Docs
Edge StackThe EnvoyFilterPolicy Resource (v3alpha1)
The EnvoyFilterPolicy Resource (v3alpha1)
The EnvoyFilterPolicy custom resource provides a way to manage how Envoy filters are applied to incoming requests in Ambassador Edge Stack. It allows users to define rules that specify which filters to apply, the order in which they're evaluated using precedence, and the specific Ambassador instances they should target. This ensures flexible, consistent, and centralized control over request processing, which enhances security, observability, and traffic management across services.
This document provides an overview of all the fields in the EnvoyFilterPolicy custom resource, including their purpose, type, and default values. This page is specific to the getambassador.io/v3alpha1 version of the EnvoyFilterPolicy resource.
Envoy Filter Policy API Reference
To define an Envoy Filter Policy, set kind to EnvoyFilterPolicy and provide the desired configuration under the spec.rules field.
The following sections provide resource details formatted into markdown tables for each property, including nested objects.
EnvoyFilterPolicy
| Field | Type | Description |
|---|---|---|
ambassador_id | array[string] | Declares which Ambassador instances should watch this resource. The default is ["default"]. |
rules | array[EnvoyFilterPolicyRule] | Defines rules for how EnvoyFilter is applied. It must contain at least one item. |
EnvoyFilterPolicyRule
| Field | Type | Description |
|---|---|---|
envoyFilters | array[EnvoyFilterReference] | A list of EnvoyFilter references. |
precedence | integer | An optional way to specify how rules are ordered when a request matches more than one rule. |
EnvoyFilterReference
| Field | Type | Description |
|---|---|---|
name | string | The name of the EnvoyFilter. |
namespace | string | The namespace of the EnvoyFilter. |
EnvoyFilterPolicy Example
The following example applies an EnvoyFilterPolicy to the payment-services namespace in both production and staging environments. The rules are organized by precedence, allowing security filters to be applied before observability filters. In this example, precedence ensures that security filters (e.g., authentication and validation) are applied before observability filters (e.g., logging).