Listener
elbv2.services.k8s.aws/v1alpha1
| Type | Link |
|---|---|
| GoDoc | elbv2-controller/apis/v1alpha1#Listener |
Metadata
| Property | Value |
|---|---|
| Scope | Namespaced |
| Kind | Listener |
| ListKind | ListenerList |
| Plural | listeners |
| Singular | listener |
Information about a listener.
Spec
alpnPolicy:
- string
certificates:
- certificateARN: string
isDefault: boolean
defaultActions:
authenticateCognitoConfig:
authenticationRequestExtraParams: {}
onUnauthenticatedRequest: string
scope: string
sessionCookieName: string
sessionTimeout: integer
userPoolARN: string
userPoolClientID: string
userPoolDomain: string
authenticateOIDCConfig:
authenticationRequestExtraParams: {}
authorizationEndpoint: string
clientID: string
clientSecret: string
issuer: string
onUnauthenticatedRequest: string
scope: string
sessionCookieName: string
sessionTimeout: integer
tokenEndpoint: string
useExistingClientSecret: boolean
userInfoEndpoint: string
fixedResponseConfig:
contentType: string
messageBody: string
statusCode: string
forwardConfig:
targetGroupStickinessConfig:
durationSeconds: integer
enabled: boolean
targetGroups:
- targetGroupARN: string
targetGroupRef:
from:
name: string
namespace: string
weight: integer
order: integer
redirectConfig:
host: string
path: string
port: string
protocol: string
query: string
statusCode: string
targetGroupARN: string
targetGroupRef:
from:
name: string
namespace: string
type: string
loadBalancerARN: string
loadBalancerRef:
from:
name: string
namespace: string
mutualAuthentication:
ignoreClientCertificateExpiry: boolean
mode: string
trustStoreARN: string
port: integer
protocol: string
sslPolicy: string
tags:
- key: string
value: string
| Field | Description |
|---|---|
| alpnPolicy Optional | array [TLS listeners] The name of the Application-Layer Protocol Negotiation (ALPN) policy. You can specify one policy name. The following are the possible values: * HTTP1Only * HTTP2Only * HTTP2Optional * HTTP2Preferred * None For more information, see ALPN policies (https://docs.aws.amazon.com/elasticloadbalancing/latest/network/create-tls-listener.html#alpn-policies) in the Network Load Balancers Guide. |
| alpnPolicy.[] Required | string |
| certificates.[] Required | object Information about an SSL server certificate. |
| certificates.[].isDefault Optional | boolean |
| defaultActions Required | array The actions for the default rule. |
| defaultActions.[] Required | object Information about an action. |
Each rule must include exactly one of the following types of actions: forward,
fixed-response, or redirect, and it must be the last action to be performed. || defaultActions.[].authenticateCognitoConfig
Optional | object
Request parameters to use when integrating with Amazon Cognito to authenticate
users. |
| defaultActions.[].authenticateCognitoConfig.authenticationRequestExtraParams
Optional | object
|
| defaultActions.[].authenticateCognitoConfig.onUnauthenticatedRequest
Optional | string
|
| defaultActions.[].authenticateCognitoConfig.scope
Optional | string
|
| defaultActions.[].authenticateCognitoConfig.sessionCookieName
Optional | string
|
| defaultActions.[].authenticateCognitoConfig.sessionTimeout
Optional | integer
|
| defaultActions.[].authenticateCognitoConfig.userPoolARN
Optional | string
|
| defaultActions.[].authenticateCognitoConfig.userPoolClientID
Optional | string
|
| defaultActions.[].authenticateCognitoConfig.userPoolDomain
Optional | string
|
| defaultActions.[].authenticateOIDCConfig
Optional | object
Request parameters when using an identity provider (IdP) that is compliant
with OpenID Connect (OIDC) to authenticate users. |
| defaultActions.[].authenticateOIDCConfig.authenticationRequestExtraParams
Optional | object
|
| defaultActions.[].authenticateOIDCConfig.authorizationEndpoint
Optional | string
|
| defaultActions.[].authenticateOIDCConfig.clientID
Optional | string
|
| defaultActions.[].authenticateOIDCConfig.clientSecret
Optional | string
|
| defaultActions.[].authenticateOIDCConfig.issuer
Optional | string
|
| defaultActions.[].authenticateOIDCConfig.onUnauthenticatedRequest
Optional | string
|
| defaultActions.[].authenticateOIDCConfig.scope
Optional | string
|
| defaultActions.[].authenticateOIDCConfig.sessionCookieName
Optional | string
|
| defaultActions.[].authenticateOIDCConfig.sessionTimeout
Optional | integer
|
| defaultActions.[].authenticateOIDCConfig.tokenEndpoint
Optional | string
|
| defaultActions.[].authenticateOIDCConfig.useExistingClientSecret
Optional | boolean
|
| defaultActions.[].authenticateOIDCConfig.userInfoEndpoint
Optional | string
|
| defaultActions.[].fixedResponseConfig
Optional | object
Information about an action that returns a custom HTTP response. |
| defaultActions.[].fixedResponseConfig.contentType
Optional | string
|
| defaultActions.[].fixedResponseConfig.messageBody
Optional | string
|
| defaultActions.[].fixedResponseConfig.statusCode
Optional | string
|
| defaultActions.[].forwardConfig
Optional | object
Information about a forward action. |
| defaultActions.[].forwardConfig.targetGroupStickinessConfig
Optional | object
Information about the target group stickiness for a rule. |
| defaultActions.[].forwardConfig.targetGroupStickinessConfig.durationSeconds
Optional | integer
|
| defaultActions.[].forwardConfig.targetGroupStickinessConfig.enabled
Optional | boolean
|
| defaultActions.[].forwardConfig.targetGroups
Optional | array
|
| defaultActions.[].forwardConfig.targetGroups.[]
Required | object
Information about how traffic will be distributed between multiple target
groups in a forward rule. || defaultActions.[].forwardConfig.targetGroups.[].targetGroupARN
Optional | string
|
| defaultActions.[].forwardConfig.targetGroups.[].targetGroupRef
Optional | object
Reference field for TargetGroupARN |
| defaultActions.[].forwardConfig.targetGroups.[].targetGroupRef.from
Optional | object
AWSResourceReference provides all the values necessary to reference another
k8s resource for finding the identifier(Id/ARN/Name) |
| defaultActions.[].forwardConfig.targetGroups.[].targetGroupRef.from.name
Optional | string
|
| defaultActions.[].forwardConfig.targetGroups.[].targetGroupRef.from.namespace
Optional | string
|
| defaultActions.[].forwardConfig.targetGroups.[].weight
Optional | integer
|
| defaultActions.[].order
Optional | integer
|
| defaultActions.[].redirectConfig
Optional | object
Information about a redirect action.
A URI consists of the following components: protocol://hostname:port/path?query.
You must modify at least one of the following components to avoid a redirect
loop: protocol, hostname, port, or path. Any components that you do not modify
retain their original values.
You can reuse URI components using the following reserved keywords:
* #{protocol}
* #{host}
* #{port}
* #{path} (the leading “/” is removed)
* #{query}
For example, you can change the path to “/new/#{path}”, the hostname to “example.#{host}”,
or the query to “#{query}&value=xyz”. |
| defaultActions.[].redirectConfig.host
Optional | string
|
| defaultActions.[].redirectConfig.path
Optional | string
|
| defaultActions.[].redirectConfig.port
Optional | string
|
| defaultActions.[].redirectConfig.protocol
Optional | string
|
| defaultActions.[].redirectConfig.query
Optional | string
|
| defaultActions.[].redirectConfig.statusCode
Optional | string
|
| defaultActions.[].targetGroupARN
Optional | string
|
| defaultActions.[].targetGroupRef
Optional | object
Reference field for TargetGroupARN |
| defaultActions.[].targetGroupRef.from
Optional | object
AWSResourceReference provides all the values necessary to reference another
k8s resource for finding the identifier(Id/ARN/Name) |
| defaultActions.[].targetGroupRef.from.name
Optional | string
|
| defaultActions.[].targetGroupRef.from.namespace
Optional | string
|
| defaultActions.[].type
Optional | string
|
| loadBalancerARN
Optional | string
The Amazon Resource Name (ARN) of the load balancer. |
| loadBalancerRef
Optional | object
AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference
type to provide more user friendly syntax for references using ‘from’ field
Ex:
APIIDRef:
from:
name: my-api |
| loadBalancerRef.from
Optional | object
AWSResourceReference provides all the values necessary to reference another
k8s resource for finding the identifier(Id/ARN/Name) |
| loadBalancerRef.from.name
Optional | string
|
| loadBalancerRef.from.namespace
Optional | string
|
| mutualAuthentication
Optional | object
The mutual authentication configuration information. |
| mutualAuthentication.ignoreClientCertificateExpiry
Optional | boolean
|
| mutualAuthentication.mode
Optional | string
|
| mutualAuthentication.trustStoreARN
Optional | string
|
| port
Optional | integer
The port on which the load balancer is listening. You cannot specify a port
for a Gateway Load Balancer. |
| protocol
Optional | string
The protocol for connections from clients to the load balancer. For Application
Load Balancers, the supported protocols are HTTP and HTTPS. For Network Load
Balancers, the supported protocols are TCP, TLS, UDP, and TCP_UDP. You can’t
specify the UDP or TCP_UDP protocol if dual-stack mode is enabled. You cannot
specify a protocol for a Gateway Load Balancer. |
| sslPolicy
Optional | string
[HTTPS and TLS listeners] The security policy that defines which protocols
and ciphers are supported.
For more information, see Security policies (https://docs.aws.amazon.com/elasticloadbalancing/latest/application/create-https-listener.html#describe-ssl-policies)
in the Application Load Balancers Guide and Security policies (https://docs.aws.amazon.com/elasticloadbalancing/latest/network/create-tls-listener.html#describe-ssl-policies)
in the Network Load Balancers Guide. |
| tags
Optional | array
The tags to assign to the listener. |
| tags.[]
Required | object
Information about a tag. || tags.[].key
Optional | string
|
| tags.[].value
Optional | string
|
Status
ackResourceMetadata:
arn: string
ownerAccountID: string
region: string
conditions:
- lastTransitionTime: string
message: string
reason: string
status: string
type: string
| Field | Description |
|---|---|
| ackResourceMetadata Optional | object All CRs managed by ACK have a common Status.ACKResourceMetadata memberthat is used to contain resource sync state, account ownership, constructed ARN for the resource |
| ackResourceMetadata.arn Optional | string ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an “adopted” resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR’s Spec field values. https://github.com/aws/aws-controllers-k8s/issues/270 |
| ackResourceMetadata.ownerAccountID Required | string OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource. |
| ackResourceMetadata.region Required | string Region is the AWS region in which the resource exists or will exist. |
| conditions Optional | array All CRS managed by ACK have a common Status.Conditions member thatcontains a collection of ackv1alpha1.Condition objects that describethe various terminal states of the CR and its backend AWS service API resource |
| conditions.[] Required | object Condition is the common struct used by all CRDs managed by ACK service |
| controllers to indicate terminal states of the CR and its backend AWS | |
| service API resource | |
| conditions.[].message Optional | string A human readable message indicating details about the transition. |
| conditions.[].reason Optional | string The reason for the condition’s last transition. |
| conditions.[].status Optional | string Status of the condition, one of True, False, Unknown. |
| conditions.[].type Optional | string Type is the type of the Condition |