Network Policies cert-manager Schema¶
Note
This is auto-generated documentation from a JSON schema that is under construction, this will improve over time.
Return to the root config schema
https://raw.githubusercontent.com/elastisys/compliantkubernetes-apps/v0.40.1/config/schemas/config.yaml#/properties/networkPolicies/properties/certManager
Configure cert-manager network policy rules.
Abstract | Extensible | Status | Identifiable | Custom Properties | Additional Properties | Access Restrictions | Defined In |
---|---|---|---|---|---|---|---|
Can be instantiated | No | Unknown status | No | Forbidden | Forbidden | none | config/schemas/config.yaml* |
TYPE:
object
(Network Policies cert-manager)
PROPERTIES:
Property | Type | Required | Nullable | Defined by |
---|---|---|---|---|
enabled | boolean |
Optional | cannot be null | Compliant Kubernetes Apps Config |
letsencrypt | object |
Optional | cannot be null | Compliant Kubernetes Apps Config |
dns01 | object |
Optional | cannot be null | Compliant Kubernetes Apps Config |
namespaces | array |
Optional | cannot be null | Compliant Kubernetes Apps Config |
enabled¶
enabled
-
is optional
-
Type:
boolean
(Network Policies cert-manager Enabled) -
cannot be null
-
defined in: Compliant Kubernetes Apps Config
TYPE:
boolean
(Network Policies cert-manager Enabled)
DEFAULTS:
The default value is:
true
letsencrypt¶
Configure network policy rule to allow cert-manager to reach Let's Encrypt.
Note
Let's Encrypt by choice does not publish a list of their endpoints, so this is required to be ips: [ 0.0.0.0/0 ]
.
letsencrypt
-
is optional
-
Type:
object
(Network Policies cert-manager Let's Encrypt) -
cannot be null
-
defined in: Compliant Kubernetes Apps Config
TYPE:
object
(Network Policies cert-manager Let's Encrypt)
dns01¶
Configure network policy rule to allow cert-manager perform DNS-01 challenges.
dns01
-
is optional
-
Type:
object
(Network Policies cert-manager DNS-01) -
cannot be null
-
defined in: Compliant Kubernetes Apps Config
TYPE:
object
(Network Policies cert-manager DNS-01)
namespaces¶
Configure namespaces to allow cert-manager HTTP-01 perform HTTP-01 challenges.
namespaces
-
is optional
-
Type:
string[]
(Network Policies cert-manager namespace) -
cannot be null
-
defined in: Compliant Kubernetes Apps Config
TYPE:
string[]
(Network Policies cert-manager namespace)
DEFAULTS:
The default value is:
[]
EXAMPLES:
- dex
- harbor
- monitoring
- opensearch-system
- thanos
Return to the root config schema
Generated Thu Nov 14 16:18:57 UTC 2024 from elastisys/compliantkubernetes-apps@v0.40.1