Skip to content

Commit 069140f

Browse files
authored
Merge pull request #4277 from zac-nixon/znixon/addons
[Gateway API] Add Addon Support
2 parents 6d5ff85 + 04e59fe commit 069140f

17 files changed

+1023
-1200
lines changed

.gitignore

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -26,3 +26,6 @@ site
2626
*.bak
2727
scripts/aws_sdk_model_override/*
2828
/gomock_reflect*
29+
config/crd/bases/gateway.k8s.aws_listenerruleconfigurations.yaml
30+
config/crd/bases/gateway.k8s.aws_loadbalancerconfigurations.yaml
31+
config/crd/bases/gateway.k8s.aws_targetgroupconfigurations.yaml

apis/gateway/v1beta1/loadbalancerconfig_types.go

Lines changed: 20 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -140,6 +140,18 @@ type MutualAuthenticationAttributes struct {
140140
TrustStore *string `json:"trustStore,omitempty"`
141141
}
142142

143+
// ShieldConfiguration configuration parameters used to configure Shield
144+
type ShieldConfiguration struct {
145+
// Enabled whether Shield Advanced should be configured with the Gateway
146+
Enabled bool `json:"enabled,omitempty"`
147+
}
148+
149+
// WAFv2Configuration configuration parameters used to configure WAFv2
150+
type WAFv2Configuration struct {
151+
// ACL The WebACL to configure with the Gateway
152+
ACL string `json:"webACL"`
153+
}
154+
143155
// +kubebuilder:validation:Pattern="^(HTTP|HTTPS|TLS|TCP|UDP)?:(6553[0-5]|655[0-2]\\d|65[0-4]\\d{2}|6[0-4]\\d{3}|[1-5]\\d{4}|[1-9]\\d{0,3})?$"
144156
type ProtocolPort string
145157
type ListenerConfiguration struct {
@@ -261,6 +273,14 @@ type LoadBalancerConfigurationSpec struct {
261273
// MinimumLoadBalancerCapacity define the capacity reservation for LoadBalancers
262274
// +optional
263275
MinimumLoadBalancerCapacity *MinimumLoadBalancerCapacity `json:"minimumLoadBalancerCapacity,omitempty"`
276+
277+
// WAFv2 define the AWS WAFv2 settings for a Gateway [Application Load Balancer]
278+
// +optional
279+
WAFv2 *WAFv2Configuration `json:"wafV2,omitempty"`
280+
281+
// ShieldAdvanced define the AWS Shield settings for a Gateway [Application Load Balancer]
282+
// +optional
283+
ShieldAdvanced *ShieldConfiguration `json:"shieldConfiguration,omitempty"`
264284
}
265285

266286
// TODO -- these can be used to set what generation the gateway is currently on to track progress on reconcile.

apis/gateway/v1beta1/zz_generated.deepcopy.go

Lines changed: 40 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

config/crd/gateway/gateway-crds.yaml

Lines changed: 19 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -282,6 +282,15 @@ spec:
282282
items:
283283
type: string
284284
type: array
285+
shieldConfiguration:
286+
description: ShieldAdvanced define the AWS Shield settings for a Gateway
287+
[Application Load Balancer]
288+
properties:
289+
enabled:
290+
description: Enabled whether Shield Advanced should be configured
291+
with the Gateway
292+
type: boolean
293+
type: object
285294
sourceRanges:
286295
description: sourceRanges an optional list of CIDRs that are allowed
287296
to access the LB.
@@ -296,6 +305,16 @@ spec:
296305
vpcId:
297306
description: vpcId is the ID of the VPC for the load balancer.
298307
type: string
308+
wafV2:
309+
description: WAFv2 define the AWS WAFv2 settings for a Gateway [Application
310+
Load Balancer]
311+
properties:
312+
webACL:
313+
description: ACL The WebACL to configure with the Gateway
314+
type: string
315+
required:
316+
- webACL
317+
type: object
299318
type: object
300319
status:
301320
description: LoadBalancerConfigurationStatus defines the observed state

0 commit comments

Comments
 (0)