Interface RateLimitQuotaFilterConfigOrBuilder

All Superinterfaces:
com.google.protobuf.MessageLiteOrBuilder, com.google.protobuf.MessageOrBuilder
All Known Implementing Classes:
RateLimitQuotaFilterConfig, RateLimitQuotaFilterConfig.Builder

public interface RateLimitQuotaFilterConfigOrBuilder extends com.google.protobuf.MessageOrBuilder
  • Method Details

    • hasRlqsServer

      boolean hasRlqsServer()
       Configures the gRPC Rate Limit Quota Service (RLQS) RateLimitQuotaService.
       
      .envoy.config.core.v3.GrpcService rlqs_server = 1 [(.validate.rules) = { ... }
      Returns:
      Whether the rlqsServer field is set.
    • getRlqsServer

      GrpcService getRlqsServer()
       Configures the gRPC Rate Limit Quota Service (RLQS) RateLimitQuotaService.
       
      .envoy.config.core.v3.GrpcService rlqs_server = 1 [(.validate.rules) = { ... }
      Returns:
      The rlqsServer.
    • getRlqsServerOrBuilder

      GrpcServiceOrBuilder getRlqsServerOrBuilder()
       Configures the gRPC Rate Limit Quota Service (RLQS) RateLimitQuotaService.
       
      .envoy.config.core.v3.GrpcService rlqs_server = 1 [(.validate.rules) = { ... }
    • getDomain

      String getDomain()
       The application domain to use when calling the service. This enables sharing the quota
       server between different applications without fear of overlap.
       E.g., "envoy".
       
      string domain = 2 [(.validate.rules) = { ... }
      Returns:
      The domain.
    • getDomainBytes

      com.google.protobuf.ByteString getDomainBytes()
       The application domain to use when calling the service. This enables sharing the quota
       server between different applications without fear of overlap.
       E.g., "envoy".
       
      string domain = 2 [(.validate.rules) = { ... }
      Returns:
      The bytes for domain.
    • hasBucketMatchers

      boolean hasBucketMatchers()
       The match tree to use for grouping incoming requests into buckets.
      
       Example:
      
       .. validated-code-block:: yaml
       :type-name: xds.type.matcher.v3.Matcher
      
       matcher_list:
       matchers:
       # Assign requests with header['env'] set to 'staging' to the bucket { name: 'staging' }
       - predicate:
       single_predicate:
       input:
       typed_config:
       '@type': type.googleapis.com/envoy.type.matcher.v3.HttpRequestHeaderMatchInput
       header_name: env
       value_match:
       exact: staging
       on_match:
       action:
       typed_config:
       '@type': type.googleapis.com/envoy.extensions.filters.http.rate_limit_quota.v3.RateLimitQuotaBucketSettings
       bucket_id_builder:
       bucket_id_builder:
       name:
       string_value: staging
      
       # Assign requests with header['user_group'] set to 'admin' to the bucket { acl: 'admin_users' }
       - predicate:
       single_predicate:
       input:
       typed_config:
       '@type': type.googleapis.com/xds.type.matcher.v3.HttpAttributesCelMatchInput
       custom_match:
       typed_config:
       '@type': type.googleapis.com/xds.type.matcher.v3.CelMatcher
       expr_match:
       # Shortened for illustration purposes. Here should be parsed CEL expression:
       # request.headers['user_group'] == 'admin'
       parsed_expr: {}
       on_match:
       action:
       typed_config:
       '@type': type.googleapis.com/envoy.extensions.filters.http.rate_limit_quota.v3.RateLimitQuotaBucketSettings
       bucket_id_builder:
       bucket_id_builder:
       acl:
       string_value: admin_users
      
       # Catch-all clause for the requests not matched by any of the matchers.
       # In this example, deny all requests.
       on_no_match:
       action:
       typed_config:
       '@type': type.googleapis.com/envoy.extensions.filters.http.rate_limit_quota.v3.RateLimitQuotaBucketSettings
       no_assignment_behavior:
       fallback_rate_limit:
       blanket_rule: DENY_ALL
      
       .. attention::
       The first matched group wins. Once the request is matched into a bucket, matcher
       evaluation ends.
      
       Use ``on_no_match`` field to assign the catch-all bucket. If a request is not matched
       into any bucket, and there's no  ``on_no_match`` field configured, the request will be
       ALLOWED by default. It will NOT be reported to the RLQS server.
      
       Refer to :ref:`Unified Matcher API <envoy_v3_api_msg_.xds.type.matcher.v3.Matcher>`
       documentation for more information on the matcher trees.
       
      .xds.type.matcher.v3.Matcher bucket_matchers = 3 [(.validate.rules) = { ... }
      Returns:
      Whether the bucketMatchers field is set.
    • getBucketMatchers

      Matcher getBucketMatchers()
       The match tree to use for grouping incoming requests into buckets.
      
       Example:
      
       .. validated-code-block:: yaml
       :type-name: xds.type.matcher.v3.Matcher
      
       matcher_list:
       matchers:
       # Assign requests with header['env'] set to 'staging' to the bucket { name: 'staging' }
       - predicate:
       single_predicate:
       input:
       typed_config:
       '@type': type.googleapis.com/envoy.type.matcher.v3.HttpRequestHeaderMatchInput
       header_name: env
       value_match:
       exact: staging
       on_match:
       action:
       typed_config:
       '@type': type.googleapis.com/envoy.extensions.filters.http.rate_limit_quota.v3.RateLimitQuotaBucketSettings
       bucket_id_builder:
       bucket_id_builder:
       name:
       string_value: staging
      
       # Assign requests with header['user_group'] set to 'admin' to the bucket { acl: 'admin_users' }
       - predicate:
       single_predicate:
       input:
       typed_config:
       '@type': type.googleapis.com/xds.type.matcher.v3.HttpAttributesCelMatchInput
       custom_match:
       typed_config:
       '@type': type.googleapis.com/xds.type.matcher.v3.CelMatcher
       expr_match:
       # Shortened for illustration purposes. Here should be parsed CEL expression:
       # request.headers['user_group'] == 'admin'
       parsed_expr: {}
       on_match:
       action:
       typed_config:
       '@type': type.googleapis.com/envoy.extensions.filters.http.rate_limit_quota.v3.RateLimitQuotaBucketSettings
       bucket_id_builder:
       bucket_id_builder:
       acl:
       string_value: admin_users
      
       # Catch-all clause for the requests not matched by any of the matchers.
       # In this example, deny all requests.
       on_no_match:
       action:
       typed_config:
       '@type': type.googleapis.com/envoy.extensions.filters.http.rate_limit_quota.v3.RateLimitQuotaBucketSettings
       no_assignment_behavior:
       fallback_rate_limit:
       blanket_rule: DENY_ALL
      
       .. attention::
       The first matched group wins. Once the request is matched into a bucket, matcher
       evaluation ends.
      
       Use ``on_no_match`` field to assign the catch-all bucket. If a request is not matched
       into any bucket, and there's no  ``on_no_match`` field configured, the request will be
       ALLOWED by default. It will NOT be reported to the RLQS server.
      
       Refer to :ref:`Unified Matcher API <envoy_v3_api_msg_.xds.type.matcher.v3.Matcher>`
       documentation for more information on the matcher trees.
       
      .xds.type.matcher.v3.Matcher bucket_matchers = 3 [(.validate.rules) = { ... }
      Returns:
      The bucketMatchers.
    • getBucketMatchersOrBuilder

      MatcherOrBuilder getBucketMatchersOrBuilder()
       The match tree to use for grouping incoming requests into buckets.
      
       Example:
      
       .. validated-code-block:: yaml
       :type-name: xds.type.matcher.v3.Matcher
      
       matcher_list:
       matchers:
       # Assign requests with header['env'] set to 'staging' to the bucket { name: 'staging' }
       - predicate:
       single_predicate:
       input:
       typed_config:
       '@type': type.googleapis.com/envoy.type.matcher.v3.HttpRequestHeaderMatchInput
       header_name: env
       value_match:
       exact: staging
       on_match:
       action:
       typed_config:
       '@type': type.googleapis.com/envoy.extensions.filters.http.rate_limit_quota.v3.RateLimitQuotaBucketSettings
       bucket_id_builder:
       bucket_id_builder:
       name:
       string_value: staging
      
       # Assign requests with header['user_group'] set to 'admin' to the bucket { acl: 'admin_users' }
       - predicate:
       single_predicate:
       input:
       typed_config:
       '@type': type.googleapis.com/xds.type.matcher.v3.HttpAttributesCelMatchInput
       custom_match:
       typed_config:
       '@type': type.googleapis.com/xds.type.matcher.v3.CelMatcher
       expr_match:
       # Shortened for illustration purposes. Here should be parsed CEL expression:
       # request.headers['user_group'] == 'admin'
       parsed_expr: {}
       on_match:
       action:
       typed_config:
       '@type': type.googleapis.com/envoy.extensions.filters.http.rate_limit_quota.v3.RateLimitQuotaBucketSettings
       bucket_id_builder:
       bucket_id_builder:
       acl:
       string_value: admin_users
      
       # Catch-all clause for the requests not matched by any of the matchers.
       # In this example, deny all requests.
       on_no_match:
       action:
       typed_config:
       '@type': type.googleapis.com/envoy.extensions.filters.http.rate_limit_quota.v3.RateLimitQuotaBucketSettings
       no_assignment_behavior:
       fallback_rate_limit:
       blanket_rule: DENY_ALL
      
       .. attention::
       The first matched group wins. Once the request is matched into a bucket, matcher
       evaluation ends.
      
       Use ``on_no_match`` field to assign the catch-all bucket. If a request is not matched
       into any bucket, and there's no  ``on_no_match`` field configured, the request will be
       ALLOWED by default. It will NOT be reported to the RLQS server.
      
       Refer to :ref:`Unified Matcher API <envoy_v3_api_msg_.xds.type.matcher.v3.Matcher>`
       documentation for more information on the matcher trees.
       
      .xds.type.matcher.v3.Matcher bucket_matchers = 3 [(.validate.rules) = { ... }
    • hasFilterEnabled

      boolean hasFilterEnabled()
       If set, this will enable -- but not necessarily enforce -- the rate limit for the given
       fraction of requests.
      
       Defaults to 100% of requests.
       
      .envoy.config.core.v3.RuntimeFractionalPercent filter_enabled = 4;
      Returns:
      Whether the filterEnabled field is set.
    • getFilterEnabled

      RuntimeFractionalPercent getFilterEnabled()
       If set, this will enable -- but not necessarily enforce -- the rate limit for the given
       fraction of requests.
      
       Defaults to 100% of requests.
       
      .envoy.config.core.v3.RuntimeFractionalPercent filter_enabled = 4;
      Returns:
      The filterEnabled.
    • getFilterEnabledOrBuilder

      RuntimeFractionalPercentOrBuilder getFilterEnabledOrBuilder()
       If set, this will enable -- but not necessarily enforce -- the rate limit for the given
       fraction of requests.
      
       Defaults to 100% of requests.
       
      .envoy.config.core.v3.RuntimeFractionalPercent filter_enabled = 4;
    • hasFilterEnforced

      boolean hasFilterEnforced()
       If set, this will enforce the rate limit decisions for the given fraction of requests.
       For requests that are not enforced the filter will still obtain the quota and include it
       in the load computation, however the request will always be allowed regardless of the outcome
       of quota application. This allows validation or testing of the rate limiting service
       infrastructure without disrupting existing traffic.
      
       Note: this only applies to the fraction of enabled requests.
      
       Defaults to 100% of requests.
       
      .envoy.config.core.v3.RuntimeFractionalPercent filter_enforced = 5;
      Returns:
      Whether the filterEnforced field is set.
    • getFilterEnforced

      RuntimeFractionalPercent getFilterEnforced()
       If set, this will enforce the rate limit decisions for the given fraction of requests.
       For requests that are not enforced the filter will still obtain the quota and include it
       in the load computation, however the request will always be allowed regardless of the outcome
       of quota application. This allows validation or testing of the rate limiting service
       infrastructure without disrupting existing traffic.
      
       Note: this only applies to the fraction of enabled requests.
      
       Defaults to 100% of requests.
       
      .envoy.config.core.v3.RuntimeFractionalPercent filter_enforced = 5;
      Returns:
      The filterEnforced.
    • getFilterEnforcedOrBuilder

      RuntimeFractionalPercentOrBuilder getFilterEnforcedOrBuilder()
       If set, this will enforce the rate limit decisions for the given fraction of requests.
       For requests that are not enforced the filter will still obtain the quota and include it
       in the load computation, however the request will always be allowed regardless of the outcome
       of quota application. This allows validation or testing of the rate limiting service
       infrastructure without disrupting existing traffic.
      
       Note: this only applies to the fraction of enabled requests.
      
       Defaults to 100% of requests.
       
      .envoy.config.core.v3.RuntimeFractionalPercent filter_enforced = 5;
    • getRequestHeadersToAddWhenNotEnforcedList

      List<HeaderValueOption> getRequestHeadersToAddWhenNotEnforcedList()
       Specifies a list of HTTP headers that should be added to each request that
       has been rate limited and is also forwarded upstream. This can only occur when the
       filter is enabled but not enforced.
       
      repeated .envoy.config.core.v3.HeaderValueOption request_headers_to_add_when_not_enforced = 6 [(.validate.rules) = { ... }
    • getRequestHeadersToAddWhenNotEnforced

      HeaderValueOption getRequestHeadersToAddWhenNotEnforced(int index)
       Specifies a list of HTTP headers that should be added to each request that
       has been rate limited and is also forwarded upstream. This can only occur when the
       filter is enabled but not enforced.
       
      repeated .envoy.config.core.v3.HeaderValueOption request_headers_to_add_when_not_enforced = 6 [(.validate.rules) = { ... }
    • getRequestHeadersToAddWhenNotEnforcedCount

      int getRequestHeadersToAddWhenNotEnforcedCount()
       Specifies a list of HTTP headers that should be added to each request that
       has been rate limited and is also forwarded upstream. This can only occur when the
       filter is enabled but not enforced.
       
      repeated .envoy.config.core.v3.HeaderValueOption request_headers_to_add_when_not_enforced = 6 [(.validate.rules) = { ... }
    • getRequestHeadersToAddWhenNotEnforcedOrBuilderList

      List<? extends HeaderValueOptionOrBuilder> getRequestHeadersToAddWhenNotEnforcedOrBuilderList()
       Specifies a list of HTTP headers that should be added to each request that
       has been rate limited and is also forwarded upstream. This can only occur when the
       filter is enabled but not enforced.
       
      repeated .envoy.config.core.v3.HeaderValueOption request_headers_to_add_when_not_enforced = 6 [(.validate.rules) = { ... }
    • getRequestHeadersToAddWhenNotEnforcedOrBuilder

      HeaderValueOptionOrBuilder getRequestHeadersToAddWhenNotEnforcedOrBuilder(int index)
       Specifies a list of HTTP headers that should be added to each request that
       has been rate limited and is also forwarded upstream. This can only occur when the
       filter is enabled but not enforced.
       
      repeated .envoy.config.core.v3.HeaderValueOption request_headers_to_add_when_not_enforced = 6 [(.validate.rules) = { ... }