[READ ONLY MIRROR] Envoy REST/proto API definitions and documentation.
(grpc依赖)
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
|
|
|
syntax = "proto3";
|
|
|
|
|
|
|
|
// [#proto-status: draft]
|
|
|
|
|
|
|
|
package envoy.api.v2;
|
|
|
|
|
|
|
|
import "api/sds.proto";
|
|
|
|
|
|
|
|
message AuthAction {
|
|
|
|
// Should we do white-list or black-list style access control.
|
|
|
|
enum ActionType {
|
|
|
|
// Request matches all rules are allowed, otherwise denied.
|
|
|
|
ALLOW = 0;
|
|
|
|
// Request matches all rules or missing required auth fields are denied,
|
|
|
|
// otherwise allowed.
|
|
|
|
DENY = 1;
|
|
|
|
}
|
|
|
|
|
|
|
|
ActionType action_type = 1;
|
|
|
|
|
|
|
|
// Logic AND that requires all rules match.
|
|
|
|
message AndRule {
|
|
|
|
repeated Rule rules = 1;
|
|
|
|
}
|
|
|
|
|
|
|
|
// Logic OR that requires at least one rule matches.
|
|
|
|
message OrRule {
|
|
|
|
repeated Rule rules = 1;
|
|
|
|
}
|
|
|
|
|
|
|
|
// Check peer identity using X.509 certificate.
|
|
|
|
message X509Rule {
|
|
|
|
// How to validate peer certificates.
|
|
|
|
CertificateValidationContext validation_context = 3;
|
|
|
|
}
|
|
|
|
|
|
|
|
// Element type of AndRule/OrRule, it chooses among different type of rule.
|
|
|
|
message Rule {
|
|
|
|
oneof rule_specifier {
|
|
|
|
AndRule and_rule = 1;
|
|
|
|
OrRule or_rule = 2;
|
|
|
|
X509Rule x509_rule = 3;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
// List of rules
|
|
|
|
repeated Rule rule = 2;
|
|
|
|
}
|