APISpec

Packages:

• appmesh.k8s.aws/v1beta2

appmesh.k8s.aws/v1beta2

Package v1beta2 contains API Schema definitions for the appmesh v1beta2 API group

Resource Types:

AWSCloudMapInstanceAttribute

(Appears on: AWSCloudMapServiceDiscovery)

AWSCloudMapInstanceAttribute refers to https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_AwsCloudMapInstanceAttribute.html

Field	Description
key string	The name of an AWS Cloud Map service instance attribute key.
value string	The value of an AWS Cloud Map service instance attribute key.

AWSCloudMapServiceDiscovery

(Appears on: ServiceDiscovery)

AWSCloudMapServiceDiscovery refers to https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_AwsCloudMapServiceDiscovery.html

Field	Description
namespaceName string	The name of the AWS Cloud Map namespace to use.
serviceName string	The name of the AWS Cloud Map service to use.
attributes []AWSCloudMapInstanceAttribute	(Optional) A string map that contains attributes with values that you can use to filter instances by any custom attribute that you specified when you registered the instance

AccessLog

(Appears on: Logging)

AccessLog refers to https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_AccessLog.html

Field	Description
file FileAccessLog	(Optional) The file object to send virtual node access logs to.

Backend

(Appears on: VirtualNodeSpec)

Backend refers to https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_Backend.html

Field	Description
virtualService VirtualServiceBackend	Specifies a virtual service to use as a backend for a virtual node.

BackendDefaults

(Appears on: VirtualNodeSpec)

BackendDefaults refers to https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_BackendDefaults.html

Field	Description
clientPolicy ClientPolicy	(Optional) A reference to an object that represents a client policy.

ClientPolicy

(Appears on: BackendDefaults, VirtualServiceBackend)

ClientPolicy refers to https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_ClientPolicy.html

Field	Description
tls ClientPolicyTLS	(Optional) A reference to an object that represents a Transport Layer Security (TLS) client policy.

ClientPolicyTLS

(Appears on: ClientPolicy)

ClientPolicyTLS refers to https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_ClientPolicyTls.html

Field	Description
enforce bool	(Optional) Whether the policy is enforced. If unspecified, default settings from AWS API will be applied. Refer to AWS Docs for default settings.
ports []PortNumber	(Optional) The range of ports that the policy is enforced for.
validation TLSValidationContext	A reference to an object that represents a TLS validation context.
certificate ClientTLSCertificate	(Optional) A reference to an object that represents TLS certificate.

ClientTLSCertificate

(Appears on: ClientPolicyTLS)

Field	Description
file ListenerTLSFileCertificate	(Optional) An object that represents a TLS cert via a local file
sds ListenerTLSSDSCertificate	(Optional) An object that represents a TLS cert via SDS entry

DNSServiceDiscovery

(Appears on: ServiceDiscovery)

DNSServiceDiscovery refers to https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_DnsServiceDiscovery.html

Field	Description
hostname string	Specifies the DNS service discovery hostname for the virtual node.
responseType string	(Optional) Choose between ENDPOINTS (strict DNS) and LOADBALANCER (logical DNS) mode in Envoy sidecar

Duration

(Appears on: GRPCRetryPolicy, GRPCTimeout, HTTPRetryPolicy, HTTPTimeout, OutlierDetection, TCPTimeout)

Field	Description
unit DurationUnit	A unit of time.
value int64	A number of time units.

DurationUnit (string alias)

(Appears on: Duration)

EgressFilter

(Appears on: MeshSpec)

EgressFilter refers to https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_EgressFilter.html

Field	Description
type EgressFilterType	The egress filter type.

EgressFilterType (string alias)

(Appears on: EgressFilter)

FileAccessLog

(Appears on: AccessLog)

FileAccessLog refers to https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_FileAccessLog.html

Field	Description
path string	The file path to write access logs to.

GRPCConnectionPool

(Appears on: VirtualGatewayConnectionPool, VirtualNodeConnectionPool)

Field	Description
maxRequests int64	Represents the maximum number of inflight requests that an envoy can concurrently support across all the hosts in the upstream cluster

GRPCGatewayRoute

(Appears on: GatewayRouteSpec)

GRPCGatewayRoute refers to https://docs.aws.amazon.com/app-mesh/latest/userguide/gateway-routes.html

Field	Description
match GRPCGatewayRouteMatch	An object that represents the criteria for determining a request match.
action GRPCGatewayRouteAction	An object that represents the action to take if a match is determined.

GRPCGatewayRouteAction

(Appears on: GRPCGatewayRoute)

GRPCGatewayRouteAction refers to https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_GrpcGatewayRouteAction.html

Field	Description
target GatewayRouteTarget	An object that represents the target that traffic is routed to when a request matches the route.
rewrite GrpcGatewayRouteRewrite	(Optional)

GRPCGatewayRouteMatch

(Appears on: GRPCGatewayRoute)

GRPCGatewayRouteMatch refers to https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_GrpcGatewayRouteMatch.html

Field	Description
serviceName string	(Optional) Either ServiceName or Hostname must be specified. Both are allowed as well The fully qualified domain name for the service to match from the request.
hostname GatewayRouteHostnameMatch	(Optional) The client specified Hostname to match on.
metadata []GRPCGatewayRouteMetadata	(Optional) An object that represents the data to match from the request.

GRPCGatewayRouteMetadata

(Appears on: GRPCGatewayRouteMatch)

GRPCGatewayRouteMetadata refers to https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_GrpcGatewayRouteMetadata.html

Field	Description
name string	The name of the route.
match GRPCRouteMetadataMatchMethod	(Optional) An object that represents the data to match from the request.
invert bool	(Optional) Specify True to match anything except the match criteria. The default value is False.

GRPCRetryPolicy

(Appears on: GRPCRoute)

GRPCRetryPolicy refers to https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_GrpcRetryPolicy.html

Field	Description
grpcRetryEvents []GRPCRetryPolicyEvent	(Optional)
httpRetryEvents []HTTPRetryPolicyEvent	(Optional)
tcpRetryEvents []TCPRetryPolicyEvent	(Optional)
maxRetries int64	The maximum number of retry attempts.
perRetryTimeout Duration	An object that represents a duration of time.

GRPCRetryPolicyEvent (string alias)

(Appears on: GRPCRetryPolicy)

GRPCRoute

(Appears on: Route)

GRPCRoute refers to https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_GrpcRoute.html

Field	Description
match GRPCRouteMatch	An object that represents the criteria for determining a request match.
action GRPCRouteAction	An object that represents the action to take if a match is determined.
retryPolicy GRPCRetryPolicy	(Optional) An object that represents a retry policy.
timeout GRPCTimeout	(Optional) An object that represents a grpc timeout.

GRPCRouteAction

(Appears on: GRPCRoute)

GRPCRouteAction refers to https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_GrpcRouteAction.html

Field	Description
weightedTargets []WeightedTarget	An object that represents the targets that traffic is routed to when a request matches the route.

GRPCRouteMatch

(Appears on: GRPCRoute)

GRPCRouteMatch refers to https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_GrpcRouteMatch.html

Field	Description
methodName string	(Optional) The method name to match from the request. If you specify a name, you must also specify a serviceName.
serviceName string	(Optional) The fully qualified domain name for the service to match from the request.
metadata []GRPCRouteMetadata	(Optional) An object that represents the data to match from the request.

GRPCRouteMetadata

(Appears on: GRPCRouteMatch)

GRPCRouteMetadata refers to https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_GrpcRouteMetadata.html

Field	Description
name string	The name of the route.
match GRPCRouteMetadataMatchMethod	(Optional) An object that represents the data to match from the request.
invert bool	(Optional) Specify True to match anything except the match criteria. The default value is False.

GRPCRouteMetadataMatchMethod

(Appears on: GRPCGatewayRouteMetadata, GRPCRouteMetadata)

GRPCRouteMetadataMatchMethod refers to https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_GrpcRouteMetadataMatchMethod.html

Field	Description
exact string	(Optional) The value sent by the client must match the specified value exactly.
prefix string	(Optional) The value sent by the client must begin with the specified characters.
range MatchRange	(Optional) An object that represents the range of values to match on
regex string	(Optional) The value sent by the client must include the specified characters.
suffix string	(Optional) The value sent by the client must end with the specified characters.

GRPCTimeout

(Appears on: GRPCRoute, ListenerTimeout)

Field	Description
perRequest Duration	(Optional) An object that represents per request timeout duration.
idle Duration	(Optional) An object that represents idle timeout duration.

GatewayRoute

GatewayRoute is the Schema for the gatewayroutes API

Field	Description
metadata Kubernetes meta/v1.ObjectMeta	Refer to the Kubernetes API documentation for the fields of the metadata field.
spec GatewayRouteSpec	awsName string (Optional) AWSName is the AppMesh GatewayRoute object’s name. If unspecified or empty, it defaults to be “${name}_${namespace}” of k8s GatewayRoute priority int64 (Optional) Priority for the gatewayroute. Default Priority is 1000 which is lowest priority grpcRoute GRPCGatewayRoute (Optional) An object that represents the specification of a gRPC gatewayRoute. httpRoute HTTPGatewayRoute (Optional) An object that represents the specification of an HTTP gatewayRoute. http2Route HTTPGatewayRoute (Optional) An object that represents the specification of an HTTP/2 gatewayRoute. virtualGatewayRef VirtualGatewayReference (Optional) A reference to k8s VirtualGateway CR that this GatewayRoute belongs to. The admission controller populates it using VirtualGateway’s selector, and prevents users from setting this field. Populated by the system. Read-only. meshRef MeshReference (Optional) A reference to k8s Mesh CR that this GatewayRoute belongs to. The admission controller populates it using Meshes’s selector, and prevents users from setting this field. Populated by the system. Read-only.
status GatewayRouteStatus

GatewayRouteCondition

(Appears on: GatewayRouteStatus)

Field	Description
type GatewayRouteConditionType	Type of GatewayRoute condition.
status Kubernetes core/v1.ConditionStatus	Status of the condition, one of True, False, Unknown.
lastTransitionTime Kubernetes meta/v1.Time	(Optional) Last time the condition transitioned from one status to another.
reason string	(Optional) The reason for the condition’s last transition.
message string	(Optional) A human readable message indicating details about the transition.

GatewayRouteConditionType (string alias)

(Appears on: GatewayRouteCondition)

GatewayRouteHostnameMatch

(Appears on: GRPCGatewayRouteMatch, HTTPGatewayRouteMatch)

Hostname based match, either Exact or Suffix must be specified. Both are not allowed GatewayRouteHostnameMatch refers to https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_GatewayRouteHostnameMatch.html

Field	Description
exact string	(Optional) The value sent by the client must match the specified value exactly.
suffix string	(Optional) The value sent by the client must end with the specified characters.

GatewayRouteHostnameRewrite

(Appears on: GrpcGatewayRouteRewrite, HTTPGatewayRouteRewrite)

GatewayRouteHostnameRewrite refers to https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_GatewayRouteHostnameRewrite.html ENABLE or DISABLE default behavior for Hostname rewrite

Field	Description
defaultTargetHostname string	(Optional)

GatewayRoutePathRewrite

(Appears on: HTTPGatewayRouteRewrite)

GatewayRoutePathRewrite refers to https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_HttpGatewayRoutePathRewrite.html

Field	Description
exact string	(Optional)

GatewayRoutePrefixRewrite

(Appears on: HTTPGatewayRouteRewrite)

GatewayRoutePrefixRewrite refers to https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_HttpGatewayRoutePrefixRewrite.html

Field	Description
defaultPrefix string	(Optional)
value string	(Optional) When DefaultPrefix is specified, Value cannot be set

GatewayRouteSpec

(Appears on: GatewayRoute)

GatewayRouteSpec defines the desired state of GatewayRoute refers to https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_GatewayRouteSpec.html

Field	Description
awsName string	(Optional) AWSName is the AppMesh GatewayRoute object’s name. If unspecified or empty, it defaults to be “${name}_${namespace}” of k8s GatewayRoute
priority int64	(Optional) Priority for the gatewayroute. Default Priority is 1000 which is lowest priority
grpcRoute GRPCGatewayRoute	(Optional) An object that represents the specification of a gRPC gatewayRoute.
httpRoute HTTPGatewayRoute	(Optional) An object that represents the specification of an HTTP gatewayRoute.
http2Route HTTPGatewayRoute	(Optional) An object that represents the specification of an HTTP/2 gatewayRoute.
virtualGatewayRef VirtualGatewayReference	(Optional) A reference to k8s VirtualGateway CR that this GatewayRoute belongs to. The admission controller populates it using VirtualGateway’s selector, and prevents users from setting this field. Populated by the system. Read-only.
meshRef MeshReference	(Optional) A reference to k8s Mesh CR that this GatewayRoute belongs to. The admission controller populates it using Meshes’s selector, and prevents users from setting this field. Populated by the system. Read-only.

GatewayRouteStatus

(Appears on: GatewayRoute)

GatewayRouteStatus defines the observed state of GatewayRoute

Field	Description
gatewayRouteARN string	(Optional) GatewayRouteARN is the AppMesh GatewayRoute object’s Amazon Resource Name
conditions []GatewayRouteCondition	(Optional) The current GatewayRoute status.
observedGeneration int64	(Optional) The generation observed by the GatewayRoute controller.

GatewayRouteTarget

(Appears on: GRPCGatewayRouteAction, HTTPGatewayRouteAction)

GatewayRouteTarget refers to https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_GatewayRouteTarget.html

Field	Description
virtualService GatewayRouteVirtualService	The virtual service to associate with the gateway route target.

GatewayRouteVirtualService

(Appears on: GatewayRouteTarget)

GatewayRouteVirtualService refers to https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_GatewayRouteVirtualService.html

Field	Description
virtualServiceRef VirtualServiceReference	(Optional) Reference to Kubernetes VirtualService CR in cluster to associate with the gateway route virtual service target. Exactly one of ‘virtualServiceRef’ or ‘virtualServiceARN’ must be specified.
virtualServiceARN string	(Optional) Amazon Resource Name to AppMesh VirtualService object to associate with the gateway route virtual service target. Exactly one of ‘virtualServiceRef’ or ‘virtualServiceARN’ must be specified.

GrpcGatewayRouteRewrite

(Appears on: GRPCGatewayRouteAction)

GrpcGatewayRouteRewrite refers to https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_GrpcGatewayRouteRewrite.html

Field	Description
hostname GatewayRouteHostnameRewrite

HTTP2ConnectionPool

(Appears on: VirtualGatewayConnectionPool, VirtualNodeConnectionPool)

Field	Description
maxRequests int64	Represents the maximum number of inflight requests that an envoy can concurrently support across all the hosts in the upstream cluster

HTTPConnectionPool

(Appears on: VirtualGatewayConnectionPool, VirtualNodeConnectionPool)

Field	Description
maxConnections int64	Represents the maximum number of outbound TCP connections the envoy can establish concurrently with all the hosts in the upstream cluster.
maxPendingRequests int64	(Optional) Represents the number of overflowing requests after max_connections that an envoy will queue to an upstream cluster.

HTTPGatewayRoute

(Appears on: GatewayRouteSpec)

HTTPGatewayRoute refers to https://docs.aws.amazon.com/app-mesh/latest/userguide/gateway-routes.html

Field	Description
match HTTPGatewayRouteMatch	An object that represents the criteria for determining a request match.
action HTTPGatewayRouteAction	An object that represents the action to take if a match is determined.

HTTPGatewayRouteAction

(Appears on: HTTPGatewayRoute)

HTTPGatewayRouteAction refers to https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_HttpGatewayRouteAction.html

Field	Description
target GatewayRouteTarget	An object that represents the target that traffic is routed to when a request matches the route.
rewrite HTTPGatewayRouteRewrite	(Optional)

HTTPGatewayRouteHeader

(Appears on: HTTPGatewayRouteMatch)

HTTPGatewayRouteHeader refers to https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_HttpGatewayRouteHeader.html

Field	Description
name string	A name for the HTTP header in the client request that will be matched on.
match HeaderMatchMethod	(Optional) The HeaderMatchMethod object.
invert bool	(Optional) Specify True to match anything except the match criteria. The default value is False.

HTTPGatewayRouteMatch

(Appears on: HTTPGatewayRoute)

HTTPGatewayRouteMatch refers to https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_HttpGatewayRouteMatch.html

Field	Description
prefix string	(Optional) Either Prefix or Hostname must be specified. Both are allowed as well. Specifies the prefix to match requests with
path HTTPPathMatch	(Optional) Specified path of the request to be matched on
queryParameters []HTTPQueryParameters	(Optional) Client specified query parameters to match on
method string	(Optional) The client request method to match on.
hostname GatewayRouteHostnameMatch	(Optional) The client specified Hostname to match on.
headers []HTTPGatewayRouteHeader	(Optional) An object that represents the client request headers to match on.

HTTPGatewayRouteRewrite

(Appears on: HTTPGatewayRouteAction)

HTTPGatewayRouteRewrite refers to https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_HttpGatewayRouteRewrite.html

Field	Description
prefix GatewayRoutePrefixRewrite	(Optional)
path GatewayRoutePathRewrite	(Optional)
hostname GatewayRouteHostnameRewrite	(Optional)

HTTPPathMatch

(Appears on: HTTPGatewayRouteMatch, HTTPRouteMatch)

HTTPPathMatch refers to https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_HttpPathMatch.html

Field	Description
exact string	(Optional) The value sent by the client must match the specified value exactly.
regex string	(Optional) The value sent by the client must end with the specified characters.

HTTPQueryParameters

(Appears on: HTTPGatewayRouteMatch, HTTPRouteMatch)

HTTPQueryParameters refers to https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_HttpQueryParameter.html

Field	Description
name string
match QueryMatchMethod	(Optional) The QueryMatchMethod object.

HTTPRetryPolicy

(Appears on: HTTPRoute)

HTTPRetryPolicy refers to https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_HttpRetryPolicy.html

Field	Description
httpRetryEvents []HTTPRetryPolicyEvent	(Optional)
tcpRetryEvents []TCPRetryPolicyEvent	(Optional)
maxRetries int64	The maximum number of retry attempts.
perRetryTimeout Duration	An object that represents a duration of time

HTTPRetryPolicyEvent (string alias)

(Appears on: GRPCRetryPolicy, HTTPRetryPolicy)

HTTPRoute

(Appears on: Route)

HTTPRoute refers to https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_HttpRoute.html

Field	Description
match HTTPRouteMatch	An object that represents the criteria for determining a request match.
action HTTPRouteAction	An object that represents the action to take if a match is determined.
retryPolicy HTTPRetryPolicy	(Optional) An object that represents a retry policy.
timeout HTTPTimeout	(Optional) An object that represents a http timeout.

HTTPRouteAction

(Appears on: HTTPRoute)

HTTPRouteAction refers to https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_HttpRouteAction.html

Field	Description
weightedTargets []WeightedTarget	An object that represents the targets that traffic is routed to when a request matches the route.

HTTPRouteHeader

(Appears on: HTTPRouteMatch)

HTTPRouteHeader refers to https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_HttpRouteHeader.html

Field	Description
name string	A name for the HTTP header in the client request that will be matched on.
match HeaderMatchMethod	(Optional) The HeaderMatchMethod object.
invert bool	(Optional) Specify True to match anything except the match criteria. The default value is False.

HTTPRouteMatch

(Appears on: HTTPRoute)

HTTPRouteMatch refers to https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_HttpRouteMatch.html

Field	Description
headers []HTTPRouteHeader	(Optional) An object that represents the client request headers to match on.
method string	(Optional) The client request method to match on.
prefix string	(Optional) Specifies the prefix to match requests with
scheme string	(Optional) The client request scheme to match on
path HTTPPathMatch	(Optional) The client specified Path to match on.
queryParameters []HTTPQueryParameters	(Optional) The client specified queryParameters to match on

HTTPTimeout

(Appears on: HTTPRoute, ListenerTimeout)

Field	Description
perRequest Duration	(Optional) An object that represents per request timeout duration.
idle Duration	(Optional) An object that represents idle timeout duration.

HeaderMatchMethod

(Appears on: HTTPGatewayRouteHeader, HTTPRouteHeader)

HeaderMatchMethod refers to https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_HeaderMatchMethod.html

Field	Description
exact string	(Optional) The value sent by the client must match the specified value exactly.
prefix string	(Optional) The value sent by the client must begin with the specified characters.
range MatchRange	(Optional) An object that represents the range of values to match on.
regex string	(Optional) The value sent by the client must include the specified characters.
suffix string	(Optional) The value sent by the client must end with the specified characters.

HealthCheckPolicy

(Appears on: Listener)

HealthCheckPolicy refers to https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_HealthCheckPolicy.html

Field	Description
healthyThreshold int64	The number of consecutive successful health checks that must occur before declaring listener healthy.
intervalMillis int64	The time period in milliseconds between each health check execution.
path string	(Optional) The destination path for the health check request. This value is only used if the specified protocol is http or http2. For any other protocol, this value is ignored.
port PortNumber	(Optional) The destination port for the health check request.
protocol PortProtocol	The protocol for the health check request
timeoutMillis int64	The amount of time to wait when receiving a response from the health check, in milliseconds.
unhealthyThreshold int64	The number of consecutive failed health checks that must occur before declaring a virtual node unhealthy.

Listener

(Appears on: VirtualNodeSpec)

Listener refers to https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_Listener.html

Field	Description
portMapping PortMapping	The port mapping information for the listener.
healthCheck HealthCheckPolicy	(Optional) The health check information for the listener.
outlierDetection OutlierDetection	(Optional) The outlier detection for the listener
connectionPool VirtualNodeConnectionPool	(Optional) The connection pool settings for the listener
tls ListenerTLS	(Optional) A reference to an object that represents the Transport Layer Security (TLS) properties for a listener.
timeout ListenerTimeout	(Optional) A reference to an object that represents

ListenerTLS

(Appears on: Listener)

ListenerTLS refers to https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_ListenerTls.html

Field	Description
certificate ListenerTLSCertificate	A reference to an object that represents a listener’s TLS certificate.
mode ListenerTLSMode	ListenerTLS mode
validation ListenerTLSValidationContext	(Optional) A reference to an object that represents an SDS Trust Domain

ListenerTLSACMCertificate

(Appears on: ListenerTLSCertificate)

ListenerTLSACMCertificate refers to https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_ListenerTlsAcmCertificate.html

Field	Description
certificateARN string	The Amazon Resource Name (ARN) for the certificate.

ListenerTLSCertificate

(Appears on: ListenerTLS)

ListenerTLSCertificate refers to https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_ListenerTlsCertificate.html

Field	Description
acm ListenerTLSACMCertificate	(Optional) A reference to an object that represents an AWS Certificate Manager (ACM) certificate.
file ListenerTLSFileCertificate	(Optional) A reference to an object that represents a local file certificate.
sds ListenerTLSSDSCertificate	(Optional) A reference to an object that represents an SDS certificate.

ListenerTLSFileCertificate

(Appears on: ClientTLSCertificate, ListenerTLSCertificate)

ListenerTLSFileCertificate refers to https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_ListenerTlsFileCertificate.html

Field	Description
certificateChain string	The certificate chain for the certificate.
privateKey string	The private key for a certificate stored on the file system of the virtual node that the proxy is running on.

ListenerTLSMode (string alias)

(Appears on: ListenerTLS)

ListenerTLSSDSCertificate

(Appears on: ClientTLSCertificate, ListenerTLSCertificate)

ListenerTLSSDSCertificate refers to https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_ListenerTlsFileCertificate.html

Field	Description
secretName string	The certificate trust chain for a certificate issued via SDS cluster

ListenerTLSValidationContext

(Appears on: ListenerTLS)

Field	Description
trust ListenerTLSValidationContextTrust
subjectAlternativeNames SubjectAlternativeNames	(Optional) Possible alternative names to consider

ListenerTLSValidationContextTrust

(Appears on: ListenerTLSValidationContext)

Field	Description
file TLSValidationContextFileTrust	(Optional) An object that represents a TLS validation context trust for a local file.
sds TLSValidationContextSDSTrust	(Optional) An object that represents a TLS validation context trust for an SDS server

ListenerTimeout

(Appears on: Listener)

ListenerTimeout refers to https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_ListenerTimeout.html

Field	Description
tcp TCPTimeout	(Optional) Specifies tcp timeout information for the virtual node.
http HTTPTimeout	(Optional) Specifies http timeout information for the virtual node.
http2 HTTPTimeout	(Optional) Specifies http2 information for the virtual node.
grpc GRPCTimeout	(Optional) Specifies grpc timeout information for the virtual node.

Logging

(Appears on: VirtualNodeSpec)

Logging refers to https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_Logging.html

Field	Description
accessLog AccessLog	(Optional) The access log configuration for a virtual node.

MatchRange

(Appears on: GRPCRouteMetadataMatchMethod, HeaderMatchMethod)

Field	Description
start int64	The start of the range.
end int64	The end of the range.

Mesh

Mesh is the Schema for the meshes API

Field	Description
metadata Kubernetes meta/v1.ObjectMeta	Refer to the Kubernetes API documentation for the fields of the metadata field.
spec MeshSpec	awsName string (Optional) AWSName is the AppMesh Mesh object’s name. If unspecified or empty, it defaults to be “${name}” of k8s Mesh namespaceSelector Kubernetes meta/v1.LabelSelector (Optional) NamespaceSelector selects Namespaces using labels to designate mesh membership. This field follows standard label selector semantics: if present but empty, it selects all namespaces. if absent, it selects no namespace. egressFilter EgressFilter (Optional) The egress filter rules for the service mesh. If unspecified, default settings from AWS API will be applied. Refer to AWS Docs for default settings. meshOwner string (Optional) The AWS IAM account ID of the service mesh owner. Required if the account ID is not your own.
status MeshStatus

MeshCondition

(Appears on: MeshStatus)

Field	Description
type MeshConditionType	Type of mesh condition.
status Kubernetes core/v1.ConditionStatus	Status of the condition, one of True, False, Unknown.
lastTransitionTime Kubernetes meta/v1.Time	(Optional) Last time the condition transitioned from one status to another.
reason string	(Optional) The reason for the condition’s last transition.
message string	(Optional) A human readable message indicating details about the transition.

MeshConditionType (string alias)

(Appears on: MeshCondition)

MeshReference

(Appears on: GatewayRouteSpec, VirtualGatewaySpec, VirtualNodeSpec, VirtualRouterSpec, VirtualServiceSpec)

MeshReference holds a reference to Mesh.appmesh.k8s.aws

Field	Description
name string	Name is the name of Mesh CR
uid k8s.io/apimachinery/pkg/types.UID	UID is the UID of Mesh CR

MeshSpec

(Appears on: Mesh)

MeshSpec defines the desired state of Mesh refers to https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_MeshSpec.html

Field	Description
awsName string	(Optional) AWSName is the AppMesh Mesh object’s name. If unspecified or empty, it defaults to be “${name}” of k8s Mesh
namespaceSelector Kubernetes meta/v1.LabelSelector	(Optional) NamespaceSelector selects Namespaces using labels to designate mesh membership. This field follows standard label selector semantics: if present but empty, it selects all namespaces. if absent, it selects no namespace.
egressFilter EgressFilter	(Optional) The egress filter rules for the service mesh. If unspecified, default settings from AWS API will be applied. Refer to AWS Docs for default settings.
meshOwner string	(Optional) The AWS IAM account ID of the service mesh owner. Required if the account ID is not your own.

MeshStatus

(Appears on: Mesh)

MeshStatus defines the observed state of Mesh

Field	Description
meshARN string	(Optional) MeshARN is the AppMesh Mesh object’s Amazon Resource Name
conditions []MeshCondition	(Optional) The current Mesh status.
observedGeneration int64	(Optional) The generation observed by the Mesh controller.

OutlierDetection

(Appears on: Listener)

OutlierDetection defines the health check policy that temporarily ejects an endpoint/host of a VirtualNode from the load balancing set when it meets failure threshold

Field	Description
maxServerErrors int64	The threshold for the number of server errors returned by a given host during an outlier detection interval. If the server error count meets/exceeds this threshold the host is ejected. A server error is defined as any HTTP 5xx response (or the equivalent for gRPC and TCP connections)
interval Duration	The time interval between ejection analysis sweeps. This can result in both new ejections as well as hosts being returned to service
baseEjectionDuration Duration	The base time that a host is ejected for. The real time is equal to the base time multiplied by the number of times the host has been ejected
maxEjectionPercent int64	The threshold for the max percentage of outlier hosts that can be ejected from the load balancing set. maxEjectionPercent=100 means outlier detection can potentially eject all of the hosts from the upstream service if they are all considered outliers, leaving the load balancing set with zero hosts

PortMapping

(Appears on: Listener, VirtualRouterListener)

PortMapping refers to https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_PortMapping.html

Field	Description
port PortNumber	The port used for the port mapping.
protocol PortProtocol	The protocol used for the port mapping.

PortNumber (int64 alias)

(Appears on: ClientPolicyTLS, HealthCheckPolicy, PortMapping, VirtualGatewayClientPolicyTLS, VirtualGatewayHealthCheckPolicy, VirtualGatewayPortMapping)

PortProtocol (string alias)

(Appears on: HealthCheckPolicy, PortMapping)

QueryMatchMethod

(Appears on: HTTPQueryParameters)

Field	Description
exact string	(Optional)

Route

(Appears on: VirtualRouterSpec)

Route refers to https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_RouteSpec.html

Field	Description
name string	Route’s name
grpcRoute GRPCRoute	(Optional) An object that represents the specification of a gRPC route.
httpRoute HTTPRoute	(Optional) An object that represents the specification of an HTTP route.
http2Route HTTPRoute	(Optional) An object that represents the specification of an HTTP/2 route.
tcpRoute TCPRoute	(Optional) An object that represents the specification of a TCP route.
priority int64	(Optional) The priority for the route.

ServiceDiscovery

(Appears on: VirtualNodeSpec)

ServiceDiscovery refers to https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_ServiceDiscovery.html

Field	Description
awsCloudMap AWSCloudMapServiceDiscovery	(Optional) Specifies any AWS Cloud Map information for the virtual node.
dns DNSServiceDiscovery	(Optional) Specifies the DNS information for the virtual node.

SubjectAlternativeNameMatchers

(Appears on: SubjectAlternativeNames)

Field	Description
exact []string	Exact is a required field

SubjectAlternativeNames

(Appears on: ListenerTLSValidationContext, TLSValidationContext, VirtualGatewayListenerTLSValidationContext, VirtualGatewayTLSValidationContext)

Field	Description
match SubjectAlternativeNameMatchers	Match is a required field

TCPConnectionPool

(Appears on: VirtualNodeConnectionPool)

Field	Description
maxConnections int64	Represents the maximum number of outbound TCP connections the envoy can establish concurrently with all the hosts in the upstream cluster.

TCPRetryPolicyEvent (string alias)

(Appears on: GRPCRetryPolicy, HTTPRetryPolicy)

TCPRoute

(Appears on: Route)

TCPRoute refers to https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_TcpRoute.html

Field	Description
action TCPRouteAction	The action to take if a match is determined.
match TcpRouteMatch	(Optional) An object that represents the criteria for determining a request match.
timeout TCPTimeout	(Optional) An object that represents a tcp timeout.

TCPRouteAction

(Appears on: TCPRoute)

TCPRouteAction refers to https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_TcpRouteAction.html

Field	Description
weightedTargets []WeightedTarget	An object that represents the targets that traffic is routed to when a request matches the route.

TcpRouteMatch

(Appears on: TCPRoute)

Field	Description
port int64	(Optional) The port number to match on.

TCPTimeout

(Appears on: ListenerTimeout, TCPRoute)

Field	Description
idle Duration	(Optional) An object that represents idle timeout duration.

TLSValidationContext

(Appears on: ClientPolicyTLS)

TLSValidationContext refers to https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_TlsValidationContext.html

Field	Description
trust TLSValidationContextTrust	A reference to an object that represents a TLS validation context trust
subjectAlternativeNames SubjectAlternativeNames	(Optional) Possible Alternative names to consider

TLSValidationContextACMTrust

(Appears on: TLSValidationContextTrust)

TLSValidationContextACMTrust refers to https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_TlsValidationContextAcmTrust.html

Field	Description
certificateAuthorityARNs []string	One or more ACM Amazon Resource Name (ARN)s.

TLSValidationContextFileTrust

(Appears on: ListenerTLSValidationContextTrust, TLSValidationContextTrust)

TLSValidationContextFileTrust refers to https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_TlsValidationContextFileTrust.html

Field	Description
certificateChain string	The certificate trust chain for a certificate stored on the file system of the virtual node that the proxy is running on.

TLSValidationContextSDSTrust

(Appears on: ListenerTLSValidationContextTrust, TLSValidationContextTrust)

TLSValidationContextSDSTrust refers to https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_TlsValidationContextFileTrust.html

Field	Description
secretName string	The certificate trust chain for a certificate obtained via SDS

TLSValidationContextTrust

(Appears on: TLSValidationContext)

TLSValidationContextTrust refers to https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_TlsValidationContextTrust.html

Field	Description
acm TLSValidationContextACMTrust	(Optional) A reference to an object that represents a TLS validation context trust for an AWS Certicate Manager (ACM) certificate.
file TLSValidationContextFileTrust	(Optional) An object that represents a TLS validation context trust for a local file.
sds TLSValidationContextSDSTrust	(Optional) An object that represents a TLS validation context trust for a SDS.

VirtualGateway

VirtualGateway is the Schema for the virtualgateways API

Field	Description
metadata Kubernetes meta/v1.ObjectMeta	Refer to the Kubernetes API documentation for the fields of the metadata field.
spec VirtualGatewaySpec	awsName string (Optional) AWSName is the AppMesh VirtualGateway object’s name. If unspecified or empty, it defaults to be “${name}_${namespace}” of k8s VirtualGateway namespaceSelector Kubernetes meta/v1.LabelSelector (Optional) NamespaceSelector selects Namespaces using labels to designate GatewayRoute membership. This field follows standard label selector semantics; if present but empty, it selects all namespaces. podSelector Kubernetes meta/v1.LabelSelector (Optional) PodSelector selects Pods using labels to designate VirtualGateway membership. This field follows standard label selector semantics: if present but empty, it selects all pods within namespace. if absent, it selects no pod. gatewayRouteSelector Kubernetes meta/v1.LabelSelector (Optional) GatewayRouteSelector selects GatewayRoutes using labels to designate GatewayRoute membership. If not specified it selects all GatewayRoutes in that namespace. listeners []VirtualGatewayListener The listener that the virtual gateway is expected to receive inbound traffic from logging VirtualGatewayLogging (Optional) The inbound and outbound access logging information for the virtual gateway. backendDefaults VirtualGatewayBackendDefaults (Optional) A reference to an object that represents the defaults for backend GatewayRoutes. meshRef MeshReference (Optional) A reference to k8s Mesh CR that this VirtualGateway belongs to. The admission controller populates it using Meshes’s selector, and prevents users from setting this field. Populated by the system. Read-only.
status VirtualGatewayStatus

VirtualGatewayAccessLog

(Appears on: VirtualGatewayLogging)

VirtualGatewayAccessLog refers to https://docs.aws.amazon.com/app-mesh/latest/userguide/virtual_gateways.html

Field	Description
file VirtualGatewayFileAccessLog	(Optional) The file object to send virtual gateway access logs to.

VirtualGatewayBackendDefaults

(Appears on: VirtualGatewaySpec)

VirtualGatewayBackendDefaults refers to https://docs.aws.amazon.com/app-mesh/latest/userguide/virtual_gateways.html

Field	Description
clientPolicy VirtualGatewayClientPolicy	(Optional) A reference to an object that represents a client policy.

VirtualGatewayClientPolicy

(Appears on: VirtualGatewayBackendDefaults)

VirtualGatewayClientPolicy refers to https://docs.aws.amazon.com/app-mesh/latest/userguide/virtual_gateways.html

Field	Description
tls VirtualGatewayClientPolicyTLS	(Optional) A reference to an object that represents a Transport Layer Security (TLS) client policy.

VirtualGatewayClientPolicyTLS

(Appears on: VirtualGatewayClientPolicy)

VirtualGatewayClientPolicyTLS refers to https://docs.aws.amazon.com/app-mesh/latest/userguide/virtual_gateways.html

Field	Description
enforce bool	(Optional) Whether the policy is enforced. If unspecified, default settings from AWS API will be applied. Refer to AWS Docs for default settings.
ports []PortNumber	(Optional) The range of ports that the policy is enforced for.
certificate VirtualGatewayClientTLSCertificate	(Optional) A reference to an object that represents TLS certificate.
validation VirtualGatewayTLSValidationContext	A reference to an object that represents a TLS validation context.

VirtualGatewayClientTLSCertificate

(Appears on: VirtualGatewayClientPolicyTLS)

VirtualGatewayTLSValidationContext refers to https://docs.aws.amazon.com/app-mesh/latest/userguide/virtual_gateways.html

Field	Description
file VirtualGatewayListenerTLSFileCertificate	(Optional) An object that represents a TLS cert via a local file
sds VirtualGatewayListenerTLSSDSCertificate	(Optional) An object that represents a TLS cert via SDS entry

VirtualGatewayCondition

(Appears on: VirtualGatewayStatus)

Field	Description
type VirtualGatewayConditionType	Type of VirtualGateway condition.
status Kubernetes core/v1.ConditionStatus	Status of the condition, one of True, False, Unknown.
lastTransitionTime Kubernetes meta/v1.Time	(Optional) Last time the condition transitioned from one status to another.
reason string	(Optional) The reason for the condition’s last transition.
message string	(Optional) A human readable message indicating details about the transition.

VirtualGatewayConditionType (string alias)

(Appears on: VirtualGatewayCondition)

VirtualGatewayConnectionPool

(Appears on: VirtualGatewayListener)

VirtualGatewayConnectionPool refers to the connection pools settings for Virtual Gateway. Connection pool limits the number of connections that an Envoy can concurrently establish with all the hosts in the upstream cluster. Currently connection pool is supported only at the listener level and it is intended protect your local application from being overwhelmed with connections.

Field	Description
http HTTPConnectionPool	(Optional) Specifies http connection pool settings for the virtual gateway listener
http2 HTTP2ConnectionPool	(Optional) Specifies http2 connection pool settings for the virtual gateway listener
grpc GRPCConnectionPool	(Optional) Specifies grpc connection pool settings for the virtual gateway listener

VirtualGatewayFileAccessLog

(Appears on: VirtualGatewayAccessLog)

VirtualGatewayFileAccessLog refers to https://docs.aws.amazon.com/app-mesh/latest/userguide/virtual_gateways.html

Field	Description
path string	The file path to write access logs to.

VirtualGatewayHealthCheckPolicy

(Appears on: VirtualGatewayListener)

VirtualGatewayHealthCheckPolicy refers to https://docs.aws.amazon.com/app-mesh/latest/userguide/virtual_gateways.html

Field	Description
healthyThreshold int64	(Optional) The number of consecutive successful health checks that must occur before declaring listener healthy.
intervalMillis int64	The time period in milliseconds between each health check execution.
path string	(Optional) The destination path for the health check request. This value is only used if the specified protocol is http or http2. For any other protocol, this value is ignored.
port PortNumber	(Optional) The destination port for the health check request.
protocol VirtualGatewayPortProtocol	The protocol for the health check request
timeoutMillis int64	The amount of time to wait when receiving a response from the health check, in milliseconds.
unhealthyThreshold int64	The number of consecutive failed health checks that must occur before declaring a virtual Gateway unhealthy.

VirtualGatewayListener

(Appears on: VirtualGatewaySpec)

VirtualGatewayListener refers to https://docs.aws.amazon.com/app-mesh/latest/userguide/virtual_gateways.html

Field	Description
portMapping VirtualGatewayPortMapping	The port mapping information for the listener.
healthCheck VirtualGatewayHealthCheckPolicy	(Optional) The health check information for the listener.
connectionPool VirtualGatewayConnectionPool	(Optional) The connection pool settings for the listener
tls VirtualGatewayListenerTLS	(Optional) A reference to an object that represents the Transport Layer Security (TLS) properties for a listener.

VirtualGatewayListenerTLS

(Appears on: VirtualGatewayListener)

VirtualGatewayListenerTLS refers to https://docs.aws.amazon.com/app-mesh/latest/userguide/virtual_gateways.html

Field	Description
certificate VirtualGatewayListenerTLSCertificate	A reference to an object that represents a listener’s TLS certificate.
validation VirtualGatewayListenerTLSValidationContext	(Optional) A reference to an object that represents Validation context
mode VirtualGatewayListenerTLSMode	ListenerTLS mode

VirtualGatewayListenerTLSACMCertificate

(Appears on: VirtualGatewayListenerTLSCertificate)

VirtualGatewayListenerTLSACMCertificate refers to https://docs.aws.amazon.com/app-mesh/latest/userguide/virtual_gateways.html

Field	Description
certificateARN string	The Amazon Resource Name (ARN) for the certificate.

VirtualGatewayListenerTLSCertificate

(Appears on: VirtualGatewayListenerTLS)

VirtualGatewayListenerTLSCertificate refers to https://docs.aws.amazon.com/app-mesh/latest/userguide/virtual_gateways.html

Field	Description
acm VirtualGatewayListenerTLSACMCertificate	(Optional) A reference to an object that represents an AWS Certificate Manager (ACM) certificate.
file VirtualGatewayListenerTLSFileCertificate	(Optional) A reference to an object that represents a local file certificate.
sds VirtualGatewayListenerTLSSDSCertificate	(Optional) A reference to an object that represents an SDS issued certificate

VirtualGatewayListenerTLSFileCertificate

(Appears on: VirtualGatewayClientTLSCertificate, VirtualGatewayListenerTLSCertificate)

VirtualGatewayListenerTLSFileCertificate refers to https://docs.aws.amazon.com/app-mesh/latest/userguide/virtual_gateways.html

Field	Description
certificateChain string	The certificate chain for the certificate.
privateKey string	The private key for a certificate stored on the file system of the virtual Gateway.

VirtualGatewayListenerTLSMode (string alias)

(Appears on: VirtualGatewayListenerTLS)

VirtualGatewayListenerTLSSDSCertificate

(Appears on: VirtualGatewayClientTLSCertificate, VirtualGatewayListenerTLSCertificate)

Field	Description
secretName string	The certificate trust chain for a certificate issued via SDS cluster

VirtualGatewayListenerTLSValidationContext

(Appears on: VirtualGatewayListenerTLS)

VirtualGatewayListenerTLSCertificate refers to https://docs.aws.amazon.com/app-mesh/latest/userguide/virtual_gateways.html

Field	Description
trust VirtualGatewayListenerTLSValidationContextTrust
subjectAlternativeNames SubjectAlternativeNames	(Optional) Possible alternate names to consider

VirtualGatewayListenerTLSValidationContextTrust

(Appears on: VirtualGatewayListenerTLSValidationContext)

Field	Description
acm VirtualGatewayTLSValidationContextACMTrust	(Optional) A reference to an object that represents a TLS validation context trust for an AWS Certicate Manager (ACM) certificate.
file VirtualGatewayTLSValidationContextFileTrust	(Optional) An object that represents a TLS validation context trust for a local file.
sds VirtualGatewayTLSValidationContextSDSTrust	(Optional) An object that represents a TLS validation context trust for an SDS system

VirtualGatewayLogging

(Appears on: VirtualGatewaySpec)

VirtualGatewayLogging refers to https://docs.aws.amazon.com/app-mesh/latest/userguide/virtual_gateways.html

Field	Description
accessLog VirtualGatewayAccessLog	(Optional) The access log configuration for a virtual Gateway.

VirtualGatewayPortMapping

(Appears on: VirtualGatewayListener)

VirtualGatewayPortMapping refers to https://docs.aws.amazon.com/app-mesh/latest/userguide/virtual_gateways.html

Field	Description
port PortNumber	The port used for the port mapping.
protocol VirtualGatewayPortProtocol	The protocol used for the port mapping.

VirtualGatewayPortProtocol (string alias)

(Appears on: VirtualGatewayHealthCheckPolicy, VirtualGatewayPortMapping)

VirtualGatewayReference

(Appears on: GatewayRouteSpec)

VirtualGatewayReference holds a reference to VirtualGateway.appmesh.k8s.aws

Field	Description
namespace string	(Optional) Namespace is the namespace of VirtualGateway CR. If unspecified, defaults to the referencing object’s namespace
name string	Name is the name of VirtualGateway CR
uid k8s.io/apimachinery/pkg/types.UID	UID is the UID of VirtualGateway CR

VirtualGatewaySpec

(Appears on: VirtualGateway)

VirtualGatewaySpec defines the desired state of VirtualGateway refers to https://docs.aws.amazon.com/app-mesh/latest/userguide/virtual_gateways.html

Field	Description
awsName string	(Optional) AWSName is the AppMesh VirtualGateway object’s name. If unspecified or empty, it defaults to be “${name}_${namespace}” of k8s VirtualGateway
namespaceSelector Kubernetes meta/v1.LabelSelector	(Optional) NamespaceSelector selects Namespaces using labels to designate GatewayRoute membership. This field follows standard label selector semantics; if present but empty, it selects all namespaces.
podSelector Kubernetes meta/v1.LabelSelector	(Optional) PodSelector selects Pods using labels to designate VirtualGateway membership. This field follows standard label selector semantics: if present but empty, it selects all pods within namespace. if absent, it selects no pod.
gatewayRouteSelector Kubernetes meta/v1.LabelSelector	(Optional) GatewayRouteSelector selects GatewayRoutes using labels to designate GatewayRoute membership. If not specified it selects all GatewayRoutes in that namespace.
listeners []VirtualGatewayListener	The listener that the virtual gateway is expected to receive inbound traffic from
logging VirtualGatewayLogging	(Optional) The inbound and outbound access logging information for the virtual gateway.
backendDefaults VirtualGatewayBackendDefaults	(Optional) A reference to an object that represents the defaults for backend GatewayRoutes.
meshRef MeshReference	(Optional) A reference to k8s Mesh CR that this VirtualGateway belongs to. The admission controller populates it using Meshes’s selector, and prevents users from setting this field. Populated by the system. Read-only.

VirtualGatewayStatus

(Appears on: VirtualGateway)

VirtualGatewayStatus defines the observed state of VirtualGateway

Field	Description
virtualGatewayARN string	(Optional) VirtualGatewayARN is the AppMesh VirtualGateway object’s Amazon Resource Name
conditions []VirtualGatewayCondition	(Optional) The current VirtualGateway status.
observedGeneration int64	(Optional) The generation observed by the VirtualGateway controller.

VirtualGatewayTLSValidationContext

(Appears on: VirtualGatewayClientPolicyTLS)

VirtualGatewayTLSValidationContext refers to https://docs.aws.amazon.com/app-mesh/latest/userguide/virtual_gateways.html

Field	Description
trust VirtualGatewayTLSValidationContextTrust	A reference to an object that represents a TLS validation context trust
subjectAlternativeNames SubjectAlternativeNames	(Optional) Possible alternative names to consider

VirtualGatewayTLSValidationContextACMTrust

(Appears on: VirtualGatewayListenerTLSValidationContextTrust, VirtualGatewayTLSValidationContextTrust)

VirtualGatewayTLSValidationContextACMTrust refers to https://docs.aws.amazon.com/app-mesh/latest/userguide/virtual_gateways.html

Field	Description
certificateAuthorityARNs []string	One or more ACM Amazon Resource Name (ARN)s.

VirtualGatewayTLSValidationContextFileTrust

(Appears on: VirtualGatewayListenerTLSValidationContextTrust, VirtualGatewayTLSValidationContextTrust)

VirtualGatewayTLSValidationContextFileTrust refers to https://docs.aws.amazon.com/app-mesh/latest/userguide/virtual_gateways.html

Field	Description
certificateChain string	The certificate trust chain for a certificate stored on the file system of the virtual Gateway.

VirtualGatewayTLSValidationContextSDSTrust

(Appears on: VirtualGatewayListenerTLSValidationContextTrust, VirtualGatewayTLSValidationContextTrust)

VirtualGatewayTLSValidationContextSDSTrust refers to https://docs.aws.amazon.com/app-mesh/latest/userguide/virtual_gateways.html

Field	Description
secretName string	The certificate trust chain for a certificate issued via SDS.

VirtualGatewayTLSValidationContextTrust

(Appears on: VirtualGatewayTLSValidationContext)

VirtualGatewayTLSValidationContextTrust refers to https://docs.aws.amazon.com/app-mesh/latest/userguide/virtual_gateways.html

Field	Description
acm VirtualGatewayTLSValidationContextACMTrust	(Optional) A reference to an object that represents a TLS validation context trust for an AWS Certicate Manager (ACM) certificate.
file VirtualGatewayTLSValidationContextFileTrust	(Optional) An object that represents a TLS validation context trust for a local file.
sds VirtualGatewayTLSValidationContextSDSTrust	(Optional) An object that represents a TLS validation context trust for a SDS certificate

VirtualNode

VirtualNode is the Schema for the virtualnodes API

Field	Description
metadata Kubernetes meta/v1.ObjectMeta	Refer to the Kubernetes API documentation for the fields of the metadata field.
spec VirtualNodeSpec	awsName string (Optional) AWSName is the AppMesh VirtualNode object’s name. If unspecified or empty, it defaults to be “${name}_${namespace}” of k8s VirtualNode podSelector Kubernetes meta/v1.LabelSelector (Optional) PodSelector selects Pods using labels to designate VirtualNode membership. This field follows standard label selector semantics: if present but empty, it selects all pods within namespace. if absent, it selects no pod. listeners []Listener (Optional) The listener that the virtual node is expected to receive inbound traffic from serviceDiscovery ServiceDiscovery (Optional) The service discovery information for the virtual node. Optional if there is no inbound traffic(no listeners). Mandatory if a listener is specified. backends []Backend (Optional) The backends that the virtual node is expected to send outbound traffic to. backendDefaults BackendDefaults (Optional) A reference to an object that represents the defaults for backends. logging Logging (Optional) The inbound and outbound access logging information for the virtual node. meshRef MeshReference (Optional) A reference to k8s Mesh CR that this VirtualNode belongs to. The admission controller populates it using Meshes’s selector, and prevents users from setting this field. Populated by the system. Read-only.
status VirtualNodeStatus

VirtualNodeCondition

(Appears on: VirtualNodeStatus)

Field	Description
type VirtualNodeConditionType	Type of VirtualNode condition.
status Kubernetes core/v1.ConditionStatus	Status of the condition, one of True, False, Unknown.
lastTransitionTime Kubernetes meta/v1.Time	(Optional) Last time the condition transitioned from one status to another.
reason string	(Optional) The reason for the condition’s last transition.
message string	(Optional) A human readable message indicating details about the transition.

VirtualNodeConditionType (string alias)

(Appears on: VirtualNodeCondition)

VirtualNodeConnectionPool

(Appears on: Listener)

VirtualNodeConnectionPool refers to the connection pools settings for Virtual Node. Connection pool limits the number of connections that an Envoy can concurrently establish with all the hosts in the upstream cluster. Currently connection pool is supported only at the listener level and it is intended protect your local application from being overwhelmed with connections.

Field	Description
tcp TCPConnectionPool	(Optional) Specifies tcp connection pool settings for the virtual node listener
http HTTPConnectionPool	(Optional) Specifies http connection pool settings for the virtual node listener
http2 HTTP2ConnectionPool	(Optional) Specifies http2 connection pool settings for the virtual node listener
grpc GRPCConnectionPool	(Optional) Specifies grpc connection pool settings for the virtual node listener

VirtualNodeReference

(Appears on: VirtualNodeServiceProvider, WeightedTarget)

VirtualNodeReference holds a reference to VirtualNode.appmesh.k8s.aws

Field	Description
namespace string	(Optional) Namespace is the namespace of VirtualNode CR. If unspecified, defaults to the referencing object’s namespace
name string	Name is the name of VirtualNode CR

VirtualNodeServiceProvider

(Appears on: VirtualServiceProvider)

VirtualNodeServiceProvider refers to https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_VirtualNodeServiceProvider.html

Field	Description
virtualNodeRef VirtualNodeReference	(Optional) Reference to Kubernetes VirtualNode CR in cluster that is acting as a service provider. Exactly one of ‘virtualNodeRef’ or ‘virtualNodeARN’ must be specified.
virtualNodeARN string	(Optional) Amazon Resource Name to AppMesh VirtualNode object that is acting as a service provider. Exactly one of ‘virtualNodeRef’ or ‘virtualNodeARN’ must be specified.

VirtualNodeSpec

(Appears on: VirtualNode)

VirtualNodeSpec defines the desired state of VirtualNode refers to https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_VirtualNodeSpec.html

Field	Description
awsName string	(Optional) AWSName is the AppMesh VirtualNode object’s name. If unspecified or empty, it defaults to be “${name}_${namespace}” of k8s VirtualNode
podSelector Kubernetes meta/v1.LabelSelector	(Optional) PodSelector selects Pods using labels to designate VirtualNode membership. This field follows standard label selector semantics: if present but empty, it selects all pods within namespace. if absent, it selects no pod.
listeners []Listener	(Optional) The listener that the virtual node is expected to receive inbound traffic from
serviceDiscovery ServiceDiscovery	(Optional) The service discovery information for the virtual node. Optional if there is no inbound traffic(no listeners). Mandatory if a listener is specified.
backends []Backend	(Optional) The backends that the virtual node is expected to send outbound traffic to.
backendDefaults BackendDefaults	(Optional) A reference to an object that represents the defaults for backends.
logging Logging	(Optional) The inbound and outbound access logging information for the virtual node.
meshRef MeshReference	(Optional) A reference to k8s Mesh CR that this VirtualNode belongs to. The admission controller populates it using Meshes’s selector, and prevents users from setting this field. Populated by the system. Read-only.

VirtualNodeStatus

(Appears on: VirtualNode)

VirtualNodeStatus defines the observed state of VirtualNode

Field	Description
virtualNodeARN string	(Optional) VirtualNodeARN is the AppMesh VirtualNode object’s Amazon Resource Name
conditions []VirtualNodeCondition	(Optional) The current VirtualNode status.
observedGeneration int64	(Optional) The generation observed by the VirtualNode controller.

VirtualRouter

VirtualRouter is the Schema for the virtualrouters API

Field	Description
metadata Kubernetes meta/v1.ObjectMeta	Refer to the Kubernetes API documentation for the fields of the metadata field.
spec VirtualRouterSpec	awsName string (Optional) AWSName is the AppMesh VirtualRouter object’s name. If unspecified or empty, it defaults to be “${name}_${namespace}” of k8s VirtualRouter listeners []VirtualRouterListener The listeners that the virtual router is expected to receive inbound traffic from routes []Route (Optional) The routes associated with VirtualRouter meshRef MeshReference (Optional) A reference to k8s Mesh CR that this VirtualRouter belongs to. The admission controller populates it using Meshes’s selector, and prevents users from setting this field. Populated by the system. Read-only.
status VirtualRouterStatus

VirtualRouterCondition

(Appears on: VirtualRouterStatus)

Field	Description
type VirtualRouterConditionType	Type of VirtualRouter condition.
status Kubernetes core/v1.ConditionStatus	Status of the condition, one of True, False, Unknown.
lastTransitionTime Kubernetes meta/v1.Time	(Optional) Last time the condition transitioned from one status to another.
reason string	(Optional) The reason for the condition’s last transition.
message string	(Optional) A human readable message indicating details about the transition.

VirtualRouterConditionType (string alias)

(Appears on: VirtualRouterCondition)

VirtualRouterListener

(Appears on: VirtualRouterSpec)

VirtualRouterListener refers to https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_VirtualRouterListener.html

Field	Description
portMapping PortMapping	The port mapping information for the listener.

VirtualRouterReference

(Appears on: VirtualRouterServiceProvider)

VirtualRouterReference holds a reference to VirtualRouter.appmesh.k8s.aws

Field	Description
namespace string	(Optional) Namespace is the namespace of VirtualRouter CR. If unspecified, defaults to the referencing object’s namespace
name string	Name is the name of VirtualRouter CR

VirtualRouterServiceProvider

(Appears on: VirtualServiceProvider)

VirtualRouterServiceProvider refers to https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_VirtualRouterServiceProvider.html

Field	Description
virtualRouterRef VirtualRouterReference	(Optional) Reference to Kubernetes VirtualRouter CR in cluster that is acting as a service provider. Exactly one of ‘virtualRouterRef’ or ‘virtualRouterARN’ must be specified.
virtualRouterARN string	(Optional) Amazon Resource Name to AppMesh VirtualRouter object that is acting as a service provider. Exactly one of ‘virtualRouterRef’ or ‘virtualRouterARN’ must be specified.

VirtualRouterSpec

(Appears on: VirtualRouter)

VirtualRouterSpec defines the desired state of VirtualRouter refers to https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_VirtualRouterSpec.html

Field	Description
awsName string	(Optional) AWSName is the AppMesh VirtualRouter object’s name. If unspecified or empty, it defaults to be “${name}_${namespace}” of k8s VirtualRouter
listeners []VirtualRouterListener	The listeners that the virtual router is expected to receive inbound traffic from
routes []Route	(Optional) The routes associated with VirtualRouter
meshRef MeshReference	(Optional) A reference to k8s Mesh CR that this VirtualRouter belongs to. The admission controller populates it using Meshes’s selector, and prevents users from setting this field. Populated by the system. Read-only.

VirtualRouterStatus

(Appears on: VirtualRouter)

VirtualRouterStatus defines the observed state of VirtualRouter

Field	Description
virtualRouterARN string	(Optional) VirtualRouterARN is the AppMesh VirtualRouter object’s Amazon Resource Name.
routeARNs map[string]string	(Optional) RouteARNs is a map of AppMesh Route objects’ Amazon Resource Names, indexed by route name.
conditions []VirtualRouterCondition	(Optional) The current VirtualRouter status.
observedGeneration int64	(Optional) The generation observed by the VirtualRouter controller.

VirtualService

VirtualService is the Schema for the virtualservices API

Field	Description
metadata Kubernetes meta/v1.ObjectMeta	Refer to the Kubernetes API documentation for the fields of the metadata field.
spec VirtualServiceSpec	awsName string (Optional) AWSName is the AppMesh VirtualService object’s name. If unspecified or empty, it defaults to be “${name}.${namespace}” of k8s VirtualService provider VirtualServiceProvider (Optional) The provider for virtual services. You can specify a single virtual node or virtual router. meshRef MeshReference (Optional) A reference to k8s Mesh CR that this VirtualService belongs to. The admission controller populates it using Meshes’s selector, and prevents users from setting this field. Populated by the system. Read-only.
status VirtualServiceStatus

VirtualServiceBackend

(Appears on: Backend)

VirtualServiceBackend refers to https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_VirtualServiceBackend.html

Field	Description
virtualServiceRef VirtualServiceReference	(Optional) Reference to Kubernetes VirtualService CR in cluster that is acting as a virtual node backend. Exactly one of ‘virtualServiceRef’ or ‘virtualServiceARN’ must be specified.
virtualServiceARN string	(Optional) Amazon Resource Name to AppMesh VirtualService object that is acting as a virtual node backend. Exactly one of ‘virtualServiceRef’ or ‘virtualServiceARN’ must be specified.
clientPolicy ClientPolicy	(Optional) A reference to an object that represents the client policy for a backend.

VirtualServiceCondition

(Appears on: VirtualServiceStatus)

Field	Description
type VirtualServiceConditionType	Type of VirtualService condition.
status Kubernetes core/v1.ConditionStatus	Status of the condition, one of True, False, Unknown.
lastTransitionTime Kubernetes meta/v1.Time	(Optional) Last time the condition transitioned from one status to another.
reason string	(Optional) The reason for the condition’s last transition.
message string	(Optional) A human readable message indicating details about the transition.

VirtualServiceConditionType (string alias)

(Appears on: VirtualServiceCondition)

VirtualServiceProvider

(Appears on: VirtualServiceSpec)

VirtualServiceProvider refers to https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_VirtualServiceProvider.html

Field	Description
virtualNode VirtualNodeServiceProvider	(Optional) The virtual node associated with a virtual service.
virtualRouter VirtualRouterServiceProvider	(Optional) The virtual router associated with a virtual service.

VirtualServiceReference

(Appears on: GatewayRouteVirtualService, VirtualServiceBackend)

VirtualServiceReference holds a reference to VirtualService.appmesh.k8s.aws

Field	Description
namespace string	(Optional) Namespace is the namespace of VirtualService CR. If unspecified, defaults to the referencing object’s namespace
name string	Name is the name of VirtualService CR

VirtualServiceSpec

(Appears on: VirtualService)

VirtualServiceSpec defines the desired state of VirtualService refers to https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_VirtualServiceSpec.html

Field	Description
awsName string	(Optional) AWSName is the AppMesh VirtualService object’s name. If unspecified or empty, it defaults to be “${name}.${namespace}” of k8s VirtualService
provider VirtualServiceProvider	(Optional) The provider for virtual services. You can specify a single virtual node or virtual router.
meshRef MeshReference	(Optional) A reference to k8s Mesh CR that this VirtualService belongs to. The admission controller populates it using Meshes’s selector, and prevents users from setting this field. Populated by the system. Read-only.

VirtualServiceStatus

(Appears on: VirtualService)

VirtualServiceStatus defines the observed state of VirtualService

Field	Description
virtualServiceARN string	(Optional) VirtualServiceARN is the AppMesh VirtualService object’s Amazon Resource Name.
conditions []VirtualServiceCondition	(Optional) The current VirtualService status.
observedGeneration int64	(Optional) The generation observed by the VirtualService controller.

WeightedTarget

(Appears on: GRPCRouteAction, HTTPRouteAction, TCPRouteAction)

WeightedTarget refers to https://docs.aws.amazon.com/app-mesh/latest/APIReference/API_WeightedTarget.html

Field	Description
virtualNodeRef VirtualNodeReference	(Optional) Reference to Kubernetes VirtualNode CR in cluster to associate with the weighted target. Exactly one of ‘virtualNodeRef’ or ‘virtualNodeARN’ must be specified.
virtualNodeARN string	(Optional) Amazon Resource Name to AppMesh VirtualNode object to associate with the weighted target. Exactly one of ‘virtualNodeRef’ or ‘virtualNodeARN’ must be specified.
weight int64	The relative weight of the weighted target.

---