@rugal/pulumi-istio

import { output as outputs } from "../types"; export declare namespace networking { namespace v1alpha3 { /** * Configuration affecting load balancing, outlier detection, etc. See more details at: https://istio.io/docs/reference/config/networking/destination-rule.html */ interface DestinationRuleSpec { /** * A list of namespaces to which this destination rule is exported. */ exportTo?: string[]; /** * The name of a service from the service registry. */ host?: string; subsets?: outputs.networking.v1alpha3.DestinationRuleSpecSubsets[]; trafficPolicy?: outputs.networking.v1alpha3.DestinationRuleSpecTrafficPolicy; } interface DestinationRuleSpecSubsets { labels?: { [key: string]: string; }; /** * Name of the subset. */ name?: string; /** * Traffic policies that apply to this subset. */ trafficPolicy?: outputs.networking.v1alpha3.DestinationRuleSpecSubsetsTrafficPolicy; } /** * Traffic policies that apply to this subset. */ interface DestinationRuleSpecSubsetsTrafficPolicy { connectionPool?: outputs.networking.v1alpha3.DestinationRuleSpecSubsetsTrafficPolicyConnectionPool; /** * Settings controlling the load balancer algorithms. */ loadBalancer?: any; outlierDetection?: outputs.networking.v1alpha3.DestinationRuleSpecSubsetsTrafficPolicyOutlierDetection; /** * Traffic policies specific to individual ports. */ portLevelSettings?: outputs.networking.v1alpha3.DestinationRuleSpecSubsetsTrafficPolicyPortLevelSettings[]; /** * TLS related settings for connections to the upstream service. */ tls?: outputs.networking.v1alpha3.DestinationRuleSpecSubsetsTrafficPolicyTls; } interface DestinationRuleSpecSubsetsTrafficPolicyConnectionPool { /** * HTTP connection pool settings. */ http?: outputs.networking.v1alpha3.DestinationRuleSpecSubsetsTrafficPolicyConnectionPoolHttp; /** * Settings common to both HTTP and TCP upstream connections. */ tcp?: outputs.networking.v1alpha3.DestinationRuleSpecSubsetsTrafficPolicyConnectionPoolTcp; } /** * HTTP connection pool settings. */ interface DestinationRuleSpecSubsetsTrafficPolicyConnectionPoolHttp { /** * Specify if http1.1 connection should be upgraded to http2 for the associated destination. */ h2UpgradePolicy?: string; /** * Maximum number of pending HTTP requests to a destination. */ http1MaxPendingRequests?: number; /** * Maximum number of requests to a backend. */ http2MaxRequests?: number; /** * The idle timeout for upstream connection pool connections. */ idleTimeout?: string; /** * Maximum number of requests per connection to a backend. */ maxRequestsPerConnection?: number; maxRetries?: number; /** * If set to true, client protocol will be preserved while initiating connection to backend. */ useClientProtocol?: boolean; } /** * Settings common to both HTTP and TCP upstream connections. */ interface DestinationRuleSpecSubsetsTrafficPolicyConnectionPoolTcp { /** * TCP connection timeout. */ connectTimeout?: string; /** * Maximum number of HTTP1 /TCP connections to a destination host. */ maxConnections?: number; /** * If set then set SO_KEEPALIVE on the socket to enable TCP Keepalives. */ tcpKeepalive?: outputs.networking.v1alpha3.DestinationRuleSpecSubsetsTrafficPolicyConnectionPoolTcpTcpKeepalive; } /** * If set then set SO_KEEPALIVE on the socket to enable TCP Keepalives. */ interface DestinationRuleSpecSubsetsTrafficPolicyConnectionPoolTcpTcpKeepalive { /** * The time duration between keep-alive probes. */ interval?: string; probes?: number; time?: string; } interface DestinationRuleSpecSubsetsTrafficPolicyOutlierDetection { /** * Minimum ejection duration. */ baseEjectionTime?: string; /** * Number of 5xx errors before a host is ejected from the connection pool. */ consecutive5xxErrors?: number; consecutiveErrors?: number; /** * Number of gateway errors before a host is ejected from the connection pool. */ consecutiveGatewayErrors?: number; consecutiveLocalOriginFailures?: number; /** * Time interval between ejection sweep analysis. */ interval?: string; maxEjectionPercent?: number; minHealthPercent?: number; /** * Determines whether to distinguish local origin failures from external errors. */ splitExternalLocalOriginErrors?: boolean; } interface DestinationRuleSpecSubsetsTrafficPolicyPortLevelSettings { connectionPool?: outputs.networking.v1alpha3.DestinationRuleSpecSubsetsTrafficPolicyPortLevelSettingsConnectionPool; /** * Settings controlling the load balancer algorithms. */ loadBalancer?: any; outlierDetection?: outputs.networking.v1alpha3.DestinationRuleSpecSubsetsTrafficPolicyPortLevelSettingsOutlierDetection; port?: outputs.networking.v1alpha3.DestinationRuleSpecSubsetsTrafficPolicyPortLevelSettingsPort; /** * TLS related settings for connections to the upstream service. */ tls?: outputs.networking.v1alpha3.DestinationRuleSpecSubsetsTrafficPolicyPortLevelSettingsTls; } interface DestinationRuleSpecSubsetsTrafficPolicyPortLevelSettingsConnectionPool { /** * HTTP connection pool settings. */ http?: outputs.networking.v1alpha3.DestinationRuleSpecSubsetsTrafficPolicyPortLevelSettingsConnectionPoolHttp; /** * Settings common to both HTTP and TCP upstream connections. */ tcp?: outputs.networking.v1alpha3.DestinationRuleSpecSubsetsTrafficPolicyPortLevelSettingsConnectionPoolTcp; } /** * HTTP connection pool settings. */ interface DestinationRuleSpecSubsetsTrafficPolicyPortLevelSettingsConnectionPoolHttp { /** * Specify if http1.1 connection should be upgraded to http2 for the associated destination. */ h2UpgradePolicy?: string; /** * Maximum number of pending HTTP requests to a destination. */ http1MaxPendingRequests?: number; /** * Maximum number of requests to a backend. */ http2MaxRequests?: number; /** * The idle timeout for upstream connection pool connections. */ idleTimeout?: string; /** * Maximum number of requests per connection to a backend. */ maxRequestsPerConnection?: number; maxRetries?: number; /** * If set to true, client protocol will be preserved while initiating connection to backend. */ useClientProtocol?: boolean; } /** * Settings common to both HTTP and TCP upstream connections. */ interface DestinationRuleSpecSubsetsTrafficPolicyPortLevelSettingsConnectionPoolTcp { /** * TCP connection timeout. */ connectTimeout?: string; /** * Maximum number of HTTP1 /TCP connections to a destination host. */ maxConnections?: number; /** * If set then set SO_KEEPALIVE on the socket to enable TCP Keepalives. */ tcpKeepalive?: outputs.networking.v1alpha3.DestinationRuleSpecSubsetsTrafficPolicyPortLevelSettingsConnectionPoolTcpTcpKeepalive; } /** * If set then set SO_KEEPALIVE on the socket to enable TCP Keepalives. */ interface DestinationRuleSpecSubsetsTrafficPolicyPortLevelSettingsConnectionPoolTcpTcpKeepalive { /** * The time duration between keep-alive probes. */ interval?: string; probes?: number; time?: string; } interface DestinationRuleSpecSubsetsTrafficPolicyPortLevelSettingsOutlierDetection { /** * Minimum ejection duration. */ baseEjectionTime?: string; /** * Number of 5xx errors before a host is ejected from the connection pool. */ consecutive5xxErrors?: number; consecutiveErrors?: number; /** * Number of gateway errors before a host is ejected from the connection pool. */ consecutiveGatewayErrors?: number; consecutiveLocalOriginFailures?: number; /** * Time interval between ejection sweep analysis. */ interval?: string; maxEjectionPercent?: number; minHealthPercent?: number; /** * Determines whether to distinguish local origin failures from external errors. */ splitExternalLocalOriginErrors?: boolean; } interface DestinationRuleSpecSubsetsTrafficPolicyPortLevelSettingsPort { number?: number; } /** * TLS related settings for connections to the upstream service. */ interface DestinationRuleSpecSubsetsTrafficPolicyPortLevelSettingsTls { caCertificates?: string; /** * REQUIRED if mode is `MUTUAL`. */ clientCertificate?: string; credentialName?: string; mode?: string; /** * REQUIRED if mode is `MUTUAL`. */ privateKey?: string; /** * SNI string to present to the server during TLS handshake. */ sni?: string; subjectAltNames?: string[]; } /** * TLS related settings for connections to the upstream service. */ interface DestinationRuleSpecSubsetsTrafficPolicyTls { caCertificates?: string; /** * REQUIRED if mode is `MUTUAL`. */ clientCertificate?: string; credentialName?: string; mode?: string; /** * REQUIRED if mode is `MUTUAL`. */ privateKey?: string; /** * SNI string to present to the server during TLS handshake. */ sni?: string; subjectAltNames?: string[]; } interface DestinationRuleSpecTrafficPolicy { connectionPool?: outputs.networking.v1alpha3.DestinationRuleSpecTrafficPolicyConnectionPool; /** * Settings controlling the load balancer algorithms. */ loadBalancer?: any; outlierDetection?: outputs.networking.v1alpha3.DestinationRuleSpecTrafficPolicyOutlierDetection; /** * Traffic policies specific to individual ports. */ portLevelSettings?: outputs.networking.v1alpha3.DestinationRuleSpecTrafficPolicyPortLevelSettings[]; /** * TLS related settings for connections to the upstream service. */ tls?: outputs.networking.v1alpha3.DestinationRuleSpecTrafficPolicyTls; } interface DestinationRuleSpecTrafficPolicyConnectionPool { /** * HTTP connection pool settings. */ http?: outputs.networking.v1alpha3.DestinationRuleSpecTrafficPolicyConnectionPoolHttp; /** * Settings common to both HTTP and TCP upstream connections. */ tcp?: outputs.networking.v1alpha3.DestinationRuleSpecTrafficPolicyConnectionPoolTcp; } /** * HTTP connection pool settings. */ interface DestinationRuleSpecTrafficPolicyConnectionPoolHttp { /** * Specify if http1.1 connection should be upgraded to http2 for the associated destination. */ h2UpgradePolicy?: string; /** * Maximum number of pending HTTP requests to a destination. */ http1MaxPendingRequests?: number; /** * Maximum number of requests to a backend. */ http2MaxRequests?: number; /** * The idle timeout for upstream connection pool connections. */ idleTimeout?: string; /** * Maximum number of requests per connection to a backend. */ maxRequestsPerConnection?: number; maxRetries?: number; /** * If set to true, client protocol will be preserved while initiating connection to backend. */ useClientProtocol?: boolean; } /** * Settings common to both HTTP and TCP upstream connections. */ interface DestinationRuleSpecTrafficPolicyConnectionPoolTcp { /** * TCP connection timeout. */ connectTimeout?: string; /** * Maximum number of HTTP1 /TCP connections to a destination host. */ maxConnections?: number; /** * If set then set SO_KEEPALIVE on the socket to enable TCP Keepalives. */ tcpKeepalive?: outputs.networking.v1alpha3.DestinationRuleSpecTrafficPolicyConnectionPoolTcpTcpKeepalive; } /** * If set then set SO_KEEPALIVE on the socket to enable TCP Keepalives. */ interface DestinationRuleSpecTrafficPolicyConnectionPoolTcpTcpKeepalive { /** * The time duration between keep-alive probes. */ interval?: string; probes?: number; time?: string; } interface DestinationRuleSpecTrafficPolicyOutlierDetection { /** * Minimum ejection duration. */ baseEjectionTime?: string; /** * Number of 5xx errors before a host is ejected from the connection pool. */ consecutive5xxErrors?: number; consecutiveErrors?: number; /** * Number of gateway errors before a host is ejected from the connection pool. */ consecutiveGatewayErrors?: number; consecutiveLocalOriginFailures?: number; /** * Time interval between ejection sweep analysis. */ interval?: string; maxEjectionPercent?: number; minHealthPercent?: number; /** * Determines whether to distinguish local origin failures from external errors. */ splitExternalLocalOriginErrors?: boolean; } interface DestinationRuleSpecTrafficPolicyPortLevelSettings { connectionPool?: outputs.networking.v1alpha3.DestinationRuleSpecTrafficPolicyPortLevelSettingsConnectionPool; /** * Settings controlling the load balancer algorithms. */ loadBalancer?: any; outlierDetection?: outputs.networking.v1alpha3.DestinationRuleSpecTrafficPolicyPortLevelSettingsOutlierDetection; port?: outputs.networking.v1alpha3.DestinationRuleSpecTrafficPolicyPortLevelSettingsPort; /** * TLS related settings for connections to the upstream service. */ tls?: outputs.networking.v1alpha3.DestinationRuleSpecTrafficPolicyPortLevelSettingsTls; } interface DestinationRuleSpecTrafficPolicyPortLevelSettingsConnectionPool { /** * HTTP connection pool settings. */ http?: outputs.networking.v1alpha3.DestinationRuleSpecTrafficPolicyPortLevelSettingsConnectionPoolHttp; /** * Settings common to both HTTP and TCP upstream connections. */ tcp?: outputs.networking.v1alpha3.DestinationRuleSpecTrafficPolicyPortLevelSettingsConnectionPoolTcp; } /** * HTTP connection pool settings. */ interface DestinationRuleSpecTrafficPolicyPortLevelSettingsConnectionPoolHttp { /** * Specify if http1.1 connection should be upgraded to http2 for the associated destination. */ h2UpgradePolicy?: string; /** * Maximum number of pending HTTP requests to a destination. */ http1MaxPendingRequests?: number; /** * Maximum number of requests to a backend. */ http2MaxRequests?: number; /** * The idle timeout for upstream connection pool connections. */ idleTimeout?: string; /** * Maximum number of requests per connection to a backend. */ maxRequestsPerConnection?: number; maxRetries?: number; /** * If set to true, client protocol will be preserved while initiating connection to backend. */ useClientProtocol?: boolean; } /** * Settings common to both HTTP and TCP upstream connections. */ interface DestinationRuleSpecTrafficPolicyPortLevelSettingsConnectionPoolTcp { /** * TCP connection timeout. */ connectTimeout?: string; /** * Maximum number of HTTP1 /TCP connections to a destination host. */ maxConnections?: number; /** * If set then set SO_KEEPALIVE on the socket to enable TCP Keepalives. */ tcpKeepalive?: outputs.networking.v1alpha3.DestinationRuleSpecTrafficPolicyPortLevelSettingsConnectionPoolTcpTcpKeepalive; } /** * If set then set SO_KEEPALIVE on the socket to enable TCP Keepalives. */ interface DestinationRuleSpecTrafficPolicyPortLevelSettingsConnectionPoolTcpTcpKeepalive { /** * The time duration between keep-alive probes. */ interval?: string; probes?: number; time?: string; } interface DestinationRuleSpecTrafficPolicyPortLevelSettingsOutlierDetection { /** * Minimum ejection duration. */ baseEjectionTime?: string; /** * Number of 5xx errors before a host is ejected from the connection pool. */ consecutive5xxErrors?: number; consecutiveErrors?: number; /** * Number of gateway errors before a host is ejected from the connection pool. */ consecutiveGatewayErrors?: number; consecutiveLocalOriginFailures?: number; /** * Time interval between ejection sweep analysis. */ interval?: string; maxEjectionPercent?: number; minHealthPercent?: number; /** * Determines whether to distinguish local origin failures from external errors. */ splitExternalLocalOriginErrors?: boolean; } interface DestinationRuleSpecTrafficPolicyPortLevelSettingsPort { number?: number; } /** * TLS related settings for connections to the upstream service. */ interface DestinationRuleSpecTrafficPolicyPortLevelSettingsTls { caCertificates?: string; /** * REQUIRED if mode is `MUTUAL`. */ clientCertificate?: string; credentialName?: string; mode?: string; /** * REQUIRED if mode is `MUTUAL`. */ privateKey?: string; /** * SNI string to present to the server during TLS handshake. */ sni?: string; subjectAltNames?: string[]; } /** * TLS related settings for connections to the upstream service. */ interface DestinationRuleSpecTrafficPolicyTls { caCertificates?: string; /** * REQUIRED if mode is `MUTUAL`. */ clientCertificate?: string; credentialName?: string; mode?: string; /** * REQUIRED if mode is `MUTUAL`. */ privateKey?: string; /** * SNI string to present to the server during TLS handshake. */ sni?: string; subjectAltNames?: string[]; } /** * Customizing Envoy configuration generated by Istio. See more details at: https://istio.io/docs/reference/config/networking/envoy-filter.html */ interface EnvoyFilterSpec { /** * One or more patches with match conditions. */ configPatches?: outputs.networking.v1alpha3.EnvoyFilterSpecConfigPatches[]; /** * Priority defines the order in which patch sets are applied within a context. */ priority?: number; workloadSelector?: outputs.networking.v1alpha3.EnvoyFilterSpecWorkloadSelector; } interface EnvoyFilterSpecConfigPatches { applyTo?: string; /** * Match on listener/route configuration/cluster. */ match?: any; /** * The patch to apply along with the operation. */ patch?: outputs.networking.v1alpha3.EnvoyFilterSpecConfigPatchesPatch; } /** * The patch to apply along with the operation. */ interface EnvoyFilterSpecConfigPatchesPatch { /** * Determines the filter insertion order. */ filterClass?: string; /** * Determines how the patch should be applied. */ operation?: string; /** * The JSON config of the object being patched. */ value?: { [key: string]: any; }; } interface EnvoyFilterSpecWorkloadSelector { labels?: { [key: string]: string; }; } /** * Configuration affecting edge load balancer. See more details at: https://istio.io/docs/reference/config/networking/gateway.html */ interface GatewaySpec { selector?: { [key: string]: string; }; /** * A list of server specifications. */ servers?: outputs.networking.v1alpha3.GatewaySpecServers[]; } interface GatewaySpecServers { bind?: string; defaultEndpoint?: string; /** * One or more hosts exposed by this gateway. */ hosts?: string[]; /** * An optional name of the server, when set must be unique across all servers. */ name?: string; port?: outputs.networking.v1alpha3.GatewaySpecServersPort; /** * Set of TLS related options that govern the server's behavior. */ tls?: outputs.networking.v1alpha3.GatewaySpecServersTls; } interface GatewaySpecServersPort { /** * Label assigned to the port. */ name?: string; /** * A valid non-negative integer port number. */ number?: number; /** * The protocol exposed on the port. */ protocol?: string; targetPort?: number; } /** * Set of TLS related options that govern the server's behavior. */ interface GatewaySpecServersTls { /** * REQUIRED if mode is `MUTUAL`. */ caCertificates?: string; /** * Optional: If specified, only support the specified cipher list. */ cipherSuites?: string[]; credentialName?: string; httpsRedirect?: boolean; /** * Optional: Maximum TLS protocol version. */ maxProtocolVersion?: string; /** * Optional: Minimum TLS protocol version. */ minProtocolVersion?: string; mode?: string; /** * REQUIRED if mode is `SIMPLE` or `MUTUAL`. */ privateKey?: string; /** * REQUIRED if mode is `SIMPLE` or `MUTUAL`. */ serverCertificate?: string; subjectAltNames?: string[]; verifyCertificateHash?: string[]; verifyCertificateSpki?: string[]; } /** * Configuration affecting service registry. See more details at: https://istio.io/docs/reference/config/networking/service-entry.html */ interface ServiceEntrySpec { /** * The virtual IP addresses associated with the service. */ addresses?: string[]; /** * One or more endpoints associated with the service. */ endpoints?: outputs.networking.v1alpha3.ServiceEntrySpecEndpoints[]; /** * A list of namespaces to which this service is exported. */ exportTo?: string[]; /** * The hosts associated with the ServiceEntry. */ hosts?: string[]; location?: string; /** * The ports associated with the external service. */ ports?: outputs.networking.v1alpha3.ServiceEntrySpecPorts[]; /** * Service discovery mode for the hosts. */ resolution?: string; subjectAltNames?: string[]; /** * Applicable only for MESH_INTERNAL services. */ workloadSelector?: outputs.networking.v1alpha3.ServiceEntrySpecWorkloadSelector; } interface ServiceEntrySpecEndpoints { address?: string; /** * One or more labels associated with the endpoint. */ labels?: { [key: string]: string; }; /** * The locality associated with the endpoint. */ locality?: string; network?: string; /** * Set of ports associated with the endpoint. */ ports?: { [key: string]: number; }; serviceAccount?: string; /** * The load balancing weight associated with the endpoint. */ weight?: number; } interface ServiceEntrySpecPorts { /** * Label assigned to the port. */ name?: string; /** * A valid non-negative integer port number. */ number?: number; /** * The protocol exposed on the port. */ protocol?: string; targetPort?: number; } /** * Applicable only for MESH_INTERNAL services. */ interface ServiceEntrySpecWorkloadSelector { labels?: { [key: string]: string; }; } /** * Configuration affecting network reachability of a sidecar. See more details at: https://istio.io/docs/reference/config/networking/sidecar.html */ interface SidecarSpec { egress?: outputs.networking.v1alpha3.SidecarSpecEgress[]; ingress?: outputs.networking.v1alpha3.SidecarSpecIngress[]; /** * Configuration for the outbound traffic policy. */ outboundTrafficPolicy?: outputs.networking.v1alpha3.SidecarSpecOutboundTrafficPolicy; workloadSelector?: outputs.networking.v1alpha3.SidecarSpecWorkloadSelector; } interface SidecarSpecEgress { bind?: string; captureMode?: string; hosts?: string[]; /** * The port associated with the listener. */ port?: outputs.networking.v1alpha3.SidecarSpecEgressPort; } /** * The port associated with the listener. */ interface SidecarSpecEgressPort { /** * Label assigned to the port. */ name?: string; /** * A valid non-negative integer port number. */ number?: number; /** * The protocol exposed on the port. */ protocol?: string; targetPort?: number; } interface SidecarSpecIngress { /** * The IP to which the listener should be bound. */ bind?: string; captureMode?: string; defaultEndpoint?: string; /** * The port associated with the listener. */ port?: outputs.networking.v1alpha3.SidecarSpecIngressPort; } /** * The port associated with the listener. */ interface SidecarSpecIngressPort { /** * Label assigned to the port. */ name?: string; /** * A valid non-negative integer port number. */ number?: number; /** * The protocol exposed on the port. */ protocol?: string; targetPort?: number; } /** * Configuration for the outbound traffic policy. */ interface SidecarSpecOutboundTrafficPolicy { egressProxy?: outputs.networking.v1alpha3.SidecarSpecOutboundTrafficPolicyEgressProxy; mode?: string; } interface SidecarSpecOutboundTrafficPolicyEgressProxy { /** * The name of a service from the service registry. */ host?: string; /** * Specifies the port on the host that is being addressed. */ port?: outputs.networking.v1alpha3.SidecarSpecOutboundTrafficPolicyEgressProxyPort; /** * The name of a subset within the service. */ subset?: string; } /** * Specifies the port on the host that is being addressed. */ interface SidecarSpecOutboundTrafficPolicyEgressProxyPort { number?: number; } interface SidecarSpecWorkloadSelector { labels?: { [key: string]: string; }; } /** * Configuration affecting label/content routing, sni routing, etc. See more details at: https://istio.io/docs/reference/config/networking/virtual-service.html */ interface VirtualServiceSpec { /** * A list of namespaces to which this virtual service is exported. */ exportTo?: string[]; /** * The names of gateways and sidecars that should apply these routes. */ gateways?: string[]; /** * The destination hosts to which traffic is being sent. */ hosts?: string[]; /** * An ordered list of route rules for HTTP traffic. */ http?: outputs.networking.v1alpha3.VirtualServiceSpecHttp[]; /** * An ordered list of route rules for opaque TCP traffic. */ tcp?: outputs.networking.v1alpha3.VirtualServiceSpecTcp[]; tls?: outputs.networking.v1alpha3.VirtualServiceSpecTls[]; } interface VirtualServiceSpecHttp { /** * Cross-Origin Resource Sharing policy (CORS). */ corsPolicy?: outputs.networking.v1alpha3.VirtualServiceSpecHttpCorsPolicy; delegate?: outputs.networking.v1alpha3.VirtualServiceSpecHttpDelegate; /** * Fault injection policy to apply on HTTP traffic at the client side. */ fault?: outputs.networking.v1alpha3.VirtualServiceSpecHttpFault; headers?: outputs.networking.v1alpha3.VirtualServiceSpecHttpHeaders; match?: outputs.networking.v1alpha3.VirtualServiceSpecHttpMatch[]; mirror?: outputs.networking.v1alpha3.VirtualServiceSpecHttpMirror; /** * Percentage of the traffic to be mirrored by the `mirror` field. */ mirrorPercent?: number; /** * Percentage of the traffic to be mirrored by the `mirror` field. */ mirrorPercentage?: outputs.networking.v1alpha3.VirtualServiceSpecHttpMirrorPercentage; /** * Percentage of the traffic to be mirrored by the `mirror` field. */ mirror_percent?: number; /** * The name assigned to the route for debugging purposes. */ name?: string; /** * A HTTP rule can either redirect or forward (default) traffic. */ redirect?: outputs.networking.v1alpha3.VirtualServiceSpecHttpRedirect; /** * Retry policy for HTTP requests. */ retries?: outputs.networking.v1alpha3.VirtualServiceSpecHttpRetries; /** * Rewrite HTTP URIs and Authority headers. */ rewrite?: outputs.networking.v1alpha3.VirtualServiceSpecHttpRewrite; /** * A HTTP rule can either redirect or forward (default) traffic. */ route?: outputs.networking.v1alpha3.VirtualServiceSpecHttpRoute[]; /** * Timeout for HTTP requests, default is disabled. */ timeout?: string; } /** * Cross-Origin Resource Sharing policy (CORS). */ interface VirtualServiceSpecHttpCorsPolicy { allowCredentials?: boolean; allowHeaders?: string[]; /** * List of HTTP methods allowed to access the resource. */ allowMethods?: string[]; /** * The list of origins that are allowed to perform CORS requests. */ allowOrigin?: string[]; /** * String patterns that match allowed origins. */ allowOrigins?: any[]; exposeHeaders?: string[]; maxAge?: string; } interface VirtualServiceSpecHttpDelegate { /** * Name specifies the name of the delegate VirtualService. */ name?: string; /** * Namespace specifies the namespace where the delegate VirtualService resides. */ namespace?: string; } /** * Fault injection policy to apply on HTTP traffic at the client side. */ interface VirtualServiceSpecHttpFault { abort?: any; delay?: any; } interface VirtualServiceSpecHttpHeaders { request?: outputs.networking.v1alpha3.VirtualServiceSpecHttpHeadersRequest; response?: outputs.networking.v1alpha3.VirtualServiceSpecHttpHeadersResponse; } interface VirtualServiceSpecHttpHeadersRequest { add?: { [key: string]: string; }; remove?: string[]; set?: { [key: string]: string; }; } interface VirtualServiceSpecHttpHeadersResponse { add?: { [key: string]: string; }; remove?: string[]; set?: { [key: string]: string; }; } interface VirtualServiceSpecHttpMatch { authority?: any; /** * Names of gateways where the rule should be applied. */ gateways?: string[]; headers?: { [key: string]: any; }; /** * Flag to specify whether the URI matching should be case-insensitive. */ ignoreUriCase?: boolean; method?: any; /** * The name assigned to a match. */ name?: string; /** * Specifies the ports on the host that is being addressed. */ port?: number; /** * Query parameters for matching. */ queryParams?: { [key: string]: any; }; scheme?: any; sourceLabels?: { [key: string]: string; }; /** * Source namespace constraining the applicability of a rule to workloads in that namespace. */ sourceNamespace?: string; uri?: any; /** * withoutHeader has the same syntax with the header, but has opposite meaning. */ withoutHeaders?: { [key: string]: any; }; } interface VirtualServiceSpecHttpMirror { /** * The name of a service from the service registry. */ host?: string; /** * Specifies the port on the host that is being addressed. */ port?: outputs.networking.v1alpha3.VirtualServiceSpecHttpMirrorPort; /** * The name of a subset within the service. */ subset?: string; } /** * Percentage of the traffic to be mirrored by the `mirror` field. */ interface VirtualServiceSpecHttpMirrorPercentage { value?: number; } /** * Specifies the port on the host that is being addressed. */ interface VirtualServiceSpecHttpMirrorPort { number?: number; } /** * A HTTP rule can either redirect or forward (default) traffic. */ interface VirtualServiceSpecHttpRedirect { authority?: string; redirectCode?: number; uri?: string; } /** * Retry policy for HTTP requests. */ interface VirtualServiceSpecHttpRetries { /** * Number of retries to be allowed for a given request. */ attempts?: number; /** * Timeout per attempt for a given request, including the initial call and any retries. */ perTryTimeout?: string; /** * Specifies the conditions under which retry takes place. */ retryOn?: string; /** * Flag to specify whether the retries should retry to other localities. */ retryRemoteLocalities?: boolean; } /** * Rewrite HTTP URIs and Authority headers. */ interface VirtualServiceSpecHttpRewrite { /** * rewrite the Authority/Host header with this value. */ authority?: string; uri?: string; } interface VirtualServiceSpecHttpRoute { destination?: outputs.networking.v1alpha3.VirtualServiceSpecHttpRouteDestination; headers?: outputs.networking.v1alpha3.VirtualServiceSpecHttpRouteHeaders; weight?: number; } interface VirtualServiceSpecHttpRouteDestination { /** * The name of a service from the service registry. */ host?: string; /** * Specifies the port on the host that is being addressed. */ port?: outputs.networking.v1alpha3.VirtualServiceSpecHttpRouteDestinationPort; /** * The name of a subset within the service. */ subset?: string; } /** * Specifies the port on the host that is being addressed. */ interface VirtualServiceSpecHttpRouteDestinationPort { number?: number; } interface VirtualServiceSpecHttpRouteHeaders { request?: outputs.networking.v1alpha3.VirtualServiceSpecHttpRouteHeadersRequest; response?: outputs.networking.v1alpha3.VirtualServiceSpecHttpRouteHeadersResponse; } interface VirtualServiceSpecHttpRouteHeadersRequest { add?: { [key: string]: string; }; remove?: string[]; set?: { [key: string]: string; }; } interface VirtualServiceSpecHttpRouteHeadersResponse { add?: { [key: string]: string; }; remove?: string[]; set?: { [key: string]: string; }; } interface VirtualServiceSpecTcp { match?: outputs.networking.v1alpha3.VirtualServiceSpecTcpMatch[]; /** * The destination to which the connection should be forwarded to. */ route?: outputs.networking.v1alpha3.VirtualServiceSpecTcpRoute[]; } interface VirtualServiceSpecTcpMatch { /** * IPv4 or IPv6 ip addresses of destination with optional subnet. */ destinationSubnets?: string[]; /** * Names of gateways where the rule should be applied. */ gateways?: string[]; /** * Specifies the port on the host that is being addressed. */ port?: number; sourceLabels?: { [key: string]: string; }; /** * Source namespace constraining the applicability of a rule to workloads in that namespace. */ sourceNamespace?: string; /** * IPv4 or IPv6 ip address of source with optional subnet. */ sourceSubnet?: string; } interface VirtualServiceSpecTcpRoute { destination?: outputs.networking.v1alpha3.VirtualServiceSpecTcpRouteDestination; weight?: number; } interface VirtualServiceSpecTcpRouteDestination { /** * The name of a service from the service registry. */ host?: string; /** * Specifies the port on the host that is being addressed. */ port?: outputs.networking.v1alpha3.VirtualServiceSpecTcpRouteDestinationPort; /** * The name of a subset within the service. */ subset?: string; } /** * Specifies the port on the host that is being addressed. */ interface VirtualServiceSpecTcpRouteDestinationPort { number?: number; } interface VirtualServiceSpecTls { match?: outputs.networking.v1alpha3.VirtualServiceSpecTlsMatch[]; /** * The destination to which the connection should be forwarded to. */ route?: outputs.networking.v1alpha3.VirtualServiceSpecTlsRoute[]; } interface VirtualServiceSpecTlsMatch { /** * IPv4 or IPv6 ip addresses of destination with optional subnet. */ destinationSubnets?: string[]; /** * Names of gateways where the rule should be applied. */ gateways?: string[]; /** * Specifies the port on the host that is being addressed. */ port?: number; /** * SNI (server name indicator) to match on. */ sniHosts?: string[]; sourceLabels?: { [key: string]: string; }; /** * Source namespace constraining the applicability of a rule to workloads in that namespace. */ sourceNamespace?: string; } interface VirtualServiceSpecTlsRoute { destination?: outputs.networking.v1alpha3.VirtualServiceSpecTlsRouteDestination; weight?: number; } interface VirtualServiceSpecTlsRouteDestination { /** * The name of a service from the service registry. */ host?: string; /** * Specifies the port on the host that is being addressed. */ port?: outputs.networking.v1alpha3.VirtualServiceSpecTlsRouteDestinationPort; /** * The name of a subset within the service. */ subset?: string; } /** * Specifies the port on the host that is being addressed. */ interface VirtualServiceSpecTlsRouteDestinationPort { number?: number; } /** * Configuration affecting VMs onboarded into the mesh. See more details at: https://istio.io/docs/reference/config/networking/workload-entry.html */ interface WorkloadEntrySpec { address?: string; /** * One or more labels associated with the endpoint. */ labels?: { [key: string]: string; }; /** * The locality associated with the endpoint. */ locality?: string; network?: string; /** * Set of ports associated with the endpoint. */ ports?: { [key: string]: number; }; serviceAccount?: string; /** * The load balancing weight associated with the endpoint. */ weight?: number; } /** * Describes a collection of workload instances. See more details at: https://istio.io/docs/reference/config/networking/workload-group.html */ interface WorkloadGroupSpec { /** * Metadata that will be used for all corresponding `WorkloadEntries`. */ metadata?: outputs.networking.v1alpha3.WorkloadGroupSpecMetadata; /** * `ReadinessProbe` describes the configuration the user must provide for healthchecking on their workload. */ probe?: any; /** * Template to be used for the generation of `WorkloadEntry` resources that belong to this `WorkloadGroup`. */ template?: outputs.networking.v1alpha3.WorkloadGroupSpecTemplate; } /** * Metadata that will be used for all corresponding `WorkloadEntries`. */ interface WorkloadGroupSpecMetadata { annotations?: { [key: string]: string; }; labels?: { [key: string]: string; }; } /** * Template to be used for the generation of `WorkloadEntry` resources that belong to this `WorkloadGroup`. */ interface WorkloadGroupSpecTemplate { address?: string; /** * One or more labels associated with the endpoint. */ labels?: { [key: string]: string; }; /** * The locality associated with the endpoint. */ locality?: string; network?: string; /** * Set of ports associated with the endpoint. */