Package io.envoyproxy.envoy.service.auth.v3

Interface AttributeContext.PeerOrBuilder

    • Method Detail

      • hasAddress

        boolean hasAddress()
         The address of the peer, this is typically the IP address.
 It can also be UDS path, or others.
        .envoy.config.core.v3.Address address = 1;
        Returns:
        Whether the address field is set.

      • getAddress

        Address getAddress()
         The address of the peer, this is typically the IP address.
 It can also be UDS path, or others.
        .envoy.config.core.v3.Address address = 1;
        Returns:
        The address.

      • getAddressOrBuilder

        AddressOrBuilder getAddressOrBuilder()
         The address of the peer, this is typically the IP address.
 It can also be UDS path, or others.
        .envoy.config.core.v3.Address address = 1;

      • getService

        String getService()
         The canonical service name of the peer.
 It should be set to :ref:`the HTTP x-envoy-downstream-service-cluster
 <config_http_conn_man_headers_downstream-service-cluster>`
 If a more trusted source of the service name is available through mTLS/secure naming, it
 should be used.
        string service = 2;
        Returns:
        The service.

      • getServiceBytes

        com.google.protobuf.ByteString getServiceBytes()
         The canonical service name of the peer.
 It should be set to :ref:`the HTTP x-envoy-downstream-service-cluster
 <config_http_conn_man_headers_downstream-service-cluster>`
 If a more trusted source of the service name is available through mTLS/secure naming, it
 should be used.
        string service = 2;
        Returns:
        The bytes for service.

      • getLabelsCount

        int getLabelsCount()
         The labels associated with the peer.
 These could be pod labels for Kubernetes or tags for VMs.
 The source of the labels could be an X.509 certificate or other configuration.
        map<string, string> labels = 3;

      • containsLabels

        boolean containsLabels​(String key)
         The labels associated with the peer.
 These could be pod labels for Kubernetes or tags for VMs.
 The source of the labels could be an X.509 certificate or other configuration.
        map<string, string> labels = 3;

      • getLabelsMap

        Map<String,​String> getLabelsMap()
         The labels associated with the peer.
 These could be pod labels for Kubernetes or tags for VMs.
 The source of the labels could be an X.509 certificate or other configuration.
        map<string, string> labels = 3;

      • getLabelsOrDefault

        String getLabelsOrDefault​(String key,
                          String defaultValue)
         The labels associated with the peer.
 These could be pod labels for Kubernetes or tags for VMs.
 The source of the labels could be an X.509 certificate or other configuration.
        map<string, string> labels = 3;

      • getLabelsOrThrow

        String getLabelsOrThrow​(String key)
         The labels associated with the peer.
 These could be pod labels for Kubernetes or tags for VMs.
 The source of the labels could be an X.509 certificate or other configuration.
        map<string, string> labels = 3;

      • getPrincipal

        String getPrincipal()
         The authenticated identity of this peer.
 For example, the identity associated with the workload such as a service account.
 If an X.509 certificate is used to assert the identity this field should be sourced from
 ``URI Subject Alternative Names``, ``DNS Subject Alternate Names`` or ``Subject`` in that order.
 The primary identity should be the principal. The principal format is issuer specific.
 Example:
 *    SPIFFE format is ``spiffe://trust-domain/path``
 *    Google account format is ``https://accounts.google.com/{userid}``
        string principal = 4;
        Returns:
        The principal.

      • getPrincipalBytes

        com.google.protobuf.ByteString getPrincipalBytes()
         The authenticated identity of this peer.
 For example, the identity associated with the workload such as a service account.
 If an X.509 certificate is used to assert the identity this field should be sourced from
 ``URI Subject Alternative Names``, ``DNS Subject Alternate Names`` or ``Subject`` in that order.
 The primary identity should be the principal. The principal format is issuer specific.
 Example:
 *    SPIFFE format is ``spiffe://trust-domain/path``
 *    Google account format is ``https://accounts.google.com/{userid}``
        string principal = 4;
        Returns:
        The bytes for principal.

      • getCertificate

        String getCertificate()
         The X.509 certificate used to authenticate the identify of this peer.
 When present, the certificate contents are encoded in URL and PEM format.
        string certificate = 5;
        Returns:
        The certificate.

      • getCertificateBytes

        com.google.protobuf.ByteString getCertificateBytes()
         The X.509 certificate used to authenticate the identify of this peer.
 When present, the certificate contents are encoded in URL and PEM format.
        string certificate = 5;
        Returns:
        The bytes for certificate.