Documentation
¶
Index ¶
- Variables
- type ExtAuthz
- func (x *ExtAuthz) ClearGrpcService()
- func (x *ExtAuthz) GetFailureModeAllow() bool
- func (x *ExtAuthz) GetGrpcService() *core.GrpcService
- func (x *ExtAuthz) GetIncludePeerCertificate() bool
- func (x *ExtAuthz) GetStatPrefix() string
- func (x *ExtAuthz) HasGrpcService() bool
- func (*ExtAuthz) ProtoMessage()
- func (x *ExtAuthz) ProtoReflect() protoreflect.Message
- func (x *ExtAuthz) Reset()
- func (x *ExtAuthz) SetFailureModeAllow(v bool)
- func (x *ExtAuthz) SetGrpcService(v *core.GrpcService)
- func (x *ExtAuthz) SetIncludePeerCertificate(v bool)
- func (x *ExtAuthz) SetStatPrefix(v string)
- func (x *ExtAuthz) String() string
- type ExtAuthz_builder
Constants ¶
This section is empty.
Variables ¶
View Source
var File_envoy_config_filter_network_ext_authz_v2_ext_authz_proto protoreflect.FileDescriptor
Functions ¶
This section is empty.
Types ¶
type ExtAuthz ¶
type ExtAuthz struct {
// The prefix to use when emitting statistics.
StatPrefix string `protobuf:"bytes,1,opt,name=stat_prefix,json=statPrefix,proto3" json:"stat_prefix,omitempty"`
// The external authorization gRPC service configuration.
// The default timeout is set to 200ms by this filter.
GrpcService *core.GrpcService `protobuf:"bytes,2,opt,name=grpc_service,json=grpcService,proto3" json:"grpc_service,omitempty"`
// The filter's behaviour in case the external authorization service does
// not respond back. When it is set to true, Envoy will also allow traffic in case of
// communication failure between authorization service and the proxy.
// Defaults to false.
FailureModeAllow bool `protobuf:"varint,3,opt,name=failure_mode_allow,json=failureModeAllow,proto3" json:"failure_mode_allow,omitempty"`
// Specifies if the peer certificate is sent to the external service.
//
// When this field is true, Envoy will include the peer X.509 certificate, if available, in the
// :ref:`certificate<envoy_api_field_service.auth.v2.AttributeContext.Peer.certificate>`.
IncludePeerCertificate bool `` /* 130-byte string literal not displayed */
// contains filtered or unexported fields
}
External Authorization filter calls out to an external service over the gRPC Authorization API defined by :ref:`CheckRequest <envoy_api_msg_service.auth.v2.CheckRequest>`. A failed check will cause this filter to close the TCP connection.
func (*ExtAuthz) GetGrpcService ¶
func (x *ExtAuthz) GetGrpcService() *core.GrpcService
func (*ExtAuthz) ProtoReflect ¶
func (x *ExtAuthz) ProtoReflect() protoreflect.Message
func (*ExtAuthz) SetGrpcService ¶
func (x *ExtAuthz) SetGrpcService(v *core.GrpcService)
type ExtAuthz_builder ¶
type ExtAuthz_builder struct {
// The prefix to use when emitting statistics.
StatPrefix string
// The external authorization gRPC service configuration.
// The default timeout is set to 200ms by this filter.
GrpcService *core.GrpcService
// The filter's behaviour in case the external authorization service does
// not respond back. When it is set to true, Envoy will also allow traffic in case of
// communication failure between authorization service and the proxy.
// Defaults to false.
FailureModeAllow bool
// Specifies if the peer certificate is sent to the external service.
//
// When this field is true, Envoy will include the peer X.509 certificate, if available, in the
// :ref:`certificate<envoy_api_field_service.auth.v2.AttributeContext.Peer.certificate>`.
IncludePeerCertificate bool
// contains filtered or unexported fields
}
func (ExtAuthz_builder) Build ¶
func (b0 ExtAuthz_builder) Build() *ExtAuthz
Source Files
¶
- ext_authz.pb.go
Click to show internal directories.
Click to hide internal directories.