envoyproxy
diff --git a/‎.github/workflows/build_and_test.yaml‎
Lines changed: 1 addition & 0 deletions b/‎.github/workflows/build_and_test.yaml‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎api/v1alpha1/backendsecurity_policy.go‎
Lines changed: 23 additions & 6 deletions b/‎api/v1alpha1/backendsecurity_policy.go‎
Lines changed: 23 additions & 6 deletions
diff --git a/‎api/v1alpha1/shared_types.go‎
Lines changed: 4 additions & 1 deletion b/‎api/v1alpha1/shared_types.go‎
Lines changed: 4 additions & 1 deletion
diff --git a/‎api/v1alpha1/zz_generated.deepcopy.go‎
Lines changed: 25 additions & 0 deletions b/‎api/v1alpha1/zz_generated.deepcopy.go‎
Lines changed: 25 additions & 0 deletions
diff --git a/‎examples/basic/anthropic.yaml‎
Lines changed: 86 additions & 0 deletions b/‎examples/basic/anthropic.yaml‎
Lines changed: 86 additions & 0 deletions
diff --git a/‎internal/controller/backend_security_policy.go‎
Lines changed: 6 additions & 4 deletions b/‎internal/controller/backend_security_policy.go‎
Lines changed: 6 additions & 4 deletions
diff --git a/‎internal/controller/controller.go‎
Lines changed: 3 additions & 0 deletions b/‎internal/controller/controller.go‎
Lines changed: 3 additions & 0 deletions
diff --git a/‎internal/controller/controller_test.go‎
Lines changed: 13 additions & 0 deletions b/‎internal/controller/controller_test.go‎
Lines changed: 13 additions & 0 deletions
diff --git a/‎internal/controller/gateway.go‎
Lines changed: 7 additions & 0 deletions b/‎internal/controller/gateway.go‎
Lines changed: 7 additions & 0 deletions
diff --git a/‎internal/controller/gateway_test.go‎
Lines changed: 15 additions & 0 deletions b/‎internal/controller/gateway_test.go‎
Lines changed: 15 additions & 0 deletions
@@ -227,6 +227,7 @@ jobs:
           TEST_AWS_ACCESS_KEY_ID: ${{ secrets.AWS_BEDROCK_USER_AWS_ACCESS_KEY_ID }}
           TEST_AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_BEDROCK_USER_AWS_SECRET_ACCESS_KEY }}
           TEST_OPENAI_API_KEY: ${{ secrets.ENVOY_AI_GATEWAY_OPENAI_API_KEY }}
+          TEST_ANTHROPIC_API_KEY: ${{ secrets.ENVOY_AI_GATEWAY_ANTHROPIC_API_KEY }}
           TEST_GEMINI_API_KEY: ${{ secrets.ENVOY_AI_GATEWAY_GEMINI_API_KEY }}
         run: make test-e2e
 
 
@@ -19,6 +19,7 @@ const (
 	BackendSecurityPolicyTypeAPIKey           BackendSecurityPolicyType = "APIKey"
 	BackendSecurityPolicyTypeAWSCredentials   BackendSecurityPolicyType = "AWSCredentials"
 	BackendSecurityPolicyTypeAzureAPIKey      BackendSecurityPolicyType = "AzureAPIKey"
+	BackendSecurityPolicyTypeAnthropicAPIKey  BackendSecurityPolicyType = "AnthropicAPIKey" // #nosec G101
 	BackendSecurityPolicyTypeAzureCredentials BackendSecurityPolicyType = "AzureCredentials"
 	BackendSecurityPolicyTypeGCPCredentials   BackendSecurityPolicyType = "GCPCredentials"
 )
@@ -43,11 +44,12 @@ type BackendSecurityPolicy struct {
 //
 // Only one type of BackendSecurityPolicy can be defined.
 // +kubebuilder:validation:MaxProperties=3
-// +kubebuilder:validation:XValidation:rule="self.type == 'APIKey' ? (has(self.apiKey) && !has(self.awsCredentials) && !has(self.azureAPIKey) && !has(self.azureCredentials) && !has(self.gcpCredentials)) : true",message="When type is APIKey, only apiKey field should be set"
-// +kubebuilder:validation:XValidation:rule="self.type == 'AWSCredentials' ? (has(self.awsCredentials) && !has(self.apiKey) && !has(self.azureAPIKey) && !has(self.azureCredentials) && !has(self.gcpCredentials)) : true",message="When type is AWSCredentials, only awsCredentials field should be set"
-// +kubebuilder:validation:XValidation:rule="self.type == 'AzureAPIKey' ? (has(self.azureAPIKey) && !has(self.apiKey) && !has(self.awsCredentials) && !has(self.azureCredentials) && !has(self.gcpCredentials)) : true",message="When type is AzureAPIKey, only azureAPIKey field should be set"
-// +kubebuilder:validation:XValidation:rule="self.type == 'AzureCredentials' ? (has(self.azureCredentials) && !has(self.apiKey) && !has(self.awsCredentials) && !has(self.azureAPIKey) && !has(self.gcpCredentials)) : true",message="When type is AzureCredentials, only azureCredentials field should be set"
-// +kubebuilder:validation:XValidation:rule="self.type == 'GCPCredentials' ? (has(self.gcpCredentials) && !has(self.apiKey) && !has(self.awsCredentials) && !has(self.azureAPIKey) && !has(self.azureCredentials)) : true",message="When type is GCPCredentials, only gcpCredentials field should be set"
+// +kubebuilder:validation:XValidation:rule="self.type == 'APIKey' ? (has(self.apiKey) && !has(self.awsCredentials) && !has(self.azureAPIKey) && !has(self.azureCredentials) && !has(self.gcpCredentials) && !has(self.anthropicAPIKey)) : true",message="When type is APIKey, only apiKey field should be set"
+// +kubebuilder:validation:XValidation:rule="self.type == 'AWSCredentials' ? (has(self.awsCredentials) && !has(self.apiKey) && !has(self.azureAPIKey) && !has(self.azureCredentials) && !has(self.gcpCredentials) && !has(self.anthropicAPIKey)) : true",message="When type is AWSCredentials, only awsCredentials field should be set"
+// +kubebuilder:validation:XValidation:rule="self.type == 'AzureAPIKey' ? (has(self.azureAPIKey) && !has(self.apiKey) && !has(self.awsCredentials) && !has(self.azureCredentials) && !has(self.gcpCredentials) && !has(self.anthropicAPIKey)) : true",message="When type is AzureAPIKey, only azureAPIKey field should be set"
+// +kubebuilder:validation:XValidation:rule="self.type == 'AzureCredentials' ? (has(self.azureCredentials) && !has(self.apiKey) && !has(self.awsCredentials) && !has(self.azureAPIKey) && !has(self.gcpCredentials) && !has(self.anthropicAPIKey)) : true",message="When type is AzureCredentials, only azureCredentials field should be set"
+// +kubebuilder:validation:XValidation:rule="self.type == 'GCPCredentials' ? (has(self.gcpCredentials) && !has(self.apiKey) && !has(self.awsCredentials) && !has(self.azureAPIKey) && !has(self.azureCredentials) && !has(self.anthropicAPIKey)) : true",message="When type is GCPCredentials, only gcpCredentials field should be set"
+// +kubebuilder:validation:XValidation:rule="self.type == 'AnthropicAPIKey' ? (has(self.anthropicAPIKey) && !has(self.apiKey) && !has(self.awsCredentials) && !has(self.azureAPIKey) && !has(self.azureCredentials) && !has(self.gcpCredentials)) : true",message="When type is AnthropicAPIKey, only anthropicAPIKey field should be set"
 type BackendSecurityPolicySpec struct {
 	// TargetRefs are the names of the AIServiceBackend resources this BackendSecurityPolicy is being attached to.
 	// Attaching multiple BackendSecurityPolicies to the same AIServiceBackend is invalid and will result in an error
@@ -60,7 +62,7 @@ type BackendSecurityPolicySpec struct {
 
 	// Type specifies the type of the backend security policy.
 	//
-	// +kubebuilder:validation:Enum=APIKey;AWSCredentials;AzureAPIKey;AzureCredentials;GCPCredentials
+	// +kubebuilder:validation:Enum=APIKey;AWSCredentials;AzureAPIKey;AzureCredentials;GCPCredentials;AnthropicAPIKey
 	Type BackendSecurityPolicyType `json:"type"`
 
 	// APIKey is a mechanism to access a backend(s). The API key will be injected into the Authorization header.
@@ -82,10 +84,17 @@ type BackendSecurityPolicySpec struct {
 	//
 	// +optional
 	AzureCredentials *BackendSecurityPolicyAzureCredentials `json:"azureCredentials,omitempty"`
+
 	// GCPCredentials is a mechanism to access a backend(s). GCP specific logic will be applied.
 	//
 	// +optional
 	GCPCredentials *BackendSecurityPolicyGCPCredentials `json:"gcpCredentials,omitempty"`
+
+	// AnthropicAPIKey is a mechanism to access Anthropic backend(s). The API key will be injected into the "x-api-key" header.
+	// https://docs.claude.com/en/api/overview#authentication
+	//
+	// +optional
+	AnthropicAPIKey *BackendSecurityPolicyAnthropicAPIKey `json:"anthropicAPIKey,omitempty"`
 }
 
 // BackendSecurityPolicyList contains a list of BackendSecurityPolicy
@@ -314,3 +323,11 @@ type GCPCredentialsFile struct {
 	// The secret should contain the GCP service account credentials file keyed on "service_account.json".
 	SecretRef *gwapiv1.SecretObjectReference `json:"secretRef"`
 }
+
+// BackendSecurityPolicyAnthropicAPIKey specifies the Anthropic API key.
+type BackendSecurityPolicyAnthropicAPIKey struct {
+	// SecretRef is the reference to the secret containing the Anthropic API key.
+	// ai-gateway must be given the permission to read this secret.
+	// The key of the secret should be "apiKey".
+	SecretRef *gwapiv1.SecretObjectReference `json:"secretRef"`
+}
@@ -15,7 +15,7 @@ package v1alpha1
 type VersionedAPISchema struct {
 	// Name is the name of the API schema of the AIGatewayRoute or AIServiceBackend.
 	//
-	// +kubebuilder:validation:Enum=OpenAI;AWSBedrock;AzureOpenAI;GCPVertexAI;GCPAnthropic
+	// +kubebuilder:validation:Enum=OpenAI;AWSBedrock;AzureOpenAI;GCPVertexAI;GCPAnthropic;Anthropic
 	Name APISchema `json:"name"`
 
 	// Version is the version of the API schema.
@@ -62,6 +62,9 @@ const (
 	//
 	// https://docs.anthropic.com/en/api/claude-on-vertex-ai
 	APISchemaGCPAnthropic APISchema = "GCPAnthropic"
+	// APISchemaAnthropic is the native Anthropic API schema.
+	// https://docs.claude.com/en/home
+	APISchemaAnthropic APISchema = "Anthropic"
 )
 
 const (
 
@@ -0,0 +1,86 @@
+# Copyright Envoy AI Gateway Authors
+# SPDX-License-Identifier: Apache-2.0
+# The full text of the Apache license is available in the LICENSE file at
+# the root of the repo.
+
+apiVersion: aigateway.envoyproxy.io/v1alpha1
+kind: AIGatewayRoute
+metadata:
+  name: envoy-ai-gateway-basic-anthropic
+  namespace: default
+spec:
+  parentRefs:
+    - name: envoy-ai-gateway-basic
+      kind: Gateway
+      group: gateway.networking.k8s.io
+  rules:
+    - matches:
+        - headers:
+            - type: Exact
+              name: x-ai-eg-model
+              value: claude-sonnet-4-5
+      backendRefs:
+        - name: envoy-ai-gateway-basic-anthropic
+---
+apiVersion: aigateway.envoyproxy.io/v1alpha1
+kind: AIServiceBackend
+metadata:
+  name: envoy-ai-gateway-basic-anthropic
+  namespace: default
+spec:
+  schema:
+    name: Anthropic
+  backendRef:
+    name: envoy-ai-gateway-basic-anthropic
+    kind: Backend
+    group: gateway.envoyproxy.io
+---
+apiVersion: aigateway.envoyproxy.io/v1alpha1
+kind: BackendSecurityPolicy
+metadata:
+  name: envoy-ai-gateway-basic-anthropic-apikey
+  namespace: default
+spec:
+  targetRefs:
+    - group: aigateway.envoyproxy.io
+      kind: AIServiceBackend
+      name: envoy-ai-gateway-basic-anthropic
+  type: AnthropicAPIKey
+  anthropicAPIKey:
+    secretRef:
+      name: envoy-ai-gateway-basic-anthropic-apikey
+      namespace: default
+---
+apiVersion: gateway.envoyproxy.io/v1alpha1
+kind: Backend
+metadata:
+  name: envoy-ai-gateway-basic-anthropic
+  namespace: default
+spec:
+  endpoints:
+    - fqdn:
+        hostname: api.anthropic.com
+        port: 443
+---
+apiVersion: gateway.networking.k8s.io/v1alpha3
+kind: BackendTLSPolicy
+metadata:
+  name: envoy-ai-gateway-basic-anthropic-tls
+  namespace: default
+spec:
+  targetRefs:
+    - group: "gateway.envoyproxy.io"
+      kind: Backend
+      name: envoy-ai-gateway-basic-anthropic
+  validation:
+    wellKnownCACertificates: "System"
+    hostname: api.anthropic.com
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: envoy-ai-gateway-basic-anthropic-apikey
+  namespace: default
+type: Opaque
+stringData:
+  apiKey: ANTHROPIC_API_KEY # Replace with your Anthropic API key.
@@ -86,7 +86,9 @@ func (c *BackendSecurityPolicyController) reconcile(ctx context.Context, bsp *ai
 	if handleFinalizer(ctx, c.client, c.logger, bsp, c.syncBackendSecurityPolicy) { // Propagate the bsp deletion all the way to relevant Gateways.
 		return res, nil
 	}
-	if bsp.Spec.Type != aigv1a1.BackendSecurityPolicyTypeAPIKey && bsp.Spec.Type != aigv1a1.BackendSecurityPolicyTypeAzureAPIKey {
+	if bsp.Spec.Type != aigv1a1.BackendSecurityPolicyTypeAPIKey &&
+		bsp.Spec.Type != aigv1a1.BackendSecurityPolicyTypeAzureAPIKey &&
+		bsp.Spec.Type != aigv1a1.BackendSecurityPolicyTypeAnthropicAPIKey {
 		res, err = c.rotateCredential(ctx, bsp)
 		if err != nil {
 			return res, err
@@ -385,10 +387,10 @@ func getBSPGeneratedSecretName(bsp *aigv1a1.BackendSecurityPolicy) string {
 		if bsp.Spec.GCPCredentials.WorkloadIdentityFederationConfig == nil {
 			return ""
 		}
-	case aigv1a1.BackendSecurityPolicyTypeAPIKey:
+	case aigv1a1.BackendSecurityPolicyTypeAPIKey,
+		aigv1a1.BackendSecurityPolicyTypeAzureAPIKey,
+		aigv1a1.BackendSecurityPolicyTypeAnthropicAPIKey:
 		return "" // APIKey does not require rotation.
-	case aigv1a1.BackendSecurityPolicyTypeAzureAPIKey:
-		return "" // AzureAPIKey does not require rotation.
 	default:
 		panic("BUG: unsupported backend security policy type: " + string(bsp.Spec.Type))
 	}
 
@@ -357,6 +357,9 @@ func backendSecurityPolicyIndexFunc(o client.Object) []string {
 	case aigv1a1.BackendSecurityPolicyTypeAzureAPIKey:
 		apiKey := backendSecurityPolicy.Spec.AzureAPIKey
 		key = getSecretNameAndNamespace(apiKey.SecretRef, backendSecurityPolicy.Namespace)
+	case aigv1a1.BackendSecurityPolicyTypeAnthropicAPIKey:
+		apiKey := backendSecurityPolicy.Spec.AnthropicAPIKey
+		key = getSecretNameAndNamespace(apiKey.SecretRef, backendSecurityPolicy.Namespace)
 	case aigv1a1.BackendSecurityPolicyTypeAzureCredentials:
 		azureCreds := backendSecurityPolicy.Spec.AzureCredentials
 		if azureCreds.ClientSecretRef != nil {
 
@@ -222,6 +222,19 @@ func Test_backendSecurityPolicyIndexFunc(t *testing.T) {
 			},
 			expKey: "some-backend-security-policy-10.foo",
 		},
+		{
+			name: "anthropic api key",
+			backendSecurityPolicy: &aigv1a1.BackendSecurityPolicy{
+				ObjectMeta: metav1.ObjectMeta{Name: "some-backend-security-policy-2", Namespace: "ns"},
+				Spec: aigv1a1.BackendSecurityPolicySpec{
+					Type: aigv1a1.BackendSecurityPolicyTypeAnthropicAPIKey,
+					AnthropicAPIKey: &aigv1a1.BackendSecurityPolicyAnthropicAPIKey{
+						SecretRef: &gwapiv1.SecretObjectReference{Name: "some-aaaa"},
+					},
+				},
+			},
+			expKey: "some-aaaa.ns",
+		},
 	} {
 		t.Run(bsp.name, func(t *testing.T) {
 			c := fake.NewClientBuilder().
 
@@ -367,6 +367,13 @@ func (c *GatewayController) bspToFilterAPIBackendAuth(ctx context.Context, backe
 			return nil, fmt.Errorf("failed to get secret %s: %w", secretName, err)
 		}
 		return &filterapi.BackendAuth{AzureAPIKey: &filterapi.AzureAPIKeyAuth{Key: apiKey}}, nil
+	case aigv1a1.BackendSecurityPolicyTypeAnthropicAPIKey:
+		secretName := string(backendSecurityPolicy.Spec.AnthropicAPIKey.SecretRef.Name)
+		apiKey, err := c.getSecretData(ctx, namespace, secretName, apiKeyInSecret)
+		if err != nil {
+			return nil, fmt.Errorf("failed to get secret %s: %w", secretName, err)
+		}
+		return &filterapi.BackendAuth{AnthropicAPIKey: &filterapi.AnthropicAPIKeyAuth{Key: apiKey}}, nil
 	case aigv1a1.BackendSecurityPolicyTypeAWSCredentials:
 		var secretName string
 		if awsCred := backendSecurityPolicy.Spec.AWSCredentials; awsCred.CredentialsFile != nil {
 
@@ -464,6 +464,15 @@ func TestGatewayController_bspToFilterAPIBackendAuth(t *testing.T) {
 				},
 			},
 		},
+		{
+			ObjectMeta: metav1.ObjectMeta{Name: "bsp-anthropic-apikey", Namespace: namespace},
+			Spec: aigv1a1.BackendSecurityPolicySpec{
+				Type: aigv1a1.BackendSecurityPolicyTypeAnthropicAPIKey,
+				AnthropicAPIKey: &aigv1a1.BackendSecurityPolicyAnthropicAPIKey{
+					SecretRef: &gwapiv1.SecretObjectReference{Name: "api-key-secret"},
+				},
+			},
+		},
 	} {
 		require.NoError(t, fakeClient.Create(t.Context(), bsp))
 	}
@@ -531,6 +540,12 @@ func TestGatewayController_bspToFilterAPIBackendAuth(t *testing.T) {
 				GCPAuth: &filterapi.GCPAuth{AccessToken: "thisisgcpcredentials"},
 			},
 		},
+		{
+			bspName: "bsp-anthropic-apikey",
+			exp: &filterapi.BackendAuth{
+				AnthropicAPIKey: &filterapi.AnthropicAPIKeyAuth{Key: "thisisapikey"},
+			},
+		},
 	} {
 		t.Run(tc.bspName, func(t *testing.T) {
 			bsp := &aigv1a1.BackendSecurityPolicy{}