Application Load Balancer API, gRPC: VirtualHostService.Update
- gRPC request
- UpdateVirtualHostRequest
- Route
- HttpRoute
- HttpRouteMatch
- StringMatch
- HttpRouteAction
- RateLimit
- Limit
- RedirectAction
- DirectResponseAction
- Payload
- GrpcRoute
- GrpcRouteMatch
- GrpcRouteAction
- GrpcStatusResponseAction
- RouteOptions
- HeaderModification
- RBAC
- Principals
- Principal
- HeaderMatcher
- operation.Operation
- UpdateVirtualHostMetadata
- VirtualHost
- Route
- HttpRoute
- HttpRouteMatch
- StringMatch
- HttpRouteAction
- RateLimit
- Limit
- RedirectAction
- DirectResponseAction
- Payload
- GrpcRoute
- GrpcRouteMatch
- GrpcRouteAction
- GrpcStatusResponseAction
- RouteOptions
- HeaderModification
- RBAC
- Principals
- Principal
- HeaderMatcher
Updates the specified virtual host of the specified HTTP router.
gRPC request
rpc Update (UpdateVirtualHostRequest) returns (operation.Operation)
UpdateVirtualHostRequest
{
"http_router_id": "string",
"virtual_host_name": "string",
"update_mask": "google.protobuf.FieldMask",
"authority": [
"string"
],
"routes": [
{
"name": "string",
// Includes only one of the fields `http`, `grpc`
"http": {
"match": {
"http_method": [
"string"
],
"path": {
// Includes only one of the fields `exact_match`, `prefix_match`, `regex_match`
"exact_match": "string",
"prefix_match": "string",
"regex_match": "string"
// end of the list of possible fields
}
},
// Includes only one of the fields `route`, `redirect`, `direct_response`
"route": {
"backend_group_id": "string",
"timeout": "google.protobuf.Duration",
"idle_timeout": "google.protobuf.Duration",
// Includes only one of the fields `host_rewrite`, `auto_host_rewrite`
"host_rewrite": "string",
"auto_host_rewrite": "bool",
// end of the list of possible fields
"prefix_rewrite": "string",
"upgrade_types": [
"string"
],
"rate_limit": {
"all_requests": {
// Includes only one of the fields `per_second`, `per_minute`
"per_second": "int64",
"per_minute": "int64"
// end of the list of possible fields
},
"requests_per_ip": {
// Includes only one of the fields `per_second`, `per_minute`
"per_second": "int64",
"per_minute": "int64"
// end of the list of possible fields
}
}
},
"redirect": {
"replace_scheme": "string",
"replace_host": "string",
"replace_port": "int64",
// Includes only one of the fields `replace_path`, `replace_prefix`
"replace_path": "string",
"replace_prefix": "string",
// end of the list of possible fields
"remove_query": "bool",
"response_code": "RedirectResponseCode"
},
"direct_response": {
"status": "int64",
"body": {
// Includes only one of the fields `text`
"text": "string"
// end of the list of possible fields
}
}
// end of the list of possible fields
},
"grpc": {
"match": {
"fqmn": {
// Includes only one of the fields `exact_match`, `prefix_match`, `regex_match`
"exact_match": "string",
"prefix_match": "string",
"regex_match": "string"
// end of the list of possible fields
}
},
// Includes only one of the fields `route`, `status_response`
"route": {
"backend_group_id": "string",
"max_timeout": "google.protobuf.Duration",
"idle_timeout": "google.protobuf.Duration",
// Includes only one of the fields `host_rewrite`, `auto_host_rewrite`
"host_rewrite": "string",
"auto_host_rewrite": "bool",
// end of the list of possible fields
"rate_limit": {
"all_requests": {
// Includes only one of the fields `per_second`, `per_minute`
"per_second": "int64",
"per_minute": "int64"
// end of the list of possible fields
},
"requests_per_ip": {
// Includes only one of the fields `per_second`, `per_minute`
"per_second": "int64",
"per_minute": "int64"
// end of the list of possible fields
}
}
},
"status_response": {
"status": "Status"
}
// end of the list of possible fields
},
// end of the list of possible fields
"route_options": {
"modify_request_headers": [
{
"name": "string",
// Includes only one of the fields `append`, `replace`, `remove`, `rename`
"append": "string",
"replace": "string",
"remove": "bool",
"rename": "string"
// end of the list of possible fields
}
],
"modify_response_headers": [
{
"name": "string",
// Includes only one of the fields `append`, `replace`, `remove`, `rename`
"append": "string",
"replace": "string",
"remove": "bool",
"rename": "string"
// end of the list of possible fields
}
],
"rbac": {
"action": "Action",
"principals": [
{
"and_principals": [
{
// Includes only one of the fields `header`, `remote_ip`, `any`
"header": {
"name": "string",
"value": {
// Includes only one of the fields `exact_match`, `prefix_match`, `regex_match`
"exact_match": "string",
"prefix_match": "string",
"regex_match": "string"
// end of the list of possible fields
}
},
"remote_ip": "string",
"any": "bool"
// end of the list of possible fields
}
]
}
]
},
"security_profile_id": "string"
}
}
],
"modify_request_headers": [
{
"name": "string",
// Includes only one of the fields `append`, `replace`, `remove`, `rename`
"append": "string",
"replace": "string",
"remove": "bool",
"rename": "string"
// end of the list of possible fields
}
],
"modify_response_headers": [
{
"name": "string",
// Includes only one of the fields `append`, `replace`, `remove`, `rename`
"append": "string",
"replace": "string",
"remove": "bool",
"rename": "string"
// end of the list of possible fields
}
],
"route_options": {
"modify_request_headers": [
{
"name": "string",
// Includes only one of the fields `append`, `replace`, `remove`, `rename`
"append": "string",
"replace": "string",
"remove": "bool",
"rename": "string"
// end of the list of possible fields
}
],
"modify_response_headers": [
{
"name": "string",
// Includes only one of the fields `append`, `replace`, `remove`, `rename`
"append": "string",
"replace": "string",
"remove": "bool",
"rename": "string"
// end of the list of possible fields
}
],
"rbac": {
"action": "Action",
"principals": [
{
"and_principals": [
{
// Includes only one of the fields `header`, `remote_ip`, `any`
"header": {
"name": "string",
"value": {
// Includes only one of the fields `exact_match`, `prefix_match`, `regex_match`
"exact_match": "string",
"prefix_match": "string",
"regex_match": "string"
// end of the list of possible fields
}
},
"remote_ip": "string",
"any": "bool"
// end of the list of possible fields
}
]
}
]
},
"security_profile_id": "string"
},
"rate_limit": {
"all_requests": {
// Includes only one of the fields `per_second`, `per_minute`
"per_second": "int64",
"per_minute": "int64"
// end of the list of possible fields
},
"requests_per_ip": {
// Includes only one of the fields `per_second`, `per_minute`
"per_second": "int64",
"per_minute": "int64"
// end of the list of possible fields
}
}
}
Field |
Description |
http_router_id |
string Required field. ID of the HTTP router to update a virtual host in. To get the HTTP router ID, make a HttpRouterService.List request. |
virtual_host_name |
string Required field. Name of the virtual host. Used only to refer to the virtual host. The name of a host cannot be changed. To get the virtual host name, make a VirtualHostService.List request. |
update_mask |
Field mask that specifies which attributes of the virtual host should be updated. |
authority[] |
string New list of domains to attribute to the virtual host. The host is selected to process the request received by the load balancer A wildcard asterisk character ( Existing list of domains is completely replaced by the specified list. If not specified, all domains are attributed to the host, which is the same as specifying a |
routes[] |
New list of routes of the virtual host. A route contains a set of conditions (predicates) that are used by the load balancer to select the route The order of routes matters: the first route whose predicate matches the request is selected. Existing list of routes is completely replaced by the specified list, so if you just want to remove a route, |
modify_request_headers[] |
New list of modifications that are made to the headers of incoming HTTP requests Existing list of modifications is completely replaced by the specified list. |
modify_response_headers[] |
New list of modifications that are made to the headers of HTTP responses received from backends Existing list of modifications is completely replaced by the specified list. |
route_options |
New route options for the virtual host. |
rate_limit |
RateLimit is a rate limit configuration applied for a whole virtual host. |
Route
A route resource.
For details about the concept, see documentation.
Field |
Description |
name |
string Required field. Name of the route. |
http |
HTTP route configuration. Includes only one of the fields Route configuration. |
grpc |
gRPC route configuration. Includes only one of the fields Route configuration. |
route_options |
HttpRoute
An HTTP route configuration resource.
Field |
Description |
match |
Condition (predicate) used to select the route. |
route |
Forwards the request to a backend group for processing as configured. Includes only one of the fields Action performed on the request if the route is selected. |
redirect |
Redirects the request as configured. Includes only one of the fields Action performed on the request if the route is selected. |
direct_response |
Instructs the load balancer to respond directly as configured. Includes only one of the fields Action performed on the request if the route is selected. |
HttpRouteMatch
An HTTP route condition (predicate) resource.
Field |
Description |
http_method[] |
string HTTP method specified in the request. |
path |
Match settings for the path specified in the request. If not specified, the route matches all paths. |
StringMatch
A string matcher resource.
Field |
Description |
exact_match |
string Exact match string. Includes only one of the fields Match string for either exact or prefix match. |
prefix_match |
string Prefix match string. Includes only one of the fields Match string for either exact or prefix match. |
regex_match |
string Regular expression match string. Includes only one of the fields Match string for either exact or prefix match. |
HttpRouteAction
An HTTP route action resource.
Field |
Description |
backend_group_id |
string Required field. Backend group to forward requests to. Stream (TCP) backend groups are not supported. |
timeout |
Overall timeout for an HTTP connection between a load balancer node an a backend from the backend group: If a connection times out, the load balancer responds to the client with a Default value: |
idle_timeout |
Idle timeout for an HTTP connection between a load balancer node an a backend from the backend group: Specifying meaningful values for both If a connection times out, the load balancer responds to the client with a If not specified, no idle timeout is used, and an alive connection may be idle for any duration (see |
host_rewrite |
string Host replacement. Includes only one of the fields Value rewrite settings for HTTP/1.1 If not specified, the host is not changed. |
auto_host_rewrite |
bool Automatically replaces the host with that of the target. Includes only one of the fields Value rewrite settings for HTTP/1.1 If not specified, the host is not changed. |
prefix_rewrite |
string Replacement for the path prefix matched by StringMatch. For instance, if StringMatch.prefix_match value is If not specified, the path is not changed. |
upgrade_types[] |
string Supported values for HTTP |
rate_limit |
RateLimit is a rate limit configuration applied for route. |
RateLimit
RateLimit is a set of settings for global rate limiting.
Field |
Description |
all_requests |
AllRequests is a rate limit configuration applied to all incoming requests. |
requests_per_ip |
RequestsPerIp is a rate limit configuration applied separately for each set of requests |
Limit
Limit is a rate limit value settings.
Field |
Description |
per_second |
int64 PerSecond is a limit value specified with per second time unit. Includes only one of the fields |
per_minute |
int64 PerMinute is a limit value specified with per minute time unit. Includes only one of the fields |
RedirectAction
A redirect action resource.
Field |
Description |
replace_scheme |
string URI scheme replacement. If If not specified, the original scheme and port are used. |
replace_host |
string URI host replacement. If not specified, the original host is used. |
replace_port |
int64 URI host replacement. If not specified, the original host is used. |
replace_path |
string Replacement for the whole path. Includes only one of the fields URI path replacement. If not specified, the original path is used. |
replace_prefix |
string Replacement for the path prefix matched by StringMatch. For instance, if StringMatch.prefix_match value is Includes only one of the fields URI path replacement. If not specified, the original path is used. |
remove_query |
bool Removes URI query. |
response_code |
enum RedirectResponseCode HTTP status code to use in redirect responses.
|
DirectResponseAction
A direct response action resource.
Field |
Description |
status |
int64 HTTP status code to use in responses. |
body |
Response body. |
Payload
A health check payload resource.
Field |
Description |
text |
string Payload text. Includes only one of the fields Payload. |
GrpcRoute
A gRPC route configuration resource.
Field |
Description |
match |
Condition (predicate) used to select the route. |
route |
Forwards the request to a backend group for processing as configured. Includes only one of the fields Action performed on the request if the route is selected. |
status_response |
Instructs the load balancer to respond directly with a specified status. Includes only one of the fields Action performed on the request if the route is selected. |
GrpcRouteMatch
A gRPC route condition (predicate) resource.
Field |
Description |
fqmn |
Match settings for gRPC service method called in the request. A match string must be a fully qualified method name, e.g. If not specified, the route matches all methods. |
GrpcRouteAction
A gRPC route action resource.
Field |
Description |
backend_group_id |
string Required field. Backend group to forward requests to. |
max_timeout |
Overall timeout for an underlying HTTP connection between a load balancer node an a backend from the backend group: If a client specifies a lower timeout in HTTP If a connection times out, the load balancer responds to the client with an Default value: |
idle_timeout |
Idle timeout for an underlying HTTP connection between a load balancer node an a backend from the backend group: Specifying meaningful values for both If a connection times out, the load balancer responds to the client with an If not specified, no idle timeout is used, and an alive connection may be idle for any duration |
host_rewrite |
string Host replacement. Includes only one of the fields Value rewrite settings for HTTP/1.1 If not specified, the host is not changed. |
auto_host_rewrite |
bool Automatically replaces the host with that of the target. Includes only one of the fields Value rewrite settings for HTTP/1.1 If not specified, the host is not changed. |
rate_limit |
RateLimit is a rate limit configuration applied for route. |
GrpcStatusResponseAction
A gRPC status response action resource.
Field |
Description |
status |
enum Status gRPC status code
|
RouteOptions
Field |
Description |
modify_request_headers[] |
Apply the following modifications to the request headers. |
modify_response_headers[] |
Apply the following modifications to the response headers. |
rbac |
|
security_profile_id |
string Security profile that will take effect to all requests routed via particular virtual host. |
HeaderModification
A header modification resource.
Field |
Description |
name |
string Name of the header. |
append |
string Appends the specified string to the header value. Variables defined for Envoy proxy Includes only one of the fields Operation to perform on the header. |
replace |
string Replaces the value of the header with the specified string. Variables defined for Envoy proxy Includes only one of the fields Operation to perform on the header. |
remove |
bool Removes the header. Includes only one of the fields Operation to perform on the header. |
rename |
string Replaces the name of the header with the specified string. Includes only one of the fields Operation to perform on the header. |
RBAC
Role Based Access Control (RBAC) provides router, virtual host, and route access control for the ALB
service. Requests are allowed or denied based on the action
and whether a matching principal is
found. For instance, if the action is ALLOW and a matching principal is found the request should be
allowed.
Field |
Description |
action |
enum Action Required field. The action to take if a principal matches. Every action either allows or denies a request.
|
principals[] |
Required. A match occurs when at least one matches the request. |
Principals
Principals define a group of identities for a request.
Field |
Description |
and_principals[] |
Required. A match occurs when all principals match the request. |
Principal
Principal defines an identity for a request.
Field |
Description |
header |
A header (or pseudo-header such as :path or :method) of the incoming HTTP request. Includes only one of the fields |
remote_ip |
string A CIDR block or IP that describes the request remote/origin address, e.g. Includes only one of the fields |
any |
bool When any is set, it matches any request. Includes only one of the fields |
HeaderMatcher
Field |
Description |
name |
string Required field. Specifies the name of the header in the request. |
value |
Specifies how the header match will be performed to route the request. |
operation.Operation
{
"id": "string",
"description": "string",
"created_at": "google.protobuf.Timestamp",
"created_by": "string",
"modified_at": "google.protobuf.Timestamp",
"done": "bool",
"metadata": {
"http_router_id": "string",
"virtual_host_name": "string"
},
// Includes only one of the fields `error`, `response`
"error": "google.rpc.Status",
"response": {
"name": "string",
"authority": [
"string"
],
"routes": [
{
"name": "string",
// Includes only one of the fields `http`, `grpc`
"http": {
"match": {
"http_method": [
"string"
],
"path": {
// Includes only one of the fields `exact_match`, `prefix_match`, `regex_match`
"exact_match": "string",
"prefix_match": "string",
"regex_match": "string"
// end of the list of possible fields
}
},
// Includes only one of the fields `route`, `redirect`, `direct_response`
"route": {
"backend_group_id": "string",
"timeout": "google.protobuf.Duration",
"idle_timeout": "google.protobuf.Duration",
// Includes only one of the fields `host_rewrite`, `auto_host_rewrite`
"host_rewrite": "string",
"auto_host_rewrite": "bool",
// end of the list of possible fields
"prefix_rewrite": "string",
"upgrade_types": [
"string"
],
"rate_limit": {
"all_requests": {
// Includes only one of the fields `per_second`, `per_minute`
"per_second": "int64",
"per_minute": "int64"
// end of the list of possible fields
},
"requests_per_ip": {
// Includes only one of the fields `per_second`, `per_minute`
"per_second": "int64",
"per_minute": "int64"
// end of the list of possible fields
}
}
},
"redirect": {
"replace_scheme": "string",
"replace_host": "string",
"replace_port": "int64",
// Includes only one of the fields `replace_path`, `replace_prefix`
"replace_path": "string",
"replace_prefix": "string",
// end of the list of possible fields
"remove_query": "bool",
"response_code": "RedirectResponseCode"
},
"direct_response": {
"status": "int64",
"body": {
// Includes only one of the fields `text`
"text": "string"
// end of the list of possible fields
}
}
// end of the list of possible fields
},
"grpc": {
"match": {
"fqmn": {
// Includes only one of the fields `exact_match`, `prefix_match`, `regex_match`
"exact_match": "string",
"prefix_match": "string",
"regex_match": "string"
// end of the list of possible fields
}
},
// Includes only one of the fields `route`, `status_response`
"route": {
"backend_group_id": "string",
"max_timeout": "google.protobuf.Duration",
"idle_timeout": "google.protobuf.Duration",
// Includes only one of the fields `host_rewrite`, `auto_host_rewrite`
"host_rewrite": "string",
"auto_host_rewrite": "bool",
// end of the list of possible fields
"rate_limit": {
"all_requests": {
// Includes only one of the fields `per_second`, `per_minute`
"per_second": "int64",
"per_minute": "int64"
// end of the list of possible fields
},
"requests_per_ip": {
// Includes only one of the fields `per_second`, `per_minute`
"per_second": "int64",
"per_minute": "int64"
// end of the list of possible fields
}
}
},
"status_response": {
"status": "Status"
}
// end of the list of possible fields
},
// end of the list of possible fields
"route_options": {
"modify_request_headers": [
{
"name": "string",
// Includes only one of the fields `append`, `replace`, `remove`, `rename`
"append": "string",
"replace": "string",
"remove": "bool",
"rename": "string"
// end of the list of possible fields
}
],
"modify_response_headers": [
{
"name": "string",
// Includes only one of the fields `append`, `replace`, `remove`, `rename`
"append": "string",
"replace": "string",
"remove": "bool",
"rename": "string"
// end of the list of possible fields
}
],
"rbac": {
"action": "Action",
"principals": [
{
"and_principals": [
{
// Includes only one of the fields `header`, `remote_ip`, `any`
"header": {
"name": "string",
"value": {
// Includes only one of the fields `exact_match`, `prefix_match`, `regex_match`
"exact_match": "string",
"prefix_match": "string",
"regex_match": "string"
// end of the list of possible fields
}
},
"remote_ip": "string",
"any": "bool"
// end of the list of possible fields
}
]
}
]
},
"security_profile_id": "string"
}
}
],
"modify_request_headers": [
{
"name": "string",
// Includes only one of the fields `append`, `replace`, `remove`, `rename`
"append": "string",
"replace": "string",
"remove": "bool",
"rename": "string"
// end of the list of possible fields
}
],
"modify_response_headers": [
{
"name": "string",
// Includes only one of the fields `append`, `replace`, `remove`, `rename`
"append": "string",
"replace": "string",
"remove": "bool",
"rename": "string"
// end of the list of possible fields
}
],
"route_options": {
"modify_request_headers": [
{
"name": "string",
// Includes only one of the fields `append`, `replace`, `remove`, `rename`
"append": "string",
"replace": "string",
"remove": "bool",
"rename": "string"
// end of the list of possible fields
}
],
"modify_response_headers": [
{
"name": "string",
// Includes only one of the fields `append`, `replace`, `remove`, `rename`
"append": "string",
"replace": "string",
"remove": "bool",
"rename": "string"
// end of the list of possible fields
}
],
"rbac": {
"action": "Action",
"principals": [
{
"and_principals": [
{
// Includes only one of the fields `header`, `remote_ip`, `any`
"header": {
"name": "string",
"value": {
// Includes only one of the fields `exact_match`, `prefix_match`, `regex_match`
"exact_match": "string",
"prefix_match": "string",
"regex_match": "string"
// end of the list of possible fields
}
},
"remote_ip": "string",
"any": "bool"
// end of the list of possible fields
}
]
}
]
},
"security_profile_id": "string"
},
"rate_limit": {
"all_requests": {
// Includes only one of the fields `per_second`, `per_minute`
"per_second": "int64",
"per_minute": "int64"
// end of the list of possible fields
},
"requests_per_ip": {
// Includes only one of the fields `per_second`, `per_minute`
"per_second": "int64",
"per_minute": "int64"
// end of the list of possible fields
}
}
}
// end of the list of possible fields
}
An Operation resource. For more information, see Operation.
Field |
Description |
id |
string ID of the operation. |
description |
string Description of the operation. 0-256 characters long. |
created_at |
Creation timestamp. |
created_by |
string ID of the user or service account who initiated the operation. |
modified_at |
The time when the Operation resource was last modified. |
done |
bool If the value is |
metadata |
Service-specific metadata associated with the operation. |
error |
The error result of the operation in case of failure or cancellation. Includes only one of the fields The operation result. |
response |
The normal response of the operation in case of success. Includes only one of the fields The operation result. |
UpdateVirtualHostMetadata
Field |
Description |
http_router_id |
string ID of the HTTP router that the virtual host is being updated in. |
virtual_host_name |
string Name of the virtual host that is being updated. |
VirtualHost
A virtual host resource.
For details about the concept, see documentation.
Field |
Description |
name |
string Required field. Name of the virtual host. The name is unique within the HTTP router. |
authority[] |
string List of domains that are attributed to the virtual host. The host is selected to process the request received by the load balancer A wildcard asterisk character ( If not specified, all domains are attributed to the host, which is the same as specifying a |
routes[] |
Routes of the virtual host. A route contains a set of conditions (predicates) that are used by the load balancer to select the route The order of routes matters: the first route whose predicate matches the request is selected. |
modify_request_headers[] |
Deprecated, use route_options.modify_request_headers. |
modify_response_headers[] |
Deprecated, use route_options.modify_response_headers. |
route_options |
|
rate_limit |
RateLimit is a rate limit configuration applied for a whole virtual host. |
Route
A route resource.
For details about the concept, see documentation.
Field |
Description |
name |
string Required field. Name of the route. |
http |
HTTP route configuration. Includes only one of the fields Route configuration. |
grpc |
gRPC route configuration. Includes only one of the fields Route configuration. |
route_options |
HttpRoute
An HTTP route configuration resource.
Field |
Description |
match |
Condition (predicate) used to select the route. |
route |
Forwards the request to a backend group for processing as configured. Includes only one of the fields Action performed on the request if the route is selected. |
redirect |
Redirects the request as configured. Includes only one of the fields Action performed on the request if the route is selected. |
direct_response |
Instructs the load balancer to respond directly as configured. Includes only one of the fields Action performed on the request if the route is selected. |
HttpRouteMatch
An HTTP route condition (predicate) resource.
Field |
Description |
http_method[] |
string HTTP method specified in the request. |
path |
Match settings for the path specified in the request. If not specified, the route matches all paths. |
StringMatch
A string matcher resource.
Field |
Description |
exact_match |
string Exact match string. Includes only one of the fields Match string for either exact or prefix match. |
prefix_match |
string Prefix match string. Includes only one of the fields Match string for either exact or prefix match. |
regex_match |
string Regular expression match string. Includes only one of the fields Match string for either exact or prefix match. |
HttpRouteAction
An HTTP route action resource.
Field |
Description |
backend_group_id |
string Required field. Backend group to forward requests to. Stream (TCP) backend groups are not supported. |
timeout |
Overall timeout for an HTTP connection between a load balancer node an a backend from the backend group: If a connection times out, the load balancer responds to the client with a Default value: |
idle_timeout |
Idle timeout for an HTTP connection between a load balancer node an a backend from the backend group: Specifying meaningful values for both If a connection times out, the load balancer responds to the client with a If not specified, no idle timeout is used, and an alive connection may be idle for any duration (see |
host_rewrite |
string Host replacement. Includes only one of the fields Value rewrite settings for HTTP/1.1 If not specified, the host is not changed. |
auto_host_rewrite |
bool Automatically replaces the host with that of the target. Includes only one of the fields Value rewrite settings for HTTP/1.1 If not specified, the host is not changed. |
prefix_rewrite |
string Replacement for the path prefix matched by StringMatch. For instance, if StringMatch.prefix_match value is If not specified, the path is not changed. |
upgrade_types[] |
string Supported values for HTTP |
rate_limit |
RateLimit is a rate limit configuration applied for route. |
RateLimit
RateLimit is a set of settings for global rate limiting.
Field |
Description |
all_requests |
AllRequests is a rate limit configuration applied to all incoming requests. |
requests_per_ip |
RequestsPerIp is a rate limit configuration applied separately for each set of requests |
Limit
Limit is a rate limit value settings.
Field |
Description |
per_second |
int64 PerSecond is a limit value specified with per second time unit. Includes only one of the fields |
per_minute |
int64 PerMinute is a limit value specified with per minute time unit. Includes only one of the fields |
RedirectAction
A redirect action resource.
Field |
Description |
replace_scheme |
string URI scheme replacement. If If not specified, the original scheme and port are used. |
replace_host |
string URI host replacement. If not specified, the original host is used. |
replace_port |
int64 URI host replacement. If not specified, the original host is used. |
replace_path |
string Replacement for the whole path. Includes only one of the fields URI path replacement. If not specified, the original path is used. |
replace_prefix |
string Replacement for the path prefix matched by StringMatch. For instance, if StringMatch.prefix_match value is Includes only one of the fields URI path replacement. If not specified, the original path is used. |
remove_query |
bool Removes URI query. |
response_code |
enum RedirectResponseCode HTTP status code to use in redirect responses.
|
DirectResponseAction
A direct response action resource.
Field |
Description |
status |
int64 HTTP status code to use in responses. |
body |
Response body. |
Payload
A health check payload resource.
Field |
Description |
text |
string Payload text. Includes only one of the fields Payload. |
GrpcRoute
A gRPC route configuration resource.
Field |
Description |
match |
Condition (predicate) used to select the route. |
route |
Forwards the request to a backend group for processing as configured. Includes only one of the fields Action performed on the request if the route is selected. |
status_response |
Instructs the load balancer to respond directly with a specified status. Includes only one of the fields Action performed on the request if the route is selected. |
GrpcRouteMatch
A gRPC route condition (predicate) resource.
Field |
Description |
fqmn |
Match settings for gRPC service method called in the request. A match string must be a fully qualified method name, e.g. If not specified, the route matches all methods. |
GrpcRouteAction
A gRPC route action resource.
Field |
Description |
backend_group_id |
string Required field. Backend group to forward requests to. |
max_timeout |
Overall timeout for an underlying HTTP connection between a load balancer node an a backend from the backend group: If a client specifies a lower timeout in HTTP If a connection times out, the load balancer responds to the client with an Default value: |
idle_timeout |
Idle timeout for an underlying HTTP connection between a load balancer node an a backend from the backend group: Specifying meaningful values for both If a connection times out, the load balancer responds to the client with an If not specified, no idle timeout is used, and an alive connection may be idle for any duration |
host_rewrite |
string Host replacement. Includes only one of the fields Value rewrite settings for HTTP/1.1 If not specified, the host is not changed. |
auto_host_rewrite |
bool Automatically replaces the host with that of the target. Includes only one of the fields Value rewrite settings for HTTP/1.1 If not specified, the host is not changed. |
rate_limit |
RateLimit is a rate limit configuration applied for route. |
GrpcStatusResponseAction
A gRPC status response action resource.
Field |
Description |
status |
enum Status gRPC status code
|
RouteOptions
Field |
Description |
modify_request_headers[] |
Apply the following modifications to the request headers. |
modify_response_headers[] |
Apply the following modifications to the response headers. |
rbac |
|
security_profile_id |
string Security profile that will take effect to all requests routed via particular virtual host. |
HeaderModification
A header modification resource.
Field |
Description |
name |
string Name of the header. |
append |
string Appends the specified string to the header value. Variables defined for Envoy proxy Includes only one of the fields Operation to perform on the header. |
replace |
string Replaces the value of the header with the specified string. Variables defined for Envoy proxy Includes only one of the fields Operation to perform on the header. |
remove |
bool Removes the header. Includes only one of the fields Operation to perform on the header. |
rename |
string Replaces the name of the header with the specified string. Includes only one of the fields Operation to perform on the header. |
RBAC
Role Based Access Control (RBAC) provides router, virtual host, and route access control for the ALB
service. Requests are allowed or denied based on the action
and whether a matching principal is
found. For instance, if the action is ALLOW and a matching principal is found the request should be
allowed.
Field |
Description |
action |
enum Action Required field. The action to take if a principal matches. Every action either allows or denies a request.
|
principals[] |
Required. A match occurs when at least one matches the request. |
Principals
Principals define a group of identities for a request.
Field |
Description |
and_principals[] |
Required. A match occurs when all principals match the request. |
Principal
Principal defines an identity for a request.
Field |
Description |
header |
A header (or pseudo-header such as :path or :method) of the incoming HTTP request. Includes only one of the fields |
remote_ip |
string A CIDR block or IP that describes the request remote/origin address, e.g. Includes only one of the fields |
any |
bool When any is set, it matches any request. Includes only one of the fields |
HeaderMatcher
Field |
Description |
name |
string Required field. Specifies the name of the header in the request. |
value |
Specifies how the header match will be performed to route the request. |