Update crd

crd/RestateCluster.pkl

@@ -62,6 +62,10 @@ class Compute {
 
 /// Security configuration
 class Security {
+  /// if set, create a AWS PodIdentityAssociation using the ACK CRD in order to give the Restate pod
+  /// access to this role
+  awsPodIdentityAssociationRoleArn: String?
+
   /// Network peers to allow access to restate ports If unset, will not allow any new traffic. Set any of
   /// these to [] to allow all traffic - not recommended.
   networkPeers: NetworkPeers?

crd/crd.yaml

@@ -158,6 +158,10 @@ spec:
                 description: Security configuration
                 nullable: true
                 properties:
+                  awsPodIdentityAssociationRoleArn:
+                    description: if set, create a AWS PodIdentityAssociation using the ACK CRD in order to give the Restate pod access to this role
+                    nullable: true
+                    type: string
                   networkPeers:
                     description: Network peers to allow access to restate ports If unset, will not allow any new traffic. Set any of these to [] to allow all traffic - not recommended.
                     nullable: true

src/controller.rs

@@ -121,7 +121,7 @@ fn env_schema(g: &mut schemars::gen::SchemaGenerator) -> schemars::schema::Schem
 #[serde(rename_all = "camelCase")]
 pub struct RestateClusterSecurity {
     pub service_account_annotations: Option<BTreeMap<String, String>>,
-    // if set, create a AWS PodIdentityAssociation using the ACK CRD in order to give the Restate pod access to this role
+    /// if set, create a AWS PodIdentityAssociation using the ACK CRD in order to give the Restate pod access to this role
     pub aws_pod_identity_association_role_arn: Option<String>,
     pub network_peers: Option<RestateClusterNetworkPeers>,
 }