| apiVersion: apiextensions.k8s.io/v1beta1 |
| kind: CustomResourceDefinition |
| metadata: |
| annotations: |
| "helm.sh/resource-policy": keep |
| labels: |
| app: istio-pilot |
| chart: istio |
| heritage: Tiller |
| istio: security |
| release: istio |
| name: peerauthentications.security.istio.io |
| spec: |
| group: security.istio.io |
| names: |
| categories: |
| - istio-io |
| - security-istio-io |
| kind: PeerAuthentication |
| listKind: PeerAuthenticationList |
| plural: peerauthentications |
| shortNames: |
| - pa |
| singular: peerauthentication |
| preserveUnknownFields: false |
| scope: Namespaced |
| subresources: |
| status: {} |
| validation: |
| openAPIV3Schema: |
| properties: |
| spec: |
| description: PeerAuthentication defines how traffic will be tunneled (or |
| not) to the sidecar. |
| properties: |
| mtls: |
| description: Mutual TLS settings for workload. |
| properties: |
| mode: |
| description: Defines the mTLS mode used for peer authentication. |
| enum: |
| - UNSET |
| - DISABLE |
| - PERMISSIVE |
| - STRICT |
| type: string |
| type: object |
| portLevelMtls: |
| additionalProperties: |
| properties: |
| mode: |
| description: Defines the mTLS mode used for peer authentication. |
| enum: |
| - UNSET |
| - DISABLE |
| - PERMISSIVE |
| - STRICT |
| type: string |
| type: object |
| description: Port specific mutual TLS settings. |
| type: object |
| selector: |
| description: The selector determines the workloads to apply the ChannelAuthentication |
| on. |
| properties: |
| matchLabels: |
| additionalProperties: |
| format: string |
| type: string |
| type: object |
| type: object |
| type: object |
| status: |
| type: object |
| x-kubernetes-preserve-unknown-fields: true |
| type: object |
| versions: |
| - name: v1beta1 |
| served: true |
| storage: true |