apiVersion: networking.k8s.io/v1 kind: Ingress metadata: annotations: nginx.org/limit-req-burst: "200" nginx.org/limit-req-delay: "180" nginx.org/limit-req-dry-run: "false" nginx.org/limit-req-rate: 200r/s nginx.org/limit-req-scale: "true" nginx.org/location-snippets: | proxy_set_header ssl-client-cert $ssl_client_escaped_cert; proxy_set_header ssl-client-verify $ssl_client_verify; error_page 502 503 504 /error.html; nginx.org/proxy-connect-timeout: 4s nginx.org/server-snippets: | ssl_verify_client optional; ssl_verify_depth 2; ssl_crl /etc/nginx/certificates/crl.pem; ssl_trusted_certificate /etc/nginx/certificates/trusted_certificate.pem; ssl_client_certificate /etc/nginx/certificates/client_certificate.pem; error_page 495 /cert-error.html; location = / { return 301 /auth/; } nginx.org/ssl-services: keycloak-http service.beta.kubernetes.io/aws-load-balancer-scheme: internal name: idp-intranet namespace: default spec: ingressClassName: intranet rules: - host: idp.cloudidp.prod.eu.gs.aws.cloud.company.com http: paths: - backend: service: name: keycloak-http port: name: https path: / pathType: Prefix - backend: service: name: keycloak-static port: name: http path: /.well-known/apple-app-site-association pathType: Exact - backend: service: name: keycloak-static port: name: http path: /error.html pathType: Exact - backend: service: name: keycloak-static port: name: http path: /cert-error.html pathType: Exact - host: idp.cloud.company.com http: paths: - backend: service: name: keycloak-http port: name: https path: / pathType: Prefix - backend: service: name: keycloak-static port: name: http path: /.well-known/apple-app-site-association pathType: Exact - backend: service: name: keycloak-static port: name: http path: /error.html pathType: Exact - backend: service: name: keycloak-static port: name: http path: /cert-error.html pathType: Exact - host: idp.pfn.cloud.company.com http: paths: - backend: service: name: keycloak-http port: name: https path: / pathType: Prefix - backend: service: name: keycloak-static port: name: http path: /.well-known/apple-app-site-association pathType: Exact - backend: service: name: keycloak-static port: name: http path: /error.html pathType: Exact - backend: service: name: keycloak-static port: name: http path: /cert-error.html pathType: Exact - host: idp.cpn.cloud.company.com http: paths: - backend: service: name: keycloak-http port: name: https path: / pathType: Prefix - backend: service: name: keycloak-static port: name: http path: /.well-known/apple-app-site-association pathType: Exact - backend: service: name: keycloak-static port: name: http path: /error.html pathType: Exact - backend: service: name: keycloak-static port: name: http path: /cert-error.html pathType: Exact tls: - hosts: - idp.cloudidp.prod.eu.gs.aws.cloud.company.com - idp.cloud.company.com - idp.pfn.cloud.company.com - idp.cpn.cloud.company.com secretName: keycloak-server-tls-old status: loadBalancer: ingress: - hostname: k8s-ingress-nginxing-b4594f4616-d67c98d101d1abcd.elb.eu-west-1.amazonaws.com