Certificate
dms.services.k8s.aws/v1alpha1
| Type | Link |
|---|---|
| GoDoc | dms-controller/apis/v1alpha1#Certificate |
Metadata
| Property | Value |
|---|---|
| Scope | Namespaced |
| Kind | Certificate |
| ListKind | CertificateList |
| Plural | certificates |
| Singular | certificate |
The SSL certificate that can be used to encrypt connections between the endpoints and the replication instance.
Spec
certificatePem:
key: string
name: string
namespace: string
certificateWallet:
key: string
name: string
namespace: string
kmsKeyID: string
kmsKeyRef:
from:
name: string
namespace: string
name: string
tags:
- key: string
value: string
| Field | Description |
|---|---|
| certificatePem Optional | object The contents of a .pem file, which contains an X.509 certificate. |
| certificatePem.key Required | string Key is the key within the secret |
| certificatePem.name Optional | string name is unique within a namespace to reference a secret resource. |
| certificatePem.namespace Optional | string namespace defines the space within which the secret name must be unique. |
| certificateWallet Optional | object A Base64 encoded Oracle Wallet certificate (cwallet.sso) for use with SSL. |
| certificateWallet.key Required | string Key is the key within the secret |
| certificateWallet.name Optional | string name is unique within a namespace to reference a secret resource. |
| certificateWallet.namespace Optional | string namespace defines the space within which the secret name must be unique. |
| kmsKeyID Optional | string An KMS key identifier that is used to encrypt the certificate. If you don’t specify a value for the KmsKeyId parameter, then DMS uses your default encryption key. KMS creates the default encryption key for your Amazon Web Services account. Your Amazon Web Services account has a different default encryption key for each Amazon Web Services Region. |
| kmsKeyRef Optional | object AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using ‘from’ field Ex: APIIDRef: from: name: my-api |
| kmsKeyRef.from Optional | object AWSResourceReference provides all the values necessary to reference another k8s resource for finding the identifier(Id/ARN/Name) |
| kmsKeyRef.from.name Optional | string |
| kmsKeyRef.from.namespace Optional | string |
| name Required | string A customer-assigned name for the certificate. Identifiers must begin with a letter and must contain only ASCII letters, digits, and hyphens. They can’t end with a hyphen or contain two consecutive hyphens. |
| tags Optional | array The tags associated with the certificate. |
| tags.[] Required | object A user-defined key-value pair that describes metadata added to an DMS resource |
| and that is used by operations such as the following: |
AddTagsToResource
ListTagsForResource
RemoveTagsFromResource || tags.[].key
Optional | string
| | tags.[].value
Optional | string
|
Status
ackResourceMetadata:
arn: string
ownerAccountID: string
partition: string
region: string
certificateCreationDate: string
certificateOwner: string
conditions:
- lastTransitionTime: string
message: string
reason: string
status: string
type: string
keyLength: integer
signingAlgorithm: string
validFromDate: string
validToDate: string
| Field | Description |
|---|---|
| ackResourceMetadata Optional | object All CRs managed by ACK have a common Status.ACKResourceMetadata memberthat is used to contain resource sync state, account ownership, constructed ARN for the resource |
| ackResourceMetadata.arn Optional | string ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an “adopted” resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR’s Spec field values. https://github.com/aws/aws-controllers-k8s/issues/270 |
| ackResourceMetadata.ownerAccountID Required | string OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource. |
| ackResourceMetadata.partition Optional | string Partition is the AWS partition in which the resource exists or will exist |
| ackResourceMetadata.region Required | string Region is the AWS region in which the resource exists or will exist. |
| certificateCreationDate Optional | string The date that the certificate was created. |
| certificateOwner Optional | string The owner of the certificate. |
| conditions Optional | array All CRs managed by ACK have a common Status.Conditions member thatcontains a collection of ackv1alpha1.Condition objects that describethe various terminal states of the CR and its backend AWS service API resource |
| conditions.[] Required | object Condition is the common struct used by all CRDs managed by ACK service |
| controllers to indicate terminal states of the CR and its backend AWS | |
| service API resource | |
| conditions.[].message Optional | string A human readable message indicating details about the transition. |
| conditions.[].reason Optional | string The reason for the condition’s last transition. |
| conditions.[].status Optional | string Status of the condition, one of True, False, Unknown. |
| conditions.[].type Optional | string Type is the type of the Condition |
| keyLength Optional | integer The key length of the cryptographic algorithm being used. |
| signingAlgorithm Optional | string The signing algorithm for the certificate. |
| validFromDate Optional | string The beginning date that the certificate is valid. |
| validToDate Optional | string The final date that the certificate is valid. |