Quick Starts
Concepts
Guides
External Logging
Kubernetes (Managed)
Bring your Own Kubernetes (BYOK)
Terraform Provider
Reference
Schemas

Domain

This section outlines the key attributes of the domain's API object. This object can be utilized through the API, CLI and the console's apply functionality.

id string

kind string

version integer

description string

Max Length: 250

tags object

created string

Format: date-time

lastModified string

Format: date-time

links array of objects - See Below

name string

spec object - See Below

status object - See Below

rel string

href string

spec

dnsMode string

In 'cname' dnsMode, Control Plane will configure workloads to accept traffic for the domain but will not manage DNS records for the domain. End users configure CNAME records in their own DNS pointed to the canonical workload endpoint. Currently 'cname' dnsMode requires that a tls.serverCertificate is configured when subdomain based routing is used. In 'ns' dnsMode, Control Plane will manage the subdomains and create all necessary DNS records. End users configure an NS record to forward DNS requests to the Control Plane managed DNS servers.

Possible enum values:

  • cname

  • ns

gvcLink string

One of gvcLink and routes may be provided. When gvcLink is configured each workload in the GVC will receive a subdomain in the form ${workload.name}.${domain.name}

acceptAllHosts boolean

ports array of objects - See Below

ports

number number

protocol string

Default: http2

Possible enum values:

  • http

  • http2

  • tcp

routes array of objects - See Below

A list of mappings to workloads.

cors object - See Below

tls object - See Below

routes

A list of mappings to workloads.

prefix string

Default: /

replacePrefix string

When provided, the URI prefix will be replaced with this string before the request is sent to the workload.

workloadLink string

port integer

hostPrefix string

This option allows forwarding traffic for different host headers to different workloads. This will only be used when the target GVC has dedicated load balancing enabled and the Domain is configure for wildcard support. Contact your account manager for details.

cors

allowOrigins array of objects - See Below

allowMethods array of strings

allowHeaders array of strings

exposeHeaders array of strings

maxAge string

allowCredentials boolean

allowOrigins

exact string

tls

Used for TLS connections for this Domain. End users are responsible for certificate updates.

minProtocolVersion string

Default: TLSV1_2

Possible enum values:

  • TLSV1_2

  • TLSV1_1

  • TLSV1_0

cipherSuites array of strings

Default:

  • ECDHE-ECDSA-AES256-GCM-SHA384

  • ECDHE-ECDSA-CHACHA20-POLY1305

  • ECDHE-ECDSA-AES128-GCM-SHA256

  • ECDHE-RSA-AES256-GCM-SHA384

  • ECDHE-RSA-CHACHA20-POLY1305

  • ECDHE-RSA-AES128-GCM-SHA256

  • AES256-GCM-SHA384

  • AES128-GCM-SHA256

Possible enum values:

  • ECDHE-ECDSA-AES256-GCM-SHA384

  • ECDHE-ECDSA-CHACHA20-POLY1305

  • ECDHE-ECDSA-AES128-GCM-SHA256

  • ECDHE-RSA-AES256-GCM-SHA384

  • ECDHE-RSA-CHACHA20-POLY1305

  • ECDHE-RSA-AES128-GCM-SHA256

  • AES256-GCM-SHA384

  • AES128-GCM-SHA256

  • TLS_RSA_WITH_AES_256_GCM_SHA384

  • TLS_RSA_WITH_AES_128_GCM_SHA256

  • TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256

  • TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

  • TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

  • TLS_CHACHA20_POLY1305_SHA256

  • TLS_AES_256_GCM_SHA384

  • TLS_AES_128_GCM_SHA256

  • DES-CBC3-SHA

  • ECDHE-RSA-AES128-SHA

  • ECDHE-RSA-AES256-SHA

  • AES128-SHA

  • AES256-SHA

clientCertificate object - See Below

serverCertificate object - See Below

clientCertificate

When clientCertificate is defined, requests may optionally supply a client certificate. The certificate details are included in the x-forwarded-client-cert header.

secretLink string

The secret will include a client certificate authority cert in PEM format used to verify requests which include client certificates. The key subject must match the domain and the key usage properties must be configured for client certificate authorization. The secret type must be keypair.

serverCertificate

Configure an optional custom server certificate for the domain. When the port number is 443 and this is not supplied, a certificate is provisioned automatically.

secretLink string

When provided, this is used as the server certificate authority. The secret type must be keypair and the content must be PEM encoded.

status

endpoints array of objects - See Below

status string

Possible enum values:

  • initializing

  • ready

  • pendingDnsConfig

  • pendingCertificate

  • usedByGvc

  • warning

warning string

locations array of objects - See Below

fingerprint string

dnsConfig array of objects - See Below

endpoints

url string

workloadLink string

locations

name string

certificateStatus string

Possible enum values:

  • initializing

  • ready

  • pendingDnsConfig

  • pendingCertificate

  • ignored

dnsConfig

type string

ttl integer

host string

value string

Copyright © 2024 Control Plane Corporation. All rights reserved. Revision fe68539f
Contents