Rule
elbv2.services.k8s.aws/v1alpha1
| Type | Link |
|---|---|
| GoDoc | elbv2-controller/apis/v1alpha1#Rule |
Metadata
| Property | Value |
|---|---|
| Scope | Namespaced |
| Kind | Rule |
| ListKind | RuleList |
| Plural | rules |
| Singular | rule |
Information about a rule.
Spec
actions:
authenticateCognitoConfig:
authenticationRequestExtraParams: {}
onUnauthenticatedRequest: string
scope: string
sessionCookieName: string
sessionTimeout: integer
userPoolARN: string
userPoolClientID: string
userPoolDomain: string
authenticateOIDCConfig:
authenticationRequestExtraParams: {}
authorizationEndpoint: string
clientID: string
clientSecret: string
issuer: string
onUnauthenticatedRequest: string
scope: string
sessionCookieName: string
sessionTimeout: integer
tokenEndpoint: string
useExistingClientSecret: boolean
userInfoEndpoint: string
fixedResponseConfig:
contentType: string
messageBody: string
statusCode: string
forwardConfig:
targetGroupStickinessConfig:
durationSeconds: integer
enabled: boolean
targetGroups:
- targetGroupARN: string
targetGroupRef:
from:
name: string
namespace: string
weight: integer
order: integer
redirectConfig:
host: string
path: string
port: string
protocol: string
query: string
statusCode: string
targetGroupARN: string
targetGroupRef:
from:
name: string
namespace: string
type: string
conditions:
- field: string
hostHeaderConfig:
values:
- string
httpHeaderConfig:
httpHeaderName: string
values:
- string
httpRequestMethodConfig:
values:
- string
pathPatternConfig:
values:
- string
queryStringConfig:
values:
- key: string
value: string
sourceIPConfig:
values:
- string
values:
- string
listenerARN: string
listenerRef:
from:
name: string
namespace: string
priority: integer
tags:
- key: string
value: string
| Field | Description |
|---|---|
| actions Required | array The actions. |
| actions.[] Required | object Information about an action. |
Each rule must include exactly one of the following types of actions: forward,
fixed-response, or redirect, and it must be the last action to be performed. || actions.[].authenticateCognitoConfig
Optional | object
Request parameters to use when integrating with Amazon Cognito to authenticate
users. |
| actions.[].authenticateCognitoConfig.authenticationRequestExtraParams
Optional | object
|
| actions.[].authenticateCognitoConfig.onUnauthenticatedRequest
Optional | string
|
| actions.[].authenticateCognitoConfig.scope
Optional | string
|
| actions.[].authenticateCognitoConfig.sessionCookieName
Optional | string
|
| actions.[].authenticateCognitoConfig.sessionTimeout
Optional | integer
|
| actions.[].authenticateCognitoConfig.userPoolARN
Optional | string
|
| actions.[].authenticateCognitoConfig.userPoolClientID
Optional | string
|
| actions.[].authenticateCognitoConfig.userPoolDomain
Optional | string
|
| actions.[].authenticateOIDCConfig
Optional | object
Request parameters when using an identity provider (IdP) that is compliant
with OpenID Connect (OIDC) to authenticate users. |
| actions.[].authenticateOIDCConfig.authenticationRequestExtraParams
Optional | object
|
| actions.[].authenticateOIDCConfig.authorizationEndpoint
Optional | string
|
| actions.[].authenticateOIDCConfig.clientID
Optional | string
|
| actions.[].authenticateOIDCConfig.clientSecret
Optional | string
|
| actions.[].authenticateOIDCConfig.issuer
Optional | string
|
| actions.[].authenticateOIDCConfig.onUnauthenticatedRequest
Optional | string
|
| actions.[].authenticateOIDCConfig.scope
Optional | string
|
| actions.[].authenticateOIDCConfig.sessionCookieName
Optional | string
|
| actions.[].authenticateOIDCConfig.sessionTimeout
Optional | integer
|
| actions.[].authenticateOIDCConfig.tokenEndpoint
Optional | string
|
| actions.[].authenticateOIDCConfig.useExistingClientSecret
Optional | boolean
|
| actions.[].authenticateOIDCConfig.userInfoEndpoint
Optional | string
|
| actions.[].fixedResponseConfig
Optional | object
Information about an action that returns a custom HTTP response. |
| actions.[].fixedResponseConfig.contentType
Optional | string
|
| actions.[].fixedResponseConfig.messageBody
Optional | string
|
| actions.[].fixedResponseConfig.statusCode
Optional | string
|
| actions.[].forwardConfig
Optional | object
Information about a forward action. |
| actions.[].forwardConfig.targetGroupStickinessConfig
Optional | object
Information about the target group stickiness for a rule. |
| actions.[].forwardConfig.targetGroupStickinessConfig.durationSeconds
Optional | integer
|
| actions.[].forwardConfig.targetGroupStickinessConfig.enabled
Optional | boolean
|
| actions.[].forwardConfig.targetGroups
Optional | array
|
| actions.[].forwardConfig.targetGroups.[]
Required | object
Information about how traffic will be distributed between multiple target
groups in a forward rule. || actions.[].forwardConfig.targetGroups.[].targetGroupARN
Optional | string
|
| actions.[].forwardConfig.targetGroups.[].targetGroupRef
Optional | object
Reference field for TargetGroupARN |
| actions.[].forwardConfig.targetGroups.[].targetGroupRef.from
Optional | object
AWSResourceReference provides all the values necessary to reference another
k8s resource for finding the identifier(Id/ARN/Name) |
| actions.[].forwardConfig.targetGroups.[].targetGroupRef.from.name
Optional | string
|
| actions.[].forwardConfig.targetGroups.[].targetGroupRef.from.namespace
Optional | string
|
| actions.[].forwardConfig.targetGroups.[].weight
Optional | integer
|
| actions.[].order
Optional | integer
|
| actions.[].redirectConfig
Optional | object
Information about a redirect action.
A URI consists of the following components: protocol://hostname:port/path?query.
You must modify at least one of the following components to avoid a redirect
loop: protocol, hostname, port, or path. Any components that you do not modify
retain their original values.
You can reuse URI components using the following reserved keywords:
* #{protocol}
* #{host}
* #{port}
* #{path} (the leading “/” is removed)
* #{query}
For example, you can change the path to “/new/#{path}”, the hostname to “example.#{host}”,
or the query to “#{query}&value=xyz”. |
| actions.[].redirectConfig.host
Optional | string
|
| actions.[].redirectConfig.path
Optional | string
|
| actions.[].redirectConfig.port
Optional | string
|
| actions.[].redirectConfig.protocol
Optional | string
|
| actions.[].redirectConfig.query
Optional | string
|
| actions.[].redirectConfig.statusCode
Optional | string
|
| actions.[].targetGroupARN
Optional | string
|
| actions.[].targetGroupRef
Optional | object
Reference field for TargetGroupARN |
| actions.[].targetGroupRef.from
Optional | object
AWSResourceReference provides all the values necessary to reference another
k8s resource for finding the identifier(Id/ARN/Name) |
| actions.[].targetGroupRef.from.name
Optional | string
|
| actions.[].targetGroupRef.from.namespace
Optional | string
|
| actions.[].type
Optional | string
|
| conditions
Required | array
The conditions. |
| conditions.[]
Required | object
Information about a condition for a rule.
Each rule can optionally include up to one of each of the following conditions: http-request-method, host-header, path-pattern, and source-ip. Each rule can also optionally include one or more of each of the following conditions: http-header and query-string. Note that the value for a condition cannot be empty.
For more information, see Quotas for your Application Load Balancers (https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-limits.html). || conditions.[].field
Optional | string
|
| conditions.[].hostHeaderConfig
Optional | object
Information about a host header condition. |
| conditions.[].hostHeaderConfig.values
Optional | array
|
| conditions.[].hostHeaderConfig.values.[]
Required | string
|| conditions.[].httpHeaderConfig
Optional | object
Information about an HTTP header condition.
There is a set of standard HTTP header fields. You can also define custom
HTTP header fields. |
| conditions.[].httpHeaderConfig.httpHeaderName
Optional | string
|
| conditions.[].httpHeaderConfig.values
Optional | array
|
| conditions.[].httpHeaderConfig.values.[]
Required | string
|| conditions.[].httpRequestMethodConfig
Optional | object
Information about an HTTP method condition.
HTTP defines a set of request methods, also referred to as HTTP verbs. For
more information, see the HTTP Method Registry (https://www.iana.org/assignments/http-methods/http-methods.xhtml).
You can also define custom HTTP methods. |
| conditions.[].httpRequestMethodConfig.values
Optional | array
|
| conditions.[].httpRequestMethodConfig.values.[]
Required | string
|| conditions.[].pathPatternConfig
Optional | object
Information about a path pattern condition. |
| conditions.[].pathPatternConfig.values
Optional | array
|
| conditions.[].pathPatternConfig.values.[]
Required | string
|| conditions.[].queryStringConfig
Optional | object
Information about a query string condition.
The query string component of a URI starts after the first ‘?’ character
and is terminated by either a ‘#’ character or the end of the URI. A typical
query string contains key/value pairs separated by ‘&’ characters. The allowed
characters are specified by RFC 3986. Any character can be percentage encoded. |
| conditions.[].queryStringConfig.values
Optional | array
|
| conditions.[].queryStringConfig.values.[]
Required | object
Information about a key/value pair. || conditions.[].queryStringConfig.values.[].key
Optional | string
|
| conditions.[].queryStringConfig.values.[].value
Optional | string
|
| conditions.[].sourceIPConfig
Optional | object
Information about a source IP condition.
You can use this condition to route based on the IP address of the source
that connects to the load balancer. If a client is behind a proxy, this is
the IP address of the proxy not the IP address of the client. |
| conditions.[].sourceIPConfig.values
Optional | array
|
| conditions.[].sourceIPConfig.values.[]
Required | string
|| conditions.[].values
Optional | array
|
| conditions.[].values.[]
Required | string
|| listenerARN
Optional | string
The Amazon Resource Name (ARN) of the listener. |
| listenerRef
Optional | object
AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference
type to provide more user friendly syntax for references using ‘from’ field
Ex:
APIIDRef:
from:
name: my-api |
| listenerRef.from
Optional | object
AWSResourceReference provides all the values necessary to reference another
k8s resource for finding the identifier(Id/ARN/Name) |
| listenerRef.from.name
Optional | string
|
| listenerRef.from.namespace
Optional | string
|
| priority
Required | integer
The rule priority. A listener can’t have multiple rules with the same priority. |
| tags
Optional | array
The tags to assign to the rule. |
| tags.[]
Required | object
Information about a tag. || tags.[].key
Optional | string
|
| tags.[].value
Optional | string
|
Status
ackResourceMetadata:
arn: string
ownerAccountID: string
region: string
conditions:
- lastTransitionTime: string
message: string
reason: string
status: string
type: string
isDefault: boolean
| Field | Description |
|---|---|
| ackResourceMetadata Optional | object All CRs managed by ACK have a common Status.ACKResourceMetadata memberthat is used to contain resource sync state, account ownership, constructed ARN for the resource |
| ackResourceMetadata.arn Optional | string ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an “adopted” resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR’s Spec field values. https://github.com/aws/aws-controllers-k8s/issues/270 |
| ackResourceMetadata.ownerAccountID Required | string OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource. |
| ackResourceMetadata.region Required | string Region is the AWS region in which the resource exists or will exist. |
| conditions Optional | array All CRS managed by ACK have a common Status.Conditions member thatcontains a collection of ackv1alpha1.Condition objects that describethe various terminal states of the CR and its backend AWS service API resource |
| conditions.[] Required | object Condition is the common struct used by all CRDs managed by ACK service |
| controllers to indicate terminal states of the CR and its backend AWS | |
| service API resource | |
| conditions.[].message Optional | string A human readable message indicating details about the transition. |
| conditions.[].reason Optional | string The reason for the condition’s last transition. |
| conditions.[].status Optional | string Status of the condition, one of True, False, Unknown. |
| conditions.[].type Optional | string Type is the type of the Condition |
| isDefault Optional | boolean Indicates whether this is the default rule. |