envoyproxy/envoy

feat: Credential Injection for ext_authz and ext_proc calls

Open

#41,767 建立於 2025年10月29日

在 GitHub 查看
 (5 留言) (1 反應) (0 負責人)C++ (5,373 fork)batch import
area/ext_authzarea/ext_procenhancementhelp wantedno stalebot

倉庫指標

Star
 (27,997 star)
PR 合併指標
 (平均合併 8天) (30 天內合併 378 個 PR)

描述

Title: Add Credential Injection compatible with ext_authz and ext_proc gRPC and HTTP calls

Description:

I have need for a feature facilitating workload authentication on external calls by the envoy.filters.http.ext_authz and envoy.filters.http.ext_proc filters. The Credential Injector filter almost works for this use case, but the secrets are only injected to the routed request, not the side-processing requests.

I don't know if this is best implemented as an enhancement to the ext_* filters to access SDS, or to somehow make secrets available to the existing API.

貢獻者指南