-
Notifications
You must be signed in to change notification settings - Fork 171
Expand file tree
/
Copy pathapicast-policy.json
More file actions
72 lines (72 loc) · 2.01 KB
/
apicast-policy.json
File metadata and controls
72 lines (72 loc) · 2.01 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
{
"$schema": "http://apicast.io/policy-v1.1/schema",
"name": "IP Check",
"summary": "Accepts or denies a request based on the IP.",
"description": [
"Accepts or denies requests according to a whitelist or a blacklist of ",
"IPs. \n",
"In the configuration, both single IPs (like 172.18.0.1) and CIDR ",
"ranges (like 172.18.0.0/16) can be used."
],
"version": "builtin",
"configuration": {
"type": "object",
"properties": {
"check_type": {
"description": "The type of check to apply",
"type": "string",
"oneOf": [
{
"enum": ["blacklist"],
"title": "Block the IPs included in the list"
},
{
"enum": ["whitelist"],
"title": "Allow only the IPs included in the list"
}
]
},
"ips": {
"description": "List of IPs",
"type": "array",
"items": {
"type": "string"
}
},
"error_msg": {
"description": "",
"type": "string",
"default": "IP address not allowed"
},
"client_ip_sources": {
"description": "Specifies how to get the client IP and in which order the options are tried",
"type": "array",
"default": ["last_caller"],
"minItems": 1,
"maxItems": 3,
"items": {
"type": "string",
"anyOf": [
{
"enum": ["X-Forwarded-For"],
"title": "Get the IP from the X-Forwarded-For header (first IP of the list)"
},
{
"enum": ["X-Real-IP"],
"title": "Get the IP from the X-Real-IP header"
},
{
"enum": ["proxy_protocol_addr"],
"title": "Get the IP from the proxy_protocol_addr variable"
},
{
"enum": ["last_caller"],
"title": "Use the IP of the last caller"
}
]
}
}
},
"required": ["ips", "check_type"]
}
}