static_resources: listeners: - address: socket_address: address: 0.0.0.0 port_value: 8000 filter_chains: - filters: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager stat_prefix: ingress_http http_filters: - name: envoy.filters.http.router route_config: name: local_route virtual_hosts: - name: local_service domains: ["*"] routes: - match: { prefix: "/foo" } route: cluster: service_protected_by_rate_limit rate_limits: - actions: # any actions in here - request_headers: header_name: x-envoy-downstream-service-cluster descriptor_key: client_cluster - request_headers: header_name: ":path" descriptor_key: path typed_per_filter_config: envoy.filters.http.local_ratelimit: "@type": type.googleapis.com/envoy.extensions.filters.http.local_ratelimit.v3.LocalRateLimit stat_prefix: test token_bucket: max_tokens: 1000 tokens_per_fill: 1000 fill_interval: 60s filter_enabled: runtime_key: test_enabled default_value: numerator: 100 denominator: HUNDRED filter_enforced: runtime_key: test_enforced default_value: numerator: 100 denominator: HUNDRED response_headers_to_add: - append: false header: key: x-test-rate-limit value: 'true' descriptors: - entries: - key: client_cluster value: foo - key: path value: /foo/bar token_bucket: max_tokens: 10 tokens_per_fill: 10 fill_interval: 60s - entries: - key: client_cluster value: foo - key: path value: /foo/bar2 token_bucket: max_tokens: 100 tokens_per_fill: 100 fill_interval: 60s - match: { prefix: "/" } route: { cluster: default_service } clusters: - name: default_service load_assignment: cluster_name: default_service endpoints: - lb_endpoints: - endpoint: address: socket_address: address: 127.0.0.1 port_value: 8080 - name: service_protected_by_rate_limit load_assignment: cluster_name: service_protected_by_rate_limit endpoints: - lb_endpoints: - endpoint: address: socket_address: address: 127.0.0.1 port_value: 8081