Kind takes an unqualified kind and returns back a Group qualified GroupKind.

Resource takes an unqualified resource and returns a Group qualified GroupResource.

Connection can be either plaintext or TLS, and client cert can be omitted.

Client cert must be presented, connection is in TLS.

Principal will be set to the identity from peer authentication.

Principal will be set to the identity from peer authentication.

SchemeGroupVersion is group version used to register these objects.

JSON Web Token (JWT) token format for authentication as defined by https://tools.ietf.org/html/rfc7519.

TLS authentication params.

OriginAuthenticationMethod defines authentication method/params for origin authentication.

PeerAuthenticationMethod defines one particular type of authentication, e.g mutual TLS, JWT etc, (no authentication is one type by itself) that can be used for peer authentication.

+genclient +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object VirtualService.

+k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object PolicyLIst is a list of Policy resources.

Policy defines what authentication methods can be accepted on workload(s), and if authenticated, which method/certificate will set the request principal (i.e request.auth.principal attribute).

PortSelector specifies the name or number of a port to be used for matching targets for authenticationn policy.

TargetSelector defines a matching rule to a service/destination.

Defines the acceptable connection TLS mode.

Associates authentication with request principal.