v2alpha1

package
v1.23.0-rc.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Aug 8, 2024 License: Apache-2.0 Imports: 5 Imported by: 14

Documentation

Index

Constants

This section is empty.

Variables

View Source
var File_envoy_config_filter_http_authn_v2alpha1_config_proto protoreflect.FileDescriptor

Functions

This section is empty.

Types

type FilterConfig

type FilterConfig struct {

	// Policy is the original copy of the policy.
	Policy *v1alpha1.Policy `protobuf:"bytes,1,opt,name=policy,proto3" json:"policy,omitempty"`
	// Map from issuer to location of the payload that is emitted by Jwt filter.
	// This information is added by pilot when construct and add Jwt and
	// authN filters.
	JwtOutputPayloadLocations map[string]string `` /* 228-byte string literal not displayed */
	// Skips validating the peer's trust domain.
	// By default, the istio authn filter will reject the request if the peer and
	// the local service is not in the same trust domain.
	// Set this field to true to skip the validation and allows peers from any
	// trust domains.
	// Note, the istio authn filter only validates the trust domain when mTLS is
	// used, In other words, this field has no effect for plaintext traffic.
	// TODO(incfly): deprecate this after allowed_trust_domains is shipped.
	SkipValidateTrustDomain bool `` /* 135-byte string literal not displayed */
	// allowed_trust_domains contains a list of trust domains the authn
	// filter should validate against. When configured, only requests with a
	// peer from one of the allowed trust domain will be admitted.
	// An empty list means all trust domains are allowed.
	// When this field is set, the skip_validate_trust_domain field is ignored.
	// This field has no effect for plaintext traffic.
	AllowedTrustDomains []string `protobuf:"bytes,4,rep,name=allowed_trust_domains,json=allowedTrustDomains,proto3" json:"allowed_trust_domains,omitempty"`
	// By default the authn filter will clear the route cache so that the validated
	// JWT token claims can be used in routing.
	// Advanced users can set this to true to disable the behavior if they do not
	// want the authn filter to clear the route cache for any reasons.
	// Warning: setting this to true will break the JWT claim based routing.
	DisableClearRouteCache bool `` /* 132-byte string literal not displayed */
	// contains filtered or unexported fields
}

FilterConfig is the config for Istio-specific filter that is used to enforce authentication policy on Envoy.

func (*FilterConfig) Descriptor deprecated

func (*FilterConfig) Descriptor() ([]byte, []int)

Deprecated: Use FilterConfig.ProtoReflect.Descriptor instead.

func (*FilterConfig) GetAllowedTrustDomains

func (x *FilterConfig) GetAllowedTrustDomains() []string

func (*FilterConfig) GetDisableClearRouteCache

func (x *FilterConfig) GetDisableClearRouteCache() bool

func (*FilterConfig) GetJwtOutputPayloadLocations

func (x *FilterConfig) GetJwtOutputPayloadLocations() map[string]string

func (*FilterConfig) GetPolicy

func (x *FilterConfig) GetPolicy() *v1alpha1.Policy

func (*FilterConfig) GetSkipValidateTrustDomain

func (x *FilterConfig) GetSkipValidateTrustDomain() bool

func (*FilterConfig) ProtoMessage

func (*FilterConfig) ProtoMessage()

func (*FilterConfig) ProtoReflect

func (x *FilterConfig) ProtoReflect() protoreflect.Message

func (*FilterConfig) Reset

func (x *FilterConfig) Reset()

func (*FilterConfig) String

func (x *FilterConfig) String() string

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL