You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: README.md
+3Lines changed: 3 additions & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -251,6 +251,7 @@ For example, ClusterIssuer resources can be used to issue certificates for resou
251
251
| ownerRoleName | The name of the security role assigned as the certificate owner. The security role must be assigned to the identity context of the issuer. If `ownerRoleId` and `ownerRoleName` are both specified, `ownerRoleId` will take precedence. This field is **required**if the enrollment pattern, certificate template, or system-wide setting requires it. |
252
252
| scopes | (Optional) Required if using ambient credentials with Azure AKS. If using ambient credentials, these scopes will be put on the access token generated by the ambient credentials' token provider, if applicable. |
253
253
| audience | (Optional) If using ambient credentials, this audience will be put on the access token generated by the ambient credentials' token provider, if applicable. Google's ambient credential token provider generates an OIDC ID Token. If this value is not provided, it will default to `command`. |
254
+
| healthCheckIntervalSeconds | (Optional) Defines the health check interval, in seconds, for a healthy issuer. If ommitted, defaults to 60 seconds. If set to 0, it will disable the health check. If there is a failure when running the health check, it will retry in 10 seconds with an exponential backoff strategy. Value must not be negative. |
254
255
255
256
> If a different combination of hostname/certificate authority/certificate template is required, a new Issuer or ClusterIssuer resource must be created. Each resource instantiation represents a single configuration.
256
257
@@ -282,6 +283,7 @@ For example, ClusterIssuer resources can be used to issue certificates for resou
282
283
# ownerRoleName: "$OWNER_ROLE_NAME" # Uncomment if required
283
284
# scopes: "openid email https://example.com/.default" # Uncomment if required
284
285
# audience: "https://your-command-url.com" # Uncomment if desired
286
+
# healthCheckIntervalSeconds: 60 # Uncomment if desired. Setting to 0 disables health check.
285
287
EOF
286
288
287
289
kubectl -n default apply -f issuer.yaml
@@ -312,6 +314,7 @@ For example, ClusterIssuer resources can be used to issue certificates for resou
312
314
# ownerRoleName: "$OWNER_ROLE_NAME" # Uncomment if required
313
315
# scopes: "openid email https://example.com/.default" # Uncomment if required
314
316
# audience: "https://your-command-url.com" # Uncomment if desired
317
+
# healthCheckIntervalSeconds: 60 # Uncomment if desired. Setting to 0 disables health check.
0 commit comments