Package:

gloo.solo.io

Source File:

secret.proto

Description:

Contents:


Secret

Description: Certain plugins such as the AWS Lambda Plugin require the use of secrets for authentication, configuration of SSL Certificates, and other data that should not be stored in plaintext configuration.

Gloo runs an independent (goroutine) controller to monitor secrets. Secrets are stored in their own secret storage layer. Gloo can monitor secrets stored in the following secret storage services:

Kubernetes Secrets Hashicorp Vault Plaintext files (recommended only for testing) Secrets must adhere to a structure, specified by the plugin that requires them.

Gloo's secret backend can be configured in Gloo's bootstrap options

"aws": .gloo.solo.io.AwsSecret
"azure": .gloo.solo.io.AzureSecret
"tls": .gloo.solo.io.TlsSecret
"metadata": .core.solo.io.Metadata

Field Type Description Default
aws .gloo.solo.io.AwsSecret
azure .gloo.solo.io.AzureSecret
tls .gloo.solo.io.TlsSecret
metadata .core.solo.io.Metadata Metadata contains the object metadata for this resource

AwsSecret

Description:

"access_key": string
"secret_key": string

Field Type Description Default
access_key string
secret_key string

AzureSecret

Description:

"api_keys": [.gloo.solo.io.AzureSecret.ApiKeysEntry]

Field Type Description Default
api_keys [.gloo.solo.io.AzureSecret.ApiKeysEntry]

TlsSecret

Description:

"cert_chain": string
"private_key": string
"root_ca": string

Field Type Description Default
cert_chain string
private_key string
root_ca string