crossplane-contrib · escortnotice · Nov 6, 2020 · Nov 20, 2020 · Nov 20, 2020 · Nov 20, 2020
diff --git a/apis/network/v1alpha3/register.go b/apis/network/v1alpha3/register.go
@@ -53,7 +53,16 @@ var (
 	SubnetGroupVersionKind = SchemeGroupVersion.WithKind(SubnetKind)
 )
 
+// AzureFirewall type Metadata.
+var (
+	AzureFirewallKind             = reflect.TypeOf(AzureFirewall{}).Name()
+	AzureFirewallGroupKind        = schema.GroupKind{Group: Group, Kind: AzureFirewallKind}.String()
+	AzureFirewallKindAPIVersion   = AzureFirewallKind + "." + SchemeGroupVersion.String()
+	AzureFirewallGroupVersionKind = SchemeGroupVersion.WithKind(AzureFirewallKind)
+)
+
 func init() {
 	SchemeBuilder.Register(&VirtualNetwork{}, &VirtualNetworkList{})
 	SchemeBuilder.Register(&Subnet{}, &SubnetList{})
+	SchemeBuilder.Register(&AzureFirewall{}, &AzureFirewallList{})
 }
diff --git a/apis/network/v1alpha3/types.go b/apis/network/v1alpha3/types.go
@@ -225,3 +225,249 @@ type SubnetList struct {
 	metav1.ListMeta `json:"metadata,omitempty"`
 	Items           []Subnet `json:"items"`
 }
+
+//Azure Firewall Structs
+// +kubebuilder:object:root=true
+// A AzureFirewall is a managed resource that represents an Azure Firewall
+// +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status"
+// +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status"
+// +kubebuilder:printcolumn:name="STATE",type="string",JSONPath=".status.state"
+// +kubebuilder:printcolumn:name="LOCATION",type="string",JSONPath=".spec.location"
+// +kubebuilder:printcolumn:name="RECLAIM-POLICY",type="string",JSONPath=".spec.reclaimPolicy"
+// +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp"
+// +kubebuilder:subresource:status
+// +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,azure}
+type AzureFirewall struct {
+	metav1.TypeMeta   `json:",inline"`
+	metav1.ObjectMeta `json:"metadata,omitempty"`
+
+	Spec   AzureFirewallSpec   `json:"spec"`
+	Status AzureFirewallStatus `json:"status,omitempty"`
+	///Properties SecurityGroupPropertiesFormat   `json:"properties,omitempty"`
+}
+
+// +kubebuilder:object:root=true
+// AzureFirewallList contains a list of Security Groups
+type AzureFirewallList struct {
+	metav1.TypeMeta `json:",inline"`
+	metav1.ListMeta `json:"metadata,omitempty"`
+	Items           []AzureFirewall `json:"items"`
+}
+
+// A AzureFirewallSpec defines the desired state of a AzureFirewall.
+type AzureFirewallSpec struct {
+	runtimev1alpha1.ResourceSpec `json:",inline"`
+
+	// ResourceGroupName - Name of the SecurityGroup's resource group.
+	ResourceGroupName string `json:"resourceGroupName,omitempty"`
+
+	// ResourceGroupNameRef - A reference to the the SecurityGroup's resource
+	// group.
+	ResourceGroupNameRef *runtimev1alpha1.Reference `json:"resourceGroupNameRef,omitempty"`
+
+	// ResourceGroupNameSelector - Select a reference to the the Azure Firewall
+	// resource group.
+	ResourceGroupNameSelector *runtimev1alpha1.Selector `json:"resourceGroupNameSelector,omitempty"`
+
+	// Location - Resource location.
+	Location string `json:"location"`
+
+	//AzureFirewallPropertiesFormat - Properties of AzureFirewall
-	//AzureFirewallPropertiesFormat - Properties of AzureFirewall
+	// AzureFirewallPropertiesFormat - Properties of AzureFirewall
-	//AzureFirewallPropertiesFormat - Properties of AzureFirewall
+	// AzureFirewallPropertiesFormat - Properties of AzureFirewall
+	AzureFirewallPropertiesFormat `json:"properties,omitempty"`
+
+	// Tags - Resource tags.
+	// +optional
+	Tags map[string]string `json:"tags,omitempty"`
+
+	// Zones - A list of availability zones denoting where the resource needs to come from.
+	Zones []string `json:"zones,omitempty"`
+
+	// Etag - READ-ONLY; Gets a unique read-only string that changes whenever the resource is updated.
+	Etag string `json:"etag,omitempty"`
+
+	// ID - Resource ID.
+	ID string `json:"id,omitempty"`
+
+	// Name - READ-ONLY; Resource name.
+	Name string `json:"name,omitempty"`
+
+	// Type - READ-ONLY; Resource type.
+	Type string `json:"type,omitempty"`
+	// Location - Resource location.
-	// Location - Resource location.
-	// Location - Resource location.
+}
+
+// AzureFirewallPropertiesFormat properties of the Azure Firewall.
+type AzureFirewallPropertiesFormat struct {
+	// ApplicationRuleCollections - Collection of application rule collections used by Azure Firewall.
+	//ApplicationRuleCollections *[]AzureFirewallApplicationRuleCollection `json:"applicationRuleCollections,omitempty"`
+	// NatRuleCollections - Collection of NAT rule collections used by Azure Firewall.
+	NatRuleCollections *[]AzureFirewallNatRuleCollection `json:"natRuleCollections,omitempty"`
+	// NetworkRuleCollections - Collection of network rule collections used by Azure Firewall.
+	NetworkRuleCollections *[]AzureFirewallNetworkRuleCollection `json:"networkRuleCollections,omitempty"`
+	// IPConfigurations - IP configuration of the Azure Firewall resource.
+	IPConfigurations *[]AzureFirewallIPConfiguration `json:"ipConfigurations,omitempty"`
+	// ProvisioningState - The provisioning state of the resource. Possible values include: 'Succeeded', 'Updating', 'Deleting', 'Failed'
+	ProvisioningState string `json:"provisioningState,omitempty"`
+	// ThreatIntelMode - The operation mode for Threat Intelligence. Possible values include: 'AzureFirewallThreatIntelModeAlert', 'AzureFirewallThreatIntelModeDeny', 'AzureFirewallThreatIntelModeOff'
+	ThreatIntelMode string `json:"threatIntelMode,omitempty"`
+	// VirtualHub - The virtualHub to which the firewall belongs.
+	VirtualHub *SubResource `json:"virtualHub,omitempty"`
+	// FirewallPolicy - The firewallPolicy associated with this azure firewall.
+	FirewallPolicy *SubResource `json:"firewallPolicy,omitempty"`
+	// HubIPAddresses - READ-ONLY; IP addresses associated with AzureFirewall.
+	HubIPAddresses *HubIPAddresses `json:"hubIpAddresses,omitempty"`
+}
+
+// AzureFirewallIPConfiguration IP configuration of an Azure Firewall.
+type AzureFirewallIPConfiguration struct {
+	// AzureFirewallIPConfigurationPropertiesFormat - Properties of the azure firewall IP configuration.
+	AzureFirewallIPConfigurationPropertiesFormat AzureFirewallIPConfigurationPropertiesFormat `json:"properties,omitempty"`
+	// Name - Name of the resource that is unique within a resource group. This name can be used to access the resource.
+	Name *string `json:"name,omitempty"`
+	// Etag - READ-ONLY; A unique read-only string that changes whenever the resource is updated.
+	Etag *string `json:"etag,omitempty"`
+	// ID - Resource ID.
+	ID *string `json:"id,omitempty"`
+}
+
+// AzureFirewallIPConfigurationPropertiesFormat properties of IP configuration of an Azure Firewall.
+type AzureFirewallIPConfigurationPropertiesFormat struct {
+	// PrivateIPAddress - READ-ONLY; The Firewall Internal Load Balancer IP to be used as the next hop in User Defined Routes.
+	PrivateIPAddress *string `json:"privateIPAddress,omitempty"`
+	// Subnet - Reference of the subnet resource. This resource must be named 'AzureFirewallSubnet'.
+	Subnet *SubResource `json:"subnet,omitempty"`
+	// PublicIPAddress - Reference of the PublicIP resource. This field is a mandatory input if subnet is not null.
+	PublicIPAddress *SubResource `json:"publicIPAddress,omitempty"`
+	// ProvisioningState - The provisioning state of the resource. Possible values include: 'Succeeded', 'Updating', 'Deleting', 'Failed'
+	ProvisioningState *string `json:"provisioningState,omitempty"`
+}
+
+// SubResource reference to another subresource.
+type SubResource struct {
+	// ID - Resource ID.
+	ID *string `json:"id,omitempty"`
+}
+
+// HubIPAddresses IP addresses associated with azure firewall.
+type HubIPAddresses struct {
+	// PublicIPAddresses - List of Public IP addresses associated with azure firewall.
+	PublicIPAddresses *[]AzureFirewallPublicIPAddress `json:"publicIPAddresses,omitempty"`
+	// PrivateIPAddress - Private IP Address associated with azure firewall.
+	PrivateIPAddress *string `json:"privateIPAddress,omitempty"`
+}
+
+// AzureFirewallPublicIPAddress public IP Address associated with azure firewall.
+type AzureFirewallPublicIPAddress struct {
+	// Address - Public IP Address value.
+	Address *string `json:"address,omitempty"`
+}
+
+// A AzureFirewallStatus represents the observed status of a AzureFirewall.
+type AzureFirewallStatus struct {
+	runtimev1alpha1.ResourceStatus `json:",inline"`
+
+	// State of this SecurityGroup.
+	State string `json:"state,omitempty"`
+
+	// A Message providing detail about the state of this AzureFirewall, if
+	// any.
+	Message string `json:"message,omitempty"`
+
+	// ID of this AzureFirewall.
+	ID string `json:"id,omitempty"`
+
+	// Etag - A unique read-only string that changes whenever the resource is
+	// updated.
+	Etag string `json:"etag,omitempty"`
+
+	// ResourceGUID - The GUID of this AzureFirewall.
+	ResourceGUID string `json:"resourceGuid,omitempty"`
+
+	// Type of this AzureFirewall.
+	Type string `json:"type,omitempty"`
+}
+
+//Rules Structs
+// AzureFirewallNatRule properties of a NAT rule.
+type AzureFirewallNatRule struct {
+	// Name - Name of the NAT rule.
+	Name string `json:"name,omitempty"`
+	// Description - Description of the rule.
+	Description string `json:"description,omitempty"`
+	// SourceAddresses - List of source IP addresses for this rule.
+	SourceAddresses []string `json:"sourceAddresses,omitempty"`
+	// DestinationAddresses - List of destination IP addresses for this rule. Supports IP ranges, prefixes, and service tags.
+	DestinationAddresses []string `json:"destinationAddresses,omitempty"`
+	// DestinationPorts - List of destination ports.
+	DestinationPorts []string `json:"destinationPorts,omitempty"`
+	// Protocols - Array of AzureFirewallNetworkRuleProtocols applicable to this NAT rule.
+	Protocols []string `json:"protocols,omitempty"`
+	// TranslatedAddress - The translated address for this NAT rule.
+	TranslatedAddress string `json:"translatedAddress,omitempty"`
+	// TranslatedPort - The translated port for this NAT rule.
+	TranslatedPort string `json:"translatedPort,omitempty"`
+}
+
+// AzureFirewallNatRuleCollectionProperties properties of the NAT rule collection.
+type AzureFirewallNatRuleCollectionProperties struct {
+	// Priority - Priority of the NAT rule collection resource.
+	Priority int32 `json:"priority,omitempty"`
+	// Action - The action type of a NAT rule collection.
+	Action string `json:"action,omitempty"`
+	// Rules - Collection of rules used by a NAT rule collection.
+	Rules []AzureFirewallNatRule `json:"rules,omitempty"`
+	// ProvisioningState - The provisioning state of the resource. Possible values include: 'Succeeded', 'Updating', 'Deleting', 'Failed'
+	ProvisioningState string `json:"provisioningState,omitempty"`
+}
+
+// AzureFirewallNatRuleCollection NAT rule collection resource.
+type AzureFirewallNatRuleCollection struct {
+	// AzureFirewallNatRuleCollectionProperties - Properties of the azure firewall NAT rule collection.
+	Properties AzureFirewallNatRuleCollectionProperties `json:"properties,omitempty"`
+	// Name - Gets name of the resource that is unique within a resource group. This name can be used to access the resource.
+	Name string `json:"name,omitempty"`
+	// Etag - READ-ONLY; Gets a unique read-only string that changes whenever the resource is updated.
+	Etag string `json:"etag,omitempty"`
+	// ID - Resource ID.
+	ID string `json:"id,omitempty"`
+}
+
+// AzureFirewallNetworkRuleCollection network rule collection resource.
+type AzureFirewallNetworkRuleCollection struct {
+	// AzureFirewallNetworkRuleCollectionPropertiesFormat - Properties of the azure firewall network rule collection.
+	Properties AzureFirewallNetworkRuleCollectionPropertiesFormat `json:"properties,omitempty"`
+	// Name - Gets name of the resource that is unique within a resource group. This name can be used to access the resource.
+	Name string `json:"name,omitempty"`
+	// Etag - READ-ONLY; Gets a unique read-only string that changes whenever the resource is updated.
+	Etag string `json:"etag,omitempty"`
+	// ID - Resource ID.
+	ID string `json:"id,omitempty"`
+}
+
+// AzureFirewallNetworkRuleCollectionPropertiesFormat properties of the network rule collection.
+type AzureFirewallNetworkRuleCollectionPropertiesFormat struct {
+	// Priority - Priority of the network rule collection resource.
+	Priority int32 `json:"priority,omitempty"`
+	// Action - The action type of a rule collection.
+	Action string `json:"action,omitempty"`
+	// Rules - Collection of rules used by a network rule collection.
+	Rules []AzureFirewallNetworkRule `json:"rules,omitempty"`
+	// ProvisioningState - The provisioning state of the resource. Possible values include: 'Succeeded', 'Updating', 'Deleting', 'Failed'
+	ProvisioningState string `json:"provisioningState,omitempty"`
+}
+
+// AzureFirewallNetworkRule properties of the network rule.
+type AzureFirewallNetworkRule struct {
+	// Name - Name of the network rule.
+	Name string `json:"name,omitempty"`
+	// Description - Description of the rule.
+	Description string `json:"description,omitempty"`
+	// Protocols - Array of AzureFirewallNetworkRuleProtocols.
+	Protocols []string `json:"protocols,omitempty"`
+	// SourceAddresses - List of source IP addresses for this rule.
+	SourceAddresses []string `json:"sourceAddresses,omitempty"`
+	// DestinationAddresses - List of destination IP addresses.
+	DestinationAddresses []string `json:"destinationAddresses,omitempty"`
+	// DestinationPorts - List of destination ports.
+	DestinationPorts []string `json:"destinationPorts,omitempty"`
+}