Overview
agent
auditctx
cloudaccount
- GETGet a cloud account by name
- DELDelete an cloud account by name
- PATCHPerform a Patch on a cloud account by name
- GETGet all cloud accounts
- POSTCreate a cloud account
- POSTGet all cloud accounts based on a query
- GETGet the access report for a cloud account by name
- GETGet available permissions for a cloud account resource type
domain
group
gvc
identity
- GETGet an identity by GVC and name
- DELDelete an identity by GVC and name
- PATCHPerform a Patch on an identity by name
- GETGet all identities in a GVC
- POSTCreate an identity
- GETGet all identities from all GVCs
- POSTGet all GVC identities based on a query
- GETGet the access report for an identity by GVC and name
- GETGet available permissions for an identity
image
location
org
policy
quota
secret
- GETGet a secret by name
- DELDelete a secret by name
- PATCHPerform a Patch on an IP Set by name
- GETGet all secrets
- POSTCreate a secret
- GETGet the sensitive content of a secret by name
- POSTGet all secrets based on a query
- GETGet the access report for a secret by name
- GETGet available permissions for a secret resource type
serviceaccount
- GETGet a service account by name
- DELDelete a service account by name
- PATCHPerform a Patch on a service account by name
- GETGet all service accounts
- POSTCreate a service account
- POSTGet all service accounts based on a query
- GETGet the access report for a service account by name
- POSTAdd a key to a service account
- GETGet available permissions for a service account resource type
task
user
volumeset
- GETGet a volumeset by GVC and name
- DELDelete a volumeset by name
- PATCHPerform a Patch on a volumeset by name
- GETList volumesets in a GVC you are authorized to view
- POSTCreate a volumeset
- GETGet all volumesets
- POSTGet all volumesets based on a query
- GETGet the access report for a volumeset by GVC and name
- GETGet available permissions for a volumeset resource type
workload
- GETGet a workload by GVC and name
- DELDelete a workload by name
- PATCHPerform a Patch on a workload by name
- GETGet a deployment by GVC, workload and name
- GETList workloads in a GVC you are authorized to view
- POSTCreate a workload
- GETGet all workloads
- GETList deployments in a workload
- POSTGet all workloads based on a query
- GETGet the access report for a workload by GVC and name
- GETGet available permissions for a workload resource type
Perform a Patch on a workload by name
Authorizations
Service account key can be used as API keys
Body
description, tags, gvc, spec Command line arguments passed to the container at runtime. Replaces the CMD arguments of the running container. It is an ordered list.
Optionally override the entrypoint
reserved CPU of the workload when capacityAI is disabled. maximum CPU when CapacityAI is enabled.
20The full image and tag path for a public or private docker registry. Private container images must have valid credentials configured in 'pullSecretLinks' on the GVC (Global Virtual Cloud).
Enables inheritance of GVC environment variables. A variable in spec.env will override a GVC variable with the same name.
A Probe to check if the workload is healthy or should be restarted.
HTTP, HTTPS reserved memory of the workload when capacityAI is disabled. maximum memory when CapacityAI is enabled.
20Minimum CPU when capacityAI is enabled.
20Minimum memory when capacityAI is enabled
20The port in the container which receives external traffic or traffic from other workloads. Only one container is allowed to specify a port.
A Probe to check if the workload is ready to receive additional traffic.
HTTP, HTTPS Mount Object Store (S3, GCS, AzureBlob) buckets as file system
Only applicable to persistent volumes, this determines what Control Plane will do when creating a new workload replica if a corresponding volume exists.
retain, recycle Set defaultOptions for the workload in all Control Plane Locations.
Optional control of inbound and outbound access to the workload for external (public) and internal (service to service) traffic. Access is restricted by default.
The external firewall is used to control access to and from the public internet.
The list of ipv4/ipv6 addresses or cidr blocks that this workload is allowed reach. No outbound access is allowed by default. Specify '0.0.0.0/0' to allow outbound access to the public internet (not recommended).
The list of public hostnames that this workload is allowed to reach. No outbound access is allowed by default. A wildcard '' is allowed on the prefix of the hostname only, ex: '.amazonaws.com'. Use 'outboundAllowCIDR' to allow access to all external websites (not recommended). The ports 80, 443 & 445 are allowed by default. This can be modified using the outboundAllowPort setting.
Allow outbound access to specific ports and protocols. When not specified, communication to address ranges in outboundAllowCIDR is allowed on all ports and communication to names in outboundAllowHostname is allowed on ports 80/443.
The list of ipv4/ipv6 addresses or cidr blocks that this workload is NOT allowed reach. Addresses in the allow list will only be allowed if they do not exist in this list.
The internal firewall is used to control access between workloads.
Used to control the internal firewall configuration and mutual tls. 'none': no access is allowed between this workload and other workloads on Control Plane. 'same-gvc': workloads running on the same Global Virtual Cloud are allowed to access this workload internally. 'same-org': workloads running on the same Control Plane Organization are allowed to access this workload internally. 'workload-list': specific workloads provided in the 'inboundAllowWorkload' array are allowed to access this workload internally.
none, same-gvc, same-org, workload-list A list of specific workloads which are allowed to access this workload internally.
The identityLink is used as the access scope for 3rd party cloud resources. A single identity can provide access to multiple cloud providers.
The maximum number of seconds Control Plane will wait for the job to complete. If a job does not succeed or fail in the allotted time, Control Plane will stop the job, moving it into the Removed status.
Either 'Forbid' or 'Replace'. This determines what Control Plane will do when the schedule requires a job to start, while a prior instance of the job is still running.
Forbid, Replace The maximum number of completed job instances to display. This should be an integer between 1 and 10.
Either 'OnFailure' or 'Never'. This determines what Control Plane will do when a job instance fails.
OnFailure, Never A standard cron schedule expression used to determine when your job should execute.
direct load balancers are created in each location that a workload is running in and are configured for the standard endpoints of the workload. Customers are responsible for configuring the workload with certificates if TLS is required
when disabled, this load balancer will be stopped
list of ports that will be exposed by this load balancer
The port on the container tha will receive this traffic
The port that is available publicly
The protocol that is exposed publicly
TCP, UDP overrides the default https url scheme that will be used for links in the UI and status
http, tcp, https, ws, wss When enabled, geo location headers will be included on inbound http requests. Existing headers will be replaced.
The geo asn header
The geo city header
The geo country header
The geo region header
The group id assigned to any mounted volume
STATIC, STRICT_DNS, LOGICAL_DNS, EDS, ORIGINAL_DST Only applicable to persistent volumes, this determines what Control Plane will do when creating a new workload replica if a corresponding volume exists.
retain, recycle If this is enabled, Control Plane will automatically redeploy your workload when one of the container images is updated in the container registry.
serverless, standard, cron, stateful 250Command line arguments passed to the container at runtime. Replaces the CMD arguments of the running container. It is an ordered list.
Optionally override the entrypoint
reserved CPU of the workload when capacityAI is disabled. maximum CPU when CapacityAI is enabled.
20The full image and tag path for a public or private docker registry. Private container images must have valid credentials configured in 'pullSecretLinks' on the GVC (Global Virtual Cloud).
Enables inheritance of GVC environment variables. A variable in spec.env will override a GVC variable with the same name.
A Probe to check if the workload is healthy or should be restarted.
HTTP, HTTPS reserved memory of the workload when capacityAI is disabled. maximum memory when CapacityAI is enabled.
20Minimum CPU when capacityAI is enabled.
20Minimum memory when capacityAI is enabled
20The port in the container which receives external traffic or traffic from other workloads. Only one container is allowed to specify a port.
A Probe to check if the workload is ready to receive additional traffic.
HTTP, HTTPS Mount Object Store (S3, GCS, AzureBlob) buckets as file system
Only applicable to persistent volumes, this determines what Control Plane will do when creating a new workload replica if a corresponding volume exists.
retain, recycle type, identityLink, containers, firewallConfig, defaultOptions, localOptions, job, sidecar, supportDynamicTags, rolloutOptions, securityOptions, loadBalancer, extras, requestRetryPolicy Only applicable to persistent volumes, this determines what Control Plane will do when creating a new workload replica if a corresponding volume exists.
retain, recycle image, workingDir, metrics, port, ports, memory, readinessProbe, livenessProbe, cpu, minCpu, minMemory, env, gpu, inheritEnv, command, args, lifecycle, volumes uri, recoveryPolicy, path Only applicable to persistent volumes, this determines what Control Plane will do when creating a new workload replica if a corresponding volume exists.
retain, recycle A Probe to check if the workload is healthy or should be restarted.
HTTP, HTTPS A Probe to check if the workload is ready to receive additional traffic.
HTTP, HTTPS Command line arguments passed to the container at runtime. Replaces the CMD arguments of the running container. It is an ordered list.
Optionally override the entrypoint
reserved CPU of the workload when capacityAI is disabled. maximum CPU when CapacityAI is enabled.
20nvidia The full image and tag path for a public or private docker registry. Private container images must have valid credentials configured in 'pullSecretLinks' on the GVC (Global Virtual Cloud).
Enables inheritance of GVC environment variables. A variable in spec.env will override a GVC variable with the same name.
postStart, preStop exec, grpc, tcpSocket, httpGet, initialDelaySeconds, periodSeconds, timeoutSeconds, successThreshold, failureThreshold HTTP, HTTPS command path, port, httpHeaders, scheme HTTP, HTTPS reserved memory of the workload when capacityAI is disabled. maximum memory when CapacityAI is enabled.
20Minimum CPU when capacityAI is enabled.
20Minimum memory when capacityAI is enabled
20The port in the container which receives external traffic or traffic from other workloads. Only one container is allowed to specify a port.
exec, grpc, tcpSocket, httpGet, initialDelaySeconds, periodSeconds, timeoutSeconds, successThreshold, failureThreshold HTTP, HTTPS command path, port, httpHeaders, scheme HTTP, HTTPS Mount Object Store (S3, GCS, AzureBlob) buckets as file system
Only applicable to persistent volumes, this determines what Control Plane will do when creating a new workload replica if a corresponding volume exists.
retain, recycle Set defaultOptions for the workload in all Control Plane Locations.
Optional control of inbound and outbound access to the workload for external (public) and internal (service to service) traffic. Access is restricted by default.
The external firewall is used to control access to and from the public internet.
The list of ipv4/ipv6 addresses or cidr blocks that this workload is allowed reach. No outbound access is allowed by default. Specify '0.0.0.0/0' to allow outbound access to the public internet (not recommended).
The list of public hostnames that this workload is allowed to reach. No outbound access is allowed by default. A wildcard '' is allowed on the prefix of the hostname only, ex: '.amazonaws.com'. Use 'outboundAllowCIDR' to allow access to all external websites (not recommended). The ports 80, 443 & 445 are allowed by default. This can be modified using the outboundAllowPort setting.
Allow outbound access to specific ports and protocols. When not specified, communication to address ranges in outboundAllowCIDR is allowed on all ports and communication to names in outboundAllowHostname is allowed on ports 80/443.
The list of ipv4/ipv6 addresses or cidr blocks that this workload is NOT allowed reach. Addresses in the allow list will only be allowed if they do not exist in this list.
The internal firewall is used to control access between workloads.
Used to control the internal firewall configuration and mutual tls. 'none': no access is allowed between this workload and other workloads on Control Plane. 'same-gvc': workloads running on the same Global Virtual Cloud are allowed to access this workload internally. 'same-org': workloads running on the same Control Plane Organization are allowed to access this workload internally. 'workload-list': specific workloads provided in the 'inboundAllowWorkload' array are allowed to access this workload internally.
none, same-gvc, same-org, workload-list A list of specific workloads which are allowed to access this workload internally.
The maximum number of seconds Control Plane will wait for the job to complete. If a job does not succeed or fail in the allotted time, Control Plane will stop the job, moving it into the Removed status.
Either 'Forbid' or 'Replace'. This determines what Control Plane will do when the schedule requires a job to start, while a prior instance of the job is still running.
Forbid, Replace The maximum number of completed job instances to display. This should be an integer between 1 and 10.
Either 'OnFailure' or 'Never'. This determines what Control Plane will do when a job instance fails.
OnFailure, Never A standard cron schedule expression used to determine when your job should execute.
direct load balancers are created in each location that a workload is running in and are configured for the standard endpoints of the workload. Customers are responsible for configuring the workload with certificates if TLS is required
when disabled, this load balancer will be stopped
list of ports that will be exposed by this load balancer
The port on the container tha will receive this traffic
The port that is available publicly
The protocol that is exposed publicly
TCP, UDP overrides the default https url scheme that will be used for links in the UI and status
http, tcp, https, ws, wss When enabled, geo location headers will be included on inbound http requests. Existing headers will be replaced.
The geo asn header
The geo city header
The geo country header
The geo region header
The group id assigned to any mounted volume
STATIC, STRICT_DNS, LOGICAL_DNS, EDS, ORIGINAL_DST Only applicable to persistent volumes, this determines what Control Plane will do when creating a new workload replica if a corresponding volume exists.
retain, recycle Command line arguments passed to the container at runtime. Replaces the CMD arguments of the running container. It is an ordered list.
Optionally override the entrypoint
reserved CPU of the workload when capacityAI is disabled. maximum CPU when CapacityAI is enabled.
20The full image and tag path for a public or private docker registry. Private container images must have valid credentials configured in 'pullSecretLinks' on the GVC (Global Virtual Cloud).
Enables inheritance of GVC environment variables. A variable in spec.env will override a GVC variable with the same name.
A Probe to check if the workload is healthy or should be restarted.
reserved memory of the workload when capacityAI is disabled. maximum memory when CapacityAI is enabled.
20Minimum CPU when capacityAI is enabled.
20Minimum memory when capacityAI is enabled
20The port in the container which receives external traffic or traffic from other workloads. Only one container is allowed to specify a port.
A Probe to check if the workload is ready to receive additional traffic.
Mount Object Store (S3, GCS, AzureBlob) buckets as file system
Only applicable to persistent volumes, this determines what Control Plane will do when creating a new workload replica if a corresponding volume exists.
retain, recycle affinity, tolerations, topologySpreadConstraints external, internal The external firewall is used to control access to and from the public internet.
The list of ipv4/ipv6 addresses or cidr blocks that this workload is allowed reach. No outbound access is allowed by default. Specify '0.0.0.0/0' to allow outbound access to the public internet (not recommended).
The list of public hostnames that this workload is allowed to reach. No outbound access is allowed by default. A wildcard '' is allowed on the prefix of the hostname only, ex: '.amazonaws.com'. Use 'outboundAllowCIDR' to allow access to all external websites (not recommended). The ports 80, 443 & 445 are allowed by default. This can be modified using the outboundAllowPort setting.
Allow outbound access to specific ports and protocols. When not specified, communication to address ranges in outboundAllowCIDR is allowed on all ports and communication to names in outboundAllowHostname is allowed on ports 80/443.
The list of ipv4/ipv6 addresses or cidr blocks that this workload is NOT allowed reach. Addresses in the allow list will only be allowed if they do not exist in this list.
The internal firewall is used to control access between workloads.
Used to control the internal firewall configuration and mutual tls. 'none': no access is allowed between this workload and other workloads on Control Plane. 'same-gvc': workloads running on the same Global Virtual Cloud are allowed to access this workload internally. 'same-org': workloads running on the same Control Plane Organization are allowed to access this workload internally. 'workload-list': specific workloads provided in the 'inboundAllowWorkload' array are allowed to access this workload internally.
none, same-gvc, same-org, workload-list A list of specific workloads which are allowed to access this workload internally.
inboundAllowCIDR, inboundBlockedCIDR, outboundAllowHostname, outboundAllowPort, outboundAllowCIDR, outboundBlockedCIDR protocol, number http, https, tcp The list of ipv4/ipv6 addresses or cidr blocks that this workload is allowed reach. No outbound access is allowed by default. Specify '0.0.0.0/0' to allow outbound access to the public internet (not recommended).
The list of public hostnames that this workload is allowed to reach. No outbound access is allowed by default. A wildcard '' is allowed on the prefix of the hostname only, ex: '.amazonaws.com'. Use 'outboundAllowCIDR' to allow access to all external websites (not recommended). The ports 80, 443 & 445 are allowed by default. This can be modified using the outboundAllowPort setting.
Allow outbound access to specific ports and protocols. When not specified, communication to address ranges in outboundAllowCIDR is allowed on all ports and communication to names in outboundAllowHostname is allowed on ports 80/443.
The list of ipv4/ipv6 addresses or cidr blocks that this workload is NOT allowed reach. Addresses in the allow list will only be allowed if they do not exist in this list.
inboundAllowType, inboundAllowWorkload Used to control the internal firewall configuration and mutual tls. 'none': no access is allowed between this workload and other workloads on Control Plane. 'same-gvc': workloads running on the same Global Virtual Cloud are allowed to access this workload internally. 'same-org': workloads running on the same Control Plane Organization are allowed to access this workload internally. 'workload-list': specific workloads provided in the 'inboundAllowWorkload' array are allowed to access this workload internally.
none, same-gvc, same-org, workload-list A list of specific workloads which are allowed to access this workload internally.
The identityLink is used as the access scope for 3rd party cloud resources. A single identity can provide access to multiple cloud providers.
schedule, concurrencyPolicy, historyLimit, restartPolicy, activeDeadlineSeconds The maximum number of seconds Control Plane will wait for the job to complete. If a job does not succeed or fail in the allotted time, Control Plane will stop the job, moving it into the Removed status.
Either 'Forbid' or 'Replace'. This determines what Control Plane will do when the schedule requires a job to start, while a prior instance of the job is still running.
Forbid, Replace The maximum number of completed job instances to display. This should be an integer between 1 and 10.
Either 'OnFailure' or 'Never'. This determines what Control Plane will do when a job instance fails.
OnFailure, Never A standard cron schedule expression used to determine when your job should execute.
direct, geoLocation direct load balancers are created in each location that a workload is running in and are configured for the standard endpoints of the workload. Customers are responsible for configuring the workload with certificates if TLS is required
when disabled, this load balancer will be stopped
list of ports that will be exposed by this load balancer
The port on the container tha will receive this traffic
The port that is available publicly
The protocol that is exposed publicly
TCP, UDP overrides the default https url scheme that will be used for links in the UI and status
http, tcp, https, ws, wss When enabled, geo location headers will be included on inbound http requests. Existing headers will be replaced.
The geo asn header
The geo city header
The geo country header
The geo region header
The port on the container tha will receive this traffic
The port that is available publicly
The protocol that is exposed publicly
TCP, UDP overrides the default https url scheme that will be used for links in the UI and status
http, tcp, https, ws, wss enabled, ports, ipSet externalPort, protocol, scheme, containerPort The port on the container tha will receive this traffic
The port that is available publicly
The protocol that is exposed publicly
TCP, UDP overrides the default https url scheme that will be used for links in the UI and status
http, tcp, https, ws, wss when disabled, this load balancer will be stopped
list of ports that will be exposed by this load balancer
The port on the container tha will receive this traffic
The port that is available publicly
The protocol that is exposed publicly
TCP, UDP overrides the default https url scheme that will be used for links in the UI and status
http, tcp, https, ws, wss enabled, headers The geo asn header
The geo city header
The geo country header
The geo region header
When enabled, geo location headers will be included on inbound http requests. Existing headers will be replaced.
asn, city, country, region The geo asn header
The geo city header
The geo country header
The geo region header
envoy STATIC, STRICT_DNS, LOGICAL_DNS, EDS, ORIGINAL_DST Only applicable to persistent volumes, this determines what Control Plane will do when creating a new workload replica if a corresponding volume exists.
retain, recycle STATIC, STRICT_DNS, LOGICAL_DNS, EDS, ORIGINAL_DST Only applicable to persistent volumes, this determines what Control Plane will do when creating a new workload replica if a corresponding volume exists.
retain, recycle accessLog, clusters, excludedExternalAuth, excludedRateLimit, http, network, volumes priority, excludedWorkloads, typed_config envoy.http_grpc_access_log excludedWorkloads, transport_socket_matches, alt_stat_name, type, cluster_type, eds_cluster_config, connect_timeout, per_connection_buffer_limit_bytes, lb_policy, load_assignment, health_checks, max_requests_per_connection, circuit_breakers, upstream_http_protocol_options, common_http_protocol_options, http_protocol_options, http2_protocol_options, typed_extension_protocol_options, dns_refresh_rate, dns_failure_refresh_rate, respect_dns_ttl, dns_lookup_family, dns_resolvers, use_tcp_for_dns_lookups, dns_resolution_config, typed_dns_resolver_config, wait_for_warm_on_init, outlier_detection, cleanup_interval, upstream_bind_config, lb_subset_config, ring_hash_lb_config, maglev_lb_config, least_request_lb_config, common_lb_config, transport_socket, metadata, protocol_selection, upstream_connection_options, close_connections_on_host_health_failure, ignore_health_on_host_removal, filters, load_balancing_policy, track_timeout_budgets, upstream_config, track_cluster_stats, preconnect_policy, connection_pool_per_downstream_connection STATIC, STRICT_DNS, LOGICAL_DNS, EDS, ORIGINAL_DST match, port, svcPort match, port, svcPort uri, recoveryPolicy, path Only applicable to persistent volumes, this determines what Control Plane will do when creating a new workload replica if a corresponding volume exists.
retain, recycle STATIC, STRICT_DNS, LOGICAL_DNS, EDS, ORIGINAL_DST Only applicable to persistent volumes, this determines what Control Plane will do when creating a new workload replica if a corresponding volume exists.
retain, recycle If this is enabled, Control Plane will automatically redeploy your workload when one of the container images is updated in the container registry.
serverless, standard, cron, stateful Response
25049Command line arguments passed to the container at runtime. Replaces the CMD arguments of the running container. It is an ordered list.
Optionally override the entrypoint
reserved CPU of the workload when capacityAI is disabled. maximum CPU when CapacityAI is enabled.
20The full image and tag path for a public or private docker registry. Private container images must have valid credentials configured in 'pullSecretLinks' on the GVC (Global Virtual Cloud).
Enables inheritance of GVC environment variables. A variable in spec.env will override a GVC variable with the same name.
A Probe to check if the workload is healthy or should be restarted.
reserved memory of the workload when capacityAI is disabled. maximum memory when CapacityAI is enabled.
20Minimum CPU when capacityAI is enabled.
20Minimum memory when capacityAI is enabled
20The name of the container.
64The port in the container which receives external traffic or traffic from other workloads. Only one container is allowed to specify a port.
A Probe to check if the workload is ready to receive additional traffic.
Mount Object Store (S3, GCS, AzureBlob) buckets as file system
Only applicable to persistent volumes, this determines what Control Plane will do when creating a new workload replica if a corresponding volume exists.
retain, recycle Set defaultOptions for the workload in all Control Plane Locations.
Optional control of inbound and outbound access to the workload for external (public) and internal (service to service) traffic. Access is restricted by default.
The external firewall is used to control access to and from the public internet.
The list of ipv4/ipv6 addresses or cidr blocks that this workload is allowed reach. No outbound access is allowed by default. Specify '0.0.0.0/0' to allow outbound access to the public internet (not recommended).
The list of public hostnames that this workload is allowed to reach. No outbound access is allowed by default. A wildcard '' is allowed on the prefix of the hostname only, ex: '.amazonaws.com'. Use 'outboundAllowCIDR' to allow access to all external websites (not recommended). The ports 80, 443 & 445 are allowed by default. This can be modified using the outboundAllowPort setting.
Allow outbound access to specific ports and protocols. When not specified, communication to address ranges in outboundAllowCIDR is allowed on all ports and communication to names in outboundAllowHostname is allowed on ports 80/443.
The list of ipv4/ipv6 addresses or cidr blocks that this workload is NOT allowed reach. Addresses in the allow list will only be allowed if they do not exist in this list.
The internal firewall is used to control access between workloads.
Used to control the internal firewall configuration and mutual tls. 'none': no access is allowed between this workload and other workloads on Control Plane. 'same-gvc': workloads running on the same Global Virtual Cloud are allowed to access this workload internally. 'same-org': workloads running on the same Control Plane Organization are allowed to access this workload internally. 'workload-list': specific workloads provided in the 'inboundAllowWorkload' array are allowed to access this workload internally.
none, same-gvc, same-org, workload-list A list of specific workloads which are allowed to access this workload internally.
The identityLink is used as the access scope for 3rd party cloud resources. A single identity can provide access to multiple cloud providers.
The maximum number of seconds Control Plane will wait for the job to complete. If a job does not succeed or fail in the allotted time, Control Plane will stop the job, moving it into the Removed status.
Either 'Forbid' or 'Replace'. This determines what Control Plane will do when the schedule requires a job to start, while a prior instance of the job is still running.
Forbid, Replace The maximum number of completed job instances to display. This should be an integer between 1 and 10.
Either 'OnFailure' or 'Never'. This determines what Control Plane will do when a job instance fails.
OnFailure, Never A standard cron schedule expression used to determine when your job should execute.
direct load balancers are created in each location that a workload is running in and are configured for the standard endpoints of the workload. Customers are responsible for configuring the workload with certificates if TLS is required
when disabled, this load balancer will be stopped
list of ports that will be exposed by this load balancer
The port on the container tha will receive this traffic
The port that is available publicly
The protocol that is exposed publicly
TCP, UDP overrides the default https url scheme that will be used for links in the UI and status
http, tcp, https, ws, wss When enabled, geo location headers will be included on inbound http requests. Existing headers will be replaced.
The group id assigned to any mounted volume
STATIC, STRICT_DNS, LOGICAL_DNS, EDS, ORIGINAL_DST Only applicable to persistent volumes, this determines what Control Plane will do when creating a new workload replica if a corresponding volume exists.
retain, recycle If this is enabled, Control Plane will automatically redeploy your workload when one of the container images is updated in the container registry.
serverless, standard, cron, stateful