-
Notifications
You must be signed in to change notification settings - Fork 5
/
Copy pathschema.lua
110 lines (109 loc) · 2.84 KB
/
schema.lua
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
local typedefs = require "kong.db.schema.typedefs"
return {
name = "aws-request-signing",
fields = {
{
-- this plugin will not be applied to consumers
consumer = typedefs.no_consumer,
},
{
-- this plugin will only run within Nginx HTTP module
protocols = typedefs.protocols_http
},
{
config = {
type = "record",
fields = {
{
aws_assume_role_arn = {
type = "string",
encrypted = true, -- Kong Enterprise-exclusive feature, does nothing in Kong CE
required = true,
}
},
{
aws_assume_role_name = {
type = "string",
encrypted = true, -- Kong Enterprise-exclusive feature, does nothing in Kong CE
required = true,
}
},
{
aws_region = {
type = "string",
required = true,
}
},
{
aws_service = {
type = "string",
required = true,
}
},
{
override_target_host = {
type = "string",
not_match = "^https?://"
}
},
{
override_target_port = {
type = "number"
}
},
{
override_target_protocol = {
type = "string",
one_of = {
"http",
"https",
},
}
},
{
use_altered_target = {
type = "boolean",
required = true,
default = false,
description =
"Instructs the plugin to use the context target if it's host or port were altered "..
" (by other plugins) during the signing, bypassing the override_target_host "..
"and override_target_port parameters. Works by comparing the service target parameters"..
" with the context target parameters. Ignored if the target was not altered."
}
},
{
return_aws_sts_error = {
type = "boolean",
required = true,
default = false,
}
},
{
sign_query = {
type = "boolean",
required = true,
default = false,
}
},
{
preserve_auth_header = {
type = "boolean",
required = true,
default = true,
}
},
{
preserve_auth_header_key = {
type = "string",
required = true,
default = "x-authorization",
}
}
}
},
}
},
entity_checks = {
}
}