ext_authzv3

package

v1.33.0-20240425200945... Latest Latest Go to latest Published: unknown License: Apache-2.0 Imports: 8 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

Repository URL not available.

Documentation ¶

Constants ¶

This section is empty.

Variables ¶

View Source

var File_envoy_extensions_filters_network_ext_authz_v3_ext_authz_proto protoreflect.FileDescriptor

Functions ¶

This section is empty.

Types ¶

type ExtAuthz ¶

type ExtAuthz struct {

	// The prefix to use when emitting statistics.
	StatPrefix string `protobuf:"bytes,1,opt,name=stat_prefix,json=statPrefix,proto3" json:"stat_prefix,omitempty"`
	// The external authorization gRPC service configuration.
	// The default timeout is set to 200ms by this filter.
	GrpcService *v3.GrpcService `protobuf:"bytes,2,opt,name=grpc_service,json=grpcService,proto3" json:"grpc_service,omitempty"`
	// The filter's behaviour in case the external authorization service does
	// not respond back. When it is set to true, Envoy will also allow traffic in case of
	// communication failure between authorization service and the proxy.
	// Defaults to false.
	FailureModeAllow bool `protobuf:"varint,3,opt,name=failure_mode_allow,json=failureModeAllow,proto3" json:"failure_mode_allow,omitempty"`
	// Specifies if the peer certificate is sent to the external service.
	//
	// When this field is true, Envoy will include the peer X.509 certificate, if available, in the
	// :ref:`certificate<envoy_v3_api_field_service.auth.v3.AttributeContext.Peer.certificate>`.
	IncludePeerCertificate bool `` /* 130-byte string literal not displayed */
	// API version for ext_authz transport protocol. This describes the ext_authz gRPC endpoint and
	// version of Check{Request,Response} used on the wire.
	TransportApiVersion v3.ApiVersion `` /* 158-byte string literal not displayed */
	// Specifies if the filter is enabled with metadata matcher.
	// If this field is not specified, the filter will be enabled for all requests.
	FilterEnabledMetadata *v31.MetadataMatcher `` /* 126-byte string literal not displayed */
	// Optional labels that will be passed to :ref:`labels<envoy_v3_api_field_service.auth.v3.AttributeContext.Peer.labels>` in
	// :ref:`destination<envoy_v3_api_field_service.auth.v3.AttributeContext.destination>`.
	// The labels will be read from :ref:`metadata<envoy_v3_api_msg_config.core.v3.Node>` with the specified key.
	BootstrapMetadataLabelsKey string `` /* 143-byte string literal not displayed */
	// Specifies if the TLS session level details like SNI are sent to the external service.
	//
	// When this field is true, Envoy will include the SNI name used for TLSClientHello, if available, in the
	// :ref:`tls_session<envoy_v3_api_field_service.auth.v3.AttributeContext.tls_session>`.
	IncludeTlsSession bool `protobuf:"varint,8,opt,name=include_tls_session,json=includeTlsSession,proto3" json:"include_tls_session,omitempty"`
	// contains filtered or unexported fields
}

External Authorization filter calls out to an external service over the gRPC Authorization API defined by :ref:`CheckRequest <envoy_v3_api_msg_service.auth.v3.CheckRequest>`. A failed check will cause this filter to close the TCP connection. [#next-free-field: 9]

func (*ExtAuthz) Descriptor deprecated

func (*ExtAuthz) Descriptor() ([]byte, []int)

Deprecated: Use ExtAuthz.ProtoReflect.Descriptor instead.

func (*ExtAuthz) GetBootstrapMetadataLabelsKey ¶

func (x *ExtAuthz) GetBootstrapMetadataLabelsKey() string

func (*ExtAuthz) GetFailureModeAllow ¶

func (x *ExtAuthz) GetFailureModeAllow() bool

func (*ExtAuthz) GetFilterEnabledMetadata ¶

func (x *ExtAuthz) GetFilterEnabledMetadata() *v31.MetadataMatcher

func (*ExtAuthz) GetGrpcService ¶

func (x *ExtAuthz) GetGrpcService() *v3.GrpcService

func (*ExtAuthz) GetIncludePeerCertificate ¶

func (x *ExtAuthz) GetIncludePeerCertificate() bool

func (*ExtAuthz) GetIncludeTlsSession ¶

func (x *ExtAuthz) GetIncludeTlsSession() bool

func (*ExtAuthz) GetStatPrefix ¶

func (x *ExtAuthz) GetStatPrefix() string

func (*ExtAuthz) GetTransportApiVersion ¶

func (x *ExtAuthz) GetTransportApiVersion() v3.ApiVersion

func (*ExtAuthz) ProtoMessage ¶

func (*ExtAuthz) ProtoMessage()

func (*ExtAuthz) ProtoReflect ¶

func (x *ExtAuthz) ProtoReflect() protoreflect.Message

func (*ExtAuthz) Reset ¶

func (x *ExtAuthz) Reset()

func (*ExtAuthz) String ¶

func (x *ExtAuthz) String() string

Source Files ¶

View all Source files

ext_authz.pb.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL