Open arkodg opened 10 months ago
thinking out loud, this use case can be achieved in two ways
dontMatch
field - clientSelectors:
- headers:
- type: Distinct
name: x-claim-email
- type: Exact
name: x-claim-email
dontMatch: true
value: myemail@gmail.com
except
field
- clientSelectors:
- headers:
- type: Distinct
name: x-claim-email
except:
headers:
- type: Exact
name: x-claim-email
value: myemail@gmail.com
this api field would decide the value of expect_match
in https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/route/v3/route_components.proto#config-route-v3-ratelimit-action-headervaluematch
I'm new to this part of the code , will like to learn an implement this feature. /assign
ptal @envoyproxy/gateway-maintainers
This issue has been automatically marked as stale because it has not had activity in the last 30 days.
hey @slayer321 still planning on working on this issue ?
Hey @arkodg , currently stuck with some other stuff .. will not be able to work on this issue as of now.
@arkodg interested in picking up this issue, thanks!
great thanks @rudrakhp, suggest breaking up the work into multiple PRs (API, Implementation, Docs/E2E)
@arkodg raised API PR to support this in both header and source matches. Thought it might be easier to do so when dealing with scenarios where subset IP CIDRs might be exempted or have different rate limits. Preferred the dontMatch
approach, went with another name though. Please do review, thanks!
Description:
Consider this config
I want to allow myemail@gmail.com user to 10 req/min but all other user 5 req/min. But with this config myemail@gmail.com user is getting 429 after 5 requests.
Relates to https://envoyproxy.slack.com/archives/C03E6NHLESV/p1699784524023299
[optional Relevant Links:]