Listener

elbv2.services.k8s.aws/v1alpha1

Type	Link
GoDoc	elbv2-controller/apis/v1alpha1#Listener

Metadata

Property	Value
Scope	Namespaced
Kind	`Listener`
ListKind	`ListenerList`
Plural	`listeners`
Singular	`listener`

Information about a listener.

Spec

alpnPolicy:
- string
certificates:
- certificateARN: string
  isDefault: boolean
defaultActions:
  authenticateCognitoConfig: 
    authenticationRequestExtraParams: {}
    onUnauthenticatedRequest: string
    scope: string
    sessionCookieName: string
    sessionTimeout: integer
    userPoolARN: string
    userPoolClientID: string
    userPoolDomain: string
  authenticateOIDCConfig: 
    authenticationRequestExtraParams: {}
    authorizationEndpoint: string
    clientID: string
    clientSecret: string
    issuer: string
    onUnauthenticatedRequest: string
    scope: string
    sessionCookieName: string
    sessionTimeout: integer
    tokenEndpoint: string
    useExistingClientSecret: boolean
    userInfoEndpoint: string
  fixedResponseConfig: 
    contentType: string
    messageBody: string
    statusCode: string
  forwardConfig: 
    targetGroupStickinessConfig: 
      durationSeconds: integer
      enabled: boolean
    targetGroups:
    - targetGroupARN: string
      weight: integer
  order: integer
  redirectConfig: 
    host: string
    path: string
    port: string
    protocol: string
    query: string
    statusCode: string
  targetGroupARN: string
  targetGroupRef: 
    from: 
      name: string
  type: string
loadBalancerARN: string
loadBalancerRef: 
  from: 
    name: string
mutualAuthentication: 
  ignoreClientCertificateExpiry: boolean
  mode: string
  trustStoreARN: string
port: integer
protocol: string
sslPolicy: string
tags:
- key: string
  value: string

Field	Description
alpnPolicy Optional	array [TLS listeners] The name of the Application-Layer Protocol Negotiation (ALPN) policy. You can specify one policy name. The following are the possible values: * HTTP1Only * HTTP2Only * HTTP2Optional * HTTP2Preferred * None For more information, see ALPN policies (https://docs.aws.amazon.com/elasticloadbalancing/latest/network/create-tls-listener.html#alpn-policies) in the Network Load Balancers Guide.
alpnPolicy.[] Required	string
certificates.[] Required	object Information about an SSL server certificate.
certificates.[].isDefault Optional	boolean
defaultActions Required	array The actions for the default rule.
defaultActions.[] Required	object Information about an action.

Each rule must include exactly one of the following types of actions: forward, fixed-response, or redirect, and it must be the last action to be performed. || defaultActions.[].authenticateCognitoConfig
Optional | object
Request parameters to use when integrating with Amazon Cognito to authenticate
users. | | defaultActions.[].authenticateCognitoConfig.authenticationRequestExtraParams
Optional | object
| | defaultActions.[].authenticateCognitoConfig.onUnauthenticatedRequest
Optional | string
| | defaultActions.[].authenticateCognitoConfig.scope
Optional | string
| | defaultActions.[].authenticateCognitoConfig.sessionCookieName
Optional | string
| | defaultActions.[].authenticateCognitoConfig.sessionTimeout
Optional | integer
| | defaultActions.[].authenticateCognitoConfig.userPoolARN
Optional | string
| | defaultActions.[].authenticateCognitoConfig.userPoolClientID
Optional | string
| | defaultActions.[].authenticateCognitoConfig.userPoolDomain
Optional | string
| | defaultActions.[].authenticateOIDCConfig
Optional | object
Request parameters when using an identity provider (IdP) that is compliant
with OpenID Connect (OIDC) to authenticate users. | | defaultActions.[].authenticateOIDCConfig.authenticationRequestExtraParams
Optional | object
| | defaultActions.[].authenticateOIDCConfig.authorizationEndpoint
Optional | string
| | defaultActions.[].authenticateOIDCConfig.clientID
Optional | string
| | defaultActions.[].authenticateOIDCConfig.clientSecret
Optional | string
| | defaultActions.[].authenticateOIDCConfig.issuer
Optional | string
| | defaultActions.[].authenticateOIDCConfig.onUnauthenticatedRequest
Optional | string
| | defaultActions.[].authenticateOIDCConfig.scope
Optional | string
| | defaultActions.[].authenticateOIDCConfig.sessionCookieName
Optional | string
| | defaultActions.[].authenticateOIDCConfig.sessionTimeout
Optional | integer
| | defaultActions.[].authenticateOIDCConfig.tokenEndpoint
Optional | string
| | defaultActions.[].authenticateOIDCConfig.useExistingClientSecret
Optional | boolean
| | defaultActions.[].authenticateOIDCConfig.userInfoEndpoint
Optional | string
| | defaultActions.[].fixedResponseConfig
Optional | object
Information about an action that returns a custom HTTP response. | | defaultActions.[].fixedResponseConfig.contentType
Optional | string
| | defaultActions.[].fixedResponseConfig.messageBody
Optional | string
| | defaultActions.[].fixedResponseConfig.statusCode
Optional | string
| | defaultActions.[].forwardConfig
Optional | object
Information about a forward action. | | defaultActions.[].forwardConfig.targetGroupStickinessConfig
Optional | object
Information about the target group stickiness for a rule. | | defaultActions.[].forwardConfig.targetGroupStickinessConfig.durationSeconds
Optional | integer
| | defaultActions.[].forwardConfig.targetGroupStickinessConfig.enabled
Optional | boolean
| | defaultActions.[].forwardConfig.targetGroups
Optional | array
| | defaultActions.[].forwardConfig.targetGroups.[]
Required | object
Information about how traffic will be distributed between multiple target groups in a forward rule. || defaultActions.[].forwardConfig.targetGroups.[].targetGroupARN
Optional | string
| | defaultActions.[].forwardConfig.targetGroups.[].weight
Optional | integer
| | defaultActions.[].order
Optional | integer
| | defaultActions.[].redirectConfig
Optional | object
Information about a redirect action.

A URI consists of the following components: protocol://hostname:port/path?query.
You must modify at least one of the following components to avoid a redirect
loop: protocol, hostname, port, or path. Any components that you do not modify
retain their original values.

You can reuse URI components using the following reserved keywords:

* #{protocol}

* #{host}

* #{port}

* #{path} (the leading “/” is removed)

* #{query}

For example, you can change the path to “/new/#{path}”, the hostname to “example.#{host}”,
or the query to “#{query}&value=xyz”. | | defaultActions.[].redirectConfig.host
Optional | string
| | defaultActions.[].redirectConfig.path
Optional | string
| | defaultActions.[].redirectConfig.port
Optional | string
| | defaultActions.[].redirectConfig.protocol
Optional | string
| | defaultActions.[].redirectConfig.query
Optional | string
| | defaultActions.[].redirectConfig.statusCode
Optional | string
| | defaultActions.[].targetGroupARN
Optional | string
| | defaultActions.[].targetGroupRef
Optional | object
Reference field for TargetGroupARN | | defaultActions.[].targetGroupRef.from
Optional | object
AWSResourceReference provides all the values necessary to reference another
k8s resource for finding the identifier(Id/ARN/Name) | | defaultActions.[].targetGroupRef.from.name
Optional | string
| | defaultActions.[].type
Optional | string
| | loadBalancerARN
Optional | string
The Amazon Resource Name (ARN) of the load balancer. | | loadBalancerRef
Optional | object
AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference
type to provide more user friendly syntax for references using ‘from’ field
Ex:
APIIDRef:

from:
name: my-api | | loadBalancerRef.from
Optional | object
AWSResourceReference provides all the values necessary to reference another
k8s resource for finding the identifier(Id/ARN/Name) | | loadBalancerRef.from.name
Optional | string
| | mutualAuthentication
Optional | object
The mutual authentication configuration information. | | mutualAuthentication.ignoreClientCertificateExpiry
Optional | boolean
| | mutualAuthentication.mode
Optional | string
| | mutualAuthentication.trustStoreARN
Optional | string
| | port
Optional | integer
The port on which the load balancer is listening. You cannot specify a port
for a Gateway Load Balancer. | | protocol
Optional | string
The protocol for connections from clients to the load balancer. For Application
Load Balancers, the supported protocols are HTTP and HTTPS. For Network Load
Balancers, the supported protocols are TCP, TLS, UDP, and TCP_UDP. You can’t
specify the UDP or TCP_UDP protocol if dual-stack mode is enabled. You cannot
specify a protocol for a Gateway Load Balancer. | | sslPolicy
Optional | string
[HTTPS and TLS listeners] The security policy that defines which protocols
and ciphers are supported.

For more information, see Security policies (https://docs.aws.amazon.com/elasticloadbalancing/latest/application/create-https-listener.html#describe-ssl-policies)
in the Application Load Balancers Guide and Security policies (https://docs.aws.amazon.com/elasticloadbalancing/latest/network/create-tls-listener.html#describe-ssl-policies)
in the Network Load Balancers Guide. | | tags
Optional | array
The tags to assign to the listener. | | tags.[]
Required | object
Information about a tag. || tags.[].key
Optional | string
| | tags.[].value
Optional | string
|

Status

ackResourceMetadata: 
  arn: string
  ownerAccountID: string
  region: string
conditions:
- lastTransitionTime: string
  message: string
  reason: string
  status: string
  type: string

Field	Description
ackResourceMetadata Optional	object All CRs managed by ACK have a common `Status.ACKResourceMetadata` member that is used to contain resource sync state, account ownership, constructed ARN for the resource
ackResourceMetadata.arn Optional	string ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an “adopted” resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR’s Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270
ackResourceMetadata.ownerAccountID Required	string OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource.
ackResourceMetadata.region Required	string Region is the AWS region in which the resource exists or will exist.
conditions Optional	array All CRS managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource
conditions.[] Required	object Condition is the common struct used by all CRDs managed by ACK service
controllers to indicate terminal states of the CR and its backend AWS
service API resource
conditions.[].message Optional	string A human readable message indicating details about the transition.
conditions.[].reason Optional	string The reason for the condition’s last transition.
conditions.[].status Optional	string Status of the condition, one of True, False, Unknown.
conditions.[].type Optional	string Type is the type of the Condition

Listener

Metadata#

Spec#

Status#

Metadata

Spec

Status