Add ability to reference role created by iam-controller (#100)

**Issue #, if available:** aws-controllers-k8s/community#1835

**Description of changes:**

Adds ability to use `roleRef` instead of `role` to reference an IAM role created by the `iam-controller`.

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

Author: jessebye

apis/v1alpha1/ack-generate-metadata.yaml

@@ -1,13 +1,13 @@
 ack_generate_info:
-  build_date: "2023-06-28T18:32:11Z"
+  build_date: "2023-07-14T21:15:00Z"
   build_hash: e9b68590da73ce9143ba1e4361cebdc1d876c81e
-  go_version: go1.19
+  go_version: go1.20.5
   version: v0.26.1-7-ge9b6859
-api_directory_checksum: 5f162746e8495943dae5e96f48f4a3ab887b5be5
+api_directory_checksum: 5d5c7aea8863c47e7303cc870aad4250267d93d2
 api_version: v1alpha1
 aws_sdk_go_version: v1.44.181
 generator_config_info:
-  file_checksum: ed4abfc994c2c47465801d301604c584bd743d41
+  file_checksum: dfaa004dd9551888415d54b3006e115cef3dbef3
   original_file_name: generator.yaml
 last_modification:
   reason: API generation

apis/v1alpha1/function.go

@@ -39,6 +39,11 @@ resources:
           resource: Key
           path: Status.ACKResourceMetadata.ARN
           service_name: kms
+      Role:
+        references:
+          resource: Role
+          path: Status.ACKResourceMetadata.ARN
+          service_name: iam
       Name:
         is_primary_key: true
         is_required: true
@@ -189,4 +194,4 @@ resources:
             Version: VersionNumber
         ListLayerVersions:
           input_fields:
-            Version: VersionNumber
+            Version: VersionNumber

apis/v1alpha1/generator.yaml

@@ -235,6 +235,19 @@ spec:
                 description: The Amazon Resource Name (ARN) of the function's execution
                   role.
                 type: string
+              roleRef:
+                description: "AWSResourceReferenceWrapper provides a wrapper around
+                  *AWSResourceReference type to provide more user friendly syntax
+                  for references using 'from' field Ex: APIIDRef: \n from: name: my-api"
+                properties:
+                  from:
+                    description: AWSResourceReference provides all the values necessary
+                      to reference another k8s resource for finding the identifier(Id/ARN/Name)
+                    properties:
+                      name:
+                        type: string
+                    type: object
+                type: object
               runtime:
                 description: The identifier of the function's runtime (https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html).
                   Runtime is required if the deployment package is a .zip file archive.
@@ -321,7 +334,6 @@ spec:
             required:
             - code
             - name
-            - role
             type: object
           status:
             description: FunctionStatus defines the observed state of Function

apis/v1alpha1/zz_generated.deepcopy.go

@@ -59,6 +59,20 @@ rules:
   verbs:
   - get
   - list
+- apiGroups:
+  - iam.services.k8s.aws
+  resources:
+  - roles
+  verbs:
+  - get
+  - list
+- apiGroups:
+  - iam.services.k8s.aws
+  resources:
+  - roles/status
+  verbs:
+  - get
+  - list
 - apiGroups:
   - kafka.services.k8s.aws
   resources:

cmd/controller/main.go

@@ -39,6 +39,11 @@ resources:
           resource: Key
           path: Status.ACKResourceMetadata.ARN
           service_name: kms
+      Role:
+        references:
+          resource: Role
+          path: Status.ACKResourceMetadata.ARN
+          service_name: iam
       Name:
         is_primary_key: true
         is_required: true
@@ -189,4 +194,4 @@ resources:
             Version: VersionNumber
         ListLayerVersions:
           input_fields:
-            Version: VersionNumber
+            Version: VersionNumber

config/crd/bases/lambda.services.k8s.aws_functions.yaml

@@ -4,6 +4,7 @@ go 1.19
 
 require (
 	github.com/aws-controllers-k8s/ec2-controller v0.0.21
+	github.com/aws-controllers-k8s/iam-controller v1.2.3
 	github.com/aws-controllers-k8s/kafka-controller v0.0.0-20230615185632-102279061de1
 	github.com/aws-controllers-k8s/kms-controller v0.1.2
 	github.com/aws-controllers-k8s/mq-controller v0.0.22

config/rbac/cluster-role-controller.yaml

@@ -40,6 +40,8 @@ github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4/go.mod h1:ybxpYRF
 github.com/alecthomas/units v0.0.0-20190924025748-f65c72e2690d/go.mod h1:rBZYJk541a8SKzHPHnH3zbiI+7dagKZ0cgpgrD7Fyho=
 github.com/aws-controllers-k8s/ec2-controller v0.0.21 h1:5O7/9aED2Tl9OT0TL2rWrc1Ix5V1UxYEgDKAhvFhPJQ=
 github.com/aws-controllers-k8s/ec2-controller v0.0.21/go.mod h1:OMsmJeJ3iQZ1sJgs3hqnjBRnJ3hmTzJUO38W5rxnB5M=
+github.com/aws-controllers-k8s/iam-controller v1.2.3 h1:Vzz7/qxhcfkPrqn64Oi0tbvHetyiEto3gQuvpCSpECA=
+github.com/aws-controllers-k8s/iam-controller v1.2.3/go.mod h1:c7WaFwq2tIJjwpZhnuCYQ2ISzzMUJLTisPv92lim8sk=
 github.com/aws-controllers-k8s/kafka-controller v0.0.0-20230615185632-102279061de1 h1:NvmtIsm6fVoGUOvMfevONJETf+PtRWAiD3XzZBtQ2WA=
 github.com/aws-controllers-k8s/kafka-controller v0.0.0-20230615185632-102279061de1/go.mod h1:BHW00DFtXtugpsyn0nN0YdP32xmCN5p3lIJYP+Y0iVY=
 github.com/aws-controllers-k8s/kms-controller v0.1.2 h1:9lb98jspqOpFpmIFHOJ6pRnOkC8kDEPIgTAb5QnVGZo=

generator.yaml

@@ -235,6 +235,19 @@ spec:
                 description: The Amazon Resource Name (ARN) of the function's execution
                   role.
                 type: string
+              roleRef:
+                description: "AWSResourceReferenceWrapper provides a wrapper around
+                  *AWSResourceReference type to provide more user friendly syntax
+                  for references using 'from' field Ex: APIIDRef: \n from: name: my-api"
+                properties:
+                  from:
+                    description: AWSResourceReference provides all the values necessary
+                      to reference another k8s resource for finding the identifier(Id/ARN/Name)
+                    properties:
+                      name:
+                        type: string
+                    type: object
+                type: object
               runtime:
                 description: The identifier of the function's runtime (https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html).
                   Runtime is required if the deployment package is a .zip file archive.
@@ -321,7 +334,6 @@ spec:
             required:
             - code
             - name
-            - role
             type: object
           status:
             description: FunctionStatus defines the observed state of Function

go.mod

@@ -74,6 +74,20 @@ rules:
   verbs:
   - get
   - list
+- apiGroups:
+  - iam.services.k8s.aws
+  resources:
+  - roles
+  verbs:
+  - get
+  - list
+- apiGroups:
+  - iam.services.k8s.aws
+  resources:
+  - roles/status
+  verbs:
+  - get
+  - list
 - apiGroups:
   - kafka.services.k8s.aws
   resources: