sigs.k8s.io/cluster-api-provider-aws@v1.5.5/docs/proposal/20200506-single-controller-multitenancy-flow.plantuml

sigs.k8s.io/cluster-api-provider-aws@v1.5.5/docs/proposal/20200506-single-controller-multitenancy-flow.plantuml (about)

     1  @startuml 20200506-single-controller-multitenancy-flow
     2  !includeurl https://raw.githubusercontent.com/RicardoNiepel/C4-PlantUML/release/1-0/C4_Container.puml
     3  
     4  start
     5  :AWS controller;
     6  :enqueue AWSCluster/Machine for reconciliation;
     7  :fetch AWSCluster;
     8  if (AWSCluster has spec.identityRef?) then (yes)
     9    if (Referenced object is cluster scoped CRD) then (yes)
    10      :fetch cluster scoped resource;
    11    else (no)
    12      :fetch referenced resource in same namespace;
    13    endif
    14    :set or append referenced resource as OwnerReference to AWSCluster object;
    15    if (error?) then (yes)
    16      stop
    17    else (no)
    18      :construct new credential provider;
    19      if (cache contains value for provider.Hash()) then (no)
    20        :store credential provider in cache;
    21      endif
    22      :fetch cached credential provider;
    23    endif
    24  else (no)
    25    : default spec.identityRef to AWSClusterControllerIdentity;
    26    if (AWSCluster namespace matches with allowedNamespaces) then (yes)
    27      :use controller's credential providers;
    28    else (no)
    29      :return with error;
    30      stop
    31    endif
    32  endif
    33  :call STS::GetCallerIdentity():
    34  if (awscluster.AccountID != nil && awscluster.AccountID != GetCallerIdentity?) then (error)
    35    stop
    36  endif
    37  :update awscluster.accountID;
    38  :create new service clients;
    39  :reconcile AWSCluster or AWSMachine;
    40  stop
    41  
    42  @enduml