil { + f9f3.SetLambdaVersion(*r.ko.Spec.LambdaConfig.CustomSMSSender.LambdaVersion) + } + f9.SetCustomSMSSender(f9f3) + } + if r.ko.Spec.LambdaConfig.DefineAuthChallenge != nil { + f9.SetDefineAuthChallenge(*r.ko.Spec.LambdaConfig.DefineAuthChallenge) + } + if r.ko.Spec.LambdaConfig.KMSKeyID != nil { + f9.SetKMSKeyID(*r.ko.Spec.LambdaConfig.KMSKeyID) + } + if r.ko.Spec.LambdaConfig.PostAuthentication != nil { + f9.SetPostAuthentication(*r.ko.Spec.LambdaConfig.PostAuthentication) + } + if r.ko.Spec.LambdaConfig.PostConfirmation != nil { + f9.SetPostConfirmation(*r.ko.Spec.LambdaConfig.PostConfirmation) + } + if r.ko.Spec.LambdaConfig.PreAuthentication != nil { + f9.SetPreAuthentication(*r.ko.Spec.LambdaConfig.PreAuthentication) + } + if r.ko.Spec.LambdaConfig.PreSignUp != nil { + f9.SetPreSignUp(*r.ko.Spec.LambdaConfig.PreSignUp) + } + if r.ko.Spec.LambdaConfig.PreTokenGeneration != nil { + f9.SetPreTokenGeneration(*r.ko.Spec.LambdaConfig.PreTokenGeneration) + } + if r.ko.Spec.LambdaConfig.PreTokenGenerationConfig != nil { + f9f11 := &svcsdk.PreTokenGenerationVersionConfigType{} + if r.ko.Spec.LambdaConfig.PreTokenGenerationConfig.LambdaARN != nil { + f9f11.SetLambdaArn(*r.ko.Spec.LambdaConfig.PreTokenGenerationConfig.LambdaARN) + } + if r.ko.Spec.LambdaConfig.PreTokenGenerationConfig.LambdaVersion != nil { + f9f11.SetLambdaVersion(*r.ko.Spec.LambdaConfig.PreTokenGenerationConfig.LambdaVersion) + } + f9.SetPreTokenGenerationConfig(f9f11) + } + if r.ko.Spec.LambdaConfig.UserMigration != nil { + f9.SetUserMigration(*r.ko.Spec.LambdaConfig.UserMigration) + } + if r.ko.Spec.LambdaConfig.VerifyAuthChallengeResponse != nil { + f9.SetVerifyAuthChallengeResponse(*r.ko.Spec.LambdaConfig.VerifyAuthChallengeResponse) + } + res.SetLambdaConfig(f9) + } + if r.ko.Spec.MFAConfiguration != nil { + res.SetMfaConfiguration(*r.ko.Spec.MFAConfiguration) + } + if r.ko.Spec.Policies != nil { + f11 := &svcsdk.UserPoolPolicyType{} + if r.ko.Spec.Policies.PasswordPolicy != nil { + f11f0 := &svcsdk.PasswordPolicyType{} + if r.ko.Spec.Policies.PasswordPolicy.MinimumLength != nil { + f11f0.SetMinimumLength(*r.ko.Spec.Policies.PasswordPolicy.MinimumLength) + } + if r.ko.Spec.Policies.PasswordPolicy.RequireLowercase != nil { + f11f0.SetRequireLowercase(*r.ko.Spec.Policies.PasswordPolicy.RequireLowercase) + } + if r.ko.Spec.Policies.PasswordPolicy.RequireNumbers != nil { + f11f0.SetRequireNumbers(*r.ko.Spec.Policies.PasswordPolicy.RequireNumbers) + } + if r.ko.Spec.Policies.PasswordPolicy.RequireSymbols != nil { + f11f0.SetRequireSymbols(*r.ko.Spec.Policies.PasswordPolicy.RequireSymbols) + } + if r.ko.Spec.Policies.PasswordPolicy.RequireUppercase != nil { + f11f0.SetRequireUppercase(*r.ko.Spec.Policies.PasswordPolicy.RequireUppercase) + } + if r.ko.Spec.Policies.PasswordPolicy.TemporaryPasswordValidityDays != nil { + f11f0.SetTemporaryPasswordValidityDays(*r.ko.Spec.Policies.PasswordPolicy.TemporaryPasswordValidityDays) + } + f11.SetPasswordPolicy(f11f0) + } + res.SetPolicies(f11) + } + if r.ko.Spec.Name != nil { + res.SetPoolName(*r.ko.Spec.Name) + } + if r.ko.Spec.Schema != nil { + f13 := []*svcsdk.SchemaAttributeType{} + for _, f13iter := range r.ko.Spec.Schema { + f13elem := &svcsdk.SchemaAttributeType{} + if f13iter.AttributeDataType != nil { + f13elem.SetAttributeDataType(*f13iter.AttributeDataType) + } + if f13iter.DeveloperOnlyAttribute != nil { + f13elem.SetDeveloperOnlyAttribute(*f13iter.DeveloperOnlyAttribute) + } + if f13iter.Mutable != nil { + f13elem.SetMutable(*f13iter.Mutable) + } + if f13iter.Name != nil { + f13elem.SetName(*f13iter.Name) + } + if f13iter.NumberAttributeConstraints != nil { + f13elemf4 := &svcsdk.NumberAttributeConstraintsType{} + if f13iter.NumberAttributeConstraints.MaxValue != nil { + f13elemf4.SetMaxValue(*f13iter.NumberAttributeConstraints.MaxValue) + } + if f13iter.NumberAttributeConstraints.MinValue != nil { + f13elemf4.SetMinValue(*f13iter.NumberAttributeConstraints.MinValue) + } + f13elem.SetNumberAttributeConstraints(f13elemf4) + } + if f13iter.Required != nil { + f13elem.SetRequired(*f13iter.Required) + } + if f13iter.StringAttributeConstraints != nil { + f13elemf6 := &svcsdk.StringAttributeConstraintsType{} + if f13iter.StringAttributeConstraints.MaxLength != nil { + f13elemf6.SetMaxLength(*f13iter.StringAttributeConstraints.MaxLength) + } + if f13iter.StringAttributeConstraints.MinLength != nil { + f13elemf6.SetMinLength(*f13iter.StringAttributeConstraints.MinLength) + } + f13elem.SetStringAttributeConstraints(f13elemf6) + } + f13 = append(f13, f13elem) + } + res.SetSchema(f13) + } + if r.ko.Spec.SmsAuthenticationMessage != nil { + res.SetSmsAuthenticationMessage(*r.ko.Spec.SmsAuthenticationMessage) + } + if r.ko.Spec.SmsConfiguration != nil { + f15 := &svcsdk.SmsConfigurationType{} + if r.ko.Spec.SmsConfiguration.ExternalID != nil { + f15.SetExternalId(*r.ko.Spec.SmsConfiguration.ExternalID) + } + if r.ko.Spec.SmsConfiguration.SNSCallerARN != nil { + f15.SetSnsCallerArn(*r.ko.Spec.SmsConfiguration.SNSCallerARN) + } + if r.ko.Spec.SmsConfiguration.SNSRegion != nil { + f15.SetSnsRegion(*r.ko.Spec.SmsConfiguration.SNSRegion) + } + res.SetSmsConfiguration(f15) + } + if r.ko.Spec.SmsVerificationMessage != nil { + res.SetSmsVerificationMessage(*r.ko.Spec.SmsVerificationMessage) + } + if r.ko.Spec.UserAttributeUpdateSettings != nil { + f17 := &svcsdk.UserAttributeUpdateSettingsType{} + if r.ko.Spec.UserAttributeUpdateSettings.AttributesRequireVerificationBeforeUpdate != nil { + f17f0 := []*string{} + for _, f17f0iter := range r.ko.Spec.UserAttributeUpdateSettings.AttributesRequireVerificationBeforeUpdate { + var f17f0elem string + f17f0elem = *f17f0iter + f17f0 = append(f17f0, &f17f0elem) + } + f17.SetAttributesRequireVerificationBeforeUpdate(f17f0) + } + res.SetUserAttributeUpdateSettings(f17) + } + if r.ko.Spec.UserPoolAddOns != nil { + f18 := &svcsdk.UserPoolAddOnsType{} + if r.ko.Spec.UserPoolAddOns.AdvancedSecurityMode != nil { + f18.SetAdvancedSecurityMode(*r.ko.Spec.UserPoolAddOns.AdvancedSecurityMode) + } + res.SetUserPoolAddOns(f18) + } + if r.ko.Spec.UserPoolTags != nil { + f19 := map[string]*string{} + for f19key, f19valiter := range r.ko.Spec.UserPoolTags { + var f19val string + f19val = *f19valiter + f19[f19key] = &f19val + } + res.SetUserPoolTags(f19) + } + if r.ko.Spec.UsernameAttributes != nil { + f20 := []*string{} + for _, f20iter := range r.ko.Spec.UsernameAttributes { + var f20elem string + f20elem = *f20iter + f20 = append(f20, &f20elem) + } + res.SetUsernameAttributes(f20) + } + if r.ko.Spec.UsernameConfiguration != nil { + f21 := &svcsdk.UsernameConfigurationType{} + if r.ko.Spec.UsernameConfiguration.CaseSensitive != nil { + f21.SetCaseSensitive(*r.ko.Spec.UsernameConfiguration.CaseSensitive) + } + res.SetUsernameConfiguration(f21) + } + if r.ko.Spec.VerificationMessageTemplate != nil { + f22 := &svcsdk.VerificationMessageTemplateType{} + if r.ko.Spec.VerificationMessageTemplate.DefaultEmailOption != nil { + f22.SetDefaultEmailOption(*r.ko.Spec.VerificationMessageTemplate.DefaultEmailOption) + } + if r.ko.Spec.VerificationMessageTemplate.EmailMessage != nil { + f22.SetEmailMessage(*r.ko.Spec.VerificationMessageTemplate.EmailMessage) + } + if r.ko.Spec.VerificationMessageTemplate.EmailMessageByLink != nil { + f22.SetEmailMessageByLink(*r.ko.Spec.VerificationMessageTemplate.EmailMessageByLink) + } + if r.ko.Spec.VerificationMessageTemplate.EmailSubject != nil { + f22.SetEmailSubject(*r.ko.Spec.VerificationMessageTemplate.EmailSubject) + } + if r.ko.Spec.VerificationMessageTemplate.EmailSubjectByLink != nil { + f22.SetEmailSubjectByLink(*r.ko.Spec.VerificationMessageTemplate.EmailSubjectByLink) + } + if r.ko.Spec.VerificationMessageTemplate.SmsMessage != nil { + f22.SetSmsMessage(*r.ko.Spec.VerificationMessageTemplate.SmsMessage) + } + res.SetVerificationMessageTemplate(f22) + } + + return res, nil +} + +// sdkUpdate patches the supplied resource in the backend AWS service API and +// returns a new resource with updated fields. +func (rm *resourceManager) sdkUpdate( + ctx context.Context, + desired *resource, + latest *resource, + delta *ackcompare.Delta, +) (updated *resource, err error) { + rlog := ackrtlog.FromContext(ctx) + exit := rlog.Trace("rm.sdkUpdate") + defer func() { + exit(err) + }() + input, err := rm.newUpdateRequestPayload(ctx, desired, delta) + if err != nil { + return nil, err + } + + var resp *svcsdk.UpdateUserPoolOutput + _ = resp + resp, err = rm.sdkapi.UpdateUserPoolWithContext(ctx, input) + rm.metrics.RecordAPICall("UPDATE", "UpdateUserPool", err) + if err != nil { + return nil, err + } + // Merge in the information we read from the API call above to the copy of + // the original Kubernetes object we passed to the function + ko := desired.ko.DeepCopy() + + rm.setStatusDefaults(ko) + return &resource{ko}, nil +} + +// newUpdateRequestPayload returns an SDK-specific struct for the HTTP request +// payload of the Update API call for the resource +func (rm *resourceManager) newUpdateRequestPayload( + ctx context.Context, + r *resource, + delta *ackcompare.Delta, +) (*svcsdk.UpdateUserPoolInput, error) { + res := &svcsdk.UpdateUserPoolInput{} + + if r.ko.Spec.AccountRecoverySetting != nil { + f0 := &svcsdk.AccountRecoverySettingType{} + if r.ko.Spec.AccountRecoverySetting.RecoveryMechanisms != nil { + f0f0 := []*svcsdk.RecoveryOptionType{} + for _, f0f0iter := range r.ko.Spec.AccountRecoverySetting.RecoveryMechanisms { + f0f0elem := &svcsdk.RecoveryOptionType{} + if f0f0iter.Name != nil { + f0f0elem.SetName(*f0f0iter.Name) + } + if f0f0iter.Priority != nil { + f0f0elem.SetPriority(*f0f0iter.Priority) + } + f0f0 = append(f0f0, f0f0elem) + } + f0.SetRecoveryMechanisms(f0f0) + } + res.SetAccountRecoverySetting(f0) + } + if r.ko.Spec.AdminCreateUserConfig != nil { + f1 := &svcsdk.AdminCreateUserConfigType{} + if r.ko.Spec.AdminCreateUserConfig.AllowAdminCreateUserOnly != nil { + f1.SetAllowAdminCreateUserOnly(*r.ko.Spec.AdminCreateUserConfig.AllowAdminCreateUserOnly) + } + if r.ko.Spec.AdminCreateUserConfig.InviteMessageTemplate != nil { + f1f1 := &svcsdk.MessageTemplateType{} + if r.ko.Spec.AdminCreateUserConfig.InviteMessageTemplate.EmailMessage != nil { + f1f1.SetEmailMessage(*r.ko.Spec.AdminCreateUserConfig.InviteMessageTemplate.EmailMessage) + } + if r.ko.Spec.AdminCreateUserConfig.InviteMessageTemplate.EmailSubject != nil { + f1f1.SetEmailSubject(*r.ko.Spec.AdminCreateUserConfig.InviteMessageTemplate.EmailSubject) + } + if r.ko.Spec.AdminCreateUserConfig.InviteMessageTemplate.SMSMessage != nil { + f1f1.SetSMSMessage(*r.ko.Spec.AdminCreateUserConfig.InviteMessageTemplate.SMSMessage) + } + f1.SetInviteMessageTemplate(f1f1) + } + if r.ko.Spec.AdminCreateUserConfig.UnusedAccountValidityDays != nil { + f1.SetUnusedAccountValidityDays(*r.ko.Spec.AdminCreateUserConfig.UnusedAccountValidityDays) + } + res.SetAdminCreateUserConfig(f1) + } + if r.ko.Spec.AutoVerifiedAttributes != nil { + f2 := []*string{} + for _, f2iter := range r.ko.Spec.AutoVerifiedAttributes { + var f2elem string + f2elem = *f2iter + f2 = append(f2, &f2elem) + } + res.SetAutoVerifiedAttributes(f2) + } + if r.ko.Spec.DeletionProtection != nil { + res.SetDeletionProtection(*r.ko.Spec.DeletionProtection) + } + if r.ko.Spec.DeviceConfiguration != nil { + f4 := &svcsdk.DeviceConfigurationType{} + if r.ko.Spec.DeviceConfiguration.ChallengeRequiredOnNewDevice != nil { + f4.SetChallengeRequiredOnNewDevice(*r.ko.Spec.DeviceConfiguration.ChallengeRequiredOnNewDevice) + } + if r.ko.Spec.DeviceConfiguration.DeviceOnlyRememberedOnUserPrompt != nil { + f4.SetDeviceOnlyRememberedOnUserPrompt(*r.ko.Spec.DeviceConfiguration.DeviceOnlyRememberedOnUserPrompt) + } + res.SetDeviceConfiguration(f4) + } + if r.ko.Spec.EmailConfiguration != nil { + f5 := &svcsdk.EmailConfigurationType{} + if r.ko.Spec.EmailConfiguration.ConfigurationSet != nil { + f5.SetConfigurationSet(*r.ko.Spec.EmailConfiguration.ConfigurationSet) + } + if r.ko.Spec.EmailConfiguration.EmailSendingAccount != nil { + f5.SetEmailSendingAccount(*r.ko.Spec.EmailConfiguration.EmailSendingAccount) + } + if r.ko.Spec.EmailConfiguration.From != nil { + f5.SetFrom(*r.ko.Spec.EmailConfiguration.From) + } + if r.ko.Spec.EmailConfiguration.ReplyToEmailAddress != nil { + f5.SetReplyToEmailAddress(*r.ko.Spec.EmailConfiguration.ReplyToEmailAddress) + } + if r.ko.Spec.EmailConfiguration.SourceARN != nil { + f5.SetSourceArn(*r.ko.Spec.EmailConfiguration.SourceARN) + } + res.SetEmailConfiguration(f5) + } + if r.ko.Spec.EmailVerificationMessage != nil { + res.SetEmailVerificationMessage(*r.ko.Spec.EmailVerificationMessage) + } + if r.ko.Spec.EmailVerificationSubject != nil { + res.SetEmailVerificationSubject(*r.ko.Spec.EmailVerificationSubject) + } + if r.ko.Spec.LambdaConfig != nil { + f8 := &svcsdk.LambdaConfigType{} + if r.ko.Spec.LambdaConfig.CreateAuthChallenge != nil { + f8.SetCreateAuthChallenge(*r.ko.Spec.LambdaConfig.CreateAuthChallenge) + } + if r.ko.Spec.LambdaConfig.CustomEmailSender != nil { + f8f1 := &svcsdk.CustomEmailLambdaVersionConfigType{} + if r.ko.Spec.LambdaConfig.CustomEmailSender.LambdaARN != nil { + f8f1.SetLambdaArn(*r.ko.Spec.LambdaConfig.CustomEmailSender.LambdaARN) + } + if r.ko.Spec.LambdaConfig.CustomEmailSender.LambdaVersion != nil { + f8f1.SetLambdaVersion(*r.ko.Spec.LambdaConfig.CustomEmailSender.LambdaVersion) + } + f8.SetCustomEmailSender(f8f1) + } + if r.ko.Spec.LambdaConfig.CustomMessage != nil { + f8.SetCustomMessage(*r.ko.Spec.LambdaConfig.CustomMessage) + } + if r.ko.Spec.LambdaConfig.CustomSMSSender != nil { + f8f3 := &svcsdk.CustomSMSLambdaVersionConfigType{} + if r.ko.Spec.LambdaConfig.CustomSMSSender.LambdaARN != nil { + f8f3.SetLambdaArn(*r.ko.Spec.LambdaConfig.CustomSMSSender.LambdaARN) + } + if r.ko.Spec.LambdaConfig.CustomSMSSender.LambdaVersion != nil { + f8f3.SetLambdaVersion(*r.ko.Spec.LambdaConfig.CustomSMSSender.LambdaVersion) + } + f8.SetCustomSMSSender(f8f3) + } + if r.ko.Spec.LambdaConfig.DefineAuthChallenge != nil { + f8.SetDefineAuthChallenge(*r.ko.Spec.LambdaConfig.DefineAuthChallenge) + } + if r.ko.Spec.LambdaConfig.KMSKeyID != nil { + f8.SetKMSKeyID(*r.ko.Spec.LambdaConfig.KMSKeyID) + } + if r.ko.Spec.LambdaConfig.PostAuthentication != nil { + f8.SetPostAuthentication(*r.ko.Spec.LambdaConfig.PostAuthentication) + } + if r.ko.Spec.LambdaConfig.PostConfirmation != nil { + f8.SetPostConfirmation(*r.ko.Spec.LambdaConfig.PostConfirmation) + } + if r.ko.Spec.LambdaConfig.PreAuthentication != nil { + f8.SetPreAuthentication(*r.ko.Spec.LambdaConfig.PreAuthentication) + } + if r.ko.Spec.LambdaConfig.PreSignUp != nil { + f8.SetPreSignUp(*r.ko.Spec.LambdaConfig.PreSignUp) + } + if r.ko.Spec.LambdaConfig.PreTokenGeneration != nil { + f8.SetPreTokenGeneration(*r.ko.Spec.LambdaConfig.PreTokenGeneration) + } + if r.ko.Spec.LambdaConfig.PreTokenGenerationConfig != nil { + f8f11 := &svcsdk.PreTokenGenerationVersionConfigType{} + if r.ko.Spec.LambdaConfig.PreTokenGenerationConfig.LambdaARN != nil { + f8f11.SetLambdaArn(*r.ko.Spec.LambdaConfig.PreTokenGenerationConfig.LambdaARN) + } + if r.ko.Spec.LambdaConfig.PreTokenGenerationConfig.LambdaVersion != nil { + f8f11.SetLambdaVersion(*r.ko.Spec.LambdaConfig.PreTokenGenerationConfig.LambdaVersion) + } + f8.SetPreTokenGenerationConfig(f8f11) + } + if r.ko.Spec.LambdaConfig.UserMigration != nil { + f8.SetUserMigration(*r.ko.Spec.LambdaConfig.UserMigration) + } + if r.ko.Spec.LambdaConfig.VerifyAuthChallengeResponse != nil { + f8.SetVerifyAuthChallengeResponse(*r.ko.Spec.LambdaConfig.VerifyAuthChallengeResponse) + } + res.SetLambdaConfig(f8) + } + if r.ko.Spec.MFAConfiguration != nil { + res.SetMfaConfiguration(*r.ko.Spec.MFAConfiguration) + } + if r.ko.Spec.Policies != nil { + f10 := &svcsdk.UserPoolPolicyType{} + if r.ko.Spec.Policies.PasswordPolicy != nil { + f10f0 := &svcsdk.PasswordPolicyType{} + if r.ko.Spec.Policies.PasswordPolicy.MinimumLength != nil { + f10f0.SetMinimumLength(*r.ko.Spec.Policies.PasswordPolicy.MinimumLength) + } + if r.ko.Spec.Policies.PasswordPolicy.RequireLowercase != nil { + f10f0.SetRequireLowercase(*r.ko.Spec.Policies.PasswordPolicy.RequireLowercase) + } + if r.ko.Spec.Policies.PasswordPolicy.RequireNumbers != nil { + f10f0.SetRequireNumbers(*r.ko.Spec.Policies.PasswordPolicy.RequireNumbers) + } + if r.ko.Spec.Policies.PasswordPolicy.RequireSymbols != nil { + f10f0.SetRequireSymbols(*r.ko.Spec.Policies.PasswordPolicy.RequireSymbols) + } + if r.ko.Spec.Policies.PasswordPolicy.RequireUppercase != nil { + f10f0.SetRequireUppercase(*r.ko.Spec.Policies.PasswordPolicy.RequireUppercase) + } + if r.ko.Spec.Policies.PasswordPolicy.TemporaryPasswordValidityDays != nil { + f10f0.SetTemporaryPasswordValidityDays(*r.ko.Spec.Policies.PasswordPolicy.TemporaryPasswordValidityDays) + } + f10.SetPasswordPolicy(f10f0) + } + res.SetPolicies(f10) + } + if r.ko.Spec.SmsAuthenticationMessage != nil { + res.SetSmsAuthenticationMessage(*r.ko.Spec.SmsAuthenticationMessage) + } + if r.ko.Spec.SmsConfiguration != nil { + f12 := &svcsdk.SmsConfigurationType{} + if r.ko.Spec.SmsConfiguration.ExternalID != nil { + f12.SetExternalId(*r.ko.Spec.SmsConfiguration.ExternalID) + } + if r.ko.Spec.SmsConfiguration.SNSCallerARN != nil { + f12.SetSnsCallerArn(*r.ko.Spec.SmsConfiguration.SNSCallerARN) + } + if r.ko.Spec.SmsConfiguration.SNSRegion != nil { + f12.SetSnsRegion(*r.ko.Spec.SmsConfiguration.SNSRegion) + } + res.SetSmsConfiguration(f12) + } + if r.ko.Spec.SmsVerificationMessage != nil { + res.SetSmsVerificationMessage(*r.ko.Spec.SmsVerificationMessage) + } + if r.ko.Spec.UserAttributeUpdateSettings != nil { + f14 := &svcsdk.UserAttributeUpdateSettingsType{} + if r.ko.Spec.UserAttributeUpdateSettings.AttributesRequireVerificationBeforeUpdate != nil { + f14f0 := []*string{} + for _, f14f0iter := range r.ko.Spec.UserAttributeUpdateSettings.AttributesRequireVerificationBeforeUpdate { + var f14f0elem string + f14f0elem = *f14f0iter + f14f0 = append(f14f0, &f14f0elem) + } + f14.SetAttributesRequireVerificationBeforeUpdate(f14f0) + } + res.SetUserAttributeUpdateSettings(f14) + } + if r.ko.Spec.UserPoolAddOns != nil { + f15 := &svcsdk.UserPoolAddOnsType{} + if r.ko.Spec.UserPoolAddOns.AdvancedSecurityMode != nil { + f15.SetAdvancedSecurityMode(*r.ko.Spec.UserPoolAddOns.AdvancedSecurityMode) + } + res.SetUserPoolAddOns(f15) + } + if r.ko.Status.ID != nil { + res.SetUserPoolId(*r.ko.Status.ID) + } + if r.ko.Spec.UserPoolTags != nil { + f17 := map[string]*string{} + for f17key, f17valiter := range r.ko.Spec.UserPoolTags { + var f17val string + f17val = *f17valiter + f17[f17key] = &f17val + } + res.SetUserPoolTags(f17) + } + if r.ko.Spec.VerificationMessageTemplate != nil { + f18 := &svcsdk.VerificationMessageTemplateType{} + if r.ko.Spec.VerificationMessageTemplate.DefaultEmailOption != nil { + f18.SetDefaultEmailOption(*r.ko.Spec.VerificationMessageTemplate.DefaultEmailOption) + } + if r.ko.Spec.VerificationMessageTemplate.EmailMessage != nil { + f18.SetEmailMessage(*r.ko.Spec.VerificationMessageTemplate.EmailMessage) + } + if r.ko.Spec.VerificationMessageTemplate.EmailMessageByLink != nil { + f18.SetEmailMessageByLink(*r.ko.Spec.VerificationMessageTemplate.EmailMessageByLink) + } + if r.ko.Spec.VerificationMessageTemplate.EmailSubject != nil { + f18.SetEmailSubject(*r.ko.Spec.VerificationMessageTemplate.EmailSubject) + } + if r.ko.Spec.VerificationMessageTemplate.EmailSubjectByLink != nil { + f18.SetEmailSubjectByLink(*r.ko.Spec.VerificationMessageTemplate.EmailSubjectByLink) + } + if r.ko.Spec.VerificationMessageTemplate.SmsMessage != nil { + f18.SetSmsMessage(*r.ko.Spec.VerificationMessageTemplate.SmsMessage) + } + res.SetVerificationMessageTemplate(f18) + } + + return res, nil +} + +// sdkDelete deletes the supplied resource in the backend AWS service API +func (rm *resourceManager) sdkDelete( + ctx context.Context, + r *resource, +) (latest *resource, err error) { + rlog := ackrtlog.FromContext(ctx) + exit := rlog.Trace("rm.sdkDelete") + defer func() { + exit(err) + }() + input, err := rm.newDeleteRequestPayload(r) + if err != nil { + return nil, err + } + var resp *svcsdk.DeleteUserPoolOutput + _ = resp + resp, err = rm.sdkapi.DeleteUserPoolWithContext(ctx, input) + rm.metrics.RecordAPICall("DELETE", "DeleteUserPool", err) + return nil, err +} + +// newDeleteRequestPayload returns an SDK-specific struct for the HTTP request +// payload of the Delete API call for the resource +func (rm *resourceManager) newDeleteRequestPayload( + r *resource, +) (*svcsdk.DeleteUserPoolInput, error) { + res := &svcsdk.DeleteUserPoolInput{} + + if r.ko.Status.ID != nil { + res.SetUserPoolId(*r.ko.Status.ID) + } + + return res, nil +} + +// setStatusDefaults sets default properties into supplied custom resource +func (rm *resourceManager) setStatusDefaults( + ko *svcapitypes.UserPool, +) { + if ko.Status.ACKResourceMetadata == nil { + ko.Status.ACKResourceMetadata = &ackv1alpha1.ResourceMetadata{} + } + if ko.Status.ACKResourceMetadata.Region == nil { + ko.Status.ACKResourceMetadata.Region = &rm.awsRegion + } + if ko.Status.ACKResourceMetadata.OwnerAccountID == nil { + ko.Status.ACKResourceMetadata.OwnerAccountID = &rm.awsAccountID + } + if ko.Status.Conditions == nil { + ko.Status.Conditions = []*ackv1alpha1.Condition{} + } +} + +// updateConditions returns updated resource, true; if conditions were updated +// else it returns nil, false +func (rm *resourceManager) updateConditions( + r *resource, + onSuccess bool, + err error, +) (*resource, bool) { + ko := r.ko.DeepCopy() + rm.setStatusDefaults(ko) + + // Terminal condition + var terminalCondition *ackv1alpha1.Condition = nil + var recoverableCondition *ackv1alpha1.Condition = nil + var syncCondition *ackv1alpha1.Condition = nil + for _, condition := range ko.Status.Conditions { + if condition.Type == ackv1alpha1.ConditionTypeTerminal { + terminalCondition = condition + } + if condition.Type == ackv1alpha1.ConditionTypeRecoverable { + recoverableCondition = condition + } + if condition.Type == ackv1alpha1.ConditionTypeResourceSynced { + syncCondition = condition + } + } + var termError *ackerr.TerminalError + if rm.terminalAWSError(err) || err == ackerr.SecretTypeNotSupported || err == ackerr.SecretNotFound || errors.As(err, &termError) { + if terminalCondition == nil { + terminalCondition = &ackv1alpha1.Condition{ + Type: ackv1alpha1.ConditionTypeTerminal, + } + ko.Status.Conditions = append(ko.Status.Conditions, terminalCondition) + } + var errorMessage = "" + if err == ackerr.SecretTypeNotSupported || err == ackerr.SecretNotFound || errors.As(err, &termError) { + errorMessage = err.Error() + } else { + awsErr, _ := ackerr.AWSError(err) + errorMessage = awsErr.Error() + } + terminalCondition.Status = corev1.ConditionTrue + terminalCondition.Message = &errorMessage + } else { + // Clear the terminal condition if no longer present + if terminalCondition != nil { + terminalCondition.Status = corev1.ConditionFalse + terminalCondition.Message = nil + } + // Handling Recoverable Conditions + if err != nil { + if recoverableCondition == nil { + // Add a new Condition containing a non-terminal error + recoverableCondition = &ackv1alpha1.Condition{ + Type: ackv1alpha1.ConditionTypeRecoverable, + } + ko.Status.Conditions = append(ko.Status.Conditions, recoverableCondition) + } + recoverableCondition.Status = corev1.ConditionTrue + awsErr, _ := ackerr.AWSError(err) + errorMessage := err.Error() + if awsErr != nil { + errorMessage = awsErr.Error() + } + recoverableCondition.Message = &errorMessage + } else if recoverableCondition != nil { + recoverableCondition.Status = corev1.ConditionFalse + recoverableCondition.Message = nil + } + } + // Required to avoid the "declared but not used" error in the default case + _ = syncCondition + if terminalCondition != nil || recoverableCondition != nil || syncCondition != nil { + return &resource{ko}, true // updated + } + return nil, false // not updated +} + +// terminalAWSError returns awserr, true; if the supplied error is an aws Error type +// and if the exception indicates that it is a Terminal exception +// 'Terminal' exception are specified in generator configuration +func (rm *resourceManager) terminalAWSError(err error) bool { + // No terminal_errors specified for this resource in generator config + return false +} diff --git a/test/e2e/conftest.py b/test/e2e/conftest.py index bda3663..9453cfd 100644 --- a/test/e2e/conftest.py +++ b/test/e2e/conftest.py @@ -42,4 +42,4 @@ def k8s_client(): @pytest.fixture(scope='module') def cognitoidentityprovider_client(): - return boto3.client('cognitoidentityprovider') + return boto3.client('cognito-idp') diff --git a/test/e2e/resources/userpool_simple.yaml b/test/e2e/resources/userpool_simple.yaml new file mode 100644 index 0000000..943a2ec --- /dev/null +++ b/test/e2e/resources/userpool_simple.yaml @@ -0,0 +1,8 @@ +apiVersion: cognitoidentityprovider.services.k8s.aws/v1alpha1 +kind: UserPool +metadata: + name: $USERPOOL_NAME +spec: + name: $USERPOOL_NAME + + diff --git a/test/e2e/tests/helper.py b/test/e2e/tests/helper.py new file mode 100644 index 0000000..fef8b3f --- /dev/null +++ b/test/e2e/tests/helper.py @@ -0,0 +1,30 @@ +# Copyright Amazon.com Inc. or its affiliates. All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"). You may +# not use this file except in compliance with the License. A copy of the +# License is located at +# +# http://aws.amazon.com/apache2.0/ +# +# or in the "license" file accompanying this file. This file is distributed +# on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either +# express or implied. See the License for the specific language governing +# permissions and limitations under the License. + +"""Helper functions for CognitoIdentityProvider e2e tests +""" + +class CognitoValidator: + def __init__(self, cognitoidentityprovider_client): + self.cognitoidentityprovider_client = cognitoidentityprovider_client + + def get_user_pool(self, user_pool_id): + try: + response = self.cognitoidentityprovider_client.describe_user_pool(UserPoolId=user_pool_id) + return response + except self.cognitoidentityprovider_client.exceptions.ResourceNotFoundException: + return None + + def user_pool_exists(self, user_pool_id): + response = self.get_user_pool(user_pool_id) + return response is not None \ No newline at end of file diff --git a/test/e2e/tests/test_userpool.py b/test/e2e/tests/test_userpool.py new file mode 100644 index 0000000..5be1263 --- /dev/null +++ b/test/e2e/tests/test_userpool.py @@ -0,0 +1,101 @@ +# Copyright Amazon.com Inc. or its affiliates. All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"). You may +# not use this file except in compliance with the License. A copy of the +# License is located at +# +# http://aws.amazon.com/apache2.0/ +# +# or in the "license" file accompanying this file. This file is distributed +# on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either +# express or implied. See the License for the specific language governing +# permissions and limitations under the License. + +"""Integration tests for the ELB TargetGroups. +""" + +import logging +import time + +import pytest +from acktest.k8s import resource as k8s +from acktest.resources import random_suffix_name +from e2e import CRD_GROUP, CRD_VERSION, load_cognitoidentityprovider_resource, service_marker +from e2e.bootstrap_resources import get_bootstrap_resources +from e2e.replacement_values import REPLACEMENT_VALUES + +from e2e.tests.helper import CognitoValidator + +RESOURCE_PLURAL = 'userpools' + +CREATE_WAIT_AFTER_SECONDS = 10 +UPDATE_WAIT_AFTER_SECONDS = 10 +DELETE_WAIT_AFTER_SECONDS = 10 + +@pytest.fixture(scope='module') +def simple_userpool(cognitoidentityprovider_client): + userpool_name = random_suffix_name("userpool", 16) + replacements = REPLACEMENT_VALUES.copy() + replacements['USERPOOL_NAME'] = userpool_name + + resource_data = load_cognitoidentityprovider_resource( + 'userpool_simple', + additional_replacements=replacements + ) + logging.debug(resource_data) + + # Create k8s resource + ref = k8s.CustomResourceReference( + CRD_GROUP, CRD_VERSION, RESOURCE_PLURAL, + userpool_name, namespace="default") + k8s.create_custom_resource(ref, resource_data) + + time.sleep(CREATE_WAIT_AFTER_SECONDS) + cr = k8s.wait_resource_consumed_by_controller(ref) + + assert cr is not None + assert k8s.get_resource_exists(ref) + + yield (ref, cr) + + # Delete k8s resource + if k8s.get_resource_exists(ref): + _, deleted = k8s.delete_custom_resource( + ref, + DELETE_WAIT_AFTER_SECONDS, + ) + assert deleted + assert not k8s.get_resource_exists(ref) + +@service_marker +@pytest.mark.canary +class TestUserPool(): + def test_create_delete_simple_userpool(self, simple_userpool, cognitoidentityprovider_client): + (ref, cr) = simple_userpool + assert cr is not None + assert 'spec' in cr + assert 'deletionProtection' in cr['spec'] + assert 'status' in cr + assert 'id' in cr['status'] + id = cr['status']['id'] + deletion_protection = 'INACTIVE' if cr['spec']['deletionProtection'] == 'ACTIVE' else 'ACTIVE' + validator = CognitoValidator(cognitoidentityprovider_client) + + assert validator.user_pool_exists(id) + + updates = { + 'spec': { + 'deletionProtection': deletion_protection + } + } + k8s.patch_custom_resource(ref, updates) + time.sleep(UPDATE_WAIT_AFTER_SECONDS) + + assert cr['spec']['deletionProtection'] == deletion_protection + _, deleted = k8s.delete_custom_resource( + ref, + DELETE_WAIT_AFTER_SECONDS, + ) + assert deleted + + assert not validator.user_pool_exists(id) \ No newline at end of file