You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
"description": "Arbitrary group names that are allowed to consume the service or route. One of `config.allow` or `config.deny` must be specified.",
7
+
"items": {
8
+
"required": [
9
+
10
+
],
11
+
"type": "string"
12
+
},
13
+
"type": "array"
14
+
},
15
+
"deny": {
16
+
"description": "Arbitrary group names that are not allowed to consume the service or route. One of `config.allow` or `config.deny` must be specified.",
17
+
"items": {
18
+
"required": [
19
+
20
+
],
21
+
"type": "string"
22
+
},
23
+
"type": "array"
24
+
},
25
+
"hide_groups_header": {
26
+
"default": false,
27
+
"description": "If enabled (`true`), prevents the `X-Consumer-Groups` header from being sent in the request to the upstream service.",
28
+
"type": "boolean"
29
+
}
30
+
},
31
+
"required": [
32
+
33
+
],
34
+
"type": "object"
35
+
},
36
+
"protocols": {
37
+
"default": [
38
+
"grpc",
39
+
"grpcs",
40
+
"http",
41
+
"https"
42
+
],
43
+
"description": "A set of strings representing HTTP protocols.",
44
+
"items": {
45
+
"enum": [
46
+
"grpc",
47
+
"grpcs",
48
+
"http",
49
+
"https"
50
+
],
51
+
"required": [
52
+
53
+
],
54
+
"type": "string"
55
+
},
56
+
"type": "array"
57
+
},
58
+
"route": {
59
+
"additionalProperties": false,
60
+
"description": "If set, the plugin will only activate when receiving requests via the specified route. Leave unset for the plugin to activate regardless of the route being used.",
61
+
"properties": {
62
+
"id": {
63
+
"type": "string"
64
+
}
65
+
},
66
+
"required": [
67
+
68
+
],
69
+
"type": "object"
70
+
},
71
+
"service": {
72
+
"additionalProperties": false,
73
+
"description": "If set, the plugin will only activate when receiving requests via one of the routes belonging to the specified Service. Leave unset for the plugin to activate regardless of the Service being matched.",
"description": "A string representing a URL, such as https://example.com/path/to/resource?q=search.",
35
+
"type": "string"
36
+
},
37
+
"cert_type": {
38
+
"default": "rsa",
39
+
"description": "The certificate type to create. The possible values are `'rsa'` for RSA certificate or `'ecc'` for EC certificate.",
40
+
"enum": [
41
+
"ecc",
42
+
"rsa"
43
+
],
44
+
"type": "string"
45
+
},
46
+
"domains": {
47
+
"description": "An array of strings representing hosts. A valid host is a string containing one or more labels separated by periods, with at most one wildcard label ('*')",
48
+
"items": {
49
+
"match_all": {
50
+
"pattern": "^[^*]*%*?[^*]*$"
51
+
},
52
+
"match_any": {
53
+
"patterns": [
54
+
"%.%*$",
55
+
"^%*%.",
56
+
"^[^*]*$"
57
+
]
58
+
},
59
+
"required": [
60
+
61
+
],
62
+
"type": "string"
63
+
},
64
+
"type": "array"
65
+
},
66
+
"eab_hmac_key": {
67
+
"description": "External account binding (EAB) base64-encoded URL string of the HMAC key. You usually don't need to set this unless it is explicitly required by the CA.",
68
+
"type": "string"
69
+
},
70
+
"eab_kid": {
71
+
"description": "External account binding (EAB) key id. You usually don't need to set this unless it is explicitly required by the CA.",
72
+
"type": "string"
73
+
},
74
+
"enable_ipv4_common_name": {
75
+
"default": true,
76
+
"description": "A boolean value that controls whether to include the IPv4 address in the common name field of generated certificates.",
77
+
"type": "boolean"
78
+
},
79
+
"fail_backoff_minutes": {
80
+
"default": 5,
81
+
"description": "Minutes to wait for each domain that fails to create a certificate. This applies to both a\nnew certificate and a renewal certificate.",
82
+
"type": "number"
83
+
},
84
+
"preferred_chain": {
85
+
"description": "A string value that specifies the preferred certificate chain to use when generating certificates.",
86
+
"type": "string"
87
+
},
88
+
"renew_threshold_days": {
89
+
"default": 14,
90
+
"description": "Days remaining to renew the certificate before it expires.",
91
+
"type": "number"
92
+
},
93
+
"rsa_key_size": {
94
+
"default": 4096,
95
+
"description": "RSA private key size for the certificate. The possible values are 2048, 3072, or 4096.",
96
+
"enum": [
97
+
2048,
98
+
3072,
99
+
4096
100
+
],
101
+
"type": "integer"
102
+
},
103
+
"storage": {
104
+
"default": "shm",
105
+
"description": "The backend storage type to use. The possible values are `'kong'`, `'shm'`, `'redis'`, `'consul'`, or `'vault'`. In DB-less mode, `'kong'` storage is unavailable. Note that `'shm'` storage does not persist during Kong restarts and does not work for Kong running on different machines, so consider using one of `'kong'`, `'redis'`, `'consul'`, or `'vault'` in production. Please refer to the Hybrid Mode sections below as well.",
106
+
"enum": [
107
+
"consul",
108
+
"kong",
109
+
"redis",
110
+
"shm",
111
+
"vault"
112
+
],
113
+
"type": "string"
114
+
},
115
+
"storage_config": {
116
+
"properties": {
117
+
"consul": {
118
+
"properties": {
119
+
"host": {
120
+
"description": "A string representing a host name, such as example.com.",
121
+
"type": "string"
122
+
},
123
+
"https": {
124
+
"default": false,
125
+
"description": "Boolean representation of https.",
126
+
"type": "boolean"
127
+
},
128
+
"kv_path": {
129
+
"description": "KV prefix path.",
130
+
"type": "string"
131
+
},
132
+
"port": {
133
+
"description": "An integer representing a port number between 0 and 65535, inclusive.",
134
+
"maximum": 65535,
135
+
"minimum": 0,
136
+
"type": "integer"
137
+
},
138
+
"timeout": {
139
+
"description": "Timeout in milliseconds.",
140
+
"type": "number"
141
+
},
142
+
"token": {
143
+
"description": "Consul ACL token.",
144
+
"type": "string"
145
+
}
146
+
},
147
+
"required": [
148
+
149
+
],
150
+
"type": "object"
151
+
},
152
+
"kong": {
153
+
"additionalProperties": true,
154
+
"properties": {
155
+
},
156
+
"required": [
157
+
158
+
],
159
+
"type": "object"
160
+
},
161
+
"redis": {
162
+
"properties": {
163
+
"auth": {
164
+
"description": "The Redis password to use for authentication. ",
165
+
"type": "string"
166
+
},
167
+
"database": {
168
+
"description": "The index of the Redis database to use.",
169
+
"type": "number"
170
+
},
171
+
"host": {
172
+
"description": "A string representing a host name, such as example.com.",
173
+
"type": "string"
174
+
},
175
+
"namespace": {
176
+
"default": "",
177
+
"description": "A namespace to prepend to all keys stored in Redis.",
178
+
"minLength": 0,
179
+
"type": "string"
180
+
},
181
+
"port": {
182
+
"description": "An integer representing a port number between 0 and 65535, inclusive.",
183
+
"maximum": 65535,
184
+
"minimum": 0,
185
+
"type": "integer"
186
+
},
187
+
"ssl": {
188
+
"default": false,
189
+
"description": "Whether to use SSL/TLS encryption when connecting to the Redis server.",
190
+
"type": "boolean"
191
+
},
192
+
"ssl_server_name": {
193
+
"description": "The expected server name for the SSL/TLS certificate presented by the Redis server.",
194
+
"type": "string"
195
+
},
196
+
"ssl_verify": {
197
+
"default": false,
198
+
"description": "Whether to verify the SSL/TLS certificate presented by the Redis server. This should be a boolean value.",
199
+
"type": "boolean"
200
+
}
201
+
},
202
+
"required": [
203
+
204
+
],
205
+
"type": "object"
206
+
},
207
+
"shm": {
208
+
"properties": {
209
+
"shm_name": {
210
+
"default": "kong",
211
+
"description": "Name of shared memory zone used for Kong API gateway storage",
212
+
"type": "string"
213
+
}
214
+
},
215
+
"required": [
216
+
217
+
],
218
+
"type": "object"
219
+
},
220
+
"vault": {
221
+
"properties": {
222
+
"auth_method": {
223
+
"default": "token",
224
+
"description": "Auth Method, default to token, can be 'token' or 'kubernetes'.",
225
+
"enum": [
226
+
"kubernetes",
227
+
"token"
228
+
],
229
+
"type": "string"
230
+
},
231
+
"auth_path": {
232
+
"description": "Vault's authentication path to use.",
233
+
"type": "string"
234
+
},
235
+
"auth_role": {
236
+
"description": "The role to try and assign.",
237
+
"type": "string"
238
+
},
239
+
"host": {
240
+
"description": "A string representing a host name, such as example.com.",
241
+
"type": "string"
242
+
},
243
+
"https": {
244
+
"default": false,
245
+
"description": "Boolean representation of https.",
246
+
"type": "boolean"
247
+
},
248
+
"jwt_path": {
249
+
"description": "The path to the JWT.",
250
+
"type": "string"
251
+
},
252
+
"kv_path": {
253
+
"description": "KV prefix path.",
254
+
"type": "string"
255
+
},
256
+
"port": {
257
+
"description": "An integer representing a port number between 0 and 65535, inclusive.",
258
+
"maximum": 65535,
259
+
"minimum": 0,
260
+
"type": "integer"
261
+
},
262
+
"timeout": {
263
+
"description": "Timeout in milliseconds.",
264
+
"type": "number"
265
+
},
266
+
"tls_server_name": {
267
+
"description": "SNI used in request, default to host if omitted.",
268
+
"type": "string"
269
+
},
270
+
"tls_verify": {
271
+
"default": true,
272
+
"description": "Turn on TLS verification.",
273
+
"type": "boolean"
274
+
},
275
+
"token": {
276
+
"description": "Consul ACL token.",
277
+
"type": "string"
278
+
}
279
+
},
280
+
"required": [
281
+
282
+
],
283
+
"type": "object"
284
+
}
285
+
},
286
+
"required": [
287
+
288
+
],
289
+
"type": "object"
290
+
},
291
+
"tos_accepted": {
292
+
"default": false,
293
+
"description": "If you are using Let's Encrypt, you must set this to `true` to agree the terms of service.",
294
+
"type": "boolean"
295
+
}
296
+
},
297
+
"required": [
298
+
299
+
],
300
+
"type": "object"
301
+
},
302
+
"protocols": {
303
+
"default": [
304
+
"grpc",
305
+
"grpcs",
306
+
"http",
307
+
"https"
308
+
],
309
+
"description": "A set of strings representing HTTP protocols.",
0 commit comments