REST Resource: organizations.environments.targetservers

Resource: TargetServer

TargetServer configuration. TargetServers are used to decouple a proxy TargetEndpoint HTTPTargetConnections from concrete URLs for backend services.

JSON representation
{
  "name": string,
  "description": string,
  "host": string,
  "port": integer,
  "isEnabled": boolean,
  "sSLInfo": {
    object (TlsInfo)
  },
  "protocol": enum (Protocol)
}
Fields
name

string

Required. The resource id of this target server. Values must match the regular expression

description

string

Optional. A human-readable description of this TargetServer.

host

string

Required. The host name this target connects to. Value must be a valid hostname as described by RFC-1123.

port

integer

Required. The port number this target connects to on the given host. Value must be between 1 and 65535, inclusive.

isEnabled

boolean

Optional. Enabling/disabling a TargetServer is useful when TargetServers are used in load balancing configurations, and one or more TargetServers need to taken out of rotation periodically. Defaults to true.

sSLInfo

object (TlsInfo)

Optional. Specifies TLS configuration info for this TargetServer. The JSON name is sSLInfo for legacy/backwards compatibility reasons -- Edge originally supported SSL, and the name is still used for TLS configuration.

protocol

enum (Protocol)

Immutable. The protocol used by this TargetServer.

TlsInfo

TLS configuration information for virtual hosts and TargetServers.

JSON representation
{
  "enabled": boolean,
  "clientAuthEnabled": boolean,
  "keyStore": string,
  "keyAlias": string,
  "trustStore": string,
  "ignoreValidationErrors": boolean,
  "protocols": [
    string
  ],
  "ciphers": [
    string
  ],
  "commonName": {
    object (CommonName)
  }
}
Fields
enabled

boolean

Required. Enables TLS. If false, neither one-way nor two-way TLS will be enabled.

clientAuthEnabled

boolean

Optional. Enables two-way TLS.

keyStore

string

Required if clientAuthEnabled is true. The resource ID of the keystore.

keyAlias

string

Required if clientAuthEnabled is true. The resource ID for the alias containing the private key and cert.

trustStore

string

The resource ID of the truststore.

ignoreValidationErrors

boolean

If true, Edge ignores TLS certificate errors. Valid when configuring TLS for target servers and target endpoints, and when configuring virtual hosts that use 2-way TLS.

When used with a target endpoint/target server, if the backend system uses SNI and returns a cert with a subject Distinguished Name (DN) that does not match the hostname, there is no way to ignore the error and the connection fails.

protocols[]

string

The TLS versioins to be used.

ciphers[]

string

The SSL/TLS cipher suites to be used. For programmable proxies, it must be one of the cipher suite names listed in: http://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html#ciphersuites. For configurable proxies, it must follow the configuration specified in: https://commondatastorage.googleapis.com/chromium-boringssl-docs/ssl.h.html#Cipher-suite-configuration. This setting has no effect for configurable proxies when negotiating TLS 1.3.

commonName

object (CommonName)

The TLS Common Name of the certificate.

CommonName

JSON representation
{
  "value": string,
  "wildcardMatch": boolean
}
Fields
value

string

The TLS Common Name string of the certificate.

wildcardMatch

boolean

Indicates whether the cert should be matched against as a wildcard cert.

Protocol

Supported protocols for a TargetServer.

Enums
PROTOCOL_UNSPECIFIED UNSPECIFIED defaults to HTTP for backwards compatibility.
HTTP The TargetServer uses HTTP.
HTTP2 The TargetSever uses HTTP2.
GRPC_TARGET The TargetServer uses GRPC.
GRPC GRPC TargetServer to be used in ExternalCallout Policy. Prefer to use EXTERNAL_CALLOUT instead. TODO(b/266125112) deprecate once EXTERNAL _CALLOUT generally available.
EXTERNAL_CALLOUT The TargetServer is to be used in the ExternalCallout Policy

Methods

create

Creates a TargetServer in the specified environment.

delete

Deletes a TargetServer from an environment.

get

Gets a TargetServer resource.

list

Lists all TargetServers in an environment as a JSON array.

update

Updates an existing TargetServer.