Warning
The v2 xDS API is not supported in Envoy v1.18.0 and above.
Secrets configuration¶
auth.GenericSecret¶
{
"secret": "{...}"
}
- secret
(core.DataSource) Secret of generic type and is available to filters.
auth.SdsSecretConfig¶
{
"name": "...",
"sds_config": "{...}"
}
- name
(string) Name (FQDN, UUID, SPKI, SHA256, etc.) by which the secret can be uniquely referred to. When both name and config are specified, then secret can be fetched and/or reloaded via SDS. When only name is specified, then secret will be loaded from static resources.
- sds_config
auth.Secret¶
{
"name": "...",
"tls_certificate": "{...}",
"session_ticket_keys": "{...}",
"validation_context": "{...}",
"generic_secret": "{...}"
}
- name
(string) Name (FQDN, UUID, SPKI, SHA256, etc.) by which the secret can be uniquely referred to.
- tls_certificate
-
Only one of tls_certificate, session_ticket_keys, validation_context, generic_secret may be set.
- session_ticket_keys
-
Only one of tls_certificate, session_ticket_keys, validation_context, generic_secret may be set.
- validation_context
(auth.CertificateValidationContext)
Only one of tls_certificate, session_ticket_keys, validation_context, generic_secret may be set.
- generic_secret
-
Only one of tls_certificate, session_ticket_keys, validation_context, generic_secret may be set.