1. Packages
  2. Kubernetes Cert Manager
  3. API Docs
  4. CertManager
Kubernetes Cert Manager v0.0.5 published on Wednesday, Nov 23, 2022 by Pulumi

kubernetes-cert-manager.CertManager

Explore with Pulumi AI

kubernetes-cert-manager logo
Kubernetes Cert Manager v0.0.5 published on Wednesday, Nov 23, 2022 by Pulumi

    Automates the management and issuance of TLS certificates from various issuing sources within Kubernetes

    Create CertManager Resource

    new CertManager(name: string, args?: CertManagerArgs, opts?: CustomResourceOptions);
    @overload
    def CertManager(resource_name: str,
                    opts: Optional[ResourceOptions] = None,
                    affinity: Optional[pulumi_kubernetes.core.v1.AffinityArgs] = None,
                    cainjector: Optional[CertManagerCaInjectorArgs] = None,
                    cluster_resource_namespace: Optional[str] = None,
                    container_security_context: Optional[pulumi_kubernetes.core.v1.SecurityContextArgs] = None,
                    deployment_annotations: Optional[Mapping[str, str]] = None,
                    extra_args: Optional[Sequence[str]] = None,
                    extra_env: Optional[Sequence[pulumi_kubernetes.core.v1.EnvVarArgs]] = None,
                    extra_volume_mounts: Optional[Sequence[pulumi_kubernetes.core.v1.VolumeMountArgs]] = None,
                    extra_volumes: Optional[Sequence[pulumi_kubernetes.core.v1.VolumeArgs]] = None,
                    feature_gates: Optional[str] = None,
                    global_: Optional[CertManagerGlobalArgs] = None,
                    helm_options: Optional[ReleaseArgs] = None,
                    http_proxy: Optional[str] = None,
                    https_proxy: Optional[str] = None,
                    image: Optional[CertManagerImageArgs] = None,
                    ingress_shim: Optional[CertManagerIngressShimArgs] = None,
                    install_crds: Optional[bool] = None,
                    no_proxy: Optional[Sequence[str]] = None,
                    node_selector: Optional[pulumi_kubernetes.core.v1.NodeSelectorArgs] = None,
                    pod_annotations: Optional[Mapping[str, str]] = None,
                    pod_dns_config: Optional[pulumi_kubernetes.core.v1.PodDNSConfigArgs] = None,
                    pod_dns_policy: Optional[str] = None,
                    pod_labels: Optional[Mapping[str, str]] = None,
                    prometheus: Optional[CertManagerPrometheusArgs] = None,
                    replica_count: Optional[int] = None,
                    resources: Optional[pulumi_kubernetes.core.v1.ResourceRequirementsArgs] = None,
                    security_context: Optional[pulumi_kubernetes.core.v1.PodSecurityContextArgs] = None,
                    service_account: Optional[CertManagerServiceAccountArgs] = None,
                    service_annotations: Optional[Mapping[str, str]] = None,
                    service_labels: Optional[Mapping[str, str]] = None,
                    startupapicheck: Optional[CertManagerStartupAPICheckArgs] = None,
                    strategy: Optional[pulumi_kubernetes.apps.v1.DeploymentStrategyArgs] = None,
                    tolerations: Optional[Sequence[pulumi_kubernetes.core.v1.TolerationArgs]] = None,
                    webhook: Optional[CertManagerWebhookArgs] = None)
    @overload
    def CertManager(resource_name: str,
                    args: Optional[CertManagerArgs] = None,
                    opts: Optional[ResourceOptions] = None)
    func NewCertManager(ctx *Context, name string, args *CertManagerArgs, opts ...ResourceOption) (*CertManager, error)
    public CertManager(string name, CertManagerArgs? args = null, CustomResourceOptions? opts = null)
    public CertManager(String name, CertManagerArgs args)
    public CertManager(String name, CertManagerArgs args, CustomResourceOptions options)
    
    type: kubernetes-cert-manager:CertManager
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    
    name string
    The unique name of the resource.
    args CertManagerArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args CertManagerArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args CertManagerArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args CertManagerArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args CertManagerArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    CertManager Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The CertManager resource accepts the following input properties:

    Affinity Pulumi.Kubernetes.Types.Inputs.Core.V1.Affinity
    Cainjector Pulumi.KubernetesCertManager.Inputs.CertManagerCaInjector
    ClusterResourceNamespace string

    Override the namespace used to store DNS provider credentials etc. for ClusterIssuer resources. By default, the same namespace as cert-manager is deployed within is used. This namespace will not be automatically created by the Helm chart.

    ContainerSecurityContext Pulumi.Kubernetes.Types.Inputs.Core.V1.SecurityContext

    Container Security Context to be set on the controller component container. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

    DeploymentAnnotations Dictionary<string, string>

    Optional additional annotations to add to the controller Deployment

    ExtraArgs List<string>

    Optional additional arguments.

    ExtraEnv List<Pulumi.Kubernetes.Types.Inputs.Core.V1.EnvVar>
    ExtraVolumeMounts List<Pulumi.Kubernetes.Types.Inputs.Core.V1.VolumeMount>
    ExtraVolumes List<Pulumi.Kubernetes.Types.Inputs.Core.V1.Volume>
    FeatureGates string

    Comma separated list of feature gates that should be enabled on the controller pod.

    Global Pulumi.KubernetesCertManager.Inputs.CertManagerGlobal
    HelmOptions Pulumi.KubernetesCertManager.Inputs.Release

    HelmOptions is an escape hatch that lets the end user control any aspect of the Helm deployment. This exposes the entirety of the underlying Helm Release component args.

    Http_proxy string
    Https_proxy string
    Image Pulumi.KubernetesCertManager.Inputs.CertManagerImage
    IngressShim Pulumi.KubernetesCertManager.Inputs.CertManagerIngressShim
    InstallCRDs bool
    No_proxy List<string>
    NodeSelector Pulumi.Kubernetes.Types.Inputs.Core.V1.NodeSelector
    PodAnnotations Dictionary<string, string>

    Optional additional annotations to add to the controller Pods

    PodDnsConfig Pulumi.Kubernetes.Types.Inputs.Core.V1.PodDNSConfig
    PodDnsPolicy string

    Optional DNS settings, useful if you have a public and private DNS zone for the same domain on Route 53. What follows is an example of ensuring cert-manager can access an ingress or DNS TXT records at all times. NOTE: This requires Kubernetes 1.10 or CustomPodDNS feature gate enabled for the cluster to work.

    PodLabels Dictionary<string, string>
    Prometheus Pulumi.KubernetesCertManager.Inputs.CertManagerPrometheus
    ReplicaCount int
    Resources Pulumi.Kubernetes.Types.Inputs.Core.V1.ResourceRequirements
    SecurityContext Pulumi.Kubernetes.Types.Inputs.Core.V1.PodSecurityContext

    Pod Security Context. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

    ServiceAccount Pulumi.KubernetesCertManager.Inputs.CertManagerServiceAccount
    ServiceAnnotations Dictionary<string, string>

    Optional additional annotations to add to the controller service

    ServiceLabels Dictionary<string, string>

    Optional additional labels to add to the controller Service

    Startupapicheck Pulumi.KubernetesCertManager.Inputs.CertManagerStartupAPICheck
    Strategy Pulumi.Kubernetes.Types.Inputs.Apps.V1.DeploymentStrategy
    Tolerations List<Pulumi.Kubernetes.Types.Inputs.Core.V1.Toleration>
    Webhook Pulumi.KubernetesCertManager.Inputs.CertManagerWebhook
    Affinity AffinityArgs
    Cainjector CertManagerCaInjectorArgs
    ClusterResourceNamespace string

    Override the namespace used to store DNS provider credentials etc. for ClusterIssuer resources. By default, the same namespace as cert-manager is deployed within is used. This namespace will not be automatically created by the Helm chart.

    ContainerSecurityContext SecurityContextArgs

    Container Security Context to be set on the controller component container. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

    DeploymentAnnotations map[string]string

    Optional additional annotations to add to the controller Deployment

    ExtraArgs []string

    Optional additional arguments.

    ExtraEnv EnvVarArgs
    ExtraVolumeMounts VolumeMountArgs
    ExtraVolumes VolumeArgs
    FeatureGates string

    Comma separated list of feature gates that should be enabled on the controller pod.

    Global CertManagerGlobalArgs
    HelmOptions ReleaseArgs

    HelmOptions is an escape hatch that lets the end user control any aspect of the Helm deployment. This exposes the entirety of the underlying Helm Release component args.

    Http_proxy string
    Https_proxy string
    Image CertManagerImageArgs
    IngressShim CertManagerIngressShimArgs
    InstallCRDs bool
    No_proxy []string
    NodeSelector NodeSelectorArgs
    PodAnnotations map[string]string

    Optional additional annotations to add to the controller Pods

    PodDnsConfig PodDNSConfigArgs
    PodDnsPolicy string

    Optional DNS settings, useful if you have a public and private DNS zone for the same domain on Route 53. What follows is an example of ensuring cert-manager can access an ingress or DNS TXT records at all times. NOTE: This requires Kubernetes 1.10 or CustomPodDNS feature gate enabled for the cluster to work.

    PodLabels map[string]string
    Prometheus CertManagerPrometheusArgs
    ReplicaCount int
    Resources ResourceRequirementsArgs
    SecurityContext PodSecurityContextArgs

    Pod Security Context. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

    ServiceAccount CertManagerServiceAccountArgs
    ServiceAnnotations map[string]string

    Optional additional annotations to add to the controller service

    ServiceLabels map[string]string

    Optional additional labels to add to the controller Service

    Startupapicheck CertManagerStartupAPICheckArgs
    Strategy DeploymentStrategyArgs
    Tolerations TolerationArgs
    Webhook CertManagerWebhookArgs
    affinity Affinity
    cainjector CertManagerCaInjector
    clusterResourceNamespace String

    Override the namespace used to store DNS provider credentials etc. for ClusterIssuer resources. By default, the same namespace as cert-manager is deployed within is used. This namespace will not be automatically created by the Helm chart.

    containerSecurityContext SecurityContext

    Container Security Context to be set on the controller component container. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

    deploymentAnnotations Map<String,String>

    Optional additional annotations to add to the controller Deployment

    extraArgs List<String>

    Optional additional arguments.

    extraEnv List<EnvVar>
    extraVolumeMounts List<VolumeMount>
    extraVolumes List<Volume>
    featureGates String

    Comma separated list of feature gates that should be enabled on the controller pod.

    global CertManagerGlobal
    helmOptions Release

    HelmOptions is an escape hatch that lets the end user control any aspect of the Helm deployment. This exposes the entirety of the underlying Helm Release component args.

    http_proxy String
    https_proxy String
    image CertManagerImage
    ingressShim CertManagerIngressShim
    installCRDs Boolean
    no_proxy List<String>
    nodeSelector NodeSelector
    podAnnotations Map<String,String>

    Optional additional annotations to add to the controller Pods

    podDnsConfig PodDNSConfig
    podDnsPolicy String

    Optional DNS settings, useful if you have a public and private DNS zone for the same domain on Route 53. What follows is an example of ensuring cert-manager can access an ingress or DNS TXT records at all times. NOTE: This requires Kubernetes 1.10 or CustomPodDNS feature gate enabled for the cluster to work.

    podLabels Map<String,String>
    prometheus CertManagerPrometheus
    replicaCount Integer
    resources ResourceRequirements
    securityContext PodSecurityContext

    Pod Security Context. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

    serviceAccount CertManagerServiceAccount
    serviceAnnotations Map<String,String>

    Optional additional annotations to add to the controller service

    serviceLabels Map<String,String>

    Optional additional labels to add to the controller Service

    startupapicheck CertManagerStartupAPICheck
    strategy DeploymentStrategy
    tolerations List<Toleration>
    webhook CertManagerWebhook
    affinity pulumiKubernetestypesinputcorev1Affinity
    cainjector CertManagerCaInjector
    clusterResourceNamespace string

    Override the namespace used to store DNS provider credentials etc. for ClusterIssuer resources. By default, the same namespace as cert-manager is deployed within is used. This namespace will not be automatically created by the Helm chart.

    containerSecurityContext pulumiKubernetestypesinputcorev1SecurityContext

    Container Security Context to be set on the controller component container. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

    deploymentAnnotations {[key: string]: string}

    Optional additional annotations to add to the controller Deployment

    extraArgs string[]

    Optional additional arguments.

    extraEnv pulumiKubernetestypesinputcorev1EnvVar[]
    extraVolumeMounts pulumiKubernetestypesinputcorev1VolumeMount[]
    extraVolumes pulumiKubernetestypesinputcorev1Volume[]
    featureGates string

    Comma separated list of feature gates that should be enabled on the controller pod.

    global CertManagerGlobal
    helmOptions Release

    HelmOptions is an escape hatch that lets the end user control any aspect of the Helm deployment. This exposes the entirety of the underlying Helm Release component args.

    http_proxy string
    https_proxy string
    image CertManagerImage
    ingressShim CertManagerIngressShim
    installCRDs boolean
    no_proxy string[]
    nodeSelector pulumiKubernetestypesinputcorev1NodeSelector
    podAnnotations {[key: string]: string}

    Optional additional annotations to add to the controller Pods

    podDnsConfig pulumiKubernetestypesinputcorev1PodDNSConfig
    podDnsPolicy string

    Optional DNS settings, useful if you have a public and private DNS zone for the same domain on Route 53. What follows is an example of ensuring cert-manager can access an ingress or DNS TXT records at all times. NOTE: This requires Kubernetes 1.10 or CustomPodDNS feature gate enabled for the cluster to work.

    podLabels {[key: string]: string}
    prometheus CertManagerPrometheus
    replicaCount number
    resources pulumiKubernetestypesinputcorev1ResourceRequirements
    securityContext pulumiKubernetestypesinputcorev1PodSecurityContext

    Pod Security Context. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

    serviceAccount CertManagerServiceAccount
    serviceAnnotations {[key: string]: string}

    Optional additional annotations to add to the controller service

    serviceLabels {[key: string]: string}

    Optional additional labels to add to the controller Service

    startupapicheck CertManagerStartupAPICheck
    strategy pulumiKubernetestypesinputappsv1DeploymentStrategy
    tolerations pulumiKubernetestypesinputcorev1Toleration[]
    webhook CertManagerWebhook
    affinity AffinityArgs
    cainjector CertManagerCaInjectorArgs
    cluster_resource_namespace str

    Override the namespace used to store DNS provider credentials etc. for ClusterIssuer resources. By default, the same namespace as cert-manager is deployed within is used. This namespace will not be automatically created by the Helm chart.

    container_security_context SecurityContextArgs

    Container Security Context to be set on the controller component container. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

    deployment_annotations Mapping[str, str]

    Optional additional annotations to add to the controller Deployment

    extra_args Sequence[str]

    Optional additional arguments.

    extra_env EnvVarArgs]
    extra_volume_mounts VolumeMountArgs]
    extra_volumes VolumeArgs]
    feature_gates str

    Comma separated list of feature gates that should be enabled on the controller pod.

    global_ CertManagerGlobalArgs
    helm_options ReleaseArgs

    HelmOptions is an escape hatch that lets the end user control any aspect of the Helm deployment. This exposes the entirety of the underlying Helm Release component args.

    http_proxy str
    https_proxy str
    image CertManagerImageArgs
    ingress_shim CertManagerIngressShimArgs
    install_crds bool
    no_proxy Sequence[str]
    node_selector NodeSelectorArgs
    pod_annotations Mapping[str, str]

    Optional additional annotations to add to the controller Pods

    pod_dns_config PodDNSConfigArgs
    pod_dns_policy str

    Optional DNS settings, useful if you have a public and private DNS zone for the same domain on Route 53. What follows is an example of ensuring cert-manager can access an ingress or DNS TXT records at all times. NOTE: This requires Kubernetes 1.10 or CustomPodDNS feature gate enabled for the cluster to work.

    pod_labels Mapping[str, str]
    prometheus CertManagerPrometheusArgs
    replica_count int
    resources ResourceRequirementsArgs
    security_context PodSecurityContextArgs

    Pod Security Context. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

    service_account CertManagerServiceAccountArgs
    service_annotations Mapping[str, str]

    Optional additional annotations to add to the controller service

    service_labels Mapping[str, str]

    Optional additional labels to add to the controller Service

    startupapicheck CertManagerStartupAPICheckArgs
    strategy DeploymentStrategyArgs
    tolerations TolerationArgs]
    webhook CertManagerWebhookArgs
    affinity Property Map
    cainjector Property Map
    clusterResourceNamespace String

    Override the namespace used to store DNS provider credentials etc. for ClusterIssuer resources. By default, the same namespace as cert-manager is deployed within is used. This namespace will not be automatically created by the Helm chart.

    containerSecurityContext Property Map

    Container Security Context to be set on the controller component container. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

    deploymentAnnotations Map<String>

    Optional additional annotations to add to the controller Deployment

    extraArgs List<String>

    Optional additional arguments.

    extraEnv List<Property Map>
    extraVolumeMounts List<Property Map>
    extraVolumes List<Property Map>
    featureGates String

    Comma separated list of feature gates that should be enabled on the controller pod.

    global Property Map
    helmOptions Property Map

    HelmOptions is an escape hatch that lets the end user control any aspect of the Helm deployment. This exposes the entirety of the underlying Helm Release component args.

    http_proxy String
    https_proxy String
    image Property Map
    ingressShim Property Map
    installCRDs Boolean
    no_proxy List<String>
    nodeSelector Property Map
    podAnnotations Map<String>

    Optional additional annotations to add to the controller Pods

    podDnsConfig Property Map
    podDnsPolicy String

    Optional DNS settings, useful if you have a public and private DNS zone for the same domain on Route 53. What follows is an example of ensuring cert-manager can access an ingress or DNS TXT records at all times. NOTE: This requires Kubernetes 1.10 or CustomPodDNS feature gate enabled for the cluster to work.

    podLabels Map<String>
    prometheus Property Map
    replicaCount Number
    resources Property Map
    securityContext Property Map

    Pod Security Context. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

    serviceAccount Property Map
    serviceAnnotations Map<String>

    Optional additional annotations to add to the controller service

    serviceLabels Map<String>

    Optional additional labels to add to the controller Service

    startupapicheck Property Map
    strategy Property Map
    tolerations List<Property Map>
    webhook Property Map

    Outputs

    All input properties are implicitly available as output properties. Additionally, the CertManager resource produces the following output properties:

    Status Pulumi.KubernetesCertManager.Outputs.ReleaseStatus

    Detailed information about the status of the underlying Helm deployment.

    Status ReleaseStatus

    Detailed information about the status of the underlying Helm deployment.

    status ReleaseStatus

    Detailed information about the status of the underlying Helm deployment.

    status ReleaseStatus

    Detailed information about the status of the underlying Helm deployment.

    status ReleaseStatus

    Detailed information about the status of the underlying Helm deployment.

    status Property Map

    Detailed information about the status of the underlying Helm deployment.

    Supporting Types

    CertManagerCaInjector, CertManagerCaInjectorArgs

    Affinity Pulumi.Kubernetes.Types.Inputs.Core.V1.Affinity
    ContainerSecurityContext Pulumi.Kubernetes.Types.Inputs.Core.V1.SecurityContext

    Container Security Context to be set on the cainjector component container. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

    DeploymentAnnotations Dictionary<string, string>

    Optional additional annotations to add to the cainjector Deployment

    ExtraArgs List<string>

    Optional additional arguments for cainjector

    Image Pulumi.KubernetesCertManager.Inputs.CertManagerImage
    NodeSelector Dictionary<string, string>
    PodAnnotations Dictionary<string, string>

    Optional additional annotations to add to the cainjector Pods

    PodLabels Dictionary<string, string>

    Optional additional labels to add to the Webhook Pods

    PodSecurityContext Pulumi.Kubernetes.Types.Inputs.Core.V1.PodSecurityContext

    Pod Security Context to be set on the cainjector component Pod. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

    ReplicaCount int
    Resources Pulumi.Kubernetes.Types.Inputs.Core.V1.ResourceRequirements
    ServiceAccount Pulumi.KubernetesCertManager.Inputs.CertManagerServiceAccount
    Strategy Pulumi.Kubernetes.Types.Inputs.Apps.V1.DeploymentStrategy
    TimeoutSeconds int
    Tolerations List<Pulumi.Kubernetes.Types.Inputs.Core.V1.Toleration>
    Affinity Affinity
    ContainerSecurityContext SecurityContext

    Container Security Context to be set on the cainjector component container. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

    DeploymentAnnotations map[string]string

    Optional additional annotations to add to the cainjector Deployment

    ExtraArgs []string

    Optional additional arguments for cainjector

    Image CertManagerImage
    NodeSelector map[string]string
    PodAnnotations map[string]string

    Optional additional annotations to add to the cainjector Pods

    PodLabels map[string]string

    Optional additional labels to add to the Webhook Pods

    PodSecurityContext PodSecurityContext

    Pod Security Context to be set on the cainjector component Pod. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

    ReplicaCount int
    Resources ResourceRequirements
    ServiceAccount CertManagerServiceAccount
    Strategy DeploymentStrategy
    TimeoutSeconds int
    Tolerations Toleration
    affinity Affinity
    containerSecurityContext SecurityContext

    Container Security Context to be set on the cainjector component container. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

    deploymentAnnotations Map<String,String>

    Optional additional annotations to add to the cainjector Deployment

    extraArgs List<String>

    Optional additional arguments for cainjector

    image CertManagerImage
    nodeSelector Map<String,String>
    podAnnotations Map<String,String>

    Optional additional annotations to add to the cainjector Pods

    podLabels Map<String,String>

    Optional additional labels to add to the Webhook Pods

    podSecurityContext PodSecurityContext

    Pod Security Context to be set on the cainjector component Pod. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

    replicaCount Integer
    resources ResourceRequirements
    serviceAccount CertManagerServiceAccount
    strategy DeploymentStrategy
    timeoutSeconds Integer
    tolerations List<Toleration>
    affinity pulumiKubernetestypesinputcorev1Affinity
    containerSecurityContext pulumiKubernetestypesinputcorev1SecurityContext

    Container Security Context to be set on the cainjector component container. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

    deploymentAnnotations {[key: string]: string}

    Optional additional annotations to add to the cainjector Deployment

    extraArgs string[]

    Optional additional arguments for cainjector

    image CertManagerImage
    nodeSelector {[key: string]: string}
    podAnnotations {[key: string]: string}

    Optional additional annotations to add to the cainjector Pods

    podLabels {[key: string]: string}

    Optional additional labels to add to the Webhook Pods

    podSecurityContext pulumiKubernetestypesinputcorev1PodSecurityContext

    Pod Security Context to be set on the cainjector component Pod. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

    replicaCount number
    resources pulumiKubernetestypesinputcorev1ResourceRequirements
    serviceAccount CertManagerServiceAccount
    strategy pulumiKubernetestypesinputappsv1DeploymentStrategy
    timeoutSeconds number
    tolerations pulumiKubernetestypesinputcorev1Toleration[]
    affinity AffinityArgs
    container_security_context SecurityContextArgs

    Container Security Context to be set on the cainjector component container. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

    deployment_annotations Mapping[str, str]

    Optional additional annotations to add to the cainjector Deployment

    extra_args Sequence[str]

    Optional additional arguments for cainjector

    image CertManagerImage
    node_selector Mapping[str, str]
    pod_annotations Mapping[str, str]

    Optional additional annotations to add to the cainjector Pods

    pod_labels Mapping[str, str]

    Optional additional labels to add to the Webhook Pods

    pod_security_context PodSecurityContextArgs

    Pod Security Context to be set on the cainjector component Pod. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

    replica_count int
    resources ResourceRequirementsArgs
    service_account CertManagerServiceAccount
    strategy DeploymentStrategyArgs
    timeout_seconds int
    tolerations TolerationArgs]
    affinity Property Map
    containerSecurityContext Property Map

    Container Security Context to be set on the cainjector component container. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

    deploymentAnnotations Map<String>

    Optional additional annotations to add to the cainjector Deployment

    extraArgs List<String>

    Optional additional arguments for cainjector

    image Property Map
    nodeSelector Map<String>
    podAnnotations Map<String>

    Optional additional annotations to add to the cainjector Pods

    podLabels Map<String>

    Optional additional labels to add to the Webhook Pods

    podSecurityContext Property Map

    Pod Security Context to be set on the cainjector component Pod. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

    replicaCount Number
    resources Property Map
    serviceAccount Property Map
    strategy Property Map
    timeoutSeconds Number
    tolerations List<Property Map>

    CertManagerGlobal, CertManagerGlobalArgs

    ImagePullSecrets List<Pulumi.Kubernetes.Types.Inputs.Core.V1.LocalObjectReference>

    Reference to one or more secrets to be used when pulling images. ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/

    LeaderElection Pulumi.KubernetesCertManager.Inputs.CertManagerGlobalLeaderElection
    LogLevel int

    Set the verbosity of cert-manager. Range of 0 - 6 with 6 being the most verbose.

    PodSecurityPolicy Pulumi.KubernetesCertManager.Inputs.CertManagerGlobalPodSecurityPolicy
    PriorityClassName string

    Optional priority class to be used for the cert-manager pods.

    Rbac Pulumi.KubernetesCertManager.Inputs.CertManagerGlobalRbac
    ImagePullSecrets LocalObjectReference

    Reference to one or more secrets to be used when pulling images. ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/

    LeaderElection CertManagerGlobalLeaderElection
    LogLevel int

    Set the verbosity of cert-manager. Range of 0 - 6 with 6 being the most verbose.

    PodSecurityPolicy CertManagerGlobalPodSecurityPolicy
    PriorityClassName string

    Optional priority class to be used for the cert-manager pods.

    Rbac CertManagerGlobalRbac
    imagePullSecrets List<LocalObjectReference>

    Reference to one or more secrets to be used when pulling images. ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/

    leaderElection CertManagerGlobalLeaderElection
    logLevel Integer

    Set the verbosity of cert-manager. Range of 0 - 6 with 6 being the most verbose.

    podSecurityPolicy CertManagerGlobalPodSecurityPolicy
    priorityClassName String

    Optional priority class to be used for the cert-manager pods.

    rbac CertManagerGlobalRbac
    imagePullSecrets pulumiKubernetestypesinputcorev1LocalObjectReference[]

    Reference to one or more secrets to be used when pulling images. ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/

    leaderElection CertManagerGlobalLeaderElection
    logLevel number

    Set the verbosity of cert-manager. Range of 0 - 6 with 6 being the most verbose.

    podSecurityPolicy CertManagerGlobalPodSecurityPolicy
    priorityClassName string

    Optional priority class to be used for the cert-manager pods.

    rbac CertManagerGlobalRbac
    image_pull_secrets LocalObjectReferenceArgs]

    Reference to one or more secrets to be used when pulling images. ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/

    leader_election CertManagerGlobalLeaderElection
    log_level int

    Set the verbosity of cert-manager. Range of 0 - 6 with 6 being the most verbose.

    pod_security_policy CertManagerGlobalPodSecurityPolicy
    priority_class_name str

    Optional priority class to be used for the cert-manager pods.

    rbac CertManagerGlobalRbac
    imagePullSecrets List<Property Map>

    Reference to one or more secrets to be used when pulling images. ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/

    leaderElection Property Map
    logLevel Number

    Set the verbosity of cert-manager. Range of 0 - 6 with 6 being the most verbose.

    podSecurityPolicy Property Map
    priorityClassName String

    Optional priority class to be used for the cert-manager pods.

    rbac Property Map

    CertManagerGlobalLeaderElection, CertManagerGlobalLeaderElectionArgs

    LeaseDuration string

    The duration that non-leader candidates will wait after observing a leadership renewal until attempting to acquire leadership of a led but unrenewed leader slot. This is effectively the maximum duration that a leader can be stopped before it is replaced by another candidate.

    Namespace string

    Override the namespace used to store the ConfigMap for leader election.

    RenewDeadline string

    The interval between attempts by the acting master to renew a leadership slot before it stops leading. This must be less than or equal to the lease duration.

    LeaseDuration string

    The duration that non-leader candidates will wait after observing a leadership renewal until attempting to acquire leadership of a led but unrenewed leader slot. This is effectively the maximum duration that a leader can be stopped before it is replaced by another candidate.

    Namespace string

    Override the namespace used to store the ConfigMap for leader election.

    RenewDeadline string

    The interval between attempts by the acting master to renew a leadership slot before it stops leading. This must be less than or equal to the lease duration.

    leaseDuration String

    The duration that non-leader candidates will wait after observing a leadership renewal until attempting to acquire leadership of a led but unrenewed leader slot. This is effectively the maximum duration that a leader can be stopped before it is replaced by another candidate.

    namespace String

    Override the namespace used to store the ConfigMap for leader election.

    renewDeadline String

    The interval between attempts by the acting master to renew a leadership slot before it stops leading. This must be less than or equal to the lease duration.

    leaseDuration string

    The duration that non-leader candidates will wait after observing a leadership renewal until attempting to acquire leadership of a led but unrenewed leader slot. This is effectively the maximum duration that a leader can be stopped before it is replaced by another candidate.

    namespace string

    Override the namespace used to store the ConfigMap for leader election.

    renewDeadline string

    The interval between attempts by the acting master to renew a leadership slot before it stops leading. This must be less than or equal to the lease duration.

    lease_duration str

    The duration that non-leader candidates will wait after observing a leadership renewal until attempting to acquire leadership of a led but unrenewed leader slot. This is effectively the maximum duration that a leader can be stopped before it is replaced by another candidate.

    namespace str

    Override the namespace used to store the ConfigMap for leader election.

    renew_deadline str

    The interval between attempts by the acting master to renew a leadership slot before it stops leading. This must be less than or equal to the lease duration.

    leaseDuration String

    The duration that non-leader candidates will wait after observing a leadership renewal until attempting to acquire leadership of a led but unrenewed leader slot. This is effectively the maximum duration that a leader can be stopped before it is replaced by another candidate.

    namespace String

    Override the namespace used to store the ConfigMap for leader election.

    renewDeadline String

    The interval between attempts by the acting master to renew a leadership slot before it stops leading. This must be less than or equal to the lease duration.

    CertManagerGlobalPodSecurityPolicy, CertManagerGlobalPodSecurityPolicyArgs

    enabled Boolean
    useAppArmor Boolean
    enabled boolean
    useAppArmor boolean
    enabled Boolean
    useAppArmor Boolean

    CertManagerGlobalRbac, CertManagerGlobalRbacArgs

    Create bool
    Create bool
    create Boolean
    create boolean
    create bool
    create Boolean

    CertManagerImage, CertManagerImageArgs

    Digest string

    Setting a digest will override any tag, e.g. digest: sha256:0e072dddd1f7f8fc8909a2ca6f65e76c5f0d2fcfb8be47935ae3457e8bbceb20.

    PullPolicy string
    Registry string

    You can manage a registry with registry: quay.io.

    Repository string

    You can manage a registry with repository: jetstack/cert-manager-controller.

    Tag string

    Override the image tag to deploy by setting this variable. If no value is set, the chart's appVersion will be used.

    Digest string

    Setting a digest will override any tag, e.g. digest: sha256:0e072dddd1f7f8fc8909a2ca6f65e76c5f0d2fcfb8be47935ae3457e8bbceb20.

    PullPolicy string
    Registry string

    You can manage a registry with registry: quay.io.

    Repository string

    You can manage a registry with repository: jetstack/cert-manager-controller.

    Tag string

    Override the image tag to deploy by setting this variable. If no value is set, the chart's appVersion will be used.

    digest String

    Setting a digest will override any tag, e.g. digest: sha256:0e072dddd1f7f8fc8909a2ca6f65e76c5f0d2fcfb8be47935ae3457e8bbceb20.

    pullPolicy String
    registry String

    You can manage a registry with registry: quay.io.

    repository String

    You can manage a registry with repository: jetstack/cert-manager-controller.

    tag String

    Override the image tag to deploy by setting this variable. If no value is set, the chart's appVersion will be used.

    digest string

    Setting a digest will override any tag, e.g. digest: sha256:0e072dddd1f7f8fc8909a2ca6f65e76c5f0d2fcfb8be47935ae3457e8bbceb20.

    pullPolicy string
    registry string

    You can manage a registry with registry: quay.io.

    repository string

    You can manage a registry with repository: jetstack/cert-manager-controller.

    tag string

    Override the image tag to deploy by setting this variable. If no value is set, the chart's appVersion will be used.

    digest str

    Setting a digest will override any tag, e.g. digest: sha256:0e072dddd1f7f8fc8909a2ca6f65e76c5f0d2fcfb8be47935ae3457e8bbceb20.

    pull_policy str
    registry str

    You can manage a registry with registry: quay.io.

    repository str

    You can manage a registry with repository: jetstack/cert-manager-controller.

    tag str

    Override the image tag to deploy by setting this variable. If no value is set, the chart's appVersion will be used.

    digest String

    Setting a digest will override any tag, e.g. digest: sha256:0e072dddd1f7f8fc8909a2ca6f65e76c5f0d2fcfb8be47935ae3457e8bbceb20.

    pullPolicy String
    registry String

    You can manage a registry with registry: quay.io.

    repository String

    You can manage a registry with repository: jetstack/cert-manager-controller.

    tag String

    Override the image tag to deploy by setting this variable. If no value is set, the chart's appVersion will be used.

    CertManagerIngressShim, CertManagerIngressShimArgs

    CertManagerPrometheus, CertManagerPrometheusArgs

    CertManagerPrometheusServiceMonitor, CertManagerPrometheusServiceMonitorArgs

    Enabled bool
    Interval string
    Labels Dictionary<string, string>
    Path string
    PrometheusInstance string
    String string
    TargetPort int
    Enabled bool
    Interval string
    Labels map[string]string
    Path string
    PrometheusInstance string
    String string
    TargetPort int
    enabled Boolean
    interval String
    labels Map<String,String>
    path String
    prometheusInstance String
    string String
    targetPort Integer
    enabled boolean
    interval string
    labels {[key: string]: string}
    path string
    prometheusInstance string
    string string
    targetPort number
    enabled bool
    interval str
    labels Mapping[str, str]
    path str
    prometheus_instance str
    string str
    target_port int
    enabled Boolean
    interval String
    labels Map<String>
    path String
    prometheusInstance String
    string String
    targetPort Number

    CertManagerServiceAccount, CertManagerServiceAccountArgs

    Annotations Dictionary<string, string>

    Optional additional annotations to add to the controller's ServiceAccount.

    AutomountServiceAccountToken bool

    Automount API credentials for a Service Account.

    Create bool

    Specifies whether a service account should be created

    Name string

    The name of the service account to use. If not set and create is true, a name is generated using the fullname template.

    Annotations map[string]string

    Optional additional annotations to add to the controller's ServiceAccount.

    AutomountServiceAccountToken bool

    Automount API credentials for a Service Account.

    Create bool

    Specifies whether a service account should be created

    Name string

    The name of the service account to use. If not set and create is true, a name is generated using the fullname template.

    annotations Map<String,String>

    Optional additional annotations to add to the controller's ServiceAccount.

    automountServiceAccountToken Boolean

    Automount API credentials for a Service Account.

    create Boolean

    Specifies whether a service account should be created

    name String

    The name of the service account to use. If not set and create is true, a name is generated using the fullname template.

    annotations {[key: string]: string}

    Optional additional annotations to add to the controller's ServiceAccount.

    automountServiceAccountToken boolean

    Automount API credentials for a Service Account.

    create boolean

    Specifies whether a service account should be created

    name string

    The name of the service account to use. If not set and create is true, a name is generated using the fullname template.

    annotations Mapping[str, str]

    Optional additional annotations to add to the controller's ServiceAccount.

    automount_service_account_token bool

    Automount API credentials for a Service Account.

    create bool

    Specifies whether a service account should be created

    name str

    The name of the service account to use. If not set and create is true, a name is generated using the fullname template.

    annotations Map<String>

    Optional additional annotations to add to the controller's ServiceAccount.

    automountServiceAccountToken Boolean

    Automount API credentials for a Service Account.

    create Boolean

    Specifies whether a service account should be created

    name String

    The name of the service account to use. If not set and create is true, a name is generated using the fullname template.

    CertManagerStartupAPICheck, CertManagerStartupAPICheckArgs

    Affinity Pulumi.Kubernetes.Types.Inputs.Core.V1.Affinity
    BackoffLimit int

    Job backoffLimit

    Enabled bool
    ExtraArgs List<string>

    Optional additional arguments for startupapicheck

    Image Pulumi.KubernetesCertManager.Inputs.CertManagerImage
    JobAnnotations Dictionary<string, string>

    Optional additional annotations to add to the startupapicheck Job

    NodeSelector Dictionary<string, string>
    PodAnnotations Dictionary<string, string>

    Optional additional annotations to add to the startupapicheck Pods

    PodLabels Dictionary<string, string>

    Optional additional labels to add to the startupapicheck Pods

    Rbac Pulumi.KubernetesCertManager.Inputs.CertManagerStartupAPICheckRBAC
    Resources Pulumi.Kubernetes.Types.Inputs.Core.V1.ResourceRequirements
    SecurityContext Pulumi.Kubernetes.Types.Inputs.Core.V1.PodSecurityContext

    Pod Security Context to be set on the startupapicheck component Pod. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

    ServiceAccount Pulumi.KubernetesCertManager.Inputs.CertManagerServiceAccount
    Timeout string

    Timeout for 'kubectl check api' command

    Tolerations List<Pulumi.Kubernetes.Types.Inputs.Core.V1.Toleration>
    Affinity Affinity
    BackoffLimit int

    Job backoffLimit

    Enabled bool
    ExtraArgs []string

    Optional additional arguments for startupapicheck

    Image CertManagerImage
    JobAnnotations map[string]string

    Optional additional annotations to add to the startupapicheck Job

    NodeSelector map[string]string
    PodAnnotations map[string]string

    Optional additional annotations to add to the startupapicheck Pods

    PodLabels map[string]string

    Optional additional labels to add to the startupapicheck Pods

    Rbac CertManagerStartupAPICheckRBAC
    Resources ResourceRequirements
    SecurityContext PodSecurityContext

    Pod Security Context to be set on the startupapicheck component Pod. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

    ServiceAccount CertManagerServiceAccount
    Timeout string

    Timeout for 'kubectl check api' command

    Tolerations Toleration
    affinity Affinity
    backoffLimit Integer

    Job backoffLimit

    enabled Boolean
    extraArgs List<String>

    Optional additional arguments for startupapicheck

    image CertManagerImage
    jobAnnotations Map<String,String>

    Optional additional annotations to add to the startupapicheck Job

    nodeSelector Map<String,String>
    podAnnotations Map<String,String>

    Optional additional annotations to add to the startupapicheck Pods

    podLabels Map<String,String>

    Optional additional labels to add to the startupapicheck Pods

    rbac CertManagerStartupAPICheckRBAC
    resources ResourceRequirements
    securityContext PodSecurityContext

    Pod Security Context to be set on the startupapicheck component Pod. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

    serviceAccount CertManagerServiceAccount
    timeout String

    Timeout for 'kubectl check api' command

    tolerations List<Toleration>
    affinity pulumiKubernetestypesinputcorev1Affinity
    backoffLimit number

    Job backoffLimit

    enabled boolean
    extraArgs string[]

    Optional additional arguments for startupapicheck

    image CertManagerImage
    jobAnnotations {[key: string]: string}

    Optional additional annotations to add to the startupapicheck Job

    nodeSelector {[key: string]: string}
    podAnnotations {[key: string]: string}

    Optional additional annotations to add to the startupapicheck Pods

    podLabels {[key: string]: string}

    Optional additional labels to add to the startupapicheck Pods

    rbac CertManagerStartupAPICheckRBAC
    resources pulumiKubernetestypesinputcorev1ResourceRequirements
    securityContext pulumiKubernetestypesinputcorev1PodSecurityContext

    Pod Security Context to be set on the startupapicheck component Pod. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

    serviceAccount CertManagerServiceAccount
    timeout string

    Timeout for 'kubectl check api' command

    tolerations pulumiKubernetestypesinputcorev1Toleration[]
    affinity AffinityArgs
    backoff_limit int

    Job backoffLimit

    enabled bool
    extra_args Sequence[str]

    Optional additional arguments for startupapicheck

    image CertManagerImage
    job_annotations Mapping[str, str]

    Optional additional annotations to add to the startupapicheck Job

    node_selector Mapping[str, str]
    pod_annotations Mapping[str, str]

    Optional additional annotations to add to the startupapicheck Pods

    pod_labels Mapping[str, str]

    Optional additional labels to add to the startupapicheck Pods

    rbac CertManagerStartupAPICheckRBAC
    resources ResourceRequirementsArgs
    security_context PodSecurityContextArgs

    Pod Security Context to be set on the startupapicheck component Pod. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

    service_account CertManagerServiceAccount
    timeout str

    Timeout for 'kubectl check api' command

    tolerations TolerationArgs]
    affinity Property Map
    backoffLimit Number

    Job backoffLimit

    enabled Boolean
    extraArgs List<String>

    Optional additional arguments for startupapicheck

    image Property Map
    jobAnnotations Map<String>

    Optional additional annotations to add to the startupapicheck Job

    nodeSelector Map<String>
    podAnnotations Map<String>

    Optional additional annotations to add to the startupapicheck Pods

    podLabels Map<String>

    Optional additional labels to add to the startupapicheck Pods

    rbac Property Map
    resources Property Map
    securityContext Property Map

    Pod Security Context to be set on the startupapicheck component Pod. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

    serviceAccount Property Map
    timeout String

    Timeout for 'kubectl check api' command

    tolerations List<Property Map>

    CertManagerStartupAPICheckRBAC, CertManagerStartupAPICheckRBACArgs

    Annotations Dictionary<string, string>

    annotations for the startup API Check job RBAC and PSP resources

    Annotations map[string]string

    annotations for the startup API Check job RBAC and PSP resources

    annotations Map<String,String>

    annotations for the startup API Check job RBAC and PSP resources

    annotations {[key: string]: string}

    annotations for the startup API Check job RBAC and PSP resources

    annotations Mapping[str, str]

    annotations for the startup API Check job RBAC and PSP resources

    annotations Map<String>

    annotations for the startup API Check job RBAC and PSP resources

    CertManagerWebhook, CertManagerWebhookArgs

    Affinity Pulumi.Kubernetes.Types.Inputs.Core.V1.Affinity
    ContainerSecurityContext Pulumi.Kubernetes.Types.Inputs.Core.V1.SecurityContext

    Container Security Context to be set on the webhook component container. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

    DeploymentAnnotations Dictionary<string, string>

    Optional additional annotations to add to the webhook Deployment

    ExtraArgs List<string>

    Optional additional arguments for webhook

    HostNetwork bool

    Specifies if the webhook should be started in hostNetwork mode. Required for use in some managed kubernetes clusters (such as AWS EKS) with custom CNI (such as calico), because control-plane managed by AWS cannot communicate with pods' IP CIDR and admission webhooks are not working Since the default port for the webhook conflicts with kubelet on the host network, webhook.securePort should be changed to an available port if running in hostNetwork mode.

    Image Pulumi.KubernetesCertManager.Inputs.CertManagerImage
    LivenessProbe Pulumi.Kubernetes.Types.Inputs.Core.V1.Probe

    Liveness probe values. Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes

    LoadBalancerIP string
    MutatingWebhookConfigurationAnnotations Dictionary<string, string>

    Optional additional annotations to add to the webhook MutatingWebhookConfiguration

    NodeSelector Dictionary<string, string>
    PodAnnotations Dictionary<string, string>

    Optional additional annotations to add to the webhook Pods

    PodLabels Dictionary<string, string>

    Optional additional labels to add to the Webhook Pods

    ReadinessProbe Pulumi.Kubernetes.Types.Inputs.Core.V1.Probe

    Readiness probe values. Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes

    ReplicaCount int
    Resources Pulumi.Kubernetes.Types.Inputs.Core.V1.ResourceRequirements
    SecurePort int

    The port that the webhook should listen on for requests. In GKE private clusters, by default kubernetes apiservers are allowed to talk to the cluster nodes only on 443 and 10250. so configuring securePort: 10250, will work out of the box without needing to add firewall rules or requiring NET_BIND_SERVICE capabilities to bind port numbers <1000

    SecurityContext Pulumi.Kubernetes.Types.Inputs.Core.V1.PodSecurityContext

    Pod Security Context to be set on the webhook component Pod. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

    ServiceAccount Pulumi.KubernetesCertManager.Inputs.CertManagerServiceAccount
    ServiceAnnotations Dictionary<string, string>

    Optional additional annotations to add to the webhook service

    ServiceLabels Dictionary<string, string>

    Optional additional labels to add to the Webhook Service

    ServiceType string

    Specifies how the service should be handled. Useful if you want to expose the webhook to outside of the cluster. In some cases, the control plane cannot reach internal services.

    Strategy Pulumi.Kubernetes.Types.Inputs.Apps.V1.DeploymentStrategy
    TimeoutSeconds int
    Tolerations List<Pulumi.Kubernetes.Types.Inputs.Core.V1.Toleration>
    Url Pulumi.KubernetesCertManager.Inputs.CertManagerWebhookURL

    Overrides the mutating webhook and validating webhook so they reach the webhook service using the url field instead of a service.

    ValidatingWebhookConfigurationAnnotations Dictionary<string, string>

    Optional additional annotations to add to the webhook ValidatingWebhookConfiguration

    Affinity Affinity
    ContainerSecurityContext SecurityContext

    Container Security Context to be set on the webhook component container. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

    DeploymentAnnotations map[string]string

    Optional additional annotations to add to the webhook Deployment

    ExtraArgs []string

    Optional additional arguments for webhook

    HostNetwork bool

    Specifies if the webhook should be started in hostNetwork mode. Required for use in some managed kubernetes clusters (such as AWS EKS) with custom CNI (such as calico), because control-plane managed by AWS cannot communicate with pods' IP CIDR and admission webhooks are not working Since the default port for the webhook conflicts with kubelet on the host network, webhook.securePort should be changed to an available port if running in hostNetwork mode.

    Image CertManagerImage
    LivenessProbe Probe

    Liveness probe values. Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes

    LoadBalancerIP string
    MutatingWebhookConfigurationAnnotations map[string]string

    Optional additional annotations to add to the webhook MutatingWebhookConfiguration

    NodeSelector map[string]string
    PodAnnotations map[string]string

    Optional additional annotations to add to the webhook Pods

    PodLabels map[string]string

    Optional additional labels to add to the Webhook Pods

    ReadinessProbe Probe

    Readiness probe values. Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes

    ReplicaCount int
    Resources ResourceRequirements
    SecurePort int

    The port that the webhook should listen on for requests. In GKE private clusters, by default kubernetes apiservers are allowed to talk to the cluster nodes only on 443 and 10250. so configuring securePort: 10250, will work out of the box without needing to add firewall rules or requiring NET_BIND_SERVICE capabilities to bind port numbers <1000

    SecurityContext PodSecurityContext

    Pod Security Context to be set on the webhook component Pod. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

    ServiceAccount CertManagerServiceAccount
    ServiceAnnotations map[string]string

    Optional additional annotations to add to the webhook service

    ServiceLabels map[string]string

    Optional additional labels to add to the Webhook Service

    ServiceType string

    Specifies how the service should be handled. Useful if you want to expose the webhook to outside of the cluster. In some cases, the control plane cannot reach internal services.

    Strategy DeploymentStrategy
    TimeoutSeconds int
    Tolerations Toleration
    Url CertManagerWebhookURL

    Overrides the mutating webhook and validating webhook so they reach the webhook service using the url field instead of a service.

    ValidatingWebhookConfigurationAnnotations map[string]string

    Optional additional annotations to add to the webhook ValidatingWebhookConfiguration

    affinity Affinity
    containerSecurityContext SecurityContext

    Container Security Context to be set on the webhook component container. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

    deploymentAnnotations Map<String,String>

    Optional additional annotations to add to the webhook Deployment

    extraArgs List<String>

    Optional additional arguments for webhook

    hostNetwork Boolean

    Specifies if the webhook should be started in hostNetwork mode. Required for use in some managed kubernetes clusters (such as AWS EKS) with custom CNI (such as calico), because control-plane managed by AWS cannot communicate with pods' IP CIDR and admission webhooks are not working Since the default port for the webhook conflicts with kubelet on the host network, webhook.securePort should be changed to an available port if running in hostNetwork mode.

    image CertManagerImage
    livenessProbe Probe

    Liveness probe values. Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes

    loadBalancerIP String
    mutatingWebhookConfigurationAnnotations Map<String,String>

    Optional additional annotations to add to the webhook MutatingWebhookConfiguration

    nodeSelector Map<String,String>
    podAnnotations Map<String,String>

    Optional additional annotations to add to the webhook Pods

    podLabels Map<String,String>

    Optional additional labels to add to the Webhook Pods

    readinessProbe Probe

    Readiness probe values. Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes

    replicaCount Integer
    resources ResourceRequirements
    securePort Integer

    The port that the webhook should listen on for requests. In GKE private clusters, by default kubernetes apiservers are allowed to talk to the cluster nodes only on 443 and 10250. so configuring securePort: 10250, will work out of the box without needing to add firewall rules or requiring NET_BIND_SERVICE capabilities to bind port numbers <1000

    securityContext PodSecurityContext

    Pod Security Context to be set on the webhook component Pod. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

    serviceAccount CertManagerServiceAccount
    serviceAnnotations Map<String,String>

    Optional additional annotations to add to the webhook service

    serviceLabels Map<String,String>

    Optional additional labels to add to the Webhook Service

    serviceType String

    Specifies how the service should be handled. Useful if you want to expose the webhook to outside of the cluster. In some cases, the control plane cannot reach internal services.

    strategy DeploymentStrategy
    timeoutSeconds Integer
    tolerations List<Toleration>
    url CertManagerWebhookURL

    Overrides the mutating webhook and validating webhook so they reach the webhook service using the url field instead of a service.

    validatingWebhookConfigurationAnnotations Map<String,String>

    Optional additional annotations to add to the webhook ValidatingWebhookConfiguration

    affinity pulumiKubernetestypesinputcorev1Affinity
    containerSecurityContext pulumiKubernetestypesinputcorev1SecurityContext

    Container Security Context to be set on the webhook component container. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

    deploymentAnnotations {[key: string]: string}

    Optional additional annotations to add to the webhook Deployment

    extraArgs string[]

    Optional additional arguments for webhook

    hostNetwork boolean

    Specifies if the webhook should be started in hostNetwork mode. Required for use in some managed kubernetes clusters (such as AWS EKS) with custom CNI (such as calico), because control-plane managed by AWS cannot communicate with pods' IP CIDR and admission webhooks are not working Since the default port for the webhook conflicts with kubelet on the host network, webhook.securePort should be changed to an available port if running in hostNetwork mode.

    image CertManagerImage
    livenessProbe pulumiKubernetestypesinputcorev1Probe

    Liveness probe values. Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes

    loadBalancerIP string
    mutatingWebhookConfigurationAnnotations {[key: string]: string}

    Optional additional annotations to add to the webhook MutatingWebhookConfiguration

    nodeSelector {[key: string]: string}
    podAnnotations {[key: string]: string}

    Optional additional annotations to add to the webhook Pods

    podLabels {[key: string]: string}

    Optional additional labels to add to the Webhook Pods

    readinessProbe pulumiKubernetestypesinputcorev1Probe

    Readiness probe values. Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes

    replicaCount number
    resources pulumiKubernetestypesinputcorev1ResourceRequirements
    securePort number

    The port that the webhook should listen on for requests. In GKE private clusters, by default kubernetes apiservers are allowed to talk to the cluster nodes only on 443 and 10250. so configuring securePort: 10250, will work out of the box without needing to add firewall rules or requiring NET_BIND_SERVICE capabilities to bind port numbers <1000

    securityContext pulumiKubernetestypesinputcorev1PodSecurityContext

    Pod Security Context to be set on the webhook component Pod. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

    serviceAccount CertManagerServiceAccount
    serviceAnnotations {[key: string]: string}

    Optional additional annotations to add to the webhook service

    serviceLabels {[key: string]: string}

    Optional additional labels to add to the Webhook Service

    serviceType string

    Specifies how the service should be handled. Useful if you want to expose the webhook to outside of the cluster. In some cases, the control plane cannot reach internal services.

    strategy pulumiKubernetestypesinputappsv1DeploymentStrategy
    timeoutSeconds number
    tolerations pulumiKubernetestypesinputcorev1Toleration[]
    url CertManagerWebhookURL

    Overrides the mutating webhook and validating webhook so they reach the webhook service using the url field instead of a service.

    validatingWebhookConfigurationAnnotations {[key: string]: string}

    Optional additional annotations to add to the webhook ValidatingWebhookConfiguration

    affinity AffinityArgs
    container_security_context SecurityContextArgs

    Container Security Context to be set on the webhook component container. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

    deployment_annotations Mapping[str, str]

    Optional additional annotations to add to the webhook Deployment

    extra_args Sequence[str]

    Optional additional arguments for webhook

    host_network bool

    Specifies if the webhook should be started in hostNetwork mode. Required for use in some managed kubernetes clusters (such as AWS EKS) with custom CNI (such as calico), because control-plane managed by AWS cannot communicate with pods' IP CIDR and admission webhooks are not working Since the default port for the webhook conflicts with kubelet on the host network, webhook.securePort should be changed to an available port if running in hostNetwork mode.

    image CertManagerImage
    liveness_probe ProbeArgs

    Liveness probe values. Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes

    load_balancer_ip str
    mutating_webhook_configuration_annotations Mapping[str, str]

    Optional additional annotations to add to the webhook MutatingWebhookConfiguration

    node_selector Mapping[str, str]
    pod_annotations Mapping[str, str]

    Optional additional annotations to add to the webhook Pods

    pod_labels Mapping[str, str]

    Optional additional labels to add to the Webhook Pods

    readiness_probe ProbeArgs

    Readiness probe values. Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes

    replica_count int
    resources ResourceRequirementsArgs
    secure_port int

    The port that the webhook should listen on for requests. In GKE private clusters, by default kubernetes apiservers are allowed to talk to the cluster nodes only on 443 and 10250. so configuring securePort: 10250, will work out of the box without needing to add firewall rules or requiring NET_BIND_SERVICE capabilities to bind port numbers <1000

    security_context PodSecurityContextArgs

    Pod Security Context to be set on the webhook component Pod. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

    service_account CertManagerServiceAccount
    service_annotations Mapping[str, str]

    Optional additional annotations to add to the webhook service

    service_labels Mapping[str, str]

    Optional additional labels to add to the Webhook Service

    service_type str

    Specifies how the service should be handled. Useful if you want to expose the webhook to outside of the cluster. In some cases, the control plane cannot reach internal services.

    strategy DeploymentStrategyArgs
    timeout_seconds int
    tolerations TolerationArgs]
    url CertManagerWebhookURL

    Overrides the mutating webhook and validating webhook so they reach the webhook service using the url field instead of a service.

    validating_webhook_configuration_annotations Mapping[str, str]

    Optional additional annotations to add to the webhook ValidatingWebhookConfiguration

    affinity Property Map
    containerSecurityContext Property Map

    Container Security Context to be set on the webhook component container. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

    deploymentAnnotations Map<String>

    Optional additional annotations to add to the webhook Deployment

    extraArgs List<String>

    Optional additional arguments for webhook

    hostNetwork Boolean

    Specifies if the webhook should be started in hostNetwork mode. Required for use in some managed kubernetes clusters (such as AWS EKS) with custom CNI (such as calico), because control-plane managed by AWS cannot communicate with pods' IP CIDR and admission webhooks are not working Since the default port for the webhook conflicts with kubelet on the host network, webhook.securePort should be changed to an available port if running in hostNetwork mode.

    image Property Map
    livenessProbe Property Map

    Liveness probe values. Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes

    loadBalancerIP String
    mutatingWebhookConfigurationAnnotations Map<String>

    Optional additional annotations to add to the webhook MutatingWebhookConfiguration

    nodeSelector Map<String>
    podAnnotations Map<String>

    Optional additional annotations to add to the webhook Pods

    podLabels Map<String>

    Optional additional labels to add to the Webhook Pods

    readinessProbe Property Map

    Readiness probe values. Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes

    replicaCount Number
    resources Property Map
    securePort Number

    The port that the webhook should listen on for requests. In GKE private clusters, by default kubernetes apiservers are allowed to talk to the cluster nodes only on 443 and 10250. so configuring securePort: 10250, will work out of the box without needing to add firewall rules or requiring NET_BIND_SERVICE capabilities to bind port numbers <1000

    securityContext Property Map

    Pod Security Context to be set on the webhook component Pod. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

    serviceAccount Property Map
    serviceAnnotations Map<String>

    Optional additional annotations to add to the webhook service

    serviceLabels Map<String>

    Optional additional labels to add to the Webhook Service

    serviceType String

    Specifies how the service should be handled. Useful if you want to expose the webhook to outside of the cluster. In some cases, the control plane cannot reach internal services.

    strategy Property Map
    timeoutSeconds Number
    tolerations List<Property Map>
    url Property Map

    Overrides the mutating webhook and validating webhook so they reach the webhook service using the url field instead of a service.

    validatingWebhookConfigurationAnnotations Map<String>

    Optional additional annotations to add to the webhook ValidatingWebhookConfiguration

    CertManagerWebhookURL, CertManagerWebhookURLArgs

    Host string
    Host string
    host String
    host string
    host str
    host String

    Release, ReleaseArgs

    Atomic bool

    If set, installation process purges chart on fail. skipAwait will be disabled automatically if atomic is used.

    Chart string

    Chart name to be installed. A path may be used.

    CleanupOnFail bool

    Allow deletion of new resources created in this upgrade when upgrade fails.

    CreateNamespace bool

    Create the namespace if it does not exist.

    DependencyUpdate bool

    Run helm dependency update before installing the chart.

    Description string

    Add a custom description

    Devel bool

    Use chart development versions, too. Equivalent to version '>0.0.0-0'. If version is set, this is ignored.

    DisableCRDHooks bool

    Prevent CRD hooks from, running, but run other hooks. See helm install --no-crd-hook

    DisableOpenapiValidation bool

    If set, the installation process will not validate rendered templates against the Kubernetes OpenAPI Schema

    DisableWebhooks bool

    Prevent hooks from running.

    ForceUpdate bool

    Force resource update through delete/recreate if needed.

    Keyring string

    Location of public keys used for verification. Used only if verify is true

    Lint bool

    Run helm lint when planning.

    Manifest Dictionary<string, object>

    The rendered manifests as JSON. Not yet supported.

    MaxHistory int

    Limit the maximum number of revisions saved per release. Use 0 for no limit.

    Name string

    Release name.

    Namespace string

    Namespace to install the release into.

    Postrender string

    Postrender command to run.

    RecreatePods bool

    Perform pods restart during upgrade/rollback.

    RenderSubchartNotes bool

    If set, render subchart notes along with the parent.

    Replace bool

    Re-use the given name, even if that name is already used. This is unsafe in production

    RepositoryOpts Pulumi.KubernetesCertManager.Inputs.RepositoryOpts

    Specification defining the Helm chart repository to use.

    ResetValues bool

    When upgrading, reset the values to the ones built into the chart.

    ResourceNames Dictionary<string, ImmutableArray<string>>

    Names of resources created by the release grouped by "kind/version".

    ReuseValues bool

    When upgrading, reuse the last release's values and merge in any overrides. If 'resetValues' is specified, this is ignored

    SkipAwait bool

    By default, the provider waits until all resources are in a ready state before marking the release as successful. Setting this to true will skip such await logic.

    SkipCrds bool

    If set, no CRDs will be installed. By default, CRDs are installed if not already present.

    Timeout int

    Time in seconds to wait for any individual kubernetes operation.

    ValueYamlFiles List<AssetOrArchive>

    List of assets (raw yaml files). Content is read and merged with values. Not yet supported.

    Values Dictionary<string, object>

    Custom values set for the release.

    Verify bool

    Verify the package before installing it.

    Version string

    Specify the exact chart version to install. If this is not specified, the latest version is installed.

    WaitForJobs bool

    Will wait until all Jobs have been completed before marking the release as successful. This is ignored if skipAwait is enabled.

    Atomic bool

    If set, installation process purges chart on fail. skipAwait will be disabled automatically if atomic is used.

    Chart string

    Chart name to be installed. A path may be used.

    CleanupOnFail bool

    Allow deletion of new resources created in this upgrade when upgrade fails.

    CreateNamespace bool

    Create the namespace if it does not exist.

    DependencyUpdate bool

    Run helm dependency update before installing the chart.

    Description string

    Add a custom description

    Devel bool

    Use chart development versions, too. Equivalent to version '>0.0.0-0'. If version is set, this is ignored.

    DisableCRDHooks bool

    Prevent CRD hooks from, running, but run other hooks. See helm install --no-crd-hook

    DisableOpenapiValidation bool

    If set, the installation process will not validate rendered templates against the Kubernetes OpenAPI Schema

    DisableWebhooks bool

    Prevent hooks from running.

    ForceUpdate bool

    Force resource update through delete/recreate if needed.

    Keyring string

    Location of public keys used for verification. Used only if verify is true

    Lint bool

    Run helm lint when planning.

    Manifest map[string]interface{}

    The rendered manifests as JSON. Not yet supported.

    MaxHistory int

    Limit the maximum number of revisions saved per release. Use 0 for no limit.

    Name string

    Release name.

    Namespace string

    Namespace to install the release into.

    Postrender string

    Postrender command to run.

    RecreatePods bool

    Perform pods restart during upgrade/rollback.

    RenderSubchartNotes bool

    If set, render subchart notes along with the parent.

    Replace bool

    Re-use the given name, even if that name is already used. This is unsafe in production

    RepositoryOpts RepositoryOpts

    Specification defining the Helm chart repository to use.

    ResetValues bool

    When upgrading, reset the values to the ones built into the chart.

    ResourceNames map[string][]string

    Names of resources created by the release grouped by "kind/version".

    ReuseValues bool

    When upgrading, reuse the last release's values and merge in any overrides. If 'resetValues' is specified, this is ignored

    SkipAwait bool

    By default, the provider waits until all resources are in a ready state before marking the release as successful. Setting this to true will skip such await logic.

    SkipCrds bool

    If set, no CRDs will be installed. By default, CRDs are installed if not already present.

    Timeout int

    Time in seconds to wait for any individual kubernetes operation.

    ValueYamlFiles AssetOrArchive

    List of assets (raw yaml files). Content is read and merged with values. Not yet supported.

    Values map[string]interface{}

    Custom values set for the release.

    Verify bool

    Verify the package before installing it.

    Version string

    Specify the exact chart version to install. If this is not specified, the latest version is installed.

    WaitForJobs bool

    Will wait until all Jobs have been completed before marking the release as successful. This is ignored if skipAwait is enabled.

    atomic Boolean

    If set, installation process purges chart on fail. skipAwait will be disabled automatically if atomic is used.

    chart String

    Chart name to be installed. A path may be used.

    cleanupOnFail Boolean

    Allow deletion of new resources created in this upgrade when upgrade fails.

    createNamespace Boolean

    Create the namespace if it does not exist.

    dependencyUpdate Boolean

    Run helm dependency update before installing the chart.

    description String

    Add a custom description

    devel Boolean

    Use chart development versions, too. Equivalent to version '>0.0.0-0'. If version is set, this is ignored.

    disableCRDHooks Boolean

    Prevent CRD hooks from, running, but run other hooks. See helm install --no-crd-hook

    disableOpenapiValidation Boolean

    If set, the installation process will not validate rendered templates against the Kubernetes OpenAPI Schema

    disableWebhooks Boolean

    Prevent hooks from running.

    forceUpdate Boolean

    Force resource update through delete/recreate if needed.

    keyring String

    Location of public keys used for verification. Used only if verify is true

    lint Boolean

    Run helm lint when planning.

    manifest Map<String,Object>

    The rendered manifests as JSON. Not yet supported.

    maxHistory Integer

    Limit the maximum number of revisions saved per release. Use 0 for no limit.

    name String

    Release name.

    namespace String

    Namespace to install the release into.

    postrender String

    Postrender command to run.

    recreatePods Boolean

    Perform pods restart during upgrade/rollback.

    renderSubchartNotes Boolean

    If set, render subchart notes along with the parent.

    replace Boolean

    Re-use the given name, even if that name is already used. This is unsafe in production

    repositoryOpts RepositoryOpts

    Specification defining the Helm chart repository to use.

    resetValues Boolean

    When upgrading, reset the values to the ones built into the chart.

    resourceNames Map<String,List<String>>

    Names of resources created by the release grouped by "kind/version".

    reuseValues Boolean

    When upgrading, reuse the last release's values and merge in any overrides. If 'resetValues' is specified, this is ignored

    skipAwait Boolean

    By default, the provider waits until all resources are in a ready state before marking the release as successful. Setting this to true will skip such await logic.

    skipCrds Boolean

    If set, no CRDs will be installed. By default, CRDs are installed if not already present.

    timeout Integer

    Time in seconds to wait for any individual kubernetes operation.

    valueYamlFiles List<AssetOrArchive>

    List of assets (raw yaml files). Content is read and merged with values. Not yet supported.

    values Map<String,Object>

    Custom values set for the release.

    verify Boolean

    Verify the package before installing it.

    version String

    Specify the exact chart version to install. If this is not specified, the latest version is installed.

    waitForJobs Boolean

    Will wait until all Jobs have been completed before marking the release as successful. This is ignored if skipAwait is enabled.

    atomic boolean

    If set, installation process purges chart on fail. skipAwait will be disabled automatically if atomic is used.

    chart string

    Chart name to be installed. A path may be used.

    cleanupOnFail boolean

    Allow deletion of new resources created in this upgrade when upgrade fails.

    createNamespace boolean

    Create the namespace if it does not exist.

    dependencyUpdate boolean

    Run helm dependency update before installing the chart.

    description string

    Add a custom description

    devel boolean

    Use chart development versions, too. Equivalent to version '>0.0.0-0'. If version is set, this is ignored.

    disableCRDHooks boolean

    Prevent CRD hooks from, running, but run other hooks. See helm install --no-crd-hook

    disableOpenapiValidation boolean

    If set, the installation process will not validate rendered templates against the Kubernetes OpenAPI Schema

    disableWebhooks boolean

    Prevent hooks from running.

    forceUpdate boolean

    Force resource update through delete/recreate if needed.

    keyring string

    Location of public keys used for verification. Used only if verify is true

    lint boolean

    Run helm lint when planning.

    manifest {[key: string]: any}

    The rendered manifests as JSON. Not yet supported.

    maxHistory number

    Limit the maximum number of revisions saved per release. Use 0 for no limit.

    name string

    Release name.

    namespace string

    Namespace to install the release into.

    postrender string

    Postrender command to run.

    recreatePods boolean

    Perform pods restart during upgrade/rollback.

    renderSubchartNotes boolean

    If set, render subchart notes along with the parent.

    replace boolean

    Re-use the given name, even if that name is already used. This is unsafe in production

    repositoryOpts RepositoryOpts

    Specification defining the Helm chart repository to use.

    resetValues boolean

    When upgrading, reset the values to the ones built into the chart.

    resourceNames {[key: string]: string[]}

    Names of resources created by the release grouped by "kind/version".

    reuseValues boolean

    When upgrading, reuse the last release's values and merge in any overrides. If 'resetValues' is specified, this is ignored

    skipAwait boolean

    By default, the provider waits until all resources are in a ready state before marking the release as successful. Setting this to true will skip such await logic.

    skipCrds boolean

    If set, no CRDs will be installed. By default, CRDs are installed if not already present.

    timeout number

    Time in seconds to wait for any individual kubernetes operation.

    valueYamlFiles (pulumiassetAsset | pulumiassetArchive)[]

    List of assets (raw yaml files). Content is read and merged with values. Not yet supported.

    values {[key: string]: any}

    Custom values set for the release.

    verify boolean

    Verify the package before installing it.

    version string

    Specify the exact chart version to install. If this is not specified, the latest version is installed.

    waitForJobs boolean

    Will wait until all Jobs have been completed before marking the release as successful. This is ignored if skipAwait is enabled.

    atomic bool

    If set, installation process purges chart on fail. skipAwait will be disabled automatically if atomic is used.

    chart str

    Chart name to be installed. A path may be used.

    cleanup_on_fail bool

    Allow deletion of new resources created in this upgrade when upgrade fails.

    create_namespace bool

    Create the namespace if it does not exist.

    dependency_update bool

    Run helm dependency update before installing the chart.

    description str

    Add a custom description

    devel bool

    Use chart development versions, too. Equivalent to version '>0.0.0-0'. If version is set, this is ignored.

    disable_crd_hooks bool

    Prevent CRD hooks from, running, but run other hooks. See helm install --no-crd-hook

    disable_openapi_validation bool

    If set, the installation process will not validate rendered templates against the Kubernetes OpenAPI Schema

    disable_webhooks bool

    Prevent hooks from running.

    force_update bool

    Force resource update through delete/recreate if needed.

    keyring str

    Location of public keys used for verification. Used only if verify is true

    lint bool

    Run helm lint when planning.

    manifest Mapping[str, Any]

    The rendered manifests as JSON. Not yet supported.

    max_history int

    Limit the maximum number of revisions saved per release. Use 0 for no limit.

    name str

    Release name.

    namespace str

    Namespace to install the release into.

    postrender str

    Postrender command to run.

    recreate_pods bool

    Perform pods restart during upgrade/rollback.

    render_subchart_notes bool

    If set, render subchart notes along with the parent.

    replace bool

    Re-use the given name, even if that name is already used. This is unsafe in production

    repository_opts RepositoryOpts

    Specification defining the Helm chart repository to use.

    reset_values bool

    When upgrading, reset the values to the ones built into the chart.

    resource_names Mapping[str, Sequence[str]]

    Names of resources created by the release grouped by "kind/version".

    reuse_values bool

    When upgrading, reuse the last release's values and merge in any overrides. If 'resetValues' is specified, this is ignored

    skip_await bool

    By default, the provider waits until all resources are in a ready state before marking the release as successful. Setting this to true will skip such await logic.

    skip_crds bool

    If set, no CRDs will be installed. By default, CRDs are installed if not already present.

    timeout int

    Time in seconds to wait for any individual kubernetes operation.

    value_yaml_files Archive]]

    List of assets (raw yaml files). Content is read and merged with values. Not yet supported.

    values Mapping[str, Any]

    Custom values set for the release.

    verify bool

    Verify the package before installing it.

    version str

    Specify the exact chart version to install. If this is not specified, the latest version is installed.

    wait_for_jobs bool

    Will wait until all Jobs have been completed before marking the release as successful. This is ignored if skipAwait is enabled.

    atomic Boolean

    If set, installation process purges chart on fail. skipAwait will be disabled automatically if atomic is used.

    chart String

    Chart name to be installed. A path may be used.

    cleanupOnFail Boolean

    Allow deletion of new resources created in this upgrade when upgrade fails.

    createNamespace Boolean

    Create the namespace if it does not exist.

    dependencyUpdate Boolean

    Run helm dependency update before installing the chart.

    description String

    Add a custom description

    devel Boolean

    Use chart development versions, too. Equivalent to version '>0.0.0-0'. If version is set, this is ignored.

    disableCRDHooks Boolean

    Prevent CRD hooks from, running, but run other hooks. See helm install --no-crd-hook

    disableOpenapiValidation Boolean

    If set, the installation process will not validate rendered templates against the Kubernetes OpenAPI Schema

    disableWebhooks Boolean

    Prevent hooks from running.

    forceUpdate Boolean

    Force resource update through delete/recreate if needed.

    keyring String

    Location of public keys used for verification. Used only if verify is true

    lint Boolean

    Run helm lint when planning.

    manifest Map<Any>

    The rendered manifests as JSON. Not yet supported.

    maxHistory Number

    Limit the maximum number of revisions saved per release. Use 0 for no limit.

    name String

    Release name.

    namespace String

    Namespace to install the release into.

    postrender String

    Postrender command to run.

    recreatePods Boolean

    Perform pods restart during upgrade/rollback.

    renderSubchartNotes Boolean

    If set, render subchart notes along with the parent.

    replace Boolean

    Re-use the given name, even if that name is already used. This is unsafe in production

    repositoryOpts Property Map

    Specification defining the Helm chart repository to use.

    resetValues Boolean

    When upgrading, reset the values to the ones built into the chart.

    resourceNames Map<List<String>>

    Names of resources created by the release grouped by "kind/version".

    reuseValues Boolean

    When upgrading, reuse the last release's values and merge in any overrides. If 'resetValues' is specified, this is ignored

    skipAwait Boolean

    By default, the provider waits until all resources are in a ready state before marking the release as successful. Setting this to true will skip such await logic.

    skipCrds Boolean

    If set, no CRDs will be installed. By default, CRDs are installed if not already present.

    timeout Number

    Time in seconds to wait for any individual kubernetes operation.

    valueYamlFiles List<Asset>

    List of assets (raw yaml files). Content is read and merged with values. Not yet supported.

    values Map<Any>

    Custom values set for the release.

    verify Boolean

    Verify the package before installing it.

    version String

    Specify the exact chart version to install. If this is not specified, the latest version is installed.

    waitForJobs Boolean

    Will wait until all Jobs have been completed before marking the release as successful. This is ignored if skipAwait is enabled.

    ReleaseStatus, ReleaseStatusArgs

    AppVersion string

    The version number of the application being deployed.

    Chart string

    The name of the chart.

    Name string

    Name is the name of the release.

    Namespace string

    Namespace is the kubernetes namespace of the release.

    Revision int

    Version is an int32 which represents the version of the release.

    Status string

    Status of the release.

    Version string

    A SemVer 2 conformant version string of the chart.

    AppVersion string

    The version number of the application being deployed.

    Chart string

    The name of the chart.

    Name string

    Name is the name of the release.

    Namespace string

    Namespace is the kubernetes namespace of the release.

    Revision int

    Version is an int32 which represents the version of the release.

    Status string

    Status of the release.

    Version string

    A SemVer 2 conformant version string of the chart.

    appVersion String

    The version number of the application being deployed.

    chart String

    The name of the chart.

    name String

    Name is the name of the release.

    namespace String

    Namespace is the kubernetes namespace of the release.

    revision Integer

    Version is an int32 which represents the version of the release.

    status String

    Status of the release.

    version String

    A SemVer 2 conformant version string of the chart.

    appVersion string

    The version number of the application being deployed.

    chart string

    The name of the chart.

    name string

    Name is the name of the release.

    namespace string

    Namespace is the kubernetes namespace of the release.

    revision number

    Version is an int32 which represents the version of the release.

    status string

    Status of the release.

    version string

    A SemVer 2 conformant version string of the chart.

    app_version str

    The version number of the application being deployed.

    chart str

    The name of the chart.

    name str

    Name is the name of the release.

    namespace str

    Namespace is the kubernetes namespace of the release.

    revision int

    Version is an int32 which represents the version of the release.

    status str

    Status of the release.

    version str

    A SemVer 2 conformant version string of the chart.

    appVersion String

    The version number of the application being deployed.

    chart String

    The name of the chart.

    name String

    Name is the name of the release.

    namespace String

    Namespace is the kubernetes namespace of the release.

    revision Number

    Version is an int32 which represents the version of the release.

    status String

    Status of the release.

    version String

    A SemVer 2 conformant version string of the chart.

    RepositoryOpts, RepositoryOptsArgs

    CaFile string

    The Repository's CA File

    CertFile string

    The repository's cert file

    KeyFile string

    The repository's cert key file

    Password string

    Password for HTTP basic authentication

    Repo string

    Repository where to locate the requested chart. If is a URL the chart is installed without installing the repository.

    Username string

    Username for HTTP basic authentication

    CaFile string

    The Repository's CA File

    CertFile string

    The repository's cert file

    KeyFile string

    The repository's cert key file

    Password string

    Password for HTTP basic authentication

    Repo string

    Repository where to locate the requested chart. If is a URL the chart is installed without installing the repository.

    Username string

    Username for HTTP basic authentication

    caFile String

    The Repository's CA File

    certFile String

    The repository's cert file

    keyFile String

    The repository's cert key file

    password String

    Password for HTTP basic authentication

    repo String

    Repository where to locate the requested chart. If is a URL the chart is installed without installing the repository.

    username String

    Username for HTTP basic authentication

    caFile string

    The Repository's CA File

    certFile string

    The repository's cert file

    keyFile string

    The repository's cert key file

    password string

    Password for HTTP basic authentication

    repo string

    Repository where to locate the requested chart. If is a URL the chart is installed without installing the repository.

    username string

    Username for HTTP basic authentication

    ca_file str

    The Repository's CA File

    cert_file str

    The repository's cert file

    key_file str

    The repository's cert key file

    password str

    Password for HTTP basic authentication

    repo str

    Repository where to locate the requested chart. If is a URL the chart is installed without installing the repository.

    username str

    Username for HTTP basic authentication

    caFile String

    The Repository's CA File

    certFile String

    The repository's cert file

    keyFile String

    The repository's cert key file

    password String

    Password for HTTP basic authentication

    repo String

    Repository where to locate the requested chart. If is a URL the chart is installed without installing the repository.

    username String

    Username for HTTP basic authentication

    Package Details

    Repository
    Jetstack Cert Manager (Helm)
    License
    kubernetes-cert-manager logo
    Kubernetes Cert Manager v0.0.5 published on Wednesday, Nov 23, 2022 by Pulumi