@rugal/pulumi-istio

import * as pulumi from "@pulumi/pulumi"; import { input as inputs, output as outputs } from "../types"; export declare namespace networking { namespace v1alpha3 { /** * Configuration affecting load balancing, outlier detection, etc. See more details at: https://istio.io/docs/reference/config/networking/destination-rule.html */ interface DestinationRuleSpecArgs { /** * A list of namespaces to which this destination rule is exported. */ exportTo?: pulumi.Input<pulumi.Input<string>[]>; /** * The name of a service from the service registry. */ host?: pulumi.Input<string>; subsets?: pulumi.Input<pulumi.Input<inputs.networking.v1alpha3.DestinationRuleSpecSubsetsArgs>[]>; trafficPolicy?: pulumi.Input<inputs.networking.v1alpha3.DestinationRuleSpecTrafficPolicyArgs>; } interface DestinationRuleSpecSubsetsArgs { labels?: pulumi.Input<{ [key: string]: pulumi.Input<string>; }>; /** * Name of the subset. */ name?: pulumi.Input<string>; /** * Traffic policies that apply to this subset. */ trafficPolicy?: pulumi.Input<inputs.networking.v1alpha3.DestinationRuleSpecSubsetsTrafficPolicyArgs>; } /** * Traffic policies that apply to this subset. */ interface DestinationRuleSpecSubsetsTrafficPolicyArgs { connectionPool?: pulumi.Input<inputs.networking.v1alpha3.DestinationRuleSpecSubsetsTrafficPolicyConnectionPoolArgs>; /** * Settings controlling the load balancer algorithms. */ loadBalancer?: any; outlierDetection?: pulumi.Input<inputs.networking.v1alpha3.DestinationRuleSpecSubsetsTrafficPolicyOutlierDetectionArgs>; /** * Traffic policies specific to individual ports. */ portLevelSettings?: pulumi.Input<pulumi.Input<inputs.networking.v1alpha3.DestinationRuleSpecSubsetsTrafficPolicyPortLevelSettingsArgs>[]>; /** * TLS related settings for connections to the upstream service. */ tls?: pulumi.Input<inputs.networking.v1alpha3.DestinationRuleSpecSubsetsTrafficPolicyTlsArgs>; } interface DestinationRuleSpecSubsetsTrafficPolicyConnectionPoolArgs { /** * HTTP connection pool settings. */ http?: pulumi.Input<inputs.networking.v1alpha3.DestinationRuleSpecSubsetsTrafficPolicyConnectionPoolHttpArgs>; /** * Settings common to both HTTP and TCP upstream connections. */ tcp?: pulumi.Input<inputs.networking.v1alpha3.DestinationRuleSpecSubsetsTrafficPolicyConnectionPoolTcpArgs>; } /** * HTTP connection pool settings. */ interface DestinationRuleSpecSubsetsTrafficPolicyConnectionPoolHttpArgs { /** * Specify if http1.1 connection should be upgraded to http2 for the associated destination. */ h2UpgradePolicy?: pulumi.Input<string>; /** * Maximum number of pending HTTP requests to a destination. */ http1MaxPendingRequests?: pulumi.Input<number>; /** * Maximum number of requests to a backend. */ http2MaxRequests?: pulumi.Input<number>; /** * The idle timeout for upstream connection pool connections. */ idleTimeout?: pulumi.Input<string>; /** * Maximum number of requests per connection to a backend. */ maxRequestsPerConnection?: pulumi.Input<number>; maxRetries?: pulumi.Input<number>; /** * If set to true, client protocol will be preserved while initiating connection to backend. */ useClientProtocol?: pulumi.Input<boolean>; } /** * Settings common to both HTTP and TCP upstream connections. */ interface DestinationRuleSpecSubsetsTrafficPolicyConnectionPoolTcpArgs { /** * TCP connection timeout. */ connectTimeout?: pulumi.Input<string>; /** * Maximum number of HTTP1 /TCP connections to a destination host. */ maxConnections?: pulumi.Input<number>; /** * If set then set SO_KEEPALIVE on the socket to enable TCP Keepalives. */ tcpKeepalive?: pulumi.Input<inputs.networking.v1alpha3.DestinationRuleSpecSubsetsTrafficPolicyConnectionPoolTcpTcpKeepaliveArgs>; } /** * If set then set SO_KEEPALIVE on the socket to enable TCP Keepalives. */ interface DestinationRuleSpecSubsetsTrafficPolicyConnectionPoolTcpTcpKeepaliveArgs { /** * The time duration between keep-alive probes. */ interval?: pulumi.Input<string>; probes?: pulumi.Input<number>; time?: pulumi.Input<string>; } interface DestinationRuleSpecSubsetsTrafficPolicyOutlierDetectionArgs { /** * Minimum ejection duration. */ baseEjectionTime?: pulumi.Input<string>; /** * Number of 5xx errors before a host is ejected from the connection pool. */ consecutive5xxErrors?: pulumi.Input<number>; consecutiveErrors?: pulumi.Input<number>; /** * Number of gateway errors before a host is ejected from the connection pool. */ consecutiveGatewayErrors?: pulumi.Input<number>; consecutiveLocalOriginFailures?: pulumi.Input<number>; /** * Time interval between ejection sweep analysis. */ interval?: pulumi.Input<string>; maxEjectionPercent?: pulumi.Input<number>; minHealthPercent?: pulumi.Input<number>; /** * Determines whether to distinguish local origin failures from external errors. */ splitExternalLocalOriginErrors?: pulumi.Input<boolean>; } interface DestinationRuleSpecSubsetsTrafficPolicyPortLevelSettingsArgs { connectionPool?: pulumi.Input<inputs.networking.v1alpha3.DestinationRuleSpecSubsetsTrafficPolicyPortLevelSettingsConnectionPoolArgs>; /** * Settings controlling the load balancer algorithms. */ loadBalancer?: any; outlierDetection?: pulumi.Input<inputs.networking.v1alpha3.DestinationRuleSpecSubsetsTrafficPolicyPortLevelSettingsOutlierDetectionArgs>; port?: pulumi.Input<inputs.networking.v1alpha3.DestinationRuleSpecSubsetsTrafficPolicyPortLevelSettingsPortArgs>; /** * TLS related settings for connections to the upstream service. */ tls?: pulumi.Input<inputs.networking.v1alpha3.DestinationRuleSpecSubsetsTrafficPolicyPortLevelSettingsTlsArgs>; } interface DestinationRuleSpecSubsetsTrafficPolicyPortLevelSettingsConnectionPoolArgs { /** * HTTP connection pool settings. */ http?: pulumi.Input<inputs.networking.v1alpha3.DestinationRuleSpecSubsetsTrafficPolicyPortLevelSettingsConnectionPoolHttpArgs>; /** * Settings common to both HTTP and TCP upstream connections. */ tcp?: pulumi.Input<inputs.networking.v1alpha3.DestinationRuleSpecSubsetsTrafficPolicyPortLevelSettingsConnectionPoolTcpArgs>; } /** * HTTP connection pool settings. */ interface DestinationRuleSpecSubsetsTrafficPolicyPortLevelSettingsConnectionPoolHttpArgs { /** * Specify if http1.1 connection should be upgraded to http2 for the associated destination. */ h2UpgradePolicy?: pulumi.Input<string>; /** * Maximum number of pending HTTP requests to a destination. */ http1MaxPendingRequests?: pulumi.Input<number>; /** * Maximum number of requests to a backend. */ http2MaxRequests?: pulumi.Input<number>; /** * The idle timeout for upstream connection pool connections. */ idleTimeout?: pulumi.Input<string>; /** * Maximum number of requests per connection to a backend. */ maxRequestsPerConnection?: pulumi.Input<number>; maxRetries?: pulumi.Input<number>; /** * If set to true, client protocol will be preserved while initiating connection to backend. */ useClientProtocol?: pulumi.Input<boolean>; } /** * Settings common to both HTTP and TCP upstream connections. */ interface DestinationRuleSpecSubsetsTrafficPolicyPortLevelSettingsConnectionPoolTcpArgs { /** * TCP connection timeout. */ connectTimeout?: pulumi.Input<string>; /** * Maximum number of HTTP1 /TCP connections to a destination host. */ maxConnections?: pulumi.Input<number>; /** * If set then set SO_KEEPALIVE on the socket to enable TCP Keepalives. */ tcpKeepalive?: pulumi.Input<inputs.networking.v1alpha3.DestinationRuleSpecSubsetsTrafficPolicyPortLevelSettingsConnectionPoolTcpTcpKeepaliveArgs>; } /** * If set then set SO_KEEPALIVE on the socket to enable TCP Keepalives. */ interface DestinationRuleSpecSubsetsTrafficPolicyPortLevelSettingsConnectionPoolTcpTcpKeepaliveArgs { /** * The time duration between keep-alive probes. */ interval?: pulumi.Input<string>; probes?: pulumi.Input<number>; time?: pulumi.Input<string>; } interface DestinationRuleSpecSubsetsTrafficPolicyPortLevelSettingsOutlierDetectionArgs { /** * Minimum ejection duration. */ baseEjectionTime?: pulumi.Input<string>; /** * Number of 5xx errors before a host is ejected from the connection pool. */ consecutive5xxErrors?: pulumi.Input<number>; consecutiveErrors?: pulumi.Input<number>; /** * Number of gateway errors before a host is ejected from the connection pool. */ consecutiveGatewayErrors?: pulumi.Input<number>; consecutiveLocalOriginFailures?: pulumi.Input<number>; /** * Time interval between ejection sweep analysis. */ interval?: pulumi.Input<string>; maxEjectionPercent?: pulumi.Input<number>; minHealthPercent?: pulumi.Input<number>; /** * Determines whether to distinguish local origin failures from external errors. */ splitExternalLocalOriginErrors?: pulumi.Input<boolean>; } interface DestinationRuleSpecSubsetsTrafficPolicyPortLevelSettingsPortArgs { number?: pulumi.Input<number>; } /** * TLS related settings for connections to the upstream service. */ interface DestinationRuleSpecSubsetsTrafficPolicyPortLevelSettingsTlsArgs { caCertificates?: pulumi.Input<string>; /** * REQUIRED if mode is `MUTUAL`. */ clientCertificate?: pulumi.Input<string>; credentialName?: pulumi.Input<string>; mode?: pulumi.Input<string>; /** * REQUIRED if mode is `MUTUAL`. */ privateKey?: pulumi.Input<string>; /** * SNI string to present to the server during TLS handshake. */ sni?: pulumi.Input<string>; subjectAltNames?: pulumi.Input<pulumi.Input<string>[]>; } /** * TLS related settings for connections to the upstream service. */ interface DestinationRuleSpecSubsetsTrafficPolicyTlsArgs { caCertificates?: pulumi.Input<string>; /** * REQUIRED if mode is `MUTUAL`. */ clientCertificate?: pulumi.Input<string>; credentialName?: pulumi.Input<string>; mode?: pulumi.Input<string>; /** * REQUIRED if mode is `MUTUAL`. */ privateKey?: pulumi.Input<string>; /** * SNI string to present to the server during TLS handshake. */ sni?: pulumi.Input<string>; subjectAltNames?: pulumi.Input<pulumi.Input<string>[]>; } interface DestinationRuleSpecTrafficPolicyArgs { connectionPool?: pulumi.Input<inputs.networking.v1alpha3.DestinationRuleSpecTrafficPolicyConnectionPoolArgs>; /** * Settings controlling the load balancer algorithms. */ loadBalancer?: any; outlierDetection?: pulumi.Input<inputs.networking.v1alpha3.DestinationRuleSpecTrafficPolicyOutlierDetectionArgs>; /** * Traffic policies specific to individual ports. */ portLevelSettings?: pulumi.Input<pulumi.Input<inputs.networking.v1alpha3.DestinationRuleSpecTrafficPolicyPortLevelSettingsArgs>[]>; /** * TLS related settings for connections to the upstream service. */ tls?: pulumi.Input<inputs.networking.v1alpha3.DestinationRuleSpecTrafficPolicyTlsArgs>; } interface DestinationRuleSpecTrafficPolicyConnectionPoolArgs { /** * HTTP connection pool settings. */ http?: pulumi.Input<inputs.networking.v1alpha3.DestinationRuleSpecTrafficPolicyConnectionPoolHttpArgs>; /** * Settings common to both HTTP and TCP upstream connections. */ tcp?: pulumi.Input<inputs.networking.v1alpha3.DestinationRuleSpecTrafficPolicyConnectionPoolTcpArgs>; } /** * HTTP connection pool settings. */ interface DestinationRuleSpecTrafficPolicyConnectionPoolHttpArgs { /** * Specify if http1.1 connection should be upgraded to http2 for the associated destination. */ h2UpgradePolicy?: pulumi.Input<string>; /** * Maximum number of pending HTTP requests to a destination. */ http1MaxPendingRequests?: pulumi.Input<number>; /** * Maximum number of requests to a backend. */ http2MaxRequests?: pulumi.Input<number>; /** * The idle timeout for upstream connection pool connections. */ idleTimeout?: pulumi.Input<string>; /** * Maximum number of requests per connection to a backend. */ maxRequestsPerConnection?: pulumi.Input<number>; maxRetries?: pulumi.Input<number>; /** * If set to true, client protocol will be preserved while initiating connection to backend. */ useClientProtocol?: pulumi.Input<boolean>; } /** * Settings common to both HTTP and TCP upstream connections. */ interface DestinationRuleSpecTrafficPolicyConnectionPoolTcpArgs { /** * TCP connection timeout. */ connectTimeout?: pulumi.Input<string>; /** * Maximum number of HTTP1 /TCP connections to a destination host. */ maxConnections?: pulumi.Input<number>; /** * If set then set SO_KEEPALIVE on the socket to enable TCP Keepalives. */ tcpKeepalive?: pulumi.Input<inputs.networking.v1alpha3.DestinationRuleSpecTrafficPolicyConnectionPoolTcpTcpKeepaliveArgs>; } /** * If set then set SO_KEEPALIVE on the socket to enable TCP Keepalives. */ interface DestinationRuleSpecTrafficPolicyConnectionPoolTcpTcpKeepaliveArgs { /** * The time duration between keep-alive probes. */ interval?: pulumi.Input<string>; probes?: pulumi.Input<number>; time?: pulumi.Input<string>; } interface DestinationRuleSpecTrafficPolicyOutlierDetectionArgs { /** * Minimum ejection duration. */ baseEjectionTime?: pulumi.Input<string>; /** * Number of 5xx errors before a host is ejected from the connection pool. */ consecutive5xxErrors?: pulumi.Input<number>; consecutiveErrors?: pulumi.Input<number>; /** * Number of gateway errors before a host is ejected from the connection pool. */ consecutiveGatewayErrors?: pulumi.Input<number>; consecutiveLocalOriginFailures?: pulumi.Input<number>; /** * Time interval between ejection sweep analysis. */ interval?: pulumi.Input<string>; maxEjectionPercent?: pulumi.Input<number>; minHealthPercent?: pulumi.Input<number>; /** * Determines whether to distinguish local origin failures from external errors. */ splitExternalLocalOriginErrors?: pulumi.Input<boolean>; } interface DestinationRuleSpecTrafficPolicyPortLevelSettingsArgs { connectionPool?: pulumi.Input<inputs.networking.v1alpha3.DestinationRuleSpecTrafficPolicyPortLevelSettingsConnectionPoolArgs>; /** * Settings controlling the load balancer algorithms. */ loadBalancer?: any; outlierDetection?: pulumi.Input<inputs.networking.v1alpha3.DestinationRuleSpecTrafficPolicyPortLevelSettingsOutlierDetectionArgs>; port?: pulumi.Input<inputs.networking.v1alpha3.DestinationRuleSpecTrafficPolicyPortLevelSettingsPortArgs>; /** * TLS related settings for connections to the upstream service. */ tls?: pulumi.Input<inputs.networking.v1alpha3.DestinationRuleSpecTrafficPolicyPortLevelSettingsTlsArgs>; } interface DestinationRuleSpecTrafficPolicyPortLevelSettingsConnectionPoolArgs { /** * HTTP connection pool settings. */ http?: pulumi.Input<inputs.networking.v1alpha3.DestinationRuleSpecTrafficPolicyPortLevelSettingsConnectionPoolHttpArgs>; /** * Settings common to both HTTP and TCP upstream connections. */ tcp?: pulumi.Input<inputs.networking.v1alpha3.DestinationRuleSpecTrafficPolicyPortLevelSettingsConnectionPoolTcpArgs>; } /** * HTTP connection pool settings. */ interface DestinationRuleSpecTrafficPolicyPortLevelSettingsConnectionPoolHttpArgs { /** * Specify if http1.1 connection should be upgraded to http2 for the associated destination. */ h2UpgradePolicy?: pulumi.Input<string>; /** * Maximum number of pending HTTP requests to a destination. */ http1MaxPendingRequests?: pulumi.Input<number>; /** * Maximum number of requests to a backend. */ http2MaxRequests?: pulumi.Input<number>; /** * The idle timeout for upstream connection pool connections. */ idleTimeout?: pulumi.Input<string>; /** * Maximum number of requests per connection to a backend. */ maxRequestsPerConnection?: pulumi.Input<number>; maxRetries?: pulumi.Input<number>; /** * If set to true, client protocol will be preserved while initiating connection to backend. */ useClientProtocol?: pulumi.Input<boolean>; } /** * Settings common to both HTTP and TCP upstream connections. */ interface DestinationRuleSpecTrafficPolicyPortLevelSettingsConnectionPoolTcpArgs { /** * TCP connection timeout. */ connectTimeout?: pulumi.Input<string>; /** * Maximum number of HTTP1 /TCP connections to a destination host. */ maxConnections?: pulumi.Input<number>; /** * If set then set SO_KEEPALIVE on the socket to enable TCP Keepalives. */ tcpKeepalive?: pulumi.Input<inputs.networking.v1alpha3.DestinationRuleSpecTrafficPolicyPortLevelSettingsConnectionPoolTcpTcpKeepaliveArgs>; } /** * If set then set SO_KEEPALIVE on the socket to enable TCP Keepalives. */ interface DestinationRuleSpecTrafficPolicyPortLevelSettingsConnectionPoolTcpTcpKeepaliveArgs { /** * The time duration between keep-alive probes. */ interval?: pulumi.Input<string>; probes?: pulumi.Input<number>; time?: pulumi.Input<string>; } interface DestinationRuleSpecTrafficPolicyPortLevelSettingsOutlierDetectionArgs { /** * Minimum ejection duration. */ baseEjectionTime?: pulumi.Input<string>; /** * Number of 5xx errors before a host is ejected from the connection pool. */ consecutive5xxErrors?: pulumi.Input<number>; consecutiveErrors?: pulumi.Input<number>; /** * Number of gateway errors before a host is ejected from the connection pool. */ consecutiveGatewayErrors?: pulumi.Input<number>; consecutiveLocalOriginFailures?: pulumi.Input<number>; /** * Time interval between ejection sweep analysis. */ interval?: pulumi.Input<string>; maxEjectionPercent?: pulumi.Input<number>; minHealthPercent?: pulumi.Input<number>; /** * Determines whether to distinguish local origin failures from external errors. */ splitExternalLocalOriginErrors?: pulumi.Input<boolean>; } interface DestinationRuleSpecTrafficPolicyPortLevelSettingsPortArgs { number?: pulumi.Input<number>; } /** * TLS related settings for connections to the upstream service. */ interface DestinationRuleSpecTrafficPolicyPortLevelSettingsTlsArgs { caCertificates?: pulumi.Input<string>; /** * REQUIRED if mode is `MUTUAL`. */ clientCertificate?: pulumi.Input<string>; credentialName?: pulumi.Input<string>; mode?: pulumi.Input<string>; /** * REQUIRED if mode is `MUTUAL`. */ privateKey?: pulumi.Input<string>; /** * SNI string to present to the server during TLS handshake. */ sni?: pulumi.Input<string>; subjectAltNames?: pulumi.Input<pulumi.Input<string>[]>; } /** * TLS related settings for connections to the upstream service. */ interface DestinationRuleSpecTrafficPolicyTlsArgs { caCertificates?: pulumi.Input<string>; /** * REQUIRED if mode is `MUTUAL`. */ clientCertificate?: pulumi.Input<string>; credentialName?: pulumi.Input<string>; mode?: pulumi.Input<string>; /** * REQUIRED if mode is `MUTUAL`. */ privateKey?: pulumi.Input<string>; /** * SNI string to present to the server during TLS handshake. */ sni?: pulumi.Input<string>; subjectAltNames?: pulumi.Input<pulumi.Input<string>[]>; } /** * Customizing Envoy configuration generated by Istio. See more details at: https://istio.io/docs/reference/config/networking/envoy-filter.html */ interface EnvoyFilterSpecArgs { /** * One or more patches with match conditions. */ configPatches?: pulumi.Input<pulumi.Input<inputs.networking.v1alpha3.EnvoyFilterSpecConfigPatchesArgs>[]>; /** * Priority defines the order in which patch sets are applied within a context. */ priority?: pulumi.Input<number>; workloadSelector?: pulumi.Input<inputs.networking.v1alpha3.EnvoyFilterSpecWorkloadSelectorArgs>; } interface EnvoyFilterSpecConfigPatchesArgs { applyTo?: pulumi.Input<string>; /** * Match on listener/route configuration/cluster. */ match?: any; /** * The patch to apply along with the operation. */ patch?: pulumi.Input<inputs.networking.v1alpha3.EnvoyFilterSpecConfigPatchesPatchArgs>; } /** * The patch to apply along with the operation. */ interface EnvoyFilterSpecConfigPatchesPatchArgs { /** * Determines the filter insertion order. */ filterClass?: pulumi.Input<string>; /** * Determines how the patch should be applied. */ operation?: pulumi.Input<string>; /** * The JSON config of the object being patched. */ value?: pulumi.Input<{ [key: string]: any; }>; } interface EnvoyFilterSpecWorkloadSelectorArgs { labels?: pulumi.Input<{ [key: string]: pulumi.Input<string>; }>; } /** * Configuration affecting edge load balancer. See more details at: https://istio.io/docs/reference/config/networking/gateway.html */ interface GatewaySpecArgs { selector?: pulumi.Input<{ [key: string]: pulumi.Input<string>; }>; /** * A list of server specifications. */ servers?: pulumi.Input<pulumi.Input<inputs.networking.v1alpha3.GatewaySpecServersArgs>[]>; } interface GatewaySpecServersArgs { bind?: pulumi.Input<string>; defaultEndpoint?: pulumi.Input<string>; /** * One or more hosts exposed by this gateway. */ hosts?: pulumi.Input<pulumi.Input<string>[]>; /** * An optional name of the server, when set must be unique across all servers. */ name?: pulumi.Input<string>; port?: pulumi.Input<inputs.networking.v1alpha3.GatewaySpecServersPortArgs>; /** * Set of TLS related options that govern the server's behavior. */ tls?: pulumi.Input<inputs.networking.v1alpha3.GatewaySpecServersTlsArgs>; } interface GatewaySpecServersPortArgs { /** * Label assigned to the port. */ name?: pulumi.Input<string>; /** * A valid non-negative integer port number. */ number?: pulumi.Input<number>; /** * The protocol exposed on the port. */ protocol?: pulumi.Input<string>; targetPort?: pulumi.Input<number>; } /** * Set of TLS related options that govern the server's behavior. */ interface GatewaySpecServersTlsArgs { /** * REQUIRED if mode is `MUTUAL`. */ caCertificates?: pulumi.Input<string>; /** * Optional: If specified, only support the specified cipher list. */ cipherSuites?: pulumi.Input<pulumi.Input<string>[]>; credentialName?: pulumi.Input<string>; httpsRedirect?: pulumi.Input<boolean>; /** * Optional: Maximum TLS protocol version. */ maxProtocolVersion?: pulumi.Input<string>; /** * Optional: Minimum TLS protocol version. */ minProtocolVersion?: pulumi.Input<string>; mode?: pulumi.Input<string>; /** * REQUIRED if mode is `SIMPLE` or `MUTUAL`. */ privateKey?: pulumi.Input<string>; /** * REQUIRED if mode is `SIMPLE` or `MUTUAL`. */ serverCertificate?: pulumi.Input<string>; subjectAltNames?: pulumi.Input<pulumi.Input<string>[]>; verifyCertificateHash?: pulumi.Input<pulumi.Input<string>[]>; verifyCertificateSpki?: pulumi.Input<pulumi.Input<string>[]>; } /** * Configuration affecting service registry. See more details at: https://istio.io/docs/reference/config/networking/service-entry.html */ interface ServiceEntrySpecArgs { /** * The virtual IP addresses associated with the service. */ addresses?: pulumi.Input<pulumi.Input<string>[]>; /** * One or more endpoints associated with the service. */ endpoints?: pulumi.Input<pulumi.Input<inputs.networking.v1alpha3.ServiceEntrySpecEndpointsArgs>[]>; /** * A list of namespaces to which this service is exported. */ exportTo?: pulumi.Input<pulumi.Input<string>[]>; /** * The hosts associated with the ServiceEntry. */ hosts?: pulumi.Input<pulumi.Input<string>[]>; location?: pulumi.Input<string>; /** * The ports associated with the external service. */ ports?: pulumi.Input<pulumi.Input<inputs.networking.v1alpha3.ServiceEntrySpecPortsArgs>[]>; /** * Service discovery mode for the hosts. */ resolution?: pulumi.Input<string>; subjectAltNames?: pulumi.Input<pulumi.Input<string>[]>; /** * Applicable only for MESH_INTERNAL services. */ workloadSelector?: pulumi.Input<inputs.networking.v1alpha3.ServiceEntrySpecWorkloadSelectorArgs>; } interface ServiceEntrySpecEndpointsArgs { address?: pulumi.Input<string>; /** * One or more labels associated with the endpoint. */ labels?: pulumi.Input<{ [key: string]: pulumi.Input<string>; }>; /** * The locality associated with the endpoint. */ locality?: pulumi.Input<string>; network?: pulumi.Input<string>; /** * Set of ports associated with the endpoint. */ ports?: pulumi.Input<{ [key: string]: pulumi.Input<number>; }>; serviceAccount?: pulumi.Input<string>; /** * The load balancing weight associated with the endpoint. */ weight?: pulumi.Input<number>; } interface ServiceEntrySpecPortsArgs { /** * Label assigned to the port. */ name?: pulumi.Input<string>; /** * A valid non-negative integer port number. */ number?: pulumi.Input<number>; /** * The protocol exposed on the port. */ protocol?: pulumi.Input<string>; targetPort?: pulumi.Input<number>; } /** * Applicable only for MESH_INTERNAL services. */ interface ServiceEntrySpecWorkloadSelectorArgs { labels?: pulumi.Input<{ [key: string]: pulumi.Input<string>; }>; } /** * Configuration affecting network reachability of a sidecar. See more details at: https://istio.io/docs/reference/config/networking/sidecar.html */ interface SidecarSpecArgs { egress?: pulumi.Input<pulumi.Input<inputs.networking.v1alpha3.SidecarSpecEgressArgs>[]>; ingress?: pulumi.Input<pulumi.Input<inputs.networking.v1alpha3.SidecarSpecIngressArgs>[]>; /** * Configuration for the outbound traffic policy. */ outboundTrafficPolicy?: pulumi.Input<inputs.networking.v1alpha3.SidecarSpecOutboundTrafficPolicyArgs>; workloadSelector?: pulumi.Input<inputs.networking.v1alpha3.SidecarSpecWorkloadSelectorArgs>; } interface SidecarSpecEgressArgs { bind?: pulumi.Input<string>; captureMode?: pulumi.Input<string>; hosts?: pulumi.Input<pulumi.Input<string>[]>; /** * The port associated with the listener. */ port?: pulumi.Input<inputs.networking.v1alpha3.SidecarSpecEgressPortArgs>; } /** * The port associated with the listener. */ interface SidecarSpecEgressPortArgs { /** * Label assigned to the port. */ name?: pulumi.Input<string>; /** * A valid non-negative integer port number. */ number?: pulumi.Input<number>; /** * The protocol exposed on the port. */ protocol?: pulumi.Input<string>; targetPort?: pulumi.Input<number>; } interface SidecarSpecIngressArgs { /** * The IP to which the listener should be bound. */ bind?: pulumi.Input<string>; captureMode?: pulumi.Input<string>; defaultEndpoint?: pulumi.Input<string>; /** * The port associated with the listener. */ port?: pulumi.Input<inputs.networking.v1alpha3.SidecarSpecIngressPortArgs>; } /** * The port associated with the listener. */ interface SidecarSpecIngressPortArgs { /** * Label assigned to the port. */ name?: pulumi.Input<string>; /** * A valid non-negative integer port number. */ number?: pulumi.Input<number>; /** * The protocol exposed on the port. */ protocol?: pulumi.Input<string>; targetPort?: pulumi.Input<number>; } /** * Configuration for the outbound traffic policy. */ interface SidecarSpecOutboundTrafficPolicyArgs { egressProxy?: pulumi.Input<inputs.networking.v1alpha3.SidecarSpecOutboundTrafficPolicyEgressProxyArgs>; mode?: pulumi.Input<string>; } interface SidecarSpecOutboundTrafficPolicyEgressProxyArgs { /** * The name of a service from the service registry. */ host?: pulumi.Input<string>; /** * Specifies the port on the host that is being addressed. */ port?: pulumi.Input<inputs.networking.v1alpha3.SidecarSpecOutboundTrafficPolicyEgressProxyPortArgs>; /** * The name of a subset within the service. */ subset?: pulumi.Input<string>; } /** * Specifies the port on the host that is being addressed. */ interface SidecarSpecOutboundTrafficPolicyEgressProxyPortArgs { number?: pulumi.Input<number>; } interface SidecarSpecWorkloadSelectorArgs { labels?: pulumi.Input<{ [key: string]: pulumi.Input<string>; }>; } /** * Configuration affecting label/content routing, sni routing, etc. See more details at: https://istio.io/docs/reference/config/networking/virtual-service.html */ interface VirtualServiceSpecArgs { /** * A list of namespaces to which this virtual service is exported. */ exportTo?: pulumi.Input<pulumi.Input<string>[]>; /** * The names of gateways and sidecars that should apply these routes. */ gateways?: pulumi.Input<pulumi.Input<string>[]>; /** * The destination hosts to which traffic is being sent. */ hosts?: pulumi.Input<pulumi.Input<string>[]>; /** * An ordered list of route rules for HTTP traffic. */ http?: pulumi.Input<pulumi.Input<inputs.networking.v1alpha3.VirtualServiceSpecHttpArgs>[]>; /** * An ordered list of route rules for opaque TCP traffic. */ tcp?: pulumi.Input<pulumi.Input<inputs.networking.v1alpha3.VirtualServiceSpecTcpArgs>[]>; tls?: pulumi.Input<pulumi.Input<inputs.networking.v1alpha3.VirtualServiceSpecTlsArgs>[]>; } interface VirtualServiceSpecHttpArgs { /** * Cross-Origin Resource Sharing policy (CORS). */ corsPolicy?: pulumi.Input<inputs.networking.v1alpha3.VirtualServiceSpecHttpCorsPolicyArgs>; delegate?: pulumi.Input<inputs.networking.v1alpha3.VirtualServiceSpecHttpDelegateArgs>; /** * Fault injection policy to apply on HTTP traffic at the client side. */ fault?: pulumi.Input<inputs.networking.v1alpha3.VirtualServiceSpecHttpFaultArgs>; headers?: pulumi.Input<inputs.networking.v1alpha3.VirtualServiceSpecHttpHeadersArgs>; match?: pulumi.Input<pulumi.Input<inputs.networking.v1alpha3.VirtualServiceSpecHttpMatchArgs>[]>; mirror?: pulumi.Input<inputs.networking.v1alpha3.VirtualServiceSpecHttpMirrorArgs>; /** * Percentage of the traffic to be mirrored by the `mirror` field. */ mirrorPercent?: pulumi.Input<number>; /** * Percentage of the traffic to be mirrored by the `mirror` field. */ mirrorPercentage?: pulumi.Input<inputs.networking.v1alpha3.VirtualServiceSpecHttpMirrorPercentageArgs>; /** * Percentage of the traffic to be mirrored by the `mirror` field. */ mirror_percent?: pulumi.Input<number>; /** * The name assigned to the route for debugging purposes. */ name?: pulumi.Input<string>; /** * A HTTP rule can either redirect or forward (default) traffic. */ redirect?: pulumi.Input<inputs.networking.v1alpha3.VirtualServiceSpecHttpRedirectArgs>; /** * Retry policy for HTTP requests. */ retries?: pulumi.Input<inputs.networking.v1alpha3.VirtualServiceSpecHttpRetriesArgs>; /** * Rewrite HTTP URIs and Authority headers. */ rewrite?: pulumi.Input<inputs.networking.v1alpha3.VirtualServiceSpecHttpRewriteArgs>; /** * A HTTP rule can either redirect or forward (default) traffic. */ route?: pulumi.Input<pulumi.Input<inputs.networking.v1alpha3.VirtualServiceSpecHttpRouteArgs>[]>; /** * Timeout for HTTP requests, default is disabled. */ timeout?: pulumi.Input<string>; } /** * Cross-Origin Resource Sharing policy (CORS). */ interface VirtualServiceSpecHttpCorsPolicyArgs { allowCredentials?: pulumi.Input<boolean>; allowHeaders?: pulumi.Input<pulumi.Input<string>[]>; /** * List of HTTP methods allowed to access the resource. */ allowMethods?: pulumi.Input<pulumi.Input<string>[]>; /** * The list of origins that are allowed to perform CORS requests. */ allowOrigin?: pulumi.Input<pulumi.Input<string>[]>; /** * String patterns that match allowed origins. */ allowOrigins?: pulumi.Input<any[]>; exposeHeaders?: pulumi.Input<pulumi.Input<string>[]>; maxAge?: pulumi.Input<string>; } interface VirtualServiceSpecHttpDelegateArgs { /** * Name specifies the name of the delegate VirtualService. */ name?: pulumi.Input<string>; /** * Namespace specifies the namespace where the delegate VirtualService resides. */ namespace?: pulumi.Input<string>; } /** * Fault injection policy to apply on HTTP traffic at the client side. */ interface VirtualServiceSpecHttpFaultArgs { abort?: any; delay?: any; } interface VirtualServiceSpecHttpHeadersArgs { request?: pulumi.Input<inputs.networking.v1alpha3.VirtualServiceSpecHttpHeadersRequestArgs>; response?: pulumi.Input<inputs.networking.v1alpha3.VirtualServiceSpecHttpHeadersResponseArgs>; } interface VirtualServiceSpecHttpHeadersRequestArgs { add?: pulumi.Input<{ [key: string]: pulumi.Input<string>; }>; remove?: pulumi.Input<pulumi.Input<string>[]>; set?: pulumi.Input<{ [key: string]: pulumi.Input<string>; }>; } interface VirtualServiceSpecHttpHeadersResponseArgs { add?: pulumi.Input<{ [key: string]: pulumi.Input<string>; }>; remove?: pulumi.Input<pulumi.Input<string>[]>; set?: pulumi.Input<{ [key: string]: pulumi.Input<string>; }>; } interface VirtualServiceSpecHttpMatchArgs { authority?: any; /** * Names of gateways where the rule should be applied. */ gateways?: pulumi.Input<pulumi.Input<string>[]>; headers?: pulumi.Input<{ [key: string]: any; }>; /** * Flag to specify whether the URI matching should be case-insensitive. */ ignoreUriCase?: pulumi.Input<boolean>; method?: any; /** * The name assigned to a match. */ name?: pulumi.Input<string>; /** * Specifies the ports on the host that is being addressed. */ port?: pulumi.Input<number>; /** * Query parameters for matching. */ queryParams?: pulumi.Input<{ [key: string]: any; }>; scheme?: any; sourceLabels?: pulumi.Input<{ [key: string]: pulumi.Input<string>; }>; /** * Source namespace constraining the applicability of a rule to workloads in that namespace. */ sourceNamespace?: pulumi.Input<string>; uri?: any; /** * withoutHeader has the same syntax with the header, but has opposite meaning. */ withoutHeaders?: pulumi.Input<{ [key: string]: any; }>; } interface VirtualServiceSpecHttpMirrorArgs { /** * The name of a service from the service registry. */ host?: pulumi.Input<string>; /** * Specifies the port on the host that is being addressed. */ port?: pulumi.Input<inputs.networking.v1alpha3.VirtualServiceSpecHttpMirrorPortArgs>; /** * The name of a subset within the service. */ subset?: pulumi.Input<string>; } /** * Percentage of the traffic to be mirrored by the `mirror` field. */ interface VirtualServiceSpecHttpMirrorPercentageArgs { value?: pulumi.Input<number>; } /** * Specifies the port on the host that is being addressed. */ interface VirtualServiceSpecHttpMirrorPortArgs { number?: pulumi.Input<number>; } /** * A HTTP rule can either redirect or forward (default) traffic. */ interface VirtualServiceSpecHttpRedirectArgs { authority?: pulumi.Input<string>; redirectCode?: pulumi.Input<number>; uri?: pulumi.Input<string>; } /** * Retry policy for HTTP requests. */ interface VirtualServiceSpecHttpRetriesArgs { /** * Number of retries to be allowed for a given request. */ attempts?: pulumi.Input<number>; /** * Timeout per attempt for a given request, including the initial call and any retries. */ perTryTimeout?: pulumi.Input<string>; /** * Specifies the conditions under which retry takes place. */ retryOn?: pulumi.Input<string>; /** * Flag to specify whether the retries should retry to other localities. */ retryRemoteLocalities?: pulumi.Input<boolean>; } /** * Rewrite HTTP URIs and Authority headers. */ interface VirtualServiceSpecHttpRewriteArgs { /** * rewrite the Authority/Host header with this value. */ authority?: pulumi.Input<string>; uri?: pulumi.Input<string>; } interface VirtualServiceSpecHttpRouteArgs { destination?: pulumi.Input<inputs.networking.v1alpha3.VirtualServiceSpecHttpRouteDestinationArgs>; headers?: pulumi.Input<inputs.networking.v1alpha3.VirtualServiceSpecHttpRouteHeadersArgs>; weight?: pulumi.Input<number>; } interface VirtualServiceSpecHttpRouteDestinationArgs { /** * The name of a service from the service registry. */ host?: pulumi.Input<string>; /** * Specifies the port on the host that is being addressed. */ port?: pulumi.Input<inputs.networking.v1alpha3.VirtualServiceSpecHttpRouteDestinationPortArgs>; /** * The name of a subset within the service. */ subset?: pulumi.Input<string>; } /** * Specifies the port on the host that is being addressed. */ interface VirtualServiceSpecHttpRouteDestinationPortArgs { number?: pulumi.Input<number>; } interface VirtualServiceSpecHttpRouteHeadersArgs { request?: pulumi.Input<inputs.networking.v1alpha3.VirtualServiceSpecHttpRouteHeadersRequestArgs>; response?: pulumi.Input<inputs.networking.v1alpha3.VirtualServiceSpecHttpRouteHeadersResponseArgs>; } interface VirtualServiceSpecHttpRouteHeadersRequestArgs { add?: pulumi.Input<{ [key: string]: pulumi.Input<string>; }>; remove?: pulumi.Input<pulumi.Input<string>[]>; set?: pulumi.Input<{ [key: string]: pulumi.Input<string>; }>; } interface VirtualServiceSpecHttpRouteHeadersResponseArgs { add?: pulumi.Input<{ [key: string]: pulumi.Input<string>; }>; remove?: pulumi.Input<pulumi.Input<string>[]>; set?: pulumi.Input<{ [key: string]: pulumi.Input<string>; }>; } interface VirtualServiceSpecTcpArgs { match?: pulumi.Input<pulumi.Input<inputs.networking.v1alpha3.VirtualServiceSpecTcpMatchArgs>[]>; /** * The destination to which the connection should be forwarded to. */ route?: pulumi.Input<pulumi.Input<inputs.networking.v1alpha3.VirtualServiceSpecTcpRouteArgs>[]>; } interface VirtualServiceSpecTcpMatchArgs { /** * IPv4 or IPv6 ip addresses of destination with optional subnet. */ destinationSubnets?: pulumi.Input<pulumi.Input<string>[]>; /** * Names of gateways where the rule should be applied. */ gateways?: pulumi.Input<pulumi.Input<string>[]>; /** * Specifies the port on the host that is being addressed. */ port?: pulumi.Input<number>; sourceLabels?: pulumi.Input<{ [key: string]: pulumi.Input<string>; }>; /** * Source namespace constraining the applicability of a rule to workloads in that name