Skip to content

Commit

Permalink
Merge branch 'main' into docs/note-about-connect-service-upstream-env…
Browse files Browse the repository at this point in the history 
…-var
  • Loading branch information
@im2nguyen
im2nguyen authored Sep 19, 2023
2 parents 8a0896d + 5843efe commit de2a5f1
Show file tree
Hide file tree
Showing 7 changed files with 168 additions and 154 deletions.
18 changes: 11 additions & 7 deletions website/content/docs/connect/config-entries/control-plane-request-limit.mdx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,30 +41,34 @@ When every field is defined, a control plane request limit configuration entry h

```hcl
kind = "control-plane-request-limit"
mode = "permissive"
name = "<name-for-the-entry>"
mode = "permissive"
read_rate = 100
write_rate = 100
kv = {
read_rate = 100
write_rate = 100
}
}
acl = {
read_rate = 100
write_rate = 100
mode = "permissive"
}
}
catalog = {
read_rate = 100
write_rate = 100
}
}
```

```json
{
"kind": "control-plane-request-limit",
"mode": "permissive",
"name": "<name-for-the-entry>",
"mode": "permissive",
"read_rate": 100,
"write_rate": 100,
"kv": {
Expand All @@ -75,7 +79,7 @@ catalog = {
"read_rate": 100,
"write_rate": 100
},
"catalog: {
"catalog": {
"read_rate": 100,
"write_rate": 100
}
Expand Down
225 changes: 113 additions & 112 deletions website/content/docs/connect/config-entries/jwt-provider.mdx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -132,74 +132,74 @@ Kind = "jwt-provider" # required
Name = "<name-of-provider-configuration-entry>" # required
Issuer = "<jwt-issuer>" # required
JSONWebKeySet = { # required
Local = { # cannot specify with JWKS{}.Remote
JWKS = "<JWKS-as-base64-string>" # cannot specify with JWKS{}.Local{}.Filename
Filename = "<path/to/JWKS/file>" # cannot specify with JWKS{}.Local{}.String
}
Local = { # cannot specify with JWKS{}.Remote
JWKS = "<JWKS-as-base64-string>" # cannot specify with JWKS{}.Local{}.Filename
Filename = "<path/to/JWKS/file>" # cannot specify with JWKS{}.Local{}.String
}
}
JSONWebKeySet = {
Remote = { # cannot specify with JWKS{}.Local
URI = "<uniform-resource-identifier>"
RequestTimeoutMs = 1500
CacheDuration = "5m"
FetchAsynchronously = false
RetryPolicy = {
NumRetries = 0
RetryPolicyBackoff = {
BaseInterval = "1s"
MaxInterval = "10s"
}
}
JWKSCluster = {
DiscoveryType = "STATIC"
ConnectTimeout = "10s"
# specify only one child: TrustedCA or CaCertificateProviderInstance
TLSCertificates = {
# specify only one child: Filename, EnvironmentVariable, InlineString or InlineBytes
TrustedCA = {
Filename = "<path/to/cert/file>"
EnvironmentVariable = "<env-variable>"
InlineString = "<inline-string>"
InlineBytes = "\302\000\302\302\302\302"
}
}
TLSCertificates = {
CaCertificateProviderInstance = {
InstanceName = "<instance-name>"
CertificateName = "<certificate-name>"
}
}
}
Remote = { # cannot specify with JWKS{}.Local
URI = "<uniform-resource-identifier>"
RequestTimeoutMs = 1500
CacheDuration = "5m"
FetchAsynchronously = false
RetryPolicy = {
NumRetries = 0
RetryPolicyBackoff = {
BaseInterval = "1s"
MaxInterval = "10s"
}
}
JWKSCluster = {
DiscoveryType = "STATIC"
ConnectTimeout = "10s"
# specify only one child: TrustedCA or CaCertificateProviderInstance
TLSCertificates = {
# specify only one child: Filename, EnvironmentVariable, InlineString or InlineBytes
TrustedCA = {
Filename = "<path/to/cert/file>"
EnvironmentVariable = "<env-variable>"
InlineString = "<inline-string>"
InlineBytes = "\302\000\302\302\302\302"
}
}
TLSCertificates = {
CaCertificateProviderInstance = {
InstanceName = "<instance-name>"
CertificateName = "<certificate-name>"
}
}
}
}
}
Audiences = ["<aud-claims>"]
Locations = [
{
Header = {
Name = "<name-of-header-with-token>"
ValuePrefix = "<prefix-in-header-before-token>"
Forward = false
}
},
{
QueryParam = {
Name = "<name-of-query-parameter-with-token>"
}
},
{
Cookie = {
Name = "<name-of-cookie-with-token>"
}
{
Header = {
Name = "<name-of-header-with-token>"
ValuePrefix = "<prefix-in-header-before-token>"
Forward = false
}
},
{
QueryParam = {
Name = "<name-of-query-parameter-with-token>"
}
},
{
Cookie = {
Name = "<name-of-cookie-with-token>"
}
}
]
Forwarding = {
HeaderName = "<name-appended-to-forwarding-header>"
PadForwardPayloadHeader = false
HeaderName = "<name-appended-to-forwarding-header>"
PadForwardPayloadHeader = false
}
ClockSkewSeconds = 30
CacheConfig = {
Size = 0
Size = 0
}
```

Expand All @@ -209,77 +209,78 @@ CacheConfig = {

```json
{
"Kind": "jwt-provider", // required
"Name": "<name-of-provider-configuration-entry>", // required
"Issuer": "<jwt-issuer>", // required
"JSONWebKeySet": { // required
"Kind": "jwt-provider", // required
"Name": "<name-of-provider-configuration-entry>", // required
"Issuer": "<jwt-issuer>", // required
"JSONWebKeySet": { // required
"Local": { // cannot specify with JWKS.Remote
"JWKS": "<JWKS-as-base64-string>", // cannot specify with JWKS.Local.Filename
"Filename": "<path/to/JWKS/file>" // cannot specify with JWKS.Local.String
"JWKS": "<JWKS-as-base64-string>", // cannot specify with JWKS.Local.Filename
"Filename": "<path/to/JWKS/file>" // cannot specify with JWKS.Local.String
}
},
"JSONWebKeySet": {
"Remote": { // cannot specify with JWKS.Local
"URI": "<uniform-resource-identifier>",
"RequestTimeoutMs": "1500",
"CacheDuration": "5m",
"FetchAsynchronously": "false",
"RetryPolicy": {
"NumRetries": "0",
"RetryPolicyBackOff": {
"BaseInterval": "1s",
"MaxInterval": "10s"
}
},
"JSONWebKeySet": {
"Remote": { // cannot specify with JWKS.Local
"URI": "<uniform-resource-identifier>",
"RequestTimeoutMs": "1500",
"CacheDuration": "5m",
"FetchAsynchronously": "false",
"RetryPolicy": {
"NumRetries": "0",
"RetryPolicyBackOff": {
"BaseInterval": "1s",
"MaxInterval": "10s"
}
},
"JWKSCluster": {
"DiscoveryType": "STATIC",
"ConnectTimeout": "10s",
// specify only one child: TrustedCA or CaCertificateProviderInstance
"TLSCertificates": {
// specify only one child: Filename, EnvironmentVariable, InlineString or InlineBytes
"TrustedCA": {
"Filename": "<path/to/cert/file>",
"EnvironmentVariable": "<env-variable>",
"InlineString": "<inline-string>",
"InlineBytes": "\302\000\302\302\302\302"
},
"JWKSCluster": {
"DiscoveryType": "STATIC",
"ConnectTimeout": "10s",
// specify only one child: TrustedCA or CaCertificateProviderInstance
"TLSCertificates": {
// specify only one child: Filename, EnvironmentVariable, InlineString or InlineBytes
"TrustedCA": {
"Filename": "<path/to/cert/file>",
"EnvironmentVariable": "<env-variable>",
"InlineString": "<inline-string>",
"InlineBytes": "\302\000\302\302\302\302"
},
"TLSCertificates": {
"CaCertificateProviderInstance": {
"InstanceName": "<instance-name>",
"CertificateName": "<certificate-name>"
}
}
},
"TLSCertificates": {
"CaCertificateProviderInstance": {
"InstanceName": "<instance-name>",
"CertificateName": "<certificate-name>"
}
}
},
"Audiences": ["<aud-claims>"],
"Locations": [
}
}
},
"Audiences": ["<aud-claims>"],
"Locations": [
{
"Header": {
"Name": "<name-of-header-with-token>",
"ValuePrefix": "<prefix-in-header-before-token>",
"Forward": "false"
}
"Header": {
"Name": "<name-of-header-with-token>",
"ValuePrefix": "<prefix-in-header-before-token>",
"Forward": "false"
}
},
{
"QueryParam": {
"Name":"<name-of-query-parameter-with-token>",
}
"QueryParam": {
"Name":"<name-of-query-parameter-with-token>",
}
},
{
"Cookie": {
"Name": "<name-of-cookie-with-token>"
}
"Cookie": {
"Name": "<name-of-cookie-with-token>"
}
}
],
"Forwarding": {
],
"Forwarding": {
"HeaderName": "<name-appended-to-forwarding-header>",
"PadForwardPayloadHeader": "false"
},
"ClockSkewSeconds": "30",
"CacheConfig": {
},
"ClockSkewSeconds": "30",
"CacheConfig": {
"Size": "0"
}
}
}
```

Expand Down
20 changes: 10 additions & 10 deletions ...ntent/docs/connect/proxies/envoy-extensions/configuration/property-override.mdx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -177,16 +177,16 @@ EnvoyExtensions = [
ProxyType = "connect-proxy",
Patches = [
{
"ResourceFilter" = {
"ResourceType" = "cluster",
"TrafficDirection" = "outbound",
"Service" = {
"Name" = "other-svc"
},
},
"Op" = "add",
"Path" = "/respect_dns_ttl",
"Value" = true,
ResourceFilter = {
ResourceType = "cluster"
TrafficDirection = "outbound"
Service = {
Name = "other-svc"
}
}
Op = "add"
Path = "/respect_dns_ttl"
Value = true
}
]
}
Expand Down
Loading

0 comments on commit de2a5f1

Please sign in to comment.