--- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.4.1 creationTimestamp: null name: virtualgateways.appmesh.k8s.aws spec: group: appmesh.k8s.aws names: categories: - all kind: VirtualGateway listKind: VirtualGatewayList plural: virtualgateways singular: virtualgateway scope: Namespaced versions: - additionalPrinterColumns: - description: The AppMesh VirtualGateway object's Amazon Resource Name jsonPath: .status.virtualGatewayARN name: ARN type: string - jsonPath: .metadata.creationTimestamp name: AGE type: date name: v1beta2 schema: openAPIV3Schema: description: VirtualGateway is the Schema for the virtualgateways API properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: description: VirtualGatewaySpec defines the desired state of VirtualGateway refers to https://docs.aws.amazon.com/app-mesh/latest/userguide/virtual_gateways.html properties: awsName: description: AWSName is the AppMesh VirtualGateway object's name. If unspecified or empty, it defaults to be "${name}_${namespace}" of k8s VirtualGateway type: string backendDefaults: description: A reference to an object that represents the defaults for backend GatewayRoutes. properties: clientPolicy: description: A reference to an object that represents a client policy. properties: tls: description: A reference to an object that represents a Transport Layer Security (TLS) client policy. properties: certificate: description: A reference to an object that represents TLS certificate. properties: file: description: An object that represents a TLS cert via a local file properties: certificateChain: description: The certificate chain for the certificate. maxLength: 255 minLength: 1 type: string privateKey: description: The private key for a certificate stored on the file system of the virtual Gateway. maxLength: 255 minLength: 1 type: string required: - certificateChain - privateKey type: object sds: description: An object that represents a TLS cert via SDS entry properties: secretName: description: The certificate trust chain for a certificate issued via SDS cluster type: string required: - secretName type: object type: object enforce: description: Whether the policy is enforced. If unspecified, default settings from AWS API will be applied. Refer to AWS Docs for default settings. type: boolean ports: description: The range of ports that the policy is enforced for. items: format: int64 maximum: 65535 minimum: 1 type: integer type: array validation: description: A reference to an object that represents a TLS validation context. properties: subjectAlternativeNames: description: Possible alternative names to consider properties: match: description: Match is a required field properties: exact: description: Exact is a required field items: type: string type: array required: - exact type: object required: - match type: object trust: description: A reference to an object that represents a TLS validation context trust properties: acm: description: A reference to an object that represents a TLS validation context trust for an AWS Certicate Manager (ACM) certificate. properties: certificateAuthorityARNs: description: One or more ACM Amazon Resource Name (ARN)s. items: type: string maxItems: 3 minItems: 1 type: array required: - certificateAuthorityARNs type: object file: description: An object that represents a TLS validation context trust for a local file. properties: certificateChain: description: The certificate trust chain for a certificate stored on the file system of the virtual Gateway. maxLength: 255 minLength: 1 type: string required: - certificateChain type: object sds: description: An object that represents a TLS validation context trust for a SDS certificate properties: secretName: description: The certificate trust chain for a certificate issued via SDS. type: string required: - secretName type: object type: object required: - trust type: object required: - validation type: object type: object type: object gatewayRouteSelector: description: GatewayRouteSelector selects GatewayRoutes using labels to designate GatewayRoute membership. If not specified it selects all GatewayRoutes in that namespace. properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. items: type: string type: array required: - key - operator type: object type: array matchLabels: additionalProperties: type: string description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object listeners: description: The listener that the virtual gateway is expected to receive inbound traffic from items: description: VirtualGatewayListener refers to https://docs.aws.amazon.com/app-mesh/latest/userguide/virtual_gateways.html properties: connectionPool: description: The connection pool settings for the listener properties: grpc: description: Specifies grpc connection pool settings for the virtual gateway listener properties: maxRequests: description: Represents the maximum number of inflight requests that an envoy can concurrently support across all the hosts in the upstream cluster format: int64 minimum: 1 type: integer required: - maxRequests type: object http: description: Specifies http connection pool settings for the virtual gateway listener properties: maxConnections: description: Represents the maximum number of outbound TCP connections the envoy can establish concurrently with all the hosts in the upstream cluster. format: int64 minimum: 1 type: integer maxPendingRequests: description: Represents the number of overflowing requests after max_connections that an envoy will queue to an upstream cluster. format: int64 minimum: 1 type: integer required: - maxConnections type: object http2: description: Specifies http2 connection pool settings for the virtual gateway listener properties: maxRequests: description: Represents the maximum number of inflight requests that an envoy can concurrently support across all the hosts in the upstream cluster format: int64 minimum: 1 type: integer required: - maxRequests type: object type: object healthCheck: description: The health check information for the listener. properties: healthyThreshold: description: The number of consecutive successful health checks that must occur before declaring listener healthy. format: int64 maximum: 10 minimum: 2 type: integer intervalMillis: description: The time period in milliseconds between each health check execution. format: int64 maximum: 300000 minimum: 5000 type: integer path: description: The destination path for the health check request. This value is only used if the specified protocol is http or http2. For any other protocol, this value is ignored. type: string port: description: The destination port for the health check request. format: int64 maximum: 65535 minimum: 1 type: integer protocol: description: The protocol for the health check request enum: - grpc - http - http2 type: string timeoutMillis: description: The amount of time to wait when receiving a response from the health check, in milliseconds. format: int64 maximum: 60000 minimum: 2000 type: integer unhealthyThreshold: description: The number of consecutive failed health checks that must occur before declaring a virtual Gateway unhealthy. format: int64 maximum: 10 minimum: 2 type: integer required: - intervalMillis - protocol - timeoutMillis - unhealthyThreshold type: object portMapping: description: The port mapping information for the listener. properties: port: description: The port used for the port mapping. format: int64 maximum: 65535 minimum: 1 type: integer protocol: description: The protocol used for the port mapping. enum: - grpc - http - http2 type: string required: - port - protocol type: object tls: description: A reference to an object that represents the Transport Layer Security (TLS) properties for a listener. properties: certificate: description: A reference to an object that represents a listener's TLS certificate. properties: acm: description: A reference to an object that represents an AWS Certificate Manager (ACM) certificate. properties: certificateARN: description: The Amazon Resource Name (ARN) for the certificate. type: string required: - certificateARN type: object file: description: A reference to an object that represents a local file certificate. properties: certificateChain: description: The certificate chain for the certificate. maxLength: 255 minLength: 1 type: string privateKey: description: The private key for a certificate stored on the file system of the virtual Gateway. maxLength: 255 minLength: 1 type: string required: - certificateChain - privateKey type: object sds: description: A reference to an object that represents an SDS issued certificate properties: secretName: description: The certificate trust chain for a certificate issued via SDS cluster type: string required: - secretName type: object type: object mode: description: ListenerTLS mode enum: - DISABLED - PERMISSIVE - STRICT type: string validation: description: A reference to an object that represents Validation context properties: subjectAlternativeNames: description: Possible alternate names to consider properties: match: description: Match is a required field properties: exact: description: Exact is a required field items: type: string type: array required: - exact type: object required: - match type: object trust: properties: acm: description: A reference to an object that represents a TLS validation context trust for an AWS Certicate Manager (ACM) certificate. properties: certificateAuthorityARNs: description: One or more ACM Amazon Resource Name (ARN)s. items: type: string maxItems: 3 minItems: 1 type: array required: - certificateAuthorityARNs type: object file: description: An object that represents a TLS validation context trust for a local file. properties: certificateChain: description: The certificate trust chain for a certificate stored on the file system of the virtual Gateway. maxLength: 255 minLength: 1 type: string required: - certificateChain type: object sds: description: An object that represents a TLS validation context trust for an SDS system properties: secretName: description: The certificate trust chain for a certificate issued via SDS. type: string required: - secretName type: object type: object required: - trust type: object required: - certificate - mode type: object required: - portMapping type: object minItems: 0 type: array logging: description: The inbound and outbound access logging information for the virtual gateway. properties: accessLog: description: The access log configuration for a virtual Gateway. properties: file: description: The file object to send virtual gateway access logs to. properties: format: description: Structured access log output format properties: json: description: Output specified fields as a JSON object items: properties: key: description: The name of the field in the JSON object minLength: 1 type: string value: description: The format string minLength: 1 type: string required: - key - value type: object type: array text: description: Custom format string type: string type: object path: description: The file path to write access logs to. maxLength: 255 minLength: 1 type: string required: - path type: object type: object type: object meshRef: description: "A reference to k8s Mesh CR that this VirtualGateway belongs to. The admission controller populates it using Meshes's selector, and prevents users from setting this field. \n Populated by the system. Read-only." properties: name: description: Name is the name of Mesh CR type: string uid: description: UID is the UID of Mesh CR type: string required: - name - uid type: object namespaceSelector: description: NamespaceSelector selects Namespaces using labels to designate GatewayRoute membership. This field follows standard label selector semantics; if present but empty, it selects all namespaces. properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. items: type: string type: array required: - key - operator type: object type: array matchLabels: additionalProperties: type: string description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object podSelector: description: "PodSelector selects Pods using labels to designate VirtualGateway membership. This field follows standard label selector semantics: \tif present but empty, it selects all pods within namespace. \tif absent, it selects no pod." properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. items: type: string type: array required: - key - operator type: object type: array matchLabels: additionalProperties: type: string description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object type: object status: description: VirtualGatewayStatus defines the observed state of VirtualGateway properties: conditions: description: The current VirtualGateway status. items: properties: lastTransitionTime: description: Last time the condition transitioned from one status to another. format: date-time type: string message: description: A human readable message indicating details about the transition. type: string reason: description: The reason for the condition's last transition. type: string status: description: Status of the condition, one of True, False, Unknown. type: string type: description: Type of VirtualGateway condition. type: string required: - status - type type: object type: array observedGeneration: description: The generation observed by the VirtualGateway controller. format: int64 type: integer virtualGatewayARN: description: VirtualGatewayARN is the AppMesh VirtualGateway object's Amazon Resource Name type: string type: object type: object x-kubernetes-preserve-unknown-fields: true served: true storage: true subresources: status: {} status: acceptedNames: kind: "" plural: "" conditions: [] storedVersions: []