|
|
|
syntax = "proto3";
|
|
|
|
|
|
|
|
package envoy.extensions.transport_sockets.alts.v3;
|
|
|
|
|
|
|
|
import "udpa/annotations/status.proto";
|
|
|
|
import "udpa/annotations/versioning.proto";
|
|
|
|
import "validate/validate.proto";
|
|
|
|
|
|
|
|
option java_package = "io.envoyproxy.envoy.extensions.transport_sockets.alts.v3";
|
|
|
|
option java_outer_classname = "AltsProto";
|
|
|
|
option java_multiple_files = true;
|
|
|
|
option (udpa.annotations.file_status).package_version_status = ACTIVE;
|
|
|
|
|
|
|
|
// [#protodoc-title: ALTS]
|
|
|
|
// [#extension: envoy.transport_sockets.alts]
|
|
|
|
|
|
|
|
// Configuration for ALTS transport socket. This provides Google's ALTS protocol to Envoy.
|
|
|
|
// https://cloud.google.com/security/encryption-in-transit/application-layer-transport-security/
|
|
|
|
message Alts {
|
|
|
|
option (udpa.annotations.versioning).previous_message_type =
|
|
|
|
"envoy.config.transport_socket.alts.v2alpha.Alts";
|
|
|
|
|
|
|
|
// The location of a handshaker service, this is usually 169.254.169.254:8080
|
|
|
|
// on GCE.
|
|
|
|
string handshaker_service = 1 [(validate.rules).string = {min_bytes: 1}];
|
|
|
|
|
|
|
|
// The acceptable service accounts from peer, peers not in the list will be rejected in the
|
|
|
|
// handshake validation step. If empty, no validation will be performed.
|
|
|
|
repeated string peer_service_accounts = 2;
|
|
|
|
}
|