YCCertificate
Статья создана
Обновлена 24 сентября 2025 г.
YCCertificate is a Gwin custom resource for referencing TLS certificates from Yandex Certificate Manager. It allows you to use certificates managed by Yandex Cloud in your Gateway and Ingress resources for TLS termination.
Cheatsheet
Примечание
Specification provided below is not valid configuration.
It's just demonstration of all YCCertificate fields.
apiVersion: gwin.yandex.cloud/v1
kind: YCCertificate
metadata:
name: example-certificate
namespace: example-ns
spec:
certificateRef:
# Option 1: Reference by certificate ID
certificateID: "fpq6gvvm6piu********"
# Option 2: Reference by certificate name and folder ID
certificateName: "my-certificate"
folderID: "b1g0itj57rbj********"
# Option 3: Reference by certificate name only (uses controller's folder)
certificateName: "my-certificate"
Reference the YCCertificate in a Gateway resource:
apiVersion: gateway.networking.k8s.io/v1
kind: Gateway
metadata:
name: example-gateway
spec:
gatewayClassName: gwin-default
listeners:
- name: https
protocol: HTTPS
port: 443
tls:
mode: Terminate
certificateRefs:
- group: gwin.yandex.cloud
kind: YCCertificate
name: example-certificate
namespace: example-ns
| Field | Description |
|---|---|
| metadata | ObjectMeta Standard Kubernetes metadata. |
| spec | YCCertificateSpec Certificate specification. |
YCCertificateSpec
YCCertificateSpec defines the desired state of YCCertificate.
Appears in: YCCertificate
| Field | Description |
|---|---|
| certificateRef | YCCertificateReference Reference to the Yandex Cloud Certificate Manager certificate. |
YCCertificateReference
YCCertificateReference is a reference to a Yandex Certificate Manager certificate. You can specify either certificateID or certificateName+folderID. You can specify only certificateName if folder is same as controller folder.
Appears in: YCCertificateSpec
| Field | Description |
|---|---|
| certificateID | string Direct reference to certificate by its ID. This is the most specific way to reference a certificate. Example: fpq6gvvm6piu******** |
| certificateName | string Name of the certificate in Yandex Cloud Certificate Manager. Must be used with folderID or rely on controller's default folder. Example: my-certificate |
| folderID | string Folder ID where the certificate is located. If not specified, controller's folder is used. Example: b1g0itj57rbj******** |