feat(kmsMasterKeyRef): allow Bucket encryption with KMS key reference

Author: starlightromero

config/crd/bases/s3.services.k8s.aws_buckets.yaml

@@ -216,6 +216,21 @@ spec:
                           properties:
                             kmsMasterKeyID:
                               type: string
+                            kmsMasterKeyRef:
+                              description: "AWSResourceReferenceWrapper provides a wrapper around
+                                *AWSResourceReference\ntype to provide more user friendly syntax
+                                for references using 'from' field\nEx:\nAPIIDRef:\n\n\tfrom:\n\t
+                                \   name: my-api"
+                              properties:
+                                from:
+                                  description: |-
+                                    AWSResourceReference provides all the values necessary to reference another
+                                    k8s resource for finding the identifier(Id/ARN/Name)
+                                  properties:
+                                    name: string
+                                    namespace: string
+                                  type: object
+                              type: object
                             sseAlgorithm:
                               type: string
                           type: object

config/rbac/cluster-role-controller.yaml

@@ -22,6 +22,20 @@ rules:
   - get
   - list
   - watch
+- apiGroups:
+  - kms.services.k8s.aws
+  resources:
+  - keys
+  verbs:
+  - get
+  - list
+- apiGroups:
+  - kms.services.k8s.aws
+  resources:
+  - keys/status
+  verbs:
+  - get
+  - list
 - apiGroups:
   - s3.services.k8s.aws
   resources:

helm/crds/s3.services.k8s.aws_buckets.yaml

@@ -216,6 +216,22 @@ spec:
                           properties:
                             kmsMasterKeyID:
                               type: string
+                            kmsMasterKeyRef:
+                              description: |-
+                                "AWSResourceReferenceWrapper provides a wrapper around
+                                *AWSResourceReference\ntype to provide more user friendly syntax
+                                for references using 'from' field\nEx:\nAPIIDRef:\n\n\tfrom:\n\t
+                                \   name: my-api"
+                              properties:
+                                from:
+                                  description: |-
+                                    AWSResourceReference provides all the values necessary to reference another
+                                    k8s resource for finding the identifier(Id/ARN/Name)
+                                  properties:
+                                    name: string
+                                    namespace: string
+                                  type: object
+                              type: object
                             sseAlgorithm:
                               type: string
                           type: object

helm/templates/_helpers.tpl

@@ -69,6 +69,20 @@ rules:
   - get
   - list
   - watch
+- apiGroups:
+  - kms.services.k8s.aws
+  resources:
+  - keys
+  verbs:
+  - get
+  - list
+- apiGroups:
+  - kms.services.k8s.aws
+  resources:
+  - keys/status
+  verbs:
+  - get
+  - list
 - apiGroups:
   - s3.services.k8s.aws
   resources: