New creates a new operator from the configuration in the provided file.

NewAWSProvider returns a configured AWS provider config.

NewGCPProvider returns a configured GCP provider config.

NewOperator returns a configured Operator.

AWSOperatorConfig provides configuration when creating a new Operator.

AWSRule restricts the arns that a service account can assume based on patterns which match its namespace to an arn or arns.

Config is the base configuration for an operator.

Controller is responsible for providing access to cloud IAM roles for Kubernetes serviceaccounts based on annotations.

GCPOperatorConfig provides configuration when creating a new Operator.

GCPRuns which match its namespace to an arn or arns GCPRule restricts the GCP service accounts that a k8s serviceAccount can use based on patterns which match its namespace to GCP service account email(s).

Operator is responsible for creating Kubernetes auth roles and vault AWS secret roles or GCP static accounts based on ServiceAccount annotations.

AWSRules are a collection of rules.

GCPRules are a collection of rules.