-
Notifications
You must be signed in to change notification settings - Fork 602
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: add support for externalized consumers #7657
base: main
Are you sure you want to change the base?
Conversation
✅ Deploy Preview for kongdocs ready!
To edit notification comments on pull requests, go to your Netlify site configuration. |
- geo: null | ||
id: null |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
geo
and id
should be optional (default null
) imo
|
||
-- Dummy/Link that points to Konnect Docs when ready. | ||
|
||
With the `pool_id` you obtained from the previous step, you can configure the key-auth plugin to validate API keys against the Identity Service. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@jschmid1 where does the pool_id
come from? Konnect?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We need to change all references of pools to realms, and update the field terminology
@@ -0,0 +1,71 @@ | |||
--- | |||
nav_title: | |||
title: How to configure pools |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Change to Realms
--- | ||
|
||
|
||
With `pool_id` you can configure the key-auth plugin to validate API keys against the Identity Service. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Change to "realm_id"
|
||
With `pool_id` you can configure the key-auth plugin to validate API keys against the Identity Service. | ||
|
||
### Configuring Multiple Pools |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
change to "Realms"
|
||
### Configuring Multiple Pools | ||
|
||
In the key-auth plugin configuration, add the `pools` option as shown below: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
change to "realms"
In the key-auth plugin configuration, add the `pools` option as shown below: | ||
|
||
```yaml | ||
pools: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
change to "identity_realms"
type: remote | ||
``` | ||
|
||
In this configuration, the dataplane will initially check the local pool (LMDB) before querying the remote Identity Service. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
cp-scoped consumers first
|
||
In this configuration, the dataplane will initially check the local pool (LMDB) before querying the remote Identity Service. | ||
|
||
If a matching key is found in any of these pools, the request will be authenticated. If the key is not found in any of the configured pools, the request will be blocked. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
"realms"
|
||
If a matching key is found in any of these pools, the request will be authenticated. If the key is not found in any of the configured pools, the request will be blocked. | ||
|
||
### Configuring Single Pools |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Single Realm
|
||
### Configuring Single Pools | ||
|
||
It is also possible to configure only a single pool, either local or remote. However, only one of each type can be configured. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
change pool to realm
change "either local or remote" to "consumers can be scoped to the geo or cp".
|
||
It is also possible to configure only a single pool, either local or remote. However, only one of each type can be configured. | ||
|
||
To configure only a remote pool: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
change "remote pool" to "realm"
Description
Testing instructions
Preview link:
Checklist