.. _envoy_api_file_envoy/api/v2/auth/secret.proto: Secrets configuration ===================== .. _envoy_api_msg_auth.GenericSecret: auth.GenericSecret ------------------ `[auth.GenericSecret proto] <https://github.com/envoyproxy/envoy/blob/v1.15.2/api/envoy/api/v2/auth/secret.proto#L21>`_ .. code-block:: json { "secret": "{...}" } .. _envoy_api_field_auth.GenericSecret.secret: secret (:ref:`core.DataSource <envoy_api_msg_core.DataSource>`) Secret of generic type and is available to filters. .. _envoy_api_msg_auth.SdsSecretConfig: auth.SdsSecretConfig -------------------- `[auth.SdsSecretConfig proto] <https://github.com/envoyproxy/envoy/blob/v1.15.2/api/envoy/api/v2/auth/secret.proto#L26>`_ .. code-block:: json { "name": "...", "sds_config": "{...}" } .. _envoy_api_field_auth.SdsSecretConfig.name: name (`string <https://developers.google.com/protocol-buffers/docs/proto#scalar>`_) Name (FQDN, UUID, SPKI, SHA256, etc.) by which the secret can be uniquely referred to. When both name and config are specified, then secret can be fetched and/or reloaded via SDS. When only name is specified, then secret will be loaded from static resources. .. _envoy_api_field_auth.SdsSecretConfig.sds_config: sds_config (:ref:`core.ConfigSource <envoy_api_msg_core.ConfigSource>`) .. _envoy_api_msg_auth.Secret: auth.Secret ----------- `[auth.Secret proto] <https://github.com/envoyproxy/envoy/blob/v1.15.2/api/envoy/api/v2/auth/secret.proto#L36>`_ .. code-block:: json { "name": "...", "tls_certificate": "{...}", "session_ticket_keys": "{...}", "validation_context": "{...}", "generic_secret": "{...}" } .. _envoy_api_field_auth.Secret.name: name (`string <https://developers.google.com/protocol-buffers/docs/proto#scalar>`_) Name (FQDN, UUID, SPKI, SHA256, etc.) by which the secret can be uniquely referred to. .. _envoy_api_field_auth.Secret.tls_certificate: tls_certificate (:ref:`auth.TlsCertificate <envoy_api_msg_auth.TlsCertificate>`) Only one of :ref:`tls_certificate <envoy_api_field_auth.Secret.tls_certificate>`, :ref:`session_ticket_keys <envoy_api_field_auth.Secret.session_ticket_keys>`, :ref:`validation_context <envoy_api_field_auth.Secret.validation_context>`, :ref:`generic_secret <envoy_api_field_auth.Secret.generic_secret>` may be set. .. _envoy_api_field_auth.Secret.session_ticket_keys: session_ticket_keys (:ref:`auth.TlsSessionTicketKeys <envoy_api_msg_auth.TlsSessionTicketKeys>`) Only one of :ref:`tls_certificate <envoy_api_field_auth.Secret.tls_certificate>`, :ref:`session_ticket_keys <envoy_api_field_auth.Secret.session_ticket_keys>`, :ref:`validation_context <envoy_api_field_auth.Secret.validation_context>`, :ref:`generic_secret <envoy_api_field_auth.Secret.generic_secret>` may be set. .. _envoy_api_field_auth.Secret.validation_context: validation_context (:ref:`auth.CertificateValidationContext <envoy_api_msg_auth.CertificateValidationContext>`) Only one of :ref:`tls_certificate <envoy_api_field_auth.Secret.tls_certificate>`, :ref:`session_ticket_keys <envoy_api_field_auth.Secret.session_ticket_keys>`, :ref:`validation_context <envoy_api_field_auth.Secret.validation_context>`, :ref:`generic_secret <envoy_api_field_auth.Secret.generic_secret>` may be set. .. _envoy_api_field_auth.Secret.generic_secret: generic_secret (:ref:`auth.GenericSecret <envoy_api_msg_auth.GenericSecret>`) Only one of :ref:`tls_certificate <envoy_api_field_auth.Secret.tls_certificate>`, :ref:`session_ticket_keys <envoy_api_field_auth.Secret.session_ticket_keys>`, :ref:`validation_context <envoy_api_field_auth.Secret.validation_context>`, :ref:`generic_secret <envoy_api_field_auth.Secret.generic_secret>` may be set.