dapr
/
docs
mirror of https://github.com/dapr/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Updated specs with note on stpring secrets

This commit is contained in:
Aaron Crawfis 2020-03-06 14:04:13 -08:00
parent 0d552669aa
commit 51cb538c82
19 changed files with 103 additions and 73 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
concepts/bindings/bindings_api.md
View File

@ -32,6 +32,8 @@ The ```metadata.name``` is the name of the binding.
If running place this file in your `components` folder next to your state store and message queue yml configurations.
If running on kubernetes apply the component to your cluster.
> **Note:** In production never place passwords or secrets within Dapr components. For information on securly storing and retrieving secrets refer to [Setup Secret Store](../../../howto/setup-secret-store)
## Invoking Service Code Through Input Bindings
A developer who wants to trigger her app using an input binding can listen on a ```POST``` http endpoint with the route name being the same as ```metadata.name```.

8
concepts/bindings/specs/blobstorage.md
View File

@ -16,6 +16,8 @@ spec:
value: container1
```
`storageAccount` is the Blob Storage account name.
`storageAccessKey` is the Blob Storage access key.
`container` is the name of the Blob Storage container to write to.
- `storageAccount` is the Blob Storage account name.
- `storageAccessKey` is the Blob Storage access key.
- `container` is the name of the Blob Storage container to write to.
> **Note:** In production never place passwords or secrets within Dapr components. For information on securly storing and retrieving secrets refer to [Setup Secret Store](../../../howto/setup-secret-store)

12
concepts/bindings/specs/cosmosdb.md
View File

@ -20,8 +20,10 @@ spec:
value: message
```
`url` is the CosmosDB url.
`masterKey` is the CosmosDB account master key.
`database` is the name of the CosmosDB database.
`collection` is name of the collection inside the database.
`partitionKey` is the name of the partitionKey to extract from the payload.
- `url` is the CosmosDB url.
- `masterKey` is the CosmosDB account master key.
- `database` is the name of the CosmosDB database.
- `collection` is name of the collection inside the database.
- `partitionKey` is the name of the partitionKey to extract from the payload.
> **Note:** In production never place passwords or secrets within Dapr components. For information on securly storing and retrieving secrets refer to [Setup Secret Store](../../../howto/setup-secret-store)

10
concepts/bindings/specs/dynamodb.md
View File

@ -18,7 +18,9 @@ spec:
value: items
```
`region` is the AWS region.
`accessKey` is the AWS access key.
`secretKey` is the AWS secret key.
`table` is the DynamoDB table name.
- `region` is the AWS region.
- `accessKey` is the AWS access key.
- `secretKey` is the AWS secret key.
- `table` is the DynamoDB table name.
> **Note:** In production never place passwords or secrets within Dapr components. For information on securly storing and retrieving secrets refer to [Setup Secret Store](../../../howto/setup-secret-store)

2
concepts/bindings/specs/eventhubs.md
View File

@ -19,3 +19,5 @@ spec:
- `connectionString` is the [EventHubs connection string](https://docs.microsoft.com/en-us/azure/event-hubs/authorize-access-shared-access-signature). Note that this is the EventHub itself and not the EventHubs namespace. Make sure to use the child EventHub shared access policy connection string.
- `consumerGroup` is the name of an [EventHubs consumerGroup](https://docs.microsoft.com/en-us/azure/event-hubs/event-hubs-features#consumer-groups) to listen on.
- `messageAge` allows to receive messages that are not older than the specified age.
> **Note:** In production never place passwords or secrets within Dapr components. For information on securly storing and retrieving secrets refer to [Setup Secret Store](../../../howto/setup-secret-store)

24
concepts/bindings/specs/gcpbucket.md
View File

@ -32,14 +32,16 @@ spec:
value: PRIVATE KEY
```
`bucket` is the bucket name.
`type` is the GCP credentials type.
`project_id` is the GCP project id.
`private_key_id` is the GCP private key id.
`client_email` is the GCP client email.
`client_id` is the GCP client id.
`auth_uri` is Google account oauth endpoint.
`token_uri` is Google account token uri.
`auth_provider_x509_cert_url` is the GCP credentials cert url.
`client_x509_cert_url` is the GCP credentials project x509 cert url.
`private_key` is the GCP credentials private key.
- `bucket` is the bucket name.
- `type` is the GCP credentials type.
- `project_id` is the GCP project id.
- `private_key_id` is the GCP private key id.
- `client_email` is the GCP client email.
- `client_id` is the GCP client id.
- `auth_uri` is Google account oauth endpoint.
- `token_uri` is Google account token uri.
- `auth_provider_x509_cert_url` is the GCP credentials cert url.
- `client_x509_cert_url` is the GCP credentials project x509 cert url.
- `private_key` is the GCP credentials private key.
> **Note:** In production never place passwords or secrets within Dapr components. For information on securly storing and retrieving secrets refer to [Setup Secret Store](../../../howto/setup-secret-store)

26
concepts/bindings/specs/gcppubsub.md
View File

@ -34,15 +34,17 @@ spec:
value: PRIVATE KEY
```
`topic` is the Pub/Sub topic name.
`subscription` is the Pub/Sub subscription name.
`type` is the GCP credentials type.
`project_id` is the GCP project id.
`private_key_id` is the GCP private key id.
`client_email` is the GCP client email.
`client_id` is the GCP client id.
`auth_uri` is Google account OAuth endpoint.
`token_uri` is Google account token uri.
`auth_provider_x509_cert_url` is the GCP credentials cert url.
`client_x509_cert_url` is the GCP credentials project x509 cert url.
`private_key` is the GCP credentials private key.
- `topic` is the Pub/Sub topic name.
- `subscription` is the Pub/Sub subscription name.
- `type` is the GCP credentials type.
- `project_id` is the GCP project id.
- `private_key_id` is the GCP private key id.
- `client_email` is the GCP client email.
- `client_id` is the GCP client id.
- `auth_uri` is Google account OAuth endpoint.
- `token_uri` is Google account token uri.
- `auth_provider_x509_cert_url` is the GCP credentials cert url.
- `client_x509_cert_url` is the GCP credentials project x509 cert url.
- `private_key` is the GCP credentials private key.
> **Note:** In production never place passwords or secrets within Dapr components. For information on securly storing and retrieving secrets refer to [Setup Secret Store](../../../howto/setup-secret-store)

4
concepts/bindings/specs/http.md
View File

@ -14,5 +14,5 @@ spec:
value: GET
```
`url` is the HTTP url to invoke.
`method` is the HTTP verb to use for the request.
- `url` is the HTTP url to invoke.
- `method` is the HTTP verb to use for the request.

16
concepts/bindings/specs/kafka.md
View File

@ -24,10 +24,12 @@ spec:
value: "password"
```
`topics` is a comma separated string of topics for an input binding.
`brokers` is a comma separated string of kafka brokers.
`consumerGroup` is a kafka consumer group to listen on.
`publishTopic` is the topic to publish for an output binding.
`authRequired` determines whether to use SASL authentication or not.
`saslUsername` is the SASL username for authentication. Only used if `authRequired` is set to `"true"`.
`saslPassword` is the SASL password for authentication. Only used if `authRequired` is set to `"true"`.
- `topics` is a comma separated string of topics for an input binding.
- `brokers` is a comma separated string of kafka brokers.
- `consumerGroup` is a kafka consumer group to listen on.
- `publishTopic` is the topic to publish for an output binding.
- `authRequired` determines whether to use SASL authentication or not.
- `saslUsername` is the SASL username for authentication. Only used if `authRequired` is set to - `"true"`.
- `saslPassword` is the SASL password for authentication. Only used if `authRequired` is set to - `"true"`.
> **Note:** In production never place passwords or secrets within Dapr components. For information on securly storing and retrieving secrets refer to [Setup Secret Store](../../../howto/setup-secret-store)

2
concepts/bindings/specs/kubernetes.md
View File

@ -12,4 +12,4 @@ spec:
value: default
```
`namespace` is the Kubernetes namespace to read events from. Default is `default`.
- `namespace` is the Kubernetes namespace to read events from. Default is `default`.

4
concepts/bindings/specs/mqtt.md
View File

@ -14,5 +14,5 @@ spec:
value: topic1
```
`url` is the MQTT broker url.
`topic` is the topic to listen on or send events to.
- `url` is the MQTT broker url.
- `topic` is the topic to listen on or send events to.

8
concepts/bindings/specs/rabbitmq.md
View File

@ -18,7 +18,7 @@ spec:
value: false
```
`queueName` is the RabbitMQ queue name.
`host` is the RabbitMQ host address.
`durable` tells RabbitMQ to persist message in storage.
`deleteWhenUnused` enables or disables auto-delete.
- `queueName` is the RabbitMQ queue name.
- `host` is the RabbitMQ host address.
- `durable` tells RabbitMQ to persist message in storage.
- `deleteWhenUnused` enables or disables auto-delete.

6
concepts/bindings/specs/redis.md
View File

@ -14,5 +14,7 @@ spec:
value: **************
```
`redisHost` is the Redis host address.
`redisPassword` is the Redis password.
- `redisHost` is the Redis host address.
- `redisPassword` is the Redis password.
> **Note:** In production never place passwords or secrets within Dapr components. For information on securly storing and retrieving secrets refer to [Setup Secret Store](../../../howto/setup-secret-store)

10
concepts/bindings/specs/s3.md
View File

@ -18,7 +18,9 @@ spec:
value: mybucket
```
`region` is the AWS region.
`accessKey` is the AWS access key.
`secretKey` is the AWS secret key.
`table` is the name of the S3 bucket to write to.
- `region` is the AWS region.
- `accessKey` is the AWS access key.
- `secretKey` is the AWS secret key.
- `table` is the name of the S3 bucket to write to.
> **Note:** In production never place passwords or secrets within Dapr components. For information on securly storing and retrieving secrets refer to [Setup Secret Store](../../../howto/setup-secret-store)

6
concepts/bindings/specs/servicebusqueues.md
View File

@ -14,5 +14,7 @@ spec:
value: queue1
```
`connectionString` is the Service Bus connection string.
`queueName` is the Service Bus queue name.
- `connectionString` is the Service Bus connection string.
- `queueName` is the Service Bus queue name.
> **Note:** In production never place passwords or secrets within Dapr components. For information on securly storing and retrieving secrets refer to [Setup Secret Store](../../../howto/setup-secret-store)

6
concepts/bindings/specs/signalr.md
View File

@ -14,8 +14,10 @@ spec:
value: <hub name>
```
The metadata `connectionString` contains the Azure SignalR connection string.
The optional `hub` metadata value defines the hub in which the message will be send. The hub can be dynamically defined as a metadata value when publishing to an output binding (key is "hub").
- The metadata `connectionString` contains the Azure SignalR connection string.
- The optional `hub` metadata value defines the hub in which the message will be send. The hub can be dynamically defined as a metadata value when publishing to an output binding (key is "hub").
> **Note:** In production never place passwords or secrets within Dapr components. For information on securly storing and retrieving secrets refer to [Setup Secret Store](../../../howto/setup-secret-store)
## Additional information

10
concepts/bindings/specs/sns.md
View File

@ -18,7 +18,9 @@ spec:
value: mytopic
```
`region` is the AWS region.
`accessKey` is the AWS access key.
`secretKey` is the AWS secret key.
`topicArn` is the SNS topic name.
- `region` is the AWS region.
- `accessKey` is the AWS access key.
- `secretKey` is the AWS secret key.
- `topicArn` is the SNS topic name.
> **Note:** In production never place passwords or secrets within Dapr components. For information on securly storing and retrieving secrets refer to [Setup Secret Store](../../../howto/setup-secret-store)

10
concepts/bindings/specs/sqs.md
View File

@ -18,7 +18,9 @@ spec:
value: items
```
`region` is the AWS region.
`accessKey` is the AWS access key.
`secretKey` is the AWS secret key.
`queueName` is the SQS queue name.
- `region` is the AWS region.
- `accessKey` is the AWS access key.
- `secretKey` is the AWS secret key.
- `queueName` is the SQS queue name.
> **Note:** In production never place passwords or secrets within Dapr components. For information on securly storing and retrieving secrets refer to [Setup Secret Store](../../../howto/setup-secret-store)

10
concepts/bindings/specs/twilio.md
View File

@ -18,7 +18,9 @@ spec:
value: *****************
```
`toNumber` is the target number to send the sms to.
`fromNumber` is the sender phone number.
`accountSid` is the Twilio account SID.
`authToken` is the Twilio auth token.
- `toNumber` is the target number to send the sms to.
- `fromNumber` is the sender phone number.
- `accountSid` is the Twilio account SID.
- `authToken` is the Twilio auth token.
> **Note:** In production never place passwords or secrets within Dapr components. For information on securly storing and retrieving secrets refer to [Setup Secret Store](../../../howto/setup-secret-store)