secret.proto

Package: gloo.solo.io

Types:

Source File: github.com/solo-io/gloo/projects/gloo/api/v1/secret.proto

Secret

Certain plugins such as the AWS Lambda Plugin require the use of secrets for authentication, configuration of SSL Certificates, and other data that should not be stored in plaintext configuration.

Gloo runs an independent (goroutine) controller to monitor secrets. Secrets are stored in their own secret storage layer. Gloo can monitor secrets stored in the following secret storage services:

Kubernetes Secrets Hashicorp Vault Plaintext files (recommended only for testing) Secrets must adhere to a structure, specified by the plugin that requires them.

Gloo’s secret backend can be configured in Gloo’s bootstrap options

"aws": .gloo.solo.io.AwsSecret
"azure": .gloo.solo.io.AzureSecret
"tls": .gloo.solo.io.TlsSecret
"extension": .gloo.solo.io.Extension
"metadata": .core.solo.io.Metadata
Field Type Description Default
aws .gloo.solo.io.AwsSecret
azure .gloo.solo.io.AzureSecret
tls .gloo.solo.io.TlsSecret
extension .gloo.solo.io.Extension
metadata .core.solo.io.Metadata Metadata contains the object metadata for this resource

AwsSecret

"accessKey": string
"secretKey": string
Field Type Description Default
accessKey string
secretKey string

AzureSecret

"apiKeys": map<string, string>
Field Type Description Default
apiKeys map<string, string>

TlsSecret

"certChain": string
"privateKey": string
"rootCa": string
Field Type Description Default
certChain string
privateKey string
rootCa string