WorkspaceAccessStrategy¶

WorkspaceAccessStrategy is the Schema for the workspaceaccessstrategies API

Field	Value or Description
`apiVersion` string	`workspace.jupyter.org/v1alpha1`
`kind` string	`WorkspaceAccessStrategy`
`metadata` ObjectMeta	Refer to Kubernetes API documentation for fields of `metadata`.
`spec` WorkspaceAccessStrategySpec	Spec defines the desired state of WorkspaceAccessStrategy
`status` WorkspaceAccessStrategyStatus	Status defines the observed state of WorkspaceAccessStrategy

AccessEnvTemplate¶

AccessEnvTemplate defines a template for environment variables

Appears in:

PrimaryContainerModifications

Field	Description	Default	Validation
`name` string	Name of the environment variable
`valueTemplate` string	ValueTemplate is a template string for the value Can use variables from the Workspace or AccessStrategy objects but not the Service object

AccessHTTPGetProbe¶

AccessHTTPGetProbe defines the HTTP GET action for access startup probing.

Appears in:

AccessStartupProbe

Field	Description	Default	Validation
`urlTemplate` string	URLTemplate is a Go text/template resolving to the URL to probe. Available variables: .Workspace, .AccessStrategy, .Service (same as accessURLTemplate and accessResourceTemplates).
`additionalSuccessStatusCodes` integer array	AdditionalSuccessStatusCodes extends the default success range (200–399) with extra HTTP status codes that indicate the route is live. Example: [401] for bearer-token auth flows where the auth middleware returns 401 on unauthenticated requests.		Optional: {}

AccessResourceTemplate¶

AccessResourceTemplate defines a template for creating Kubernetes resources

Appears in:

WorkspaceAccessStrategySpec

Field	Description	Default	Validation
`kind` string	Kind of the Kubernetes resource to create
`apiVersion` string	ApiVersion of the Kubernetes resource
`namePrefix` string	NamePrefix is a prefix for the resource name The name will be constructed as {NamePrefix}-{workspace.metadata.name}
`template` string	Template is a YAML template string for the resource Template variables include Workspace, AccessStrategy and Service objects

AccessStartupProbe¶

AccessStartupProbe defines how the controller verifies that access resources are serving traffic before marking the workspace as Available. Modeled after corev1.startupProbe — a one-shot gate that passes on the first successful response and is never checked again.

Appears in:

WorkspaceAccessStrategySpec

Field	Description	Validation
`httpGet` AccessHTTPGetProbe	HTTPGet specifies an HTTP GET to perform against the access path.	Optional: {}
`initialDelaySeconds` integer	Number of seconds after access resources are created before probes are initiated. Default: 0.	Optional: {}
`periodSeconds` integer	How often (in seconds) to perform the probe. Default: 2. Minimum: 1.	Optional: {}
`timeoutSeconds` integer	Number of seconds after which the probe times out. Default: 5. Minimum: 1.	Optional: {}
`failureThreshold` integer	Minimum consecutive failures before giving up and marking the workspace as Degraded. Once degraded, the workspace must be stopped and restarted to retry the probe. Default: 30. Minimum: 1.	Optional: {}

DeploymentModifications¶

DeploymentModifications defines modifications to apply to deployment spec

Appears in:

WorkspaceAccessStrategySpec

Field	Description	Default	Validation
`podModifications` PodModifications	PodModifications describes modifications to apply to the pod template		Optional: {}

PodModifications¶

PodModifications defines pod-level modifications

Appears in:

DeploymentModifications

Field	Description	Validation
`additionalContainers` Container array	AdditionalContainers to add to the pod (sidecars)	Optional: {}
`volumes` Volume array	Volumes to add to the pod	Optional: {}
`initContainers` Container array	InitContainers to add to the pod	Optional: {}
`primaryContainerModifications` PrimaryContainerModifications	PrimaryContainerModifications to apply to the primary container	Optional: {}

PrimaryContainerModifications¶

PrimaryContainerModifications defines modifications for the primary container

Appears in:

PodModifications

Field	Description	Default	Validation
`volumeMounts` VolumeMount array	VolumeMounts to add to the primary container		Optional: {}
`mergeEnv` AccessEnvTemplate array	MergeEnv defines environment variables to be added to the main container These will be merged with any existing env vars in the Workspace’s container		Optional: {}

WorkspaceAccessStrategySpec¶

WorkspaceAccessStrategySpec defines the desired state of WorkspaceAccessStrategy

Appears in:

WorkspaceAccessStrategy

Field	Description	Validation
`displayName` string	DisplayName is a human-readable name for this access strategy
`accessResourceTemplates` AccessResourceTemplate array	AccessResourceTemplates defines templates for resources created in the routes namespace
`accessURLTemplate` string	AccessURLTemplate is a template string for constructing the workspace access URL Template variables include .Workspace and .AccessStrategy objects If not provided, the AccessURL will not be set in the workspace status Example: “https://example.com/workspace-path/”	Optional: {}
`bearerAuthURLTemplate` string	BearerAuthURLTemplate is a template string for constructing the bearer auth URL Template variables include .Workspace and .AccessStrategy objects Used by the extension API to generate initial authentication URLs	Optional: {}
`createConnectionHandler` string	CreateConnectionHandler specifies the default handler for connection creation (e.g., “k8s-native”). Used as fallback when CreateConnectionHandlerMap does not contain the requested connection type.	Optional: {}
`createConnectionHandlerMap` object (keys:string, values:string)	CreateConnectionHandlerMap maps connection types to handler references in “plugin:action” format. Example: {“vscode-remote”: “aws:createSession”} Falls back to CreateConnectionHandler if the requested connection type is not in this map.	Optional: {}
`podEventsHandler` string	PodEventsHandler specifies the handler for pod lifecycle events in “plugin:action” format. Example: “aws:ssm-remote-access”	Optional: {}
`createConnectionContext` object (keys:string, values:string)	CreateConnectionContext contains configuration for the connection handler	Optional: {}
`podEventsContext` object (keys:string, values:string)	PodEventsContext contains configuration for the pod events handler	Optional: {}
`deploymentModifications` DeploymentModifications	DeploymentModifications defines modifications to apply to workspace deployments	Optional: {}
`accessStartupProbe` AccessStartupProbe	AccessStartupProbe defines how the controller verifies that access resources are serving traffic. If not set, access resources are considered ready as soon as they exist in the API server.	Optional: {}

WorkspaceAccessStrategyStatus¶

WorkspaceAccessStrategyStatus defines the observed state of WorkspaceAccessStrategy

Appears in:

WorkspaceAccessStrategy

Field	Description	Default	Validation
`conditions` Condition array	Conditions represent the latest available observations of the resource’s state		Optional: {}