gRPC services

    gRPC service configuration. This is used by ApiConfigSource and filter configurations.

    envoy_grpc

    () Envoy’s in-built gRPC client. See the gRPC services overview documentation for discussion on gRPC client selection.

    Precisely one of , google_grpc must be set.

    google_grpc

    () Google C++ gRPC client See the documentation for discussion on gRPC client selection.

    Precisely one of envoy_grpc, must be set.

    timeout

    (Duration) The timeout for the gRPC request. This is the timeout for a specific request.

    initial_metadata

    () Additional metadata to include in streams initiated to the GrpcService. This can be used for scenarios in which additional ad hoc authorization headers (e.g. x-foo-bar: baz-key) are to be injected.

    core.GrpcService.EnvoyGrpc

    2. }

    cluster_name

    (string, REQUIRED) The name of the upstream gRPC cluster. SSL credentials will be supplied in the tls_context.

    core.GrpcService.GoogleGrpc

    [core.GrpcService.GoogleGrpc proto]

    Warning

    This message type has status.

    1. {
    2.   "target_uri": "...",
    3.   "channel_credentials": "{...}",
    4.   "call_credentials": [],
    5.   "stat_prefix": "...",
    7.   "config": "{...}"
    8. }

    target_uri

    (string, REQUIRED) The target URI when using the . SSL credentials will be supplied in channel_credentials.

    channel_credentials

    ()

    call_credentials

    (core.GrpcService.GoogleGrpc.CallCredentials) A set of call credentials that can be composed with .

    stat_prefix

    (string, REQUIRED) The human readable prefix to use when emitting statistics for the gRPC service.

    credentials_factory_name

    () The name of the Google gRPC credentials factory to use. This must have been registered with Envoy. If this is empty, a default credentials factory will be used that sets up channel credentials based on other configuration parameters.

    (Struct) Additional configuration for site-specific customizations of the Google gRPC library.

    See https://grpc.io/grpc/cpp/structgrpc_1_1_ssl_credentials_options.html.

    root_certs

    () PEM encoded server root certificates.

    private_key

    (core.DataSource) PEM encoded client private key.

    cert_chain

    () PEM encoded client certificate chain.

    core.GrpcService.GoogleGrpc.GoogleLocalCredentials

    Local channel credentials. Only UDS is supported for now. See https://github.com/grpc/grpc/pull/15909.

    1. {}

    core.GrpcService.GoogleGrpc.ChannelCredentials

    [core.GrpcService.GoogleGrpc.ChannelCredentials proto]

    See to understand Channel and Call credential types.

    1. {
    2.   "google_default": "{...}",
    3.   "local_credentials": "{...}"

    ssl_credentials

    (core.GrpcService.GoogleGrpc.SslCredentials)

    Precisely one of , google_default, must be set.

    google_default

    (Empty)

    Precisely one of ssl_credentials, , local_credentials must be set.

    local_credentials

    ()

    Precisely one of ssl_credentials, , local_credentials must be set.

    access_token

    (string) Access token credentials. .

    Precisely one of access_token, , google_refresh_token, , google_iam, must be set.

    google_compute_engine

    Precisely one of access_token, , google_refresh_token, , google_iam, must be set.

    google_refresh_token

    (string) Google refresh token credentials. .

    Precisely one of access_token, , google_refresh_token, , google_iam, must be set.

    service_account_jwt_access

    (core.GrpcService.GoogleGrpc.CallCredentials.ServiceAccountJWTAccessCredentials) Service Account JWT Access credentials. .

    Precisely one of access_token, , google_refresh_token, , google_iam, must be set.

    google_iam

    (core.GrpcService.GoogleGrpc.CallCredentials.GoogleIAMCredentials) Google IAM credentials. .

    Precisely one of access_token, , google_refresh_token, , google_iam, must be set.

    from_plugin

    (core.GrpcService.GoogleGrpc.CallCredentials.MetadataCredentialsFromPlugin) Custom authenticator credentials. . https://grpc.io/docs/guides/auth.html#extending-grpc-to-support-other-authentication-mechanisms.

    Precisely one of , google_compute_engine, , service_account_jwt_access, , from_plugin must be set.

    core.GrpcService.GoogleGrpc.CallCredentials.ServiceAccountJWTAccessCredentials

    [core.GrpcService.GoogleGrpc.CallCredentials.ServiceAccountJWTAccessCredentials proto]

    1. {
    2.   "json_key": "...",
    3.   "token_lifetime_seconds": "..."
    4. }

    json_key

    ()

    token_lifetime_seconds

    (uint64)

    core.GrpcService.GoogleGrpc.CallCredentials.GoogleIAMCredentials

    [core.GrpcService.GoogleGrpc.CallCredentials.GoogleIAMCredentials proto]

    1. {
    2.   "authorization_token": "...",
    3.   "authority_selector": "..."

    authorization_token

    ()

    authority_selector

    (string)

    name

    (string)

    config