import "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/network/ext_authz/v3"
ext_authz.pb.go ext_authz.pb.validate.go
var File_envoy_extensions_filters_network_ext_authz_v3_ext_authz_proto protoreflect.FileDescriptor
type ExtAuthz struct {
// The prefix to use when emitting statistics.
StatPrefix string `protobuf:"bytes,1,opt,name=stat_prefix,json=statPrefix,proto3" json:"stat_prefix,omitempty"`
// The external authorization gRPC service configuration.
// The default timeout is set to 200ms by this filter.
GrpcService *v3.GrpcService `protobuf:"bytes,2,opt,name=grpc_service,json=grpcService,proto3" json:"grpc_service,omitempty"`
// The filter's behaviour in case the external authorization service does
// not respond back. When it is set to true, Envoy will also allow traffic in case of
// communication failure between authorization service and the proxy.
// Defaults to false.
FailureModeAllow bool `protobuf:"varint,3,opt,name=failure_mode_allow,json=failureModeAllow,proto3" json:"failure_mode_allow,omitempty"`
// Specifies if the peer certificate is sent to the external service.
//
// When this field is true, Envoy will include the peer X.509 certificate, if available, in the
// :ref:`certificate<envoy_api_field_service.auth.v3.AttributeContext.Peer.certificate>`.
IncludePeerCertificate bool `protobuf:"varint,4,opt,name=include_peer_certificate,json=includePeerCertificate,proto3" json:"include_peer_certificate,omitempty"`
// API version for ext_authz transport protocol. This describes the ext_authz gRPC endpoint and
// version of Check{Request,Response} used on the wire.
TransportApiVersion v3.ApiVersion `protobuf:"varint,5,opt,name=transport_api_version,json=transportApiVersion,proto3,enum=envoy.config.core.v3.ApiVersion" json:"transport_api_version,omitempty"`
// Specifies if the filter is enabled with metadata matcher.
// If this field is not specified, the filter will be enabled for all requests.
FilterEnabledMetadata *v31.MetadataMatcher `protobuf:"bytes,6,opt,name=filter_enabled_metadata,json=filterEnabledMetadata,proto3" json:"filter_enabled_metadata,omitempty"`
// contains filtered or unexported fields
}External Authorization filter calls out to an external service over the gRPC Authorization API defined by :ref:`CheckRequest <envoy_api_msg_service.auth.v3.CheckRequest>`. A failed check will cause this filter to close the TCP connection. [#next-free-field: 7]
Deprecated: Use ExtAuthz.ProtoReflect.Descriptor instead.
func (x *ExtAuthz) GetFilterEnabledMetadata() *v31.MetadataMatcher
func (x *ExtAuthz) GetGrpcService() *v3.GrpcService
func (x *ExtAuthz) GetTransportApiVersion() v3.ApiVersion
func (x *ExtAuthz) ProtoReflect() protoreflect.Message
Validate checks the field values on ExtAuthz with the rules defined in the proto definition for this message. If any rules are violated, an error is returned.
type ExtAuthzValidationError struct {
// contains filtered or unexported fields
}ExtAuthzValidationError is the validation error returned by ExtAuthz.Validate if the designated constraints aren't met.
func (e ExtAuthzValidationError) Cause() error
Cause function returns cause value.
func (e ExtAuthzValidationError) Error() string
Error satisfies the builtin error interface
func (e ExtAuthzValidationError) ErrorName() string
ErrorName returns error name.
func (e ExtAuthzValidationError) Field() string
Field function returns field value.
func (e ExtAuthzValidationError) Key() bool
Key function returns key value.
func (e ExtAuthzValidationError) Reason() string
Reason function returns reason value.
Package envoy_extensions_filters_network_ext_authz_v3 imports 20 packages (graph) and is imported by 7 packages. Updated 2021-01-08. Refresh now. Tools for package owners.