Grpc Route
GrpcRoute
Defines the high-level intent for routing gRPC traffic.
Translates this into service mesh or load balancer configurations, supporting features like method-level routing, retry policies, and timeout management.
| Property | Type | Description |
|---|---|---|
| apiVersion | string | |
| kind | string | |
| metadata | map | |
| spec | Spec |
Target
| Property | Type | Description |
|---|---|---|
| kind | string | |
| name | string |
Spec
Contains the user-defined routing rules for gRPC traffic. Encapsulates the core logic for matching gRPC requests by service or method and directing them to backend targets.
| Property | Type | Description |
|---|---|---|
| description | string | This description is optional but will drastically improve the understand of the AI assistant about the structural elements of the organization |
| rules | list of GrpcRouteRule | A list of rules that define how to match and forward gRPC requests. Each rule in this list is translated into a rules block within the underlying routing infrastructure. The route is associated with an ingress gateway and a hostname derived from the manifest's name. |
GrpcRouteRule
GrpcRouteRule
| Property | Type | Description |
|---|---|---|
| matches | list of GrpcRouteRuleMatch | |
| authentication | list of RouteRuleAuthenticationConfig | Rule Authentication Configuration. Defines the authentication configuration for this rule. If not specified, the rule will be unauthenticated. |
| authorization | list of ComputedAuthorizationAccessRuleCheck | Rule Authorization Configuration. Defines the authorization configuration for this rule. If not specified, the rule will be open to all users. |
ComputedAuthorizationAccessRuleCheck
Represents a computed access check for a route rule.
Maps an expected identity tuple (namespace, relation, object) that the AuthZ extension must validate during the request flow.
| Property | Type | Description |
|---|---|---|
| namespace | string | This value is a direct reflection of 'spec.authorization.namespace' from a child 'HttpRoute' or 'GrpcRoute' manifest. |
| relation | string | This value is a direct reflection of 'spec.authorization.relation' from a child 'HttpRoute' or 'GrpcRoute' manifest. |
| object | string | This value is a direct reflection of 'spec.authorization.object' from a child 'HttpRoute' or 'GrpcRoute' manifest. |
GrpcRouteRuleMatch
GrpcRouteRuleMatch
| Property | Type | Description |
|---|---|---|
| headers | list of GrpcRouteRuleMatchHeader | |
| method | MethodMatch |
RouteRuleAuthenticationConfig
Configures authentication exceptions or specifics for a route rule.
Translates into localized Gateway or Load Balancer configurations dictating how auth assertions are evaluated for specific matched paths.
| Property | Type | Description |
|---|---|---|
| type | string | |
| tenants | list of string | Tenant-specific authentication configuration. A list of IdentityProvider names allowed to access this route. Only applicable if type is IDENTITY_PROVIDER. |
GrpcRouteRuleMatchHeader
Matches gRPC metadata equivalent to HTTP headers.
Appended to a grpc_route to define rules based on custom gRPC metadata sent by the client.
| Property | Type | Description |
|---|---|---|
| key | string | |
| value | string | |
| type | string |
MethodMatch
Matches gRPC traffic by canonical service or method name.
Primary routing discriminator in google_network_services_grpc_route, replacing URL path matches found in HTTP.
| Property | Type | Description |
|---|---|---|
| grpcService | string | |
| grpcMethod | string | |
| caseSensitive | bool |