API Reference¶

Packages¶

gateway.k8s.aws/v1beta1

gateway.k8s.aws/v1beta1¶

Package v1beta1 contains API Schema definitions for the elbv2 v1beta1 API group

Resource Types¶

ListenerRuleConfiguration
LoadBalancerConfiguration
TargetGroupConfiguration

ALPNPolicy¶

Underlying type: string

ALPNPolicy defines the ALPN policy configuration for TLS listeners forwarding to TLS target groups HTTP1Only Negotiate only HTTP/1.. The ALPN preference list is http/1.1, http/1.0. HTTP2Only Negotiate only HTTP/2. The ALPN preference list is h2. HTTP2Optional Prefer HTTP/1. over HTTP/2 (which can be useful for HTTP/2 testing). The ALPN preference list is http/1.1, http/1.0, h2. HTTP2Preferred Prefer HTTP/2 over HTTP/1.*. The ALPN preference list is h2, http/1.1, http/1.0. None Do not negotiate ALPN. This is the default.

Validation: - Enum: [HTTP1Only HTTP2Only HTTP2Optional HTTP2Preferred None]

Appears in: - ListenerConfiguration

Field	Description
`None`
`HTTP1Only`
`HTTP2Only`
`HTTP2Optional`
`HTTP2Preferred`

Action¶

Action defines an action for a listener rule

Appears in: - ListenerRuleSpec

Field	Description	Validation
`type` ActionType	The type of action	Enum: [forward fixed-response redirect authenticate-cognito authenticate-oidc]
`forwardConfig` ForwardActionConfig	Information for a forward action
`redirectConfig` RedirectActionConfig	Information for a redirect action
`fixedResponseConfig` FixedResponseActionConfig	Information for a fixed-response action
`authenticateCognitoConfig` AuthenticateCognitoActionConfig	Information for an authenticate-cognito action
`authenticateOIDCConfig` AuthenticateOidcActionConfig	Information for an authenticate-oidc action

ActionType¶

Underlying type: string

ActionType defines the type of action for the rule

Validation: - Enum: [forward fixed-response redirect authenticate-cognito authenticate-oidc]

Appears in: - Action

Field	Description
`forward`
`fixed-response`
`redirect`
`authenticate-cognito`
`authenticate-oidc`

AdvertiseTrustStoreCaNamesEnum¶

Underlying type: string

Validation: - Enum: [on off]

Appears in: - MutualAuthenticationAttributes

Field	Description
`on`
`off`

AuthenticateCognitoActionConditionalBehaviorEnum¶

Underlying type: string

AuthenticateCognitoActionConditionalBehaviorEnum defines the behavior when a user is not authenticated

Validation: - Enum: [deny allow authenticate]

Appears in: - AuthenticateCognitoActionConfig

Field	Description
`deny`
`allow`
`authenticate`

AuthenticateCognitoActionConfig¶

Information about an authenticate-cognito action

Appears in: - Action

Field	Description	Default	Validation
`userPoolArn` string	The Amazon Resource Name (ARN) of the Amazon Cognito user pool.
`userPoolClientId` string	The ID of the Amazon Cognito user pool client.
`userPoolDomain` string	The domain prefix or fully-qualified domain name of the Amazon Cognito user pool.
`scope` string	The set of user claims to be requested from the IdP. The default is openid . To verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP.	openid
`authenticationRequestExtraParams` map[string]string	The query parameters (up to 10) to include in the redirect request to the authorization endpoint.		MaxProperties: 10
`onUnauthenticatedRequest` AuthenticateCognitoActionConditionalBehaviorEnum	The behavior if the user is not authenticated. The following are possible	authenticate	Enum: [deny allow authenticate]
`sessionCookieName` string	The name of the cookie used to maintain session information. The default is AWSELBAuthSessionCookie.	AWSELBAuthSessionCookie
`sessionTimeout` integer	The maximum duration of the authentication session, in seconds. The default is 604800 seconds (7 days).	604800	Maximum: 604800 Minimum: 1

AuthenticateOidcActionConditionalBehaviorEnum¶

Underlying type: string

AuthenticateOidcActionConditionalBehaviorEnum defines the behavior when a user is not authenticated

Validation: - Enum: [deny allow authenticate]

Appears in: - AuthenticateOidcActionConfig

Field	Description
`deny`
`allow`
`authenticate`

AuthenticateOidcActionConfig¶

Information about an authenticate-oidc action

Appears in: - Action

Field	Description	Default	Validation
`authorizationEndpoint` string	The authorization endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.
`secret` Secret	Secret holds OAuth 2.0 clientID and clientSecret. You need to create this secret and provide its name and namespace
`issuer` string	The OIDC issuer identifier of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.
`tokenEndpoint` string	The token endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.
`userInfoEndpoint` string	The user info endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.
`scope` string	The set of user claims to be requested from the IdP. The default is openid . To verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP.	openid
`authenticationRequestExtraParams` map[string]string	The query parameters (up to 10) to include in the redirect request to the authorization endpoint.		MaxProperties: 10
`onUnauthenticatedRequest` AuthenticateOidcActionConditionalBehaviorEnum	The behavior if the user is not authenticated. The following are possible	authenticate	Enum: [deny allow authenticate]
`sessionCookieName` string	The name of the cookie used to maintain session information. The default is AWSELBAuthSessionCookie.	AWSELBAuthSessionCookie
`sessionTimeout` integer	The maximum duration of the authentication session, in seconds. The default is 604800 seconds (7 days).	604800	Maximum: 604800 Minimum: 1
`useExistingClientSecret` boolean	Indicates whether to use the existing client secret when modifying a listener rule. If you are creating a listener rule, you can omit this parameter or set it to false.

FixedResponseActionConfig¶

Information about an action that returns a custom HTTP response.

Appears in: - Action

Field	Description	Default	Validation
`statusCode` integer	The HTTP response code (2XX, 4XX, or 5XX).
`contentType` string	The content type of the fixed response.	text/plain	Enum: [text/plain text/css text/html application/javascript application/json]
`messageBody` string	The message

ForwardActionConfig¶

Information about a forward action.

Appears in: - Action

Field	Description	Default	Validation
`targetGroupStickinessConfig` TargetGroupStickinessConfig	The target group stickiness for the rule. Note: ForwardActionConfig only supports target group stickiness configuration through CRD. All other forward action fields must be set through the Gateway API native way.

HealthCheckConfiguration¶

HealthCheckConfiguration defines the Health Check configuration for a Target Group.

Appears in: - TargetGroupProps

Field	Description	Validation
`healthyThresholdCount` integer	healthyThresholdCount The number of consecutive health checks successes required before considering an unhealthy target healthy.
`healthCheckInterval` integer	healthCheckInterval The approximate amount of time, in seconds, between health checks of an individual target.
`healthCheckPath` string	healthCheckPath The destination for health checks on the targets.
`healthCheckPort` string	healthCheckPort The port the load balancer uses when performing health checks on targets. The default is to use the port on which each target receives traffic from the load balancer.
`healthCheckProtocol` TargetGroupHealthCheckProtocol	healthCheckProtocol The protocol to use to connect with the target. The GENEVE, TLS, UDP, and TCP_UDP protocols are not supported for health checks.	Enum: [http https tcp]
`healthCheckTimeout` integer	healthCheckTimeout The amount of time, in seconds, during which no response means a failed health check
`unhealthyThresholdCount` integer	unhealthyThresholdCount The number of consecutive health check failures required before considering the target unhealthy.
`matcher` HealthCheckMatcher	healthCheckCodes The HTTP or gRPC codes to use when checking for a successful response from a target

HealthCheckMatcher¶

TODO: Add a validation in the admission webhook to check if only one of HTTPCode or GRPCCode is set. Information to use when checking for a successful response from a target.

Appears in: - HealthCheckConfiguration

Field	Description	Default	Validation
`httpCode` string	The HTTP codes.
`grpcCode` string	The gRPC codes

ListenerAttribute¶

ListenerAttribute defines listener attribute.

Appears in: - ListenerConfiguration

Field	Description	Default	Validation
`key` string	The key of the attribute.
`value` string	The value of the attribute.

ListenerConfiguration¶

Appears in: - LoadBalancerConfigurationSpec

Field	Description	Default	Validation
`protocolPort` ProtocolPort	protocolPort is identifier for the listener on load balancer. It should be of the form PROTOCOL:PORT		Pattern: `^(HTTP\\|HTTPS\\|TLS\\|TCP\\|UDP)?:(6553[0-5]\\|655[0-2]\d\\|65[0-4]\d\{2\}\\|6[0-4]\d\{3\}\\|[1-5]\d\{4\}\\|[1-9]\d\{0,3\})?$`
`defaultCertificate` string	defaultCertificate the cert arn to be used by default.
`certificates` string array	certificates is the list of other certificates to add to the listener.
`sslPolicy` string	sslPolicy is the security policy that defines which protocols and ciphers are supported for secure listeners [HTTPS or TLS listener].
`alpnPolicy` ALPNPolicy	alpnPolicy an optional string that allows you to configure ALPN policies on your Load Balancer	None	Enum: [HTTP1Only HTTP2Only HTTP2Optional HTTP2Preferred None]
`mutualAuthentication` MutualAuthenticationAttributes	mutualAuthentication defines the mutual authentication configuration information.	{ mode:off }
`listenerAttributes` ListenerAttribute array	listenerAttributes defines the attributes for the listener

ListenerRuleCondition¶

Information about a condition for a listener rule

Appears in: - ListenerRuleSpec

Field	Description	Default	Validation
`field` ListenerRuleConditionField	The field in the HTTP request		Enum: [source-ip]
`sourceIPConfig` SourceIPConditionConfig	Information for a source IP condition

ListenerRuleConditionField¶

Underlying type: string

ListenerRuleConditionField defines the field in the HTTP request to match

Validation: - Enum: [source-ip]

Appears in: - ListenerRuleCondition

Field	Description
`source-ip`

ListenerRuleConfiguration¶

ListenerRuleConfiguration is the Schema for the ListenerRuleConfiguration API

Field	Description	Default	Validation
`apiVersion` string	`gateway.k8s.aws/v1beta1`
`kind` string	`ListenerRuleConfiguration`
`metadata` ObjectMeta	Refer to Kubernetes API documentation for fields of `metadata`.
`spec` ListenerRuleSpec
`status` ListenerRuleStatus

ListenerRuleSpec¶

ListenerRuleSpec defines the desired state of ListenerRuleConfiguration

Appears in: - ListenerRuleConfiguration

Field	Description	Validation
`actions` Action array	Actions defines the set of actions to be performed when conditions match. This CRD implementation currently supports only authenticate-oidc, authenticate-cognito, and fixed-response action types fully and forward and redirect actions partially For other fields in forward and redirect actions, please use the standard Gateway API HTTPRoute or other route resources, which provide native support for those conditions through the Gateway API specification. At most one authentication action can be specified (either authenticate-oidc or authenticate-cognito).	MaxItems: 2 MinItems: 1
`conditions` ListenerRuleCondition array	Conditions defines the circumstances under which the rule actions will be performed. This CRD implementation currently supports only the source-ip condition type For other condition types (such as path-pattern, host-header, http-header, etc.), please use the standard Gateway API HTTPRoute or other route resources, which provide native support for those conditions through the Gateway API specification.	MinItems: 1
`tags` map[string]string	Tags are the AWS resource tags to be applied to all AWS resources created for this rule.

ListenerRuleStatus¶

ListenerRuleStatus defines the observed state of ListenerRuleConfiguration

Appears in: - ListenerRuleConfiguration

Field	Description	Default	Validation
`observedGeneration` integer	The observed generation of the rule configuration

LoadBalancerAttribute¶

LoadBalancerAttribute defines LB attribute.

Appears in: - LoadBalancerConfigurationSpec

Field	Description	Default	Validation
`key` string	The key of the attribute.
`value` string	The value of the attribute.

LoadBalancerConfigMergeMode¶

Underlying type: string

LoadBalancerConfigMergeMode is the merging behavior defined when both Gateway and GatewayClass have lb configurations. See the individual configuration fields for the exact merge behavior applied.

Validation: - Enum: [prefer-gateway prefer-gateway-class]

Appears in: - LoadBalancerConfigurationSpec

Field	Description
`prefer-gateway-class`	MergeModePreferGatewayClass when both lb configurations have a field specified, this mode gives precedence to the configuration in the GatewayClass
`prefer-gateway`	MergeModePreferGatewayClass when both lb configurations have a field specified, this mode gives precedence to the configuration in the Gateway

LoadBalancerConfiguration¶

LoadBalancerConfiguration is the Schema for the LoadBalancerConfiguration API

Field	Description	Default	Validation
`apiVersion` string	`gateway.k8s.aws/v1beta1`
`kind` string	`LoadBalancerConfiguration`
`metadata` ObjectMeta	Refer to Kubernetes API documentation for fields of `metadata`.
`spec` LoadBalancerConfigurationSpec
`status` LoadBalancerConfigurationStatus

LoadBalancerConfigurationSpec¶

LoadBalancerConfigurationSpec defines the desired state of LoadBalancerConfiguration

Appears in: - LoadBalancerConfiguration

Field	Description	Validation
`mergingMode` LoadBalancerConfigMergeMode	mergingMode defines the merge behavior when both the Gateway and GatewayClass have a defined LoadBalancerConfiguration. This field is only honored for the configuration attached to the GatewayClass.	Enum: [prefer-gateway prefer-gateway-class]
`loadBalancerName` string	loadBalancerName defines the name of the LB to provision. If unspecified, it will be automatically generated.	MaxLength: 32 MinLength: 1
`scheme` LoadBalancerScheme	scheme defines the type of LB to provision. If unspecified, it will be automatically inferred.	Enum: [internal internet-facing]
`ipAddressType` LoadBalancerIpAddressType	loadBalancerIPType defines what kind of load balancer to provision (ipv4, dual stack)	Enum: [ipv4 dualstack dualstack-without-public-ipv4]
`enforceSecurityGroupInboundRulesOnPrivateLinkTraffic` string	enforceSecurityGroupInboundRulesOnPrivateLinkTraffic Indicates whether to evaluate inbound security group rules for traffic sent to a Network Load Balancer through Amazon Web Services PrivateLink.
`customerOwnedIpv4Pool` string	customerOwnedIpv4Pool [Application LoadBalancer] is the ID of the customer-owned address for Application Load Balancers on Outposts pool.
`ipv4IPAMPoolId` string	IPv4IPAMPoolId [Application LoadBalancer] defines the IPAM pool ID used for IPv4 Addresses on the ALB.
`loadBalancerSubnets` SubnetConfiguration	loadBalancerSubnets is an optional list of subnet configurations to be used in the LB This value takes precedence over loadBalancerSubnetsSelector if both are selected.
`loadBalancerSubnetsSelector` map[string][]string	LoadBalancerSubnetsSelector specifies subnets in the load balancer's VPC where each tag specified in the map key contains one of the values in the corresponding value list.
`listenerConfigurations` ListenerConfiguration	listenerConfigurations is an optional list of configurations for each listener on LB
`securityGroups` string	securityGroups an optional list of security group ids or names to apply to the LB
`securityGroupPrefixes` string	securityGroupPrefixes an optional list of prefixes that are allowed to access the LB.
`sourceRanges` string	sourceRanges an optional list of CIDRs that are allowed to access the LB.
`vpcId` string	vpcId is the ID of the VPC for the load balancer.
`loadBalancerAttributes` LoadBalancerAttribute array	LoadBalancerAttributes defines the attribute of LB
`tags` map[string]string	Tags the AWS Tags on all related resources to the gateway.
`enableICMP` boolean	EnableICMP [Network LoadBalancer] enables the creation of security group rules to the managed security group to allow explicit ICMP traffic for Path MTU discovery for IPv4 and dual-stack VPCs
`manageBackendSecurityGroupRules` boolean	ManageBackendSecurityGroupRules [Application / Network LoadBalancer] specifies whether you want the controller to configure security group rules on Node/Pod for traffic access when you specify securityGroups
`minimumLoadBalancerCapacity` MinimumLoadBalancerCapacity	MinimumLoadBalancerCapacity define the capacity reservation for LoadBalancers

LoadBalancerConfigurationStatus¶

LoadBalancerConfigurationStatus defines the observed state of TargetGroupBinding

Appears in: - LoadBalancerConfiguration

Field	Description	Default	Validation
`observedGatewayConfigurationGeneration` integer	The generation of the Gateway Configuration attached to the Gateway object.
`observedGatewayClassConfigurationGeneration` integer	The generation of the Gateway Configuration attached to the GatewayClass object.

LoadBalancerIpAddressType¶

Underlying type: string

LoadBalancerIpAddressType is the IP Address type of your LB.

Validation: - Enum: [ipv4 dualstack dualstack-without-public-ipv4]

Appears in: - LoadBalancerConfigurationSpec

Field	Description
`ipv4`
`dualstack`
`dualstack-without-public-ipv4`

LoadBalancerScheme¶

Underlying type: string

LoadBalancerScheme is the scheme of your LB

with internal scheme, the LB is only accessible within the VPC.
with internet-facing scheme, the LB is accesible via the public internet.

Validation: - Enum: [internal internet-facing]

Appears in: - LoadBalancerConfigurationSpec

Field	Description
`internal`
`internet-facing`

MinimumLoadBalancerCapacity¶

MinimumLoadBalancerCapacity Information about a load balancer capacity reservation.

Appears in: - LoadBalancerConfigurationSpec

Field	Description	Default	Validation
`capacityUnits` integer	The Capacity Units Value.

MutualAuthenticationAttributes¶

Information about the mutual authentication attributes of a listener.

Appears in: - ListenerConfiguration

Field	Description	Validation
`advertiseTrustStoreCaNames` AdvertiseTrustStoreCaNamesEnum	Indicates whether trust store CA certificate names are advertised.	Enum: [on off]
`ignoreClientCertificateExpiry` boolean	Indicates whether expired client certificates are ignored.
`mode` MutualAuthenticationMode	The client certificate handling method. Options are off, passthrough or verify	Enum: [off passthrough verify]
`trustStore` string	The Name or ARN of the trust store.

MutualAuthenticationMode¶

Underlying type: string

MutualAuthenticationMode mTLS mode for mutual TLS authentication config for listener

Validation: - Enum: [off passthrough verify]

Appears in: - MutualAuthenticationAttributes

Field	Description
`off`
`passthrough`
`verify`

Protocol¶

Underlying type: string

Validation: - Enum: [HTTP HTTPS TCP TLS UDP TCP_UDP]

Appears in: - TargetGroupProps

Field	Description
`HTTP`
`HTTPS`
`TCP`
`TLS`
`UDP`
`TCP_UDP`

ProtocolPort¶

Underlying type: string

Validation: - Pattern: ^(HTTP|HTTPS|TLS|TCP|UDP)?:(6553[0-5]|655[0-2]\d|65[0-4]\d{2}|6[0-4]\d{3}|[1-5]\d{4}|[1-9]\d{0,3})?$

Appears in: - ListenerConfiguration

ProtocolVersion¶

Underlying type: string

Validation: - Enum: [HTTP1 HTTP2 GRPC]

Appears in: - TargetGroupProps

Field	Description
`HTTP1`
`HTTP2`
`GRPC`

RedirectActionConfig¶

Information about a redirect action.

Appears in: - Action

Field	Description	Default	Validation
`query` string	The query parameters, URL-encoded when necessary, but not percent-encoded. Do not include the leading "?", as it is automatically added. You can specify any of the reserved keywords. Note: RedirectActionConfig only supports setting the query parameter through CRD. All other redirect action fields must be set through the Gateway API native way.	#{query}

Reference¶

Reference defines how to look up the Target Group configuration for a service.

Appears in: - TargetGroupConfigurationSpec

Field	Description	Default
`group` string	Group is the group of the referent. For example, "gateway.networking.k8s.io". When unspecified or empty string, core API group is inferred.
`kind` string	Kind is the Kubernetes resource kind of the referent. For example "Service". Defaults to "Service" when not specified.	Service
`name` string	Name is the name of the referent.

RouteConfiguration¶

RouteConfiguration defines the per route configuration

Appears in: - TargetGroupConfigurationSpec

Field	Description	Default	Validation
`routeIdentifier` RouteIdentifier	name the identifier of the route, it should be in the form of ROUTE:NAMESPACE:NAME
`targetGroupProps` TargetGroupProps	targetGroupProps the target group specific properties

RouteIdentifier¶

RouteIdentifier the complete set of route attributes that identify a route.

Appears in: - RouteConfiguration

Field	Description	Default	Validation
`kind` string
`namespace` string
`name` string

Secret¶

Secret holds OAuth 2.0 clientID and clientSecret. You need to create this secret and provide its name and namespace

Appears in: - AuthenticateOidcActionConfig

Field	Description	Default	Validation
`name` string	Name is name of the secret
`namespace` string	Namespace is namespace of secret. If empty it will be considered to be in same namespace as of the resource referring it

SourceIPConditionConfig¶

Information about a source IP condition

Appears in: - ListenerRuleCondition

Field	Description	Default	Validation
`values` string array	One or more source IP addresses, in CIDR format		MinItems: 1

SubnetConfiguration¶

SubnetConfiguration defines the subnet settings for a Load Balancer.

Appears in: - LoadBalancerConfigurationSpec

Field	Description	Default	Validation
`identifier` string	identifier [Application LoadBalancer / Network LoadBalancer] name or id for the subnet
`eipAllocation` string	eipAllocation [Network LoadBalancer] the EIP name for this subnet.
`privateIPv4Allocation` string	privateIPv4Allocation [Network LoadBalancer] the private ipv4 address to assign to this subnet.
`ipv6Allocation` string	IPv6Allocation [Network LoadBalancer] the ipv6 address to assign to this subnet.
`sourceNatIPv6Prefix` string	SourceNatIPv6Prefix [Network LoadBalancer] The IPv6 prefix to use for source NAT. Specify an IPv6 prefix (/80 netmask) from the subnet CIDR block or auto_assigned to use an IPv6 prefix selected at random from the subnet CIDR block.

TargetGroupAttribute¶

TargetGroupAttribute defines target group attribute.

Appears in: - TargetGroupProps

Field	Description	Default	Validation
`key` string	The key of the attribute.
`value` string	The value of the attribute.

TargetGroupConfiguration¶

TargetGroupConfiguration is the Schema for defining TargetGroups with an AWS ELB Gateway

Field	Description	Default	Validation
`apiVersion` string	`gateway.k8s.aws/v1beta1`
`kind` string	`TargetGroupConfiguration`
`metadata` ObjectMeta	Refer to Kubernetes API documentation for fields of `metadata`.
`spec` TargetGroupConfigurationSpec
`status` TargetGroupConfigurationStatus

TargetGroupConfigurationSpec¶

TargetGroupConfigurationSpec defines the TargetGroup properties for a route.

Appears in: - TargetGroupConfiguration

Field	Description	Default	Validation
`targetReference` Reference	targetReference the kubernetes object to attach the Target Group settings to.
`defaultConfiguration` TargetGroupProps	defaultRouteConfiguration fallback configuration applied to all routes, unless overridden by route-specific configurations.
`routeConfigurations` RouteConfiguration array	routeConfigurations the route configuration for specific routes. the longest prefix match (kind:namespace:name) is taken to combine with the default properties.

TargetGroupConfigurationStatus¶

TargetGroupConfigurationStatus defines the observed state of TargetGroupConfiguration

Appears in: - TargetGroupConfiguration

Field	Description	Default	Validation
`observedGatewayConfigurationGeneration` integer	The generation of the Gateway Configuration attached to the Gateway object.
`observedGatewayClassConfigurationGeneration` integer	The generation of the Gateway Configuration attached to the GatewayClass object.

TargetGroupHealthCheckProtocol¶

Underlying type: string

Validation: - Enum: [http https tcp]

Appears in: - HealthCheckConfiguration

Field	Description
`HTTP`
`HTTPS`
`TCP`

TargetGroupIPAddressType¶

Underlying type: string

TargetGroupIPAddressType is the IP Address type of your ELBV2 TargetGroup.

Validation: - Enum: [ipv4 ipv6]

Appears in: - TargetGroupProps

Field	Description
`ipv4`
`ipv6`

TargetGroupProps¶

TargetGroupProps defines the target group properties

Appears in: - RouteConfiguration - TargetGroupConfigurationSpec

Field	Description	Validation
`targetGroupName` string	targetGroupName specifies the name to assign to the Target Group. If not defined, then one is generated.
`ipAddressType` TargetGroupIPAddressType	ipAddressType specifies whether the target group is of type IPv4 or IPv6. If unspecified, it will be automatically inferred.	Enum: [ipv4 ipv6]
`healthCheckConfig` HealthCheckConfiguration	healthCheckConfig The Health Check configuration for this backend.
`nodeSelector` LabelSelector	node selector for instance type target groups to only register certain nodes
`targetGroupAttributes` TargetGroupAttribute array	targetGroupAttributes defines the attribute of target group
`targetType` TargetType	targetType is the TargetType of TargetGroup. If unspecified, it will be automatically inferred as instance.	Enum: [instance ip]
`protocol` Protocol	Protocol [Application / Network Load Balancer] the protocol for the target group. If unspecified, it will be automatically inferred.	Enum: [HTTP HTTPS TCP TLS UDP TCP_UDP]
`protocolVersion` ProtocolVersion	protocolVersion [HTTP/HTTPS protocol] The protocol version. The possible values are GRPC , HTTP1 and HTTP2	Enum: [HTTP1 HTTP2 GRPC]
`enableMultiCluster` boolean	EnableMultiCluster [Application / Network LoadBalancer] Allows for multiple Clusters / Services to use the generated TargetGroup ARN
`tags` map[string]string	Tags the Tags to add on the target group.

TargetGroupStickinessConfig¶

Information about the target group stickiness for a listener rule.

Appears in: - ForwardActionConfig

Field	Description	Default	Validation
`durationSeconds` integer	The time period, in seconds, during which requests from a client should be routed to the same target group. The range is 1-604800 seconds (7 days).	3600	Maximum: 604800 Minimum: 1
`enabled` boolean	Indicates whether target group stickiness is enabled.	false

TargetType¶

Underlying type: string

TargetType is the targetType of your ELBV2 TargetGroup.

with instance TargetType, nodes with nodePort for your service will be registered as targets
with ip TargetType, Pods with containerPort for your service will be registered as targets

Validation: - Enum: [instance ip]

Appears in: - TargetGroupProps

Field	Description
`instance`
`ip`