Viewing docs for konnect 3.14.0
published on Friday, Apr 24, 2026 by kong
published on Friday, Apr 24, 2026 by kong
Viewing docs for konnect 3.14.0
published on Friday, Apr 24, 2026 by kong
published on Friday, Apr 24, 2026 by kong
GatewayPluginAiMcpProxy Resource
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as konnect from "@pulumi/konnect";
const myGatewaypluginaimcpproxy = new konnect.GatewayPluginAiMcpProxy("my_gatewaypluginaimcpproxy", {
condition: "...my_condition...",
config: {
accessTokenClaimField: "...my_access_token_claim_field...",
aclAttributeType: "consumer",
consumerIdentifier: "username",
defaultAcls: [{
allows: ["..."],
denies: ["..."],
scope: "tools",
}],
includeConsumerGroups: false,
logging: {
logAudits: false,
logPayloads: false,
logStatistics: false,
},
maxRequestBodySize: 1048576,
mode: "passthrough-listener",
server: {
forwardClientHeaders: true,
session: {
client: {
secrets: ["..."],
},
managed: true,
redis: {
cloudAuthentication: {
authProvider: "azure",
awsAccessKeyId: "...my_aws_access_key_id...",
awsAssumeRoleArn: "...my_aws_assume_role_arn...",
awsCacheName: "...my_aws_cache_name...",
awsIsServerless: true,
awsRegion: "...my_aws_region...",
awsRoleSessionName: "...my_aws_role_session_name...",
awsSecretAccessKey: "...my_aws_secret_access_key...",
azureClientId: "...my_azure_client_id...",
azureClientSecret: "...my_azure_client_secret...",
azureTenantId: "...my_azure_tenant_id...",
gcpServiceAccountJson: "...my_gcp_service_account_json...",
},
clusterMaxRedirections: 5,
clusterNodes: [{
ip: "127.0.0.1",
port: 6379,
}],
connectTimeout: 2000,
connectionIsProxied: false,
database: 0,
host: "127.0.0.1",
keepaliveBacklog: 354648205,
keepalivePoolSize: 256,
password: "...my_password...",
port: 6379,
readTimeout: 2000,
sendTimeout: 2000,
sentinelMaster: "...my_sentinel_master...",
sentinelNodes: [{
host: "127.0.0.1",
port: 6379,
}],
sentinelPassword: "...my_sentinel_password...",
sentinelRole: "any",
sentinelUsername: "...my_sentinel_username...",
serverName: "...my_server_name...",
ssl: false,
sslVerify: false,
username: "...my_username...",
},
sessionTtl: 86400,
strategy: "client",
},
tag: "...my_tag...",
timeout: 10000,
},
tools: [{
acl: {
allows: ["..."],
denies: ["..."],
},
annotations: {
destructiveHint: true,
idempotentHint: false,
openWorldHint: false,
readOnlyHint: false,
title: "...my_title...",
},
description: "...my_description...",
headers: {
key: [],
},
host: "...my_host...",
method: "GET",
name: "...my_name...",
parameters: [{
description: "...my_description...",
"in": "...my_in...",
name: "...my_name...",
required: true,
schema: {
type: "...my_type...",
},
}],
path: "...my_path...",
query: {
key: [],
},
requestBody: "{ \"see\": \"documentation\" }",
responses: "{ \"see\": \"documentation\" }",
scheme: "https",
}],
},
controlPlaneId: "9524ec7d-36d9-465d-a8c5-83a3c9390458",
createdAt: 4,
enabled: true,
gatewayPluginAiMcpProxyId: "...my_id...",
instanceName: "...my_instance_name...",
ordering: {
after: {
accesses: ["..."],
},
before: {
accesses: ["..."],
},
},
partials: [{
id: "...my_id...",
name: "...my_name...",
path: "...my_path...",
}],
protocols: ["grpc"],
route: {
id: "...my_id...",
},
service: {
id: "...my_id...",
},
tags: ["..."],
updatedAt: 1,
});
import pulumi
import pulumi_konnect as konnect
my_gatewaypluginaimcpproxy = konnect.GatewayPluginAiMcpProxy("my_gatewaypluginaimcpproxy",
condition="...my_condition...",
config={
"access_token_claim_field": "...my_access_token_claim_field...",
"acl_attribute_type": "consumer",
"consumer_identifier": "username",
"default_acls": [{
"allows": ["..."],
"denies": ["..."],
"scope": "tools",
}],
"include_consumer_groups": False,
"logging": {
"log_audits": False,
"log_payloads": False,
"log_statistics": False,
},
"max_request_body_size": 1048576,
"mode": "passthrough-listener",
"server": {
"forward_client_headers": True,
"session": {
"client": {
"secrets": ["..."],
},
"managed": True,
"redis": {
"cloud_authentication": {
"auth_provider": "azure",
"aws_access_key_id": "...my_aws_access_key_id...",
"aws_assume_role_arn": "...my_aws_assume_role_arn...",
"aws_cache_name": "...my_aws_cache_name...",
"aws_is_serverless": True,
"aws_region": "...my_aws_region...",
"aws_role_session_name": "...my_aws_role_session_name...",
"aws_secret_access_key": "...my_aws_secret_access_key...",
"azure_client_id": "...my_azure_client_id...",
"azure_client_secret": "...my_azure_client_secret...",
"azure_tenant_id": "...my_azure_tenant_id...",
"gcp_service_account_json": "...my_gcp_service_account_json...",
},
"cluster_max_redirections": 5,
"cluster_nodes": [{
"ip": "127.0.0.1",
"port": 6379,
}],
"connect_timeout": 2000,
"connection_is_proxied": False,
"database": 0,
"host": "127.0.0.1",
"keepalive_backlog": 354648205,
"keepalive_pool_size": 256,
"password": "...my_password...",
"port": 6379,
"read_timeout": 2000,
"send_timeout": 2000,
"sentinel_master": "...my_sentinel_master...",
"sentinel_nodes": [{
"host": "127.0.0.1",
"port": 6379,
}],
"sentinel_password": "...my_sentinel_password...",
"sentinel_role": "any",
"sentinel_username": "...my_sentinel_username...",
"server_name": "...my_server_name...",
"ssl": False,
"ssl_verify": False,
"username": "...my_username...",
},
"session_ttl": 86400,
"strategy": "client",
},
"tag": "...my_tag...",
"timeout": 10000,
},
"tools": [{
"acl": {
"allows": ["..."],
"denies": ["..."],
},
"annotations": {
"destructive_hint": True,
"idempotent_hint": False,
"open_world_hint": False,
"read_only_hint": False,
"title": "...my_title...",
},
"description": "...my_description...",
"headers": {
"key": [],
},
"host": "...my_host...",
"method": "GET",
"name": "...my_name...",
"parameters": [{
"description": "...my_description...",
"in_": "...my_in...",
"name": "...my_name...",
"required": True,
"schema": {
"type": "...my_type...",
},
}],
"path": "...my_path...",
"query": {
"key": [],
},
"request_body": "{ \"see\": \"documentation\" }",
"responses": "{ \"see\": \"documentation\" }",
"scheme": "https",
}],
},
control_plane_id="9524ec7d-36d9-465d-a8c5-83a3c9390458",
created_at=4,
enabled=True,
gateway_plugin_ai_mcp_proxy_id="...my_id...",
instance_name="...my_instance_name...",
ordering={
"after": {
"accesses": ["..."],
},
"before": {
"accesses": ["..."],
},
},
partials=[{
"id": "...my_id...",
"name": "...my_name...",
"path": "...my_path...",
}],
protocols=["grpc"],
route={
"id": "...my_id...",
},
service={
"id": "...my_id...",
},
tags=["..."],
updated_at=1)
package main
import (
"github.com/pulumi/pulumi-terraform-provider/sdks/go/konnect/v3/konnect"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := konnect.NewGatewayPluginAiMcpProxy(ctx, "my_gatewaypluginaimcpproxy", &konnect.GatewayPluginAiMcpProxyArgs{
Condition: pulumi.String("...my_condition..."),
Config: &konnect.GatewayPluginAiMcpProxyConfigArgs{
AccessTokenClaimField: pulumi.String("...my_access_token_claim_field..."),
AclAttributeType: pulumi.String("consumer"),
ConsumerIdentifier: pulumi.String("username"),
DefaultAcls: konnect.GatewayPluginAiMcpProxyConfigDefaultAclArray{
&konnect.GatewayPluginAiMcpProxyConfigDefaultAclArgs{
Allows: pulumi.StringArray{
pulumi.String("..."),
},
Denies: pulumi.StringArray{
pulumi.String("..."),
},
Scope: pulumi.String("tools"),
},
},
IncludeConsumerGroups: pulumi.Bool(false),
Logging: &konnect.GatewayPluginAiMcpProxyConfigLoggingArgs{
LogAudits: pulumi.Bool(false),
LogPayloads: pulumi.Bool(false),
LogStatistics: pulumi.Bool(false),
},
MaxRequestBodySize: pulumi.Float64(1048576),
Mode: pulumi.String("passthrough-listener"),
Server: &konnect.GatewayPluginAiMcpProxyConfigServerArgs{
ForwardClientHeaders: pulumi.Bool(true),
Session: &konnect.GatewayPluginAiMcpProxyConfigServerSessionArgs{
Client: &konnect.GatewayPluginAiMcpProxyConfigServerSessionClientArgs{
Secrets: pulumi.StringArray{
pulumi.String("..."),
},
},
Managed: pulumi.Bool(true),
Redis: &konnect.GatewayPluginAiMcpProxyConfigServerSessionRedisArgs{
CloudAuthentication: &konnect.GatewayPluginAiMcpProxyConfigServerSessionRedisCloudAuthenticationArgs{
AuthProvider: pulumi.String("azure"),
AwsAccessKeyId: pulumi.String("...my_aws_access_key_id..."),
AwsAssumeRoleArn: pulumi.String("...my_aws_assume_role_arn..."),
AwsCacheName: pulumi.String("...my_aws_cache_name..."),
AwsIsServerless: pulumi.Bool(true),
AwsRegion: pulumi.String("...my_aws_region..."),
AwsRoleSessionName: pulumi.String("...my_aws_role_session_name..."),
AwsSecretAccessKey: pulumi.String("...my_aws_secret_access_key..."),
AzureClientId: pulumi.String("...my_azure_client_id..."),
AzureClientSecret: pulumi.String("...my_azure_client_secret..."),
AzureTenantId: pulumi.String("...my_azure_tenant_id..."),
GcpServiceAccountJson: pulumi.String("...my_gcp_service_account_json..."),
},
ClusterMaxRedirections: pulumi.Float64(5),
ClusterNodes: konnect.GatewayPluginAiMcpProxyConfigServerSessionRedisClusterNodeArray{
&konnect.GatewayPluginAiMcpProxyConfigServerSessionRedisClusterNodeArgs{
Ip: pulumi.String("127.0.0.1"),
Port: pulumi.Float64(6379),
},
},
ConnectTimeout: pulumi.Float64(2000),
ConnectionIsProxied: pulumi.Bool(false),
Database: pulumi.Float64(0),
Host: pulumi.String("127.0.0.1"),
KeepaliveBacklog: pulumi.Float64(354648205),
KeepalivePoolSize: pulumi.Float64(256),
Password: pulumi.String("...my_password..."),
Port: pulumi.Float64(6379),
ReadTimeout: pulumi.Float64(2000),
SendTimeout: pulumi.Float64(2000),
SentinelMaster: pulumi.String("...my_sentinel_master..."),
SentinelNodes: konnect.GatewayPluginAiMcpProxyConfigServerSessionRedisSentinelNodeArray{
&konnect.GatewayPluginAiMcpProxyConfigServerSessionRedisSentinelNodeArgs{
Host: pulumi.String("127.0.0.1"),
Port: pulumi.Float64(6379),
},
},
SentinelPassword: pulumi.String("...my_sentinel_password..."),
SentinelRole: pulumi.String("any"),
SentinelUsername: pulumi.String("...my_sentinel_username..."),
ServerName: pulumi.String("...my_server_name..."),
Ssl: pulumi.Bool(false),
SslVerify: pulumi.Bool(false),
Username: pulumi.String("...my_username..."),
},
SessionTtl: pulumi.Float64(86400),
Strategy: pulumi.String("client"),
},
Tag: pulumi.String("...my_tag..."),
Timeout: pulumi.Float64(10000),
},
Tools: konnect.GatewayPluginAiMcpProxyConfigToolArray{
&konnect.GatewayPluginAiMcpProxyConfigToolArgs{
Acl: &konnect.GatewayPluginAiMcpProxyConfigToolAclArgs{
Allows: pulumi.StringArray{
pulumi.String("..."),
},
Denies: pulumi.StringArray{
pulumi.String("..."),
},
},
Annotations: &konnect.GatewayPluginAiMcpProxyConfigToolAnnotationsArgs{
DestructiveHint: pulumi.Bool(true),
IdempotentHint: pulumi.Bool(false),
OpenWorldHint: pulumi.Bool(false),
ReadOnlyHint: pulumi.Bool(false),
Title: pulumi.String("...my_title..."),
},
Description: pulumi.String("...my_description..."),
Headers: pulumi.StringArrayMap{
"key": pulumi.StringArray{},
},
Host: pulumi.String("...my_host..."),
Method: pulumi.String("GET"),
Name: pulumi.String("...my_name..."),
Parameters: konnect.GatewayPluginAiMcpProxyConfigToolParameterArray{
&konnect.GatewayPluginAiMcpProxyConfigToolParameterArgs{
Description: pulumi.String("...my_description..."),
In: pulumi.String("...my_in..."),
Name: pulumi.String("...my_name..."),
Required: pulumi.Bool(true),
Schema: &konnect.GatewayPluginAiMcpProxyConfigToolParameterSchemaArgs{
Type: pulumi.String("...my_type..."),
},
},
},
Path: pulumi.String("...my_path..."),
Query: pulumi.StringArrayMap{
"key": pulumi.StringArray{},
},
RequestBody: pulumi.String("{ \"see\": \"documentation\" }"),
Responses: pulumi.String("{ \"see\": \"documentation\" }"),
Scheme: pulumi.String("https"),
},
},
},
ControlPlaneId: pulumi.String("9524ec7d-36d9-465d-a8c5-83a3c9390458"),
CreatedAt: pulumi.Float64(4),
Enabled: pulumi.Bool(true),
GatewayPluginAiMcpProxyId: pulumi.String("...my_id..."),
InstanceName: pulumi.String("...my_instance_name..."),
Ordering: &konnect.GatewayPluginAiMcpProxyOrderingArgs{
After: &konnect.GatewayPluginAiMcpProxyOrderingAfterArgs{
Accesses: pulumi.StringArray{
pulumi.String("..."),
},
},
Before: &konnect.GatewayPluginAiMcpProxyOrderingBeforeArgs{
Accesses: pulumi.StringArray{
pulumi.String("..."),
},
},
},
Partials: konnect.GatewayPluginAiMcpProxyPartialArray{
&konnect.GatewayPluginAiMcpProxyPartialArgs{
Id: pulumi.String("...my_id..."),
Name: pulumi.String("...my_name..."),
Path: pulumi.String("...my_path..."),
},
},
Protocols: pulumi.StringArray{
pulumi.String("grpc"),
},
Route: &konnect.GatewayPluginAiMcpProxyRouteArgs{
Id: pulumi.String("...my_id..."),
},
Service: &konnect.GatewayPluginAiMcpProxyServiceArgs{
Id: pulumi.String("...my_id..."),
},
Tags: pulumi.StringArray{
pulumi.String("..."),
},
UpdatedAt: pulumi.Float64(1),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Konnect = Pulumi.Konnect;
return await Deployment.RunAsync(() =>
{
var myGatewaypluginaimcpproxy = new Konnect.GatewayPluginAiMcpProxy("my_gatewaypluginaimcpproxy", new()
{
Condition = "...my_condition...",
Config = new Konnect.Inputs.GatewayPluginAiMcpProxyConfigArgs
{
AccessTokenClaimField = "...my_access_token_claim_field...",
AclAttributeType = "consumer",
ConsumerIdentifier = "username",
DefaultAcls = new[]
{
new Konnect.Inputs.GatewayPluginAiMcpProxyConfigDefaultAclArgs
{
Allows = new[]
{
"...",
},
Denies = new[]
{
"...",
},
Scope = "tools",
},
},
IncludeConsumerGroups = false,
Logging = new Konnect.Inputs.GatewayPluginAiMcpProxyConfigLoggingArgs
{
LogAudits = false,
LogPayloads = false,
LogStatistics = false,
},
MaxRequestBodySize = 1048576,
Mode = "passthrough-listener",
Server = new Konnect.Inputs.GatewayPluginAiMcpProxyConfigServerArgs
{
ForwardClientHeaders = true,
Session = new Konnect.Inputs.GatewayPluginAiMcpProxyConfigServerSessionArgs
{
Client = new Konnect.Inputs.GatewayPluginAiMcpProxyConfigServerSessionClientArgs
{
Secrets = new[]
{
"...",
},
},
Managed = true,
Redis = new Konnect.Inputs.GatewayPluginAiMcpProxyConfigServerSessionRedisArgs
{
CloudAuthentication = new Konnect.Inputs.GatewayPluginAiMcpProxyConfigServerSessionRedisCloudAuthenticationArgs
{
AuthProvider = "azure",
AwsAccessKeyId = "...my_aws_access_key_id...",
AwsAssumeRoleArn = "...my_aws_assume_role_arn...",
AwsCacheName = "...my_aws_cache_name...",
AwsIsServerless = true,
AwsRegion = "...my_aws_region...",
AwsRoleSessionName = "...my_aws_role_session_name...",
AwsSecretAccessKey = "...my_aws_secret_access_key...",
AzureClientId = "...my_azure_client_id...",
AzureClientSecret = "...my_azure_client_secret...",
AzureTenantId = "...my_azure_tenant_id...",
GcpServiceAccountJson = "...my_gcp_service_account_json...",
},
ClusterMaxRedirections = 5,
ClusterNodes = new[]
{
new Konnect.Inputs.GatewayPluginAiMcpProxyConfigServerSessionRedisClusterNodeArgs
{
Ip = "127.0.0.1",
Port = 6379,
},
},
ConnectTimeout = 2000,
ConnectionIsProxied = false,
Database = 0,
Host = "127.0.0.1",
KeepaliveBacklog = 354648205,
KeepalivePoolSize = 256,
Password = "...my_password...",
Port = 6379,
ReadTimeout = 2000,
SendTimeout = 2000,
SentinelMaster = "...my_sentinel_master...",
SentinelNodes = new[]
{
new Konnect.Inputs.GatewayPluginAiMcpProxyConfigServerSessionRedisSentinelNodeArgs
{
Host = "127.0.0.1",
Port = 6379,
},
},
SentinelPassword = "...my_sentinel_password...",
SentinelRole = "any",
SentinelUsername = "...my_sentinel_username...",
ServerName = "...my_server_name...",
Ssl = false,
SslVerify = false,
Username = "...my_username...",
},
SessionTtl = 86400,
Strategy = "client",
},
Tag = "...my_tag...",
Timeout = 10000,
},
Tools = new[]
{
new Konnect.Inputs.GatewayPluginAiMcpProxyConfigToolArgs
{
Acl = new Konnect.Inputs.GatewayPluginAiMcpProxyConfigToolAclArgs
{
Allows = new[]
{
"...",
},
Denies = new[]
{
"...",
},
},
Annotations = new Konnect.Inputs.GatewayPluginAiMcpProxyConfigToolAnnotationsArgs
{
DestructiveHint = true,
IdempotentHint = false,
OpenWorldHint = false,
ReadOnlyHint = false,
Title = "...my_title...",
},
Description = "...my_description...",
Headers =
{
{ "key", new[] {} },
},
Host = "...my_host...",
Method = "GET",
Name = "...my_name...",
Parameters = new[]
{
new Konnect.Inputs.GatewayPluginAiMcpProxyConfigToolParameterArgs
{
Description = "...my_description...",
In = "...my_in...",
Name = "...my_name...",
Required = true,
Schema = new Konnect.Inputs.GatewayPluginAiMcpProxyConfigToolParameterSchemaArgs
{
Type = "...my_type...",
},
},
},
Path = "...my_path...",
Query =
{
{ "key", new[] {} },
},
RequestBody = "{ \"see\": \"documentation\" }",
Responses = "{ \"see\": \"documentation\" }",
Scheme = "https",
},
},
},
ControlPlaneId = "9524ec7d-36d9-465d-a8c5-83a3c9390458",
CreatedAt = 4,
Enabled = true,
GatewayPluginAiMcpProxyId = "...my_id...",
InstanceName = "...my_instance_name...",
Ordering = new Konnect.Inputs.GatewayPluginAiMcpProxyOrderingArgs
{
After = new Konnect.Inputs.GatewayPluginAiMcpProxyOrderingAfterArgs
{
Accesses = new[]
{
"...",
},
},
Before = new Konnect.Inputs.GatewayPluginAiMcpProxyOrderingBeforeArgs
{
Accesses = new[]
{
"...",
},
},
},
Partials = new[]
{
new Konnect.Inputs.GatewayPluginAiMcpProxyPartialArgs
{
Id = "...my_id...",
Name = "...my_name...",
Path = "...my_path...",
},
},
Protocols = new[]
{
"grpc",
},
Route = new Konnect.Inputs.GatewayPluginAiMcpProxyRouteArgs
{
Id = "...my_id...",
},
Service = new Konnect.Inputs.GatewayPluginAiMcpProxyServiceArgs
{
Id = "...my_id...",
},
Tags = new[]
{
"...",
},
UpdatedAt = 1,
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.konnect.GatewayPluginAiMcpProxy;
import com.pulumi.konnect.GatewayPluginAiMcpProxyArgs;
import com.pulumi.konnect.inputs.GatewayPluginAiMcpProxyConfigArgs;
import com.pulumi.konnect.inputs.GatewayPluginAiMcpProxyConfigLoggingArgs;
import com.pulumi.konnect.inputs.GatewayPluginAiMcpProxyConfigServerArgs;
import com.pulumi.konnect.inputs.GatewayPluginAiMcpProxyConfigServerSessionArgs;
import com.pulumi.konnect.inputs.GatewayPluginAiMcpProxyConfigServerSessionClientArgs;
import com.pulumi.konnect.inputs.GatewayPluginAiMcpProxyConfigServerSessionRedisArgs;
import com.pulumi.konnect.inputs.GatewayPluginAiMcpProxyConfigServerSessionRedisCloudAuthenticationArgs;
import com.pulumi.konnect.inputs.GatewayPluginAiMcpProxyOrderingArgs;
import com.pulumi.konnect.inputs.GatewayPluginAiMcpProxyOrderingAfterArgs;
import com.pulumi.konnect.inputs.GatewayPluginAiMcpProxyOrderingBeforeArgs;
import com.pulumi.konnect.inputs.GatewayPluginAiMcpProxyPartialArgs;
import com.pulumi.konnect.inputs.GatewayPluginAiMcpProxyRouteArgs;
import com.pulumi.konnect.inputs.GatewayPluginAiMcpProxyServiceArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var myGatewaypluginaimcpproxy = new GatewayPluginAiMcpProxy("myGatewaypluginaimcpproxy", GatewayPluginAiMcpProxyArgs.builder()
.condition("...my_condition...")
.config(GatewayPluginAiMcpProxyConfigArgs.builder()
.accessTokenClaimField("...my_access_token_claim_field...")
.aclAttributeType("consumer")
.consumerIdentifier("username")
.defaultAcls(GatewayPluginAiMcpProxyConfigDefaultAclArgs.builder()
.allows("...")
.denies("...")
.scope("tools")
.build())
.includeConsumerGroups(false)
.logging(GatewayPluginAiMcpProxyConfigLoggingArgs.builder()
.logAudits(false)
.logPayloads(false)
.logStatistics(false)
.build())
.maxRequestBodySize(1048576.0)
.mode("passthrough-listener")
.server(GatewayPluginAiMcpProxyConfigServerArgs.builder()
.forwardClientHeaders(true)
.session(GatewayPluginAiMcpProxyConfigServerSessionArgs.builder()
.client(GatewayPluginAiMcpProxyConfigServerSessionClientArgs.builder()
.secrets("...")
.build())
.managed(true)
.redis(GatewayPluginAiMcpProxyConfigServerSessionRedisArgs.builder()
.cloudAuthentication(GatewayPluginAiMcpProxyConfigServerSessionRedisCloudAuthenticationArgs.builder()
.authProvider("azure")
.awsAccessKeyId("...my_aws_access_key_id...")
.awsAssumeRoleArn("...my_aws_assume_role_arn...")
.awsCacheName("...my_aws_cache_name...")
.awsIsServerless(true)
.awsRegion("...my_aws_region...")
.awsRoleSessionName("...my_aws_role_session_name...")
.awsSecretAccessKey("...my_aws_secret_access_key...")
.azureClientId("...my_azure_client_id...")
.azureClientSecret("...my_azure_client_secret...")
.azureTenantId("...my_azure_tenant_id...")
.gcpServiceAccountJson("...my_gcp_service_account_json...")
.build())
.clusterMaxRedirections(5.0)
.clusterNodes(GatewayPluginAiMcpProxyConfigServerSessionRedisClusterNodeArgs.builder()
.ip("127.0.0.1")
.port(6379.0)
.build())
.connectTimeout(2000.0)
.connectionIsProxied(false)
.database(0.0)
.host("127.0.0.1")
.keepaliveBacklog(354648205.0)
.keepalivePoolSize(256.0)
.password("...my_password...")
.port(6379.0)
.readTimeout(2000.0)
.sendTimeout(2000.0)
.sentinelMaster("...my_sentinel_master...")
.sentinelNodes(GatewayPluginAiMcpProxyConfigServerSessionRedisSentinelNodeArgs.builder()
.host("127.0.0.1")
.port(6379.0)
.build())
.sentinelPassword("...my_sentinel_password...")
.sentinelRole("any")
.sentinelUsername("...my_sentinel_username...")
.serverName("...my_server_name...")
.ssl(false)
.sslVerify(false)
.username("...my_username...")
.build())
.sessionTtl(86400.0)
.strategy("client")
.build())
.tag("...my_tag...")
.timeout(10000.0)
.build())
.tools(GatewayPluginAiMcpProxyConfigToolArgs.builder()
.acl(GatewayPluginAiMcpProxyConfigToolAclArgs.builder()
.allows("...")
.denies("...")
.build())
.annotations(GatewayPluginAiMcpProxyConfigToolAnnotationsArgs.builder()
.destructiveHint(true)
.idempotentHint(false)
.openWorldHint(false)
.readOnlyHint(false)
.title("...my_title...")
.build())
.description("...my_description...")
.headers(Map.of("key", ))
.host("...my_host...")
.method("GET")
.name("...my_name...")
.parameters(GatewayPluginAiMcpProxyConfigToolParameterArgs.builder()
.description("...my_description...")
.in("...my_in...")
.name("...my_name...")
.required(true)
.schema(GatewayPluginAiMcpProxyConfigToolParameterSchemaArgs.builder()
.type("...my_type...")
.build())
.build())
.path("...my_path...")
.query(Map.of("key", ))
.requestBody("{ \"see\": \"documentation\" }")
.responses("{ \"see\": \"documentation\" }")
.scheme("https")
.build())
.build())
.controlPlaneId("9524ec7d-36d9-465d-a8c5-83a3c9390458")
.createdAt(4.0)
.enabled(true)
.gatewayPluginAiMcpProxyId("...my_id...")
.instanceName("...my_instance_name...")
.ordering(GatewayPluginAiMcpProxyOrderingArgs.builder()
.after(GatewayPluginAiMcpProxyOrderingAfterArgs.builder()
.accesses("...")
.build())
.before(GatewayPluginAiMcpProxyOrderingBeforeArgs.builder()
.accesses("...")
.build())
.build())
.partials(GatewayPluginAiMcpProxyPartialArgs.builder()
.id("...my_id...")
.name("...my_name...")
.path("...my_path...")
.build())
.protocols("grpc")
.route(GatewayPluginAiMcpProxyRouteArgs.builder()
.id("...my_id...")
.build())
.service(GatewayPluginAiMcpProxyServiceArgs.builder()
.id("...my_id...")
.build())
.tags("...")
.updatedAt(1.0)
.build());
}
}
resources:
myGatewaypluginaimcpproxy:
type: konnect:GatewayPluginAiMcpProxy
name: my_gatewaypluginaimcpproxy
properties:
condition: '...my_condition...'
config:
accessTokenClaimField: '...my_access_token_claim_field...'
aclAttributeType: consumer
consumerIdentifier: username
defaultAcls:
- allows:
- '...'
denies:
- '...'
scope: tools
includeConsumerGroups: false
logging:
logAudits: false
logPayloads: false
logStatistics: false
maxRequestBodySize: 1.048576e+06
mode: passthrough-listener
server:
forwardClientHeaders: true
session:
client:
secrets:
- '...'
managed: true
redis:
cloudAuthentication:
authProvider: azure
awsAccessKeyId: '...my_aws_access_key_id...'
awsAssumeRoleArn: '...my_aws_assume_role_arn...'
awsCacheName: '...my_aws_cache_name...'
awsIsServerless: true
awsRegion: '...my_aws_region...'
awsRoleSessionName: '...my_aws_role_session_name...'
awsSecretAccessKey: '...my_aws_secret_access_key...'
azureClientId: '...my_azure_client_id...'
azureClientSecret: '...my_azure_client_secret...'
azureTenantId: '...my_azure_tenant_id...'
gcpServiceAccountJson: '...my_gcp_service_account_json...'
clusterMaxRedirections: 5
clusterNodes:
- ip: 127.0.0.1
port: 6379
connectTimeout: 2000
connectionIsProxied: false
database: 0
host: 127.0.0.1
keepaliveBacklog: 3.54648205e+08
keepalivePoolSize: 256
password: '...my_password...'
port: 6379
readTimeout: 2000
sendTimeout: 2000
sentinelMaster: '...my_sentinel_master...'
sentinelNodes:
- host: 127.0.0.1
port: 6379
sentinelPassword: '...my_sentinel_password...'
sentinelRole: any
sentinelUsername: '...my_sentinel_username...'
serverName: '...my_server_name...'
ssl: false
sslVerify: false
username: '...my_username...'
sessionTtl: 86400
strategy: client
tag: '...my_tag...'
timeout: 10000
tools:
- acl:
allows:
- '...'
denies:
- '...'
annotations:
destructiveHint: true
idempotentHint: false
openWorldHint: false
readOnlyHint: false
title: '...my_title...'
description: '...my_description...'
headers:
key: []
host: '...my_host...'
method: GET
name: '...my_name...'
parameters:
- description: '...my_description...'
in: '...my_in...'
name: '...my_name...'
required: true
schema:
type: '...my_type...'
path: '...my_path...'
query:
key: []
requestBody: '{ "see": "documentation" }'
responses: '{ "see": "documentation" }'
scheme: https
controlPlaneId: 9524ec7d-36d9-465d-a8c5-83a3c9390458
createdAt: 4
enabled: true
gatewayPluginAiMcpProxyId: '...my_id...'
instanceName: '...my_instance_name...'
ordering:
after:
accesses:
- '...'
before:
accesses:
- '...'
partials:
- id: '...my_id...'
name: '...my_name...'
path: '...my_path...'
protocols:
- grpc
route:
id: '...my_id...'
service:
id: '...my_id...'
tags:
- '...'
updatedAt: 1
Create GatewayPluginAiMcpProxy Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new GatewayPluginAiMcpProxy(name: string, args: GatewayPluginAiMcpProxyArgs, opts?: CustomResourceOptions);@overload
def GatewayPluginAiMcpProxy(resource_name: str,
args: GatewayPluginAiMcpProxyArgs,
opts: Optional[ResourceOptions] = None)
@overload
def GatewayPluginAiMcpProxy(resource_name: str,
opts: Optional[ResourceOptions] = None,
control_plane_id: Optional[str] = None,
config: Optional[GatewayPluginAiMcpProxyConfigArgs] = None,
instance_name: Optional[str] = None,
created_at: Optional[float] = None,
enabled: Optional[bool] = None,
gateway_plugin_ai_mcp_proxy_id: Optional[str] = None,
condition: Optional[str] = None,
ordering: Optional[GatewayPluginAiMcpProxyOrderingArgs] = None,
partials: Optional[Sequence[GatewayPluginAiMcpProxyPartialArgs]] = None,
protocols: Optional[Sequence[str]] = None,
route: Optional[GatewayPluginAiMcpProxyRouteArgs] = None,
service: Optional[GatewayPluginAiMcpProxyServiceArgs] = None,
tags: Optional[Sequence[str]] = None,
updated_at: Optional[float] = None)func NewGatewayPluginAiMcpProxy(ctx *Context, name string, args GatewayPluginAiMcpProxyArgs, opts ...ResourceOption) (*GatewayPluginAiMcpProxy, error)public GatewayPluginAiMcpProxy(string name, GatewayPluginAiMcpProxyArgs args, CustomResourceOptions? opts = null)
public GatewayPluginAiMcpProxy(String name, GatewayPluginAiMcpProxyArgs args)
public GatewayPluginAiMcpProxy(String name, GatewayPluginAiMcpProxyArgs args, CustomResourceOptions options)
type: konnect:GatewayPluginAiMcpProxy
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args GatewayPluginAiMcpProxyArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args GatewayPluginAiMcpProxyArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args GatewayPluginAiMcpProxyArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args GatewayPluginAiMcpProxyArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args GatewayPluginAiMcpProxyArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var gatewayPluginAiMcpProxyResource = new Konnect.GatewayPluginAiMcpProxy("gatewayPluginAiMcpProxyResource", new()
{
ControlPlaneId = "string",
Config = new Konnect.Inputs.GatewayPluginAiMcpProxyConfigArgs
{
Mode = "string",
AccessTokenClaimField = "string",
AclAttributeType = "string",
ConsumerIdentifier = "string",
DefaultAcls = new[]
{
new Konnect.Inputs.GatewayPluginAiMcpProxyConfigDefaultAclArgs
{
Allows = new[]
{
"string",
},
Denies = new[]
{
"string",
},
Scope = "string",
},
},
IncludeConsumerGroups = false,
Logging = new Konnect.Inputs.GatewayPluginAiMcpProxyConfigLoggingArgs
{
LogAudits = false,
LogPayloads = false,
LogStatistics = false,
},
MaxRequestBodySize = 0,
Server = new Konnect.Inputs.GatewayPluginAiMcpProxyConfigServerArgs
{
ForwardClientHeaders = false,
Session = new Konnect.Inputs.GatewayPluginAiMcpProxyConfigServerSessionArgs
{
Client = new Konnect.Inputs.GatewayPluginAiMcpProxyConfigServerSessionClientArgs
{
Secrets = new[]
{
"string",
},
},
Managed = false,
Redis = new Konnect.Inputs.GatewayPluginAiMcpProxyConfigServerSessionRedisArgs
{
CloudAuthentication = new Konnect.Inputs.GatewayPluginAiMcpProxyConfigServerSessionRedisCloudAuthenticationArgs
{
AuthProvider = "string",
AwsAccessKeyId = "string",
AwsAssumeRoleArn = "string",
AwsCacheName = "string",
AwsIsServerless = false,
AwsRegion = "string",
AwsRoleSessionName = "string",
AwsSecretAccessKey = "string",
AzureClientId = "string",
AzureClientSecret = "string",
AzureTenantId = "string",
GcpServiceAccountJson = "string",
},
ClusterMaxRedirections = 0,
ClusterNodes = new[]
{
new Konnect.Inputs.GatewayPluginAiMcpProxyConfigServerSessionRedisClusterNodeArgs
{
Ip = "string",
Port = 0,
},
},
ConnectTimeout = 0,
ConnectionIsProxied = false,
Database = 0,
Host = "string",
KeepaliveBacklog = 0,
KeepalivePoolSize = 0,
Password = "string",
Port = 0,
ReadTimeout = 0,
SendTimeout = 0,
SentinelMaster = "string",
SentinelNodes = new[]
{
new Konnect.Inputs.GatewayPluginAiMcpProxyConfigServerSessionRedisSentinelNodeArgs
{
Host = "string",
Port = 0,
},
},
SentinelPassword = "string",
SentinelRole = "string",
SentinelUsername = "string",
ServerName = "string",
Ssl = false,
SslVerify = false,
Username = "string",
},
SessionTtl = 0,
Strategy = "string",
},
Tag = "string",
Timeout = 0,
},
Tools = new[]
{
new Konnect.Inputs.GatewayPluginAiMcpProxyConfigToolArgs
{
Acl = new Konnect.Inputs.GatewayPluginAiMcpProxyConfigToolAclArgs
{
Allows = new[]
{
"string",
},
Denies = new[]
{
"string",
},
},
Annotations = new Konnect.Inputs.GatewayPluginAiMcpProxyConfigToolAnnotationsArgs
{
DestructiveHint = false,
IdempotentHint = false,
OpenWorldHint = false,
ReadOnlyHint = false,
Title = "string",
},
Description = "string",
Headers =
{
{ "string", new[]
{
"string",
} },
},
Host = "string",
Method = "string",
Name = "string",
Parameters = new[]
{
new Konnect.Inputs.GatewayPluginAiMcpProxyConfigToolParameterArgs
{
Description = "string",
In = "string",
Name = "string",
Required = false,
Schema = new Konnect.Inputs.GatewayPluginAiMcpProxyConfigToolParameterSchemaArgs
{
Type = "string",
},
},
},
Path = "string",
Query =
{
{ "string", new[]
{
"string",
} },
},
RequestBody = "string",
Responses = "string",
Scheme = "string",
},
},
},
InstanceName = "string",
CreatedAt = 0,
Enabled = false,
GatewayPluginAiMcpProxyId = "string",
Condition = "string",
Ordering = new Konnect.Inputs.GatewayPluginAiMcpProxyOrderingArgs
{
After = new Konnect.Inputs.GatewayPluginAiMcpProxyOrderingAfterArgs
{
Accesses = new[]
{
"string",
},
},
Before = new Konnect.Inputs.GatewayPluginAiMcpProxyOrderingBeforeArgs
{
Accesses = new[]
{
"string",
},
},
},
Partials = new[]
{
new Konnect.Inputs.GatewayPluginAiMcpProxyPartialArgs
{
Id = "string",
Name = "string",
Path = "string",
},
},
Protocols = new[]
{
"string",
},
Route = new Konnect.Inputs.GatewayPluginAiMcpProxyRouteArgs
{
Id = "string",
},
Service = new Konnect.Inputs.GatewayPluginAiMcpProxyServiceArgs
{
Id = "string",
},
Tags = new[]
{
"string",
},
UpdatedAt = 0,
});
example, err := konnect.NewGatewayPluginAiMcpProxy(ctx, "gatewayPluginAiMcpProxyResource", &konnect.GatewayPluginAiMcpProxyArgs{
ControlPlaneId: pulumi.String("string"),
Config: &konnect.GatewayPluginAiMcpProxyConfigArgs{
Mode: pulumi.String("string"),
AccessTokenClaimField: pulumi.String("string"),
AclAttributeType: pulumi.String("string"),
ConsumerIdentifier: pulumi.String("string"),
DefaultAcls: konnect.GatewayPluginAiMcpProxyConfigDefaultAclArray{
&konnect.GatewayPluginAiMcpProxyConfigDefaultAclArgs{
Allows: pulumi.StringArray{
pulumi.String("string"),
},
Denies: pulumi.StringArray{
pulumi.String("string"),
},
Scope: pulumi.String("string"),
},
},
IncludeConsumerGroups: pulumi.Bool(false),
Logging: &konnect.GatewayPluginAiMcpProxyConfigLoggingArgs{
LogAudits: pulumi.Bool(false),
LogPayloads: pulumi.Bool(false),
LogStatistics: pulumi.Bool(false),
},
MaxRequestBodySize: pulumi.Float64(0),
Server: &konnect.GatewayPluginAiMcpProxyConfigServerArgs{
ForwardClientHeaders: pulumi.Bool(false),
Session: &konnect.GatewayPluginAiMcpProxyConfigServerSessionArgs{
Client: &konnect.GatewayPluginAiMcpProxyConfigServerSessionClientArgs{
Secrets: pulumi.StringArray{
pulumi.String("string"),
},
},
Managed: pulumi.Bool(false),
Redis: &konnect.GatewayPluginAiMcpProxyConfigServerSessionRedisArgs{
CloudAuthentication: &konnect.GatewayPluginAiMcpProxyConfigServerSessionRedisCloudAuthenticationArgs{
AuthProvider: pulumi.String("string"),
AwsAccessKeyId: pulumi.String("string"),
AwsAssumeRoleArn: pulumi.String("string"),
AwsCacheName: pulumi.String("string"),
AwsIsServerless: pulumi.Bool(false),
AwsRegion: pulumi.String("string"),
AwsRoleSessionName: pulumi.String("string"),
AwsSecretAccessKey: pulumi.String("string"),
AzureClientId: pulumi.String("string"),
AzureClientSecret: pulumi.String("string"),
AzureTenantId: pulumi.String("string"),
GcpServiceAccountJson: pulumi.String("string"),
},
ClusterMaxRedirections: pulumi.Float64(0),
ClusterNodes: konnect.GatewayPluginAiMcpProxyConfigServerSessionRedisClusterNodeArray{
&konnect.GatewayPluginAiMcpProxyConfigServerSessionRedisClusterNodeArgs{
Ip: pulumi.String("string"),
Port: pulumi.Float64(0),
},
},
ConnectTimeout: pulumi.Float64(0),
ConnectionIsProxied: pulumi.Bool(false),
Database: pulumi.Float64(0),
Host: pulumi.String("string"),
KeepaliveBacklog: pulumi.Float64(0),
KeepalivePoolSize: pulumi.Float64(0),
Password: pulumi.String("string"),
Port: pulumi.Float64(0),
ReadTimeout: pulumi.Float64(0),
SendTimeout: pulumi.Float64(0),
SentinelMaster: pulumi.String("string"),
SentinelNodes: konnect.GatewayPluginAiMcpProxyConfigServerSessionRedisSentinelNodeArray{
&konnect.GatewayPluginAiMcpProxyConfigServerSessionRedisSentinelNodeArgs{
Host: pulumi.String("string"),
Port: pulumi.Float64(0),
},
},
SentinelPassword: pulumi.String("string"),
SentinelRole: pulumi.String("string"),
SentinelUsername: pulumi.String("string"),
ServerName: pulumi.String("string"),
Ssl: pulumi.Bool(false),
SslVerify: pulumi.Bool(false),
Username: pulumi.String("string"),
},
SessionTtl: pulumi.Float64(0),
Strategy: pulumi.String("string"),
},
Tag: pulumi.String("string"),
Timeout: pulumi.Float64(0),
},
Tools: konnect.GatewayPluginAiMcpProxyConfigToolArray{
&konnect.GatewayPluginAiMcpProxyConfigToolArgs{
Acl: &konnect.GatewayPluginAiMcpProxyConfigToolAclArgs{
Allows: pulumi.StringArray{
pulumi.String("string"),
},
Denies: pulumi.StringArray{
pulumi.String("string"),
},
},
Annotations: &konnect.GatewayPluginAiMcpProxyConfigToolAnnotationsArgs{
DestructiveHint: pulumi.Bool(false),
IdempotentHint: pulumi.Bool(false),
OpenWorldHint: pulumi.Bool(false),
ReadOnlyHint: pulumi.Bool(false),
Title: pulumi.String("string"),
},
Description: pulumi.String("string"),
Headers: pulumi.StringArrayMap{
"string": pulumi.StringArray{
pulumi.String("string"),
},
},
Host: pulumi.String("string"),
Method: pulumi.String("string"),
Name: pulumi.String("string"),
Parameters: konnect.GatewayPluginAiMcpProxyConfigToolParameterArray{
&konnect.GatewayPluginAiMcpProxyConfigToolParameterArgs{
Description: pulumi.String("string"),
In: pulumi.String("string"),
Name: pulumi.String("string"),
Required: pulumi.Bool(false),
Schema: &konnect.GatewayPluginAiMcpProxyConfigToolParameterSchemaArgs{
Type: pulumi.String("string"),
},
},
},
Path: pulumi.String("string"),
Query: pulumi.StringArrayMap{
"string": pulumi.StringArray{
pulumi.String("string"),
},
},
RequestBody: pulumi.String("string"),
Responses: pulumi.String("string"),
Scheme: pulumi.String("string"),
},
},
},
InstanceName: pulumi.String("string"),
CreatedAt: pulumi.Float64(0),
Enabled: pulumi.Bool(false),
GatewayPluginAiMcpProxyId: pulumi.String("string"),
Condition: pulumi.String("string"),
Ordering: &konnect.GatewayPluginAiMcpProxyOrderingArgs{
After: &konnect.GatewayPluginAiMcpProxyOrderingAfterArgs{
Accesses: pulumi.StringArray{
pulumi.String("string"),
},
},
Before: &konnect.GatewayPluginAiMcpProxyOrderingBeforeArgs{
Accesses: pulumi.StringArray{
pulumi.String("string"),
},
},
},
Partials: konnect.GatewayPluginAiMcpProxyPartialArray{
&konnect.GatewayPluginAiMcpProxyPartialArgs{
Id: pulumi.String("string"),
Name: pulumi.String("string"),
Path: pulumi.String("string"),
},
},
Protocols: pulumi.StringArray{
pulumi.String("string"),
},
Route: &konnect.GatewayPluginAiMcpProxyRouteArgs{
Id: pulumi.String("string"),
},
Service: &konnect.GatewayPluginAiMcpProxyServiceArgs{
Id: pulumi.String("string"),
},
Tags: pulumi.StringArray{
pulumi.String("string"),
},
UpdatedAt: pulumi.Float64(0),
})
var gatewayPluginAiMcpProxyResource = new GatewayPluginAiMcpProxy("gatewayPluginAiMcpProxyResource", GatewayPluginAiMcpProxyArgs.builder()
.controlPlaneId("string")
.config(GatewayPluginAiMcpProxyConfigArgs.builder()
.mode("string")
.accessTokenClaimField("string")
.aclAttributeType("string")
.consumerIdentifier("string")
.defaultAcls(GatewayPluginAiMcpProxyConfigDefaultAclArgs.builder()
.allows("string")
.denies("string")
.scope("string")
.build())
.includeConsumerGroups(false)
.logging(GatewayPluginAiMcpProxyConfigLoggingArgs.builder()
.logAudits(false)
.logPayloads(false)
.logStatistics(false)
.build())
.maxRequestBodySize(0.0)
.server(GatewayPluginAiMcpProxyConfigServerArgs.builder()
.forwardClientHeaders(false)
.session(GatewayPluginAiMcpProxyConfigServerSessionArgs.builder()
.client(GatewayPluginAiMcpProxyConfigServerSessionClientArgs.builder()
.secrets("string")
.build())
.managed(false)
.redis(GatewayPluginAiMcpProxyConfigServerSessionRedisArgs.builder()
.cloudAuthentication(GatewayPluginAiMcpProxyConfigServerSessionRedisCloudAuthenticationArgs.builder()
.authProvider("string")
.awsAccessKeyId("string")
.awsAssumeRoleArn("string")
.awsCacheName("string")
.awsIsServerless(false)
.awsRegion("string")
.awsRoleSessionName("string")
.awsSecretAccessKey("string")
.azureClientId("string")
.azureClientSecret("string")
.azureTenantId("string")
.gcpServiceAccountJson("string")
.build())
.clusterMaxRedirections(0.0)
.clusterNodes(GatewayPluginAiMcpProxyConfigServerSessionRedisClusterNodeArgs.builder()
.ip("string")
.port(0.0)
.build())
.connectTimeout(0.0)
.connectionIsProxied(false)
.database(0.0)
.host("string")
.keepaliveBacklog(0.0)
.keepalivePoolSize(0.0)
.password("string")
.port(0.0)
.readTimeout(0.0)
.sendTimeout(0.0)
.sentinelMaster("string")
.sentinelNodes(GatewayPluginAiMcpProxyConfigServerSessionRedisSentinelNodeArgs.builder()
.host("string")
.port(0.0)
.build())
.sentinelPassword("string")
.sentinelRole("string")
.sentinelUsername("string")
.serverName("string")
.ssl(false)
.sslVerify(false)
.username("string")
.build())
.sessionTtl(0.0)
.strategy("string")
.build())
.tag("string")
.timeout(0.0)
.build())
.tools(GatewayPluginAiMcpProxyConfigToolArgs.builder()
.acl(GatewayPluginAiMcpProxyConfigToolAclArgs.builder()
.allows("string")
.denies("string")
.build())
.annotations(GatewayPluginAiMcpProxyConfigToolAnnotationsArgs.builder()
.destructiveHint(false)
.idempotentHint(false)
.openWorldHint(false)
.readOnlyHint(false)
.title("string")
.build())
.description("string")
.headers(Map.of("string", "string"))
.host("string")
.method("string")
.name("string")
.parameters(GatewayPluginAiMcpProxyConfigToolParameterArgs.builder()
.description("string")
.in("string")
.name("string")
.required(false)
.schema(GatewayPluginAiMcpProxyConfigToolParameterSchemaArgs.builder()
.type("string")
.build())
.build())
.path("string")
.query(Map.of("string", "string"))
.requestBody("string")
.responses("string")
.scheme("string")
.build())
.build())
.instanceName("string")
.createdAt(0.0)
.enabled(false)
.gatewayPluginAiMcpProxyId("string")
.condition("string")
.ordering(GatewayPluginAiMcpProxyOrderingArgs.builder()
.after(GatewayPluginAiMcpProxyOrderingAfterArgs.builder()
.accesses("string")
.build())
.before(GatewayPluginAiMcpProxyOrderingBeforeArgs.builder()
.accesses("string")
.build())
.build())
.partials(GatewayPluginAiMcpProxyPartialArgs.builder()
.id("string")
.name("string")
.path("string")
.build())
.protocols("string")
.route(GatewayPluginAiMcpProxyRouteArgs.builder()
.id("string")
.build())
.service(GatewayPluginAiMcpProxyServiceArgs.builder()
.id("string")
.build())
.tags("string")
.updatedAt(0.0)
.build());
gateway_plugin_ai_mcp_proxy_resource = konnect.GatewayPluginAiMcpProxy("gatewayPluginAiMcpProxyResource",
control_plane_id="string",
config={
"mode": "string",
"access_token_claim_field": "string",
"acl_attribute_type": "string",
"consumer_identifier": "string",
"default_acls": [{
"allows": ["string"],
"denies": ["string"],
"scope": "string",
}],
"include_consumer_groups": False,
"logging": {
"log_audits": False,
"log_payloads": False,
"log_statistics": False,
},
"max_request_body_size": float(0),
"server": {
"forward_client_headers": False,
"session": {
"client": {
"secrets": ["string"],
},
"managed": False,
"redis": {
"cloud_authentication": {
"auth_provider": "string",
"aws_access_key_id": "string",
"aws_assume_role_arn": "string",
"aws_cache_name": "string",
"aws_is_serverless": False,
"aws_region": "string",
"aws_role_session_name": "string",
"aws_secret_access_key": "string",
"azure_client_id": "string",
"azure_client_secret": "string",
"azure_tenant_id": "string",
"gcp_service_account_json": "string",
},
"cluster_max_redirections": float(0),
"cluster_nodes": [{
"ip": "string",
"port": float(0),
}],
"connect_timeout": float(0),
"connection_is_proxied": False,
"database": float(0),
"host": "string",
"keepalive_backlog": float(0),
"keepalive_pool_size": float(0),
"password": "string",
"port": float(0),
"read_timeout": float(0),
"send_timeout": float(0),
"sentinel_master": "string",
"sentinel_nodes": [{
"host": "string",
"port": float(0),
}],
"sentinel_password": "string",
"sentinel_role": "string",
"sentinel_username": "string",
"server_name": "string",
"ssl": False,
"ssl_verify": False,
"username": "string",
},
"session_ttl": float(0),
"strategy": "string",
},
"tag": "string",
"timeout": float(0),
},
"tools": [{
"acl": {
"allows": ["string"],
"denies": ["string"],
},
"annotations": {
"destructive_hint": False,
"idempotent_hint": False,
"open_world_hint": False,
"read_only_hint": False,
"title": "string",
},
"description": "string",
"headers": {
"string": ["string"],
},
"host": "string",
"method": "string",
"name": "string",
"parameters": [{
"description": "string",
"in_": "string",
"name": "string",
"required": False,
"schema": {
"type": "string",
},
}],
"path": "string",
"query": {
"string": ["string"],
},
"request_body": "string",
"responses": "string",
"scheme": "string",
}],
},
instance_name="string",
created_at=float(0),
enabled=False,
gateway_plugin_ai_mcp_proxy_id="string",
condition="string",
ordering={
"after": {
"accesses": ["string"],
},
"before": {
"accesses": ["string"],
},
},
partials=[{
"id": "string",
"name": "string",
"path": "string",
}],
protocols=["string"],
route={
"id": "string",
},
service={
"id": "string",
},
tags=["string"],
updated_at=float(0))
const gatewayPluginAiMcpProxyResource = new konnect.GatewayPluginAiMcpProxy("gatewayPluginAiMcpProxyResource", {
controlPlaneId: "string",
config: {
mode: "string",
accessTokenClaimField: "string",
aclAttributeType: "string",
consumerIdentifier: "string",
defaultAcls: [{
allows: ["string"],
denies: ["string"],
scope: "string",
}],
includeConsumerGroups: false,
logging: {
logAudits: false,
logPayloads: false,
logStatistics: false,
},
maxRequestBodySize: 0,
server: {
forwardClientHeaders: false,
session: {
client: {
secrets: ["string"],
},
managed: false,
redis: {
cloudAuthentication: {
authProvider: "string",
awsAccessKeyId: "string",
awsAssumeRoleArn: "string",
awsCacheName: "string",
awsIsServerless: false,
awsRegion: "string",
awsRoleSessionName: "string",
awsSecretAccessKey: "string",
azureClientId: "string",
azureClientSecret: "string",
azureTenantId: "string",
gcpServiceAccountJson: "string",
},
clusterMaxRedirections: 0,
clusterNodes: [{
ip: "string",
port: 0,
}],
connectTimeout: 0,
connectionIsProxied: false,
database: 0,
host: "string",
keepaliveBacklog: 0,
keepalivePoolSize: 0,
password: "string",
port: 0,
readTimeout: 0,
sendTimeout: 0,
sentinelMaster: "string",
sentinelNodes: [{
host: "string",
port: 0,
}],
sentinelPassword: "string",
sentinelRole: "string",
sentinelUsername: "string",
serverName: "string",
ssl: false,
sslVerify: false,
username: "string",
},
sessionTtl: 0,
strategy: "string",
},
tag: "string",
timeout: 0,
},
tools: [{
acl: {
allows: ["string"],
denies: ["string"],
},
annotations: {
destructiveHint: false,
idempotentHint: false,
openWorldHint: false,
readOnlyHint: false,
title: "string",
},
description: "string",
headers: {
string: ["string"],
},
host: "string",
method: "string",
name: "string",
parameters: [{
description: "string",
"in": "string",
name: "string",
required: false,
schema: {
type: "string",
},
}],
path: "string",
query: {
string: ["string"],
},
requestBody: "string",
responses: "string",
scheme: "string",
}],
},
instanceName: "string",
createdAt: 0,
enabled: false,
gatewayPluginAiMcpProxyId: "string",
condition: "string",
ordering: {
after: {
accesses: ["string"],
},
before: {
accesses: ["string"],
},
},
partials: [{
id: "string",
name: "string",
path: "string",
}],
protocols: ["string"],
route: {
id: "string",
},
service: {
id: "string",
},
tags: ["string"],
updatedAt: 0,
});
type: konnect:GatewayPluginAiMcpProxy
properties:
condition: string
config:
accessTokenClaimField: string
aclAttributeType: string
consumerIdentifier: string
defaultAcls:
- allows:
- string
denies:
- string
scope: string
includeConsumerGroups: false
logging:
logAudits: false
logPayloads: false
logStatistics: false
maxRequestBodySize: 0
mode: string
server:
forwardClientHeaders: false
session:
client:
secrets:
- string
managed: false
redis:
cloudAuthentication:
authProvider: string
awsAccessKeyId: string
awsAssumeRoleArn: string
awsCacheName: string
awsIsServerless: false
awsRegion: string
awsRoleSessionName: string
awsSecretAccessKey: string
azureClientId: string
azureClientSecret: string
azureTenantId: string
gcpServiceAccountJson: string
clusterMaxRedirections: 0
clusterNodes:
- ip: string
port: 0
connectTimeout: 0
connectionIsProxied: false
database: 0
host: string
keepaliveBacklog: 0
keepalivePoolSize: 0
password: string
port: 0
readTimeout: 0
sendTimeout: 0
sentinelMaster: string
sentinelNodes:
- host: string
port: 0
sentinelPassword: string
sentinelRole: string
sentinelUsername: string
serverName: string
ssl: false
sslVerify: false
username: string
sessionTtl: 0
strategy: string
tag: string
timeout: 0
tools:
- acl:
allows:
- string
denies:
- string
annotations:
destructiveHint: false
idempotentHint: false
openWorldHint: false
readOnlyHint: false
title: string
description: string
headers:
string:
- string
host: string
method: string
name: string
parameters:
- description: string
in: string
name: string
required: false
schema:
type: string
path: string
query:
string:
- string
requestBody: string
responses: string
scheme: string
controlPlaneId: string
createdAt: 0
enabled: false
gatewayPluginAiMcpProxyId: string
instanceName: string
ordering:
after:
accesses:
- string
before:
accesses:
- string
partials:
- id: string
name: string
path: string
protocols:
- string
route:
id: string
service:
id: string
tags:
- string
updatedAt: 0
GatewayPluginAiMcpProxy Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The GatewayPluginAiMcpProxy resource accepts the following input properties:
- Config
Gateway
Plugin Ai Mcp Proxy Config - Control
Plane stringId - The UUID of your control plane. This variable is available in the Konnect manager. Requires replacement if changed.
- Condition string
- An expression used for conditional control over plugin execution. If the expression evaluates to
trueduring the request flow, the plugin is executed; otherwise, it is skipped. - Created
At double - Unix epoch when the resource was created.
- Enabled bool
- Whether the plugin is applied. Default: true
- Gateway
Plugin stringAi Mcp Proxy Id - A string representing a UUID (universally unique identifier).
- Instance
Name string - A unique string representing a UTF-8 encoded name.
- Ordering
Gateway
Plugin Ai Mcp Proxy Ordering - Partials
List<Gateway
Plugin Ai Mcp Proxy Partial> - A list of partials to be used by the plugin.
- Protocols List<string>
- A set of strings representing HTTP protocols. Default: ["grpc","grpcs","http","https"]
- Route
Gateway
Plugin Ai Mcp Proxy Route - If set, the plugin will only activate when receiving requests via the specified route. Leave unset for the plugin to activate regardless of the route being used.
- Service
Gateway
Plugin Ai Mcp Proxy Service - If set, the plugin will only activate when receiving requests via one of the routes belonging to the specified Service. Leave unset for the plugin to activate regardless of the Service being matched.
- List<string>
- An optional set of strings associated with the Plugin for grouping and filtering.
- Updated
At double - Unix epoch when the resource was last updated.
- Config
Gateway
Plugin Ai Mcp Proxy Config Args - Control
Plane stringId - The UUID of your control plane. This variable is available in the Konnect manager. Requires replacement if changed.
- Condition string
- An expression used for conditional control over plugin execution. If the expression evaluates to
trueduring the request flow, the plugin is executed; otherwise, it is skipped. - Created
At float64 - Unix epoch when the resource was created.
- Enabled bool
- Whether the plugin is applied. Default: true
- Gateway
Plugin stringAi Mcp Proxy Id - A string representing a UUID (universally unique identifier).
- Instance
Name string - A unique string representing a UTF-8 encoded name.
- Ordering
Gateway
Plugin Ai Mcp Proxy Ordering Args - Partials
[]Gateway
Plugin Ai Mcp Proxy Partial Args - A list of partials to be used by the plugin.
- Protocols []string
- A set of strings representing HTTP protocols. Default: ["grpc","grpcs","http","https"]
- Route
Gateway
Plugin Ai Mcp Proxy Route Args - If set, the plugin will only activate when receiving requests via the specified route. Leave unset for the plugin to activate regardless of the route being used.
- Service
Gateway
Plugin Ai Mcp Proxy Service Args - If set, the plugin will only activate when receiving requests via one of the routes belonging to the specified Service. Leave unset for the plugin to activate regardless of the Service being matched.
- []string
- An optional set of strings associated with the Plugin for grouping and filtering.
- Updated
At float64 - Unix epoch when the resource was last updated.
- config
Gateway
Plugin Ai Mcp Proxy Config - control
Plane StringId - The UUID of your control plane. This variable is available in the Konnect manager. Requires replacement if changed.
- condition String
- An expression used for conditional control over plugin execution. If the expression evaluates to
trueduring the request flow, the plugin is executed; otherwise, it is skipped. - created
At Double - Unix epoch when the resource was created.
- enabled Boolean
- Whether the plugin is applied. Default: true
- gateway
Plugin StringAi Mcp Proxy Id - A string representing a UUID (universally unique identifier).
- instance
Name String - A unique string representing a UTF-8 encoded name.
- ordering
Gateway
Plugin Ai Mcp Proxy Ordering - partials
List<Gateway
Plugin Ai Mcp Proxy Partial> - A list of partials to be used by the plugin.
- protocols List<String>
- A set of strings representing HTTP protocols. Default: ["grpc","grpcs","http","https"]
- route
Gateway
Plugin Ai Mcp Proxy Route - If set, the plugin will only activate when receiving requests via the specified route. Leave unset for the plugin to activate regardless of the route being used.
- service
Gateway
Plugin Ai Mcp Proxy Service - If set, the plugin will only activate when receiving requests via one of the routes belonging to the specified Service. Leave unset for the plugin to activate regardless of the Service being matched.
- List<String>
- An optional set of strings associated with the Plugin for grouping and filtering.
- updated
At Double - Unix epoch when the resource was last updated.
- config
Gateway
Plugin Ai Mcp Proxy Config - control
Plane stringId - The UUID of your control plane. This variable is available in the Konnect manager. Requires replacement if changed.
- condition string
- An expression used for conditional control over plugin execution. If the expression evaluates to
trueduring the request flow, the plugin is executed; otherwise, it is skipped. - created
At number - Unix epoch when the resource was created.
- enabled boolean
- Whether the plugin is applied. Default: true
- gateway
Plugin stringAi Mcp Proxy Id - A string representing a UUID (universally unique identifier).
- instance
Name string - A unique string representing a UTF-8 encoded name.
- ordering
Gateway
Plugin Ai Mcp Proxy Ordering - partials
Gateway
Plugin Ai Mcp Proxy Partial[] - A list of partials to be used by the plugin.
- protocols string[]
- A set of strings representing HTTP protocols. Default: ["grpc","grpcs","http","https"]
- route
Gateway
Plugin Ai Mcp Proxy Route - If set, the plugin will only activate when receiving requests via the specified route. Leave unset for the plugin to activate regardless of the route being used.
- service
Gateway
Plugin Ai Mcp Proxy Service - If set, the plugin will only activate when receiving requests via one of the routes belonging to the specified Service. Leave unset for the plugin to activate regardless of the Service being matched.
- string[]
- An optional set of strings associated with the Plugin for grouping and filtering.
- updated
At number - Unix epoch when the resource was last updated.
- config
Gateway
Plugin Ai Mcp Proxy Config Args - control_
plane_ strid - The UUID of your control plane. This variable is available in the Konnect manager. Requires replacement if changed.
- condition str
- An expression used for conditional control over plugin execution. If the expression evaluates to
trueduring the request flow, the plugin is executed; otherwise, it is skipped. - created_
at float - Unix epoch when the resource was created.
- enabled bool
- Whether the plugin is applied. Default: true
- gateway_
plugin_ strai_ mcp_ proxy_ id - A string representing a UUID (universally unique identifier).
- instance_
name str - A unique string representing a UTF-8 encoded name.
- ordering
Gateway
Plugin Ai Mcp Proxy Ordering Args - partials
Sequence[Gateway
Plugin Ai Mcp Proxy Partial Args] - A list of partials to be used by the plugin.
- protocols Sequence[str]
- A set of strings representing HTTP protocols. Default: ["grpc","grpcs","http","https"]
- route
Gateway
Plugin Ai Mcp Proxy Route Args - If set, the plugin will only activate when receiving requests via the specified route. Leave unset for the plugin to activate regardless of the route being used.
- service
Gateway
Plugin Ai Mcp Proxy Service Args - If set, the plugin will only activate when receiving requests via one of the routes belonging to the specified Service. Leave unset for the plugin to activate regardless of the Service being matched.
- Sequence[str]
- An optional set of strings associated with the Plugin for grouping and filtering.
- updated_
at float - Unix epoch when the resource was last updated.
- config Property Map
- control
Plane StringId - The UUID of your control plane. This variable is available in the Konnect manager. Requires replacement if changed.
- condition String
- An expression used for conditional control over plugin execution. If the expression evaluates to
trueduring the request flow, the plugin is executed; otherwise, it is skipped. - created
At Number - Unix epoch when the resource was created.
- enabled Boolean
- Whether the plugin is applied. Default: true
- gateway
Plugin StringAi Mcp Proxy Id - A string representing a UUID (universally unique identifier).
- instance
Name String - A unique string representing a UTF-8 encoded name.
- ordering Property Map
- partials List<Property Map>
- A list of partials to be used by the plugin.
- protocols List<String>
- A set of strings representing HTTP protocols. Default: ["grpc","grpcs","http","https"]
- route Property Map
- If set, the plugin will only activate when receiving requests via the specified route. Leave unset for the plugin to activate regardless of the route being used.
- service Property Map
- If set, the plugin will only activate when receiving requests via one of the routes belonging to the specified Service. Leave unset for the plugin to activate regardless of the Service being matched.
- List<String>
- An optional set of strings associated with the Plugin for grouping and filtering.
- updated
At Number - Unix epoch when the resource was last updated.
Outputs
All input properties are implicitly available as output properties. Additionally, the GatewayPluginAiMcpProxy resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing GatewayPluginAiMcpProxy Resource
Get an existing GatewayPluginAiMcpProxy resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: GatewayPluginAiMcpProxyState, opts?: CustomResourceOptions): GatewayPluginAiMcpProxy@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
condition: Optional[str] = None,
config: Optional[GatewayPluginAiMcpProxyConfigArgs] = None,
control_plane_id: Optional[str] = None,
created_at: Optional[float] = None,
enabled: Optional[bool] = None,
gateway_plugin_ai_mcp_proxy_id: Optional[str] = None,
instance_name: Optional[str] = None,
ordering: Optional[GatewayPluginAiMcpProxyOrderingArgs] = None,
partials: Optional[Sequence[GatewayPluginAiMcpProxyPartialArgs]] = None,
protocols: Optional[Sequence[str]] = None,
route: Optional[GatewayPluginAiMcpProxyRouteArgs] = None,
service: Optional[GatewayPluginAiMcpProxyServiceArgs] = None,
tags: Optional[Sequence[str]] = None,
updated_at: Optional[float] = None) -> GatewayPluginAiMcpProxyfunc GetGatewayPluginAiMcpProxy(ctx *Context, name string, id IDInput, state *GatewayPluginAiMcpProxyState, opts ...ResourceOption) (*GatewayPluginAiMcpProxy, error)public static GatewayPluginAiMcpProxy Get(string name, Input<string> id, GatewayPluginAiMcpProxyState? state, CustomResourceOptions? opts = null)public static GatewayPluginAiMcpProxy get(String name, Output<String> id, GatewayPluginAiMcpProxyState state, CustomResourceOptions options)resources: _: type: konnect:GatewayPluginAiMcpProxy get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Condition string
- An expression used for conditional control over plugin execution. If the expression evaluates to
trueduring the request flow, the plugin is executed; otherwise, it is skipped. - Config
Gateway
Plugin Ai Mcp Proxy Config - Control
Plane stringId - The UUID of your control plane. This variable is available in the Konnect manager. Requires replacement if changed.
- Created
At double - Unix epoch when the resource was created.
- Enabled bool
- Whether the plugin is applied. Default: true
- Gateway
Plugin stringAi Mcp Proxy Id - A string representing a UUID (universally unique identifier).
- Instance
Name string - A unique string representing a UTF-8 encoded name.
- Ordering
Gateway
Plugin Ai Mcp Proxy Ordering - Partials
List<Gateway
Plugin Ai Mcp Proxy Partial> - A list of partials to be used by the plugin.
- Protocols List<string>
- A set of strings representing HTTP protocols. Default: ["grpc","grpcs","http","https"]
- Route
Gateway
Plugin Ai Mcp Proxy Route - If set, the plugin will only activate when receiving requests via the specified route. Leave unset for the plugin to activate regardless of the route being used.
- Service
Gateway
Plugin Ai Mcp Proxy Service - If set, the plugin will only activate when receiving requests via one of the routes belonging to the specified Service. Leave unset for the plugin to activate regardless of the Service being matched.
- List<string>
- An optional set of strings associated with the Plugin for grouping and filtering.
- Updated
At double - Unix epoch when the resource was last updated.
- Condition string
- An expression used for conditional control over plugin execution. If the expression evaluates to
trueduring the request flow, the plugin is executed; otherwise, it is skipped. - Config
Gateway
Plugin Ai Mcp Proxy Config Args - Control
Plane stringId - The UUID of your control plane. This variable is available in the Konnect manager. Requires replacement if changed.
- Created
At float64 - Unix epoch when the resource was created.
- Enabled bool
- Whether the plugin is applied. Default: true
- Gateway
Plugin stringAi Mcp Proxy Id - A string representing a UUID (universally unique identifier).
- Instance
Name string - A unique string representing a UTF-8 encoded name.
- Ordering
Gateway
Plugin Ai Mcp Proxy Ordering Args - Partials
[]Gateway
Plugin Ai Mcp Proxy Partial Args - A list of partials to be used by the plugin.
- Protocols []string
- A set of strings representing HTTP protocols. Default: ["grpc","grpcs","http","https"]
- Route
Gateway
Plugin Ai Mcp Proxy Route Args - If set, the plugin will only activate when receiving requests via the specified route. Leave unset for the plugin to activate regardless of the route being used.
- Service
Gateway
Plugin Ai Mcp Proxy Service Args - If set, the plugin will only activate when receiving requests via one of the routes belonging to the specified Service. Leave unset for the plugin to activate regardless of the Service being matched.
- []string
- An optional set of strings associated with the Plugin for grouping and filtering.
- Updated
At float64 - Unix epoch when the resource was last updated.
- condition String
- An expression used for conditional control over plugin execution. If the expression evaluates to
trueduring the request flow, the plugin is executed; otherwise, it is skipped. - config
Gateway
Plugin Ai Mcp Proxy Config - control
Plane StringId - The UUID of your control plane. This variable is available in the Konnect manager. Requires replacement if changed.
- created
At Double - Unix epoch when the resource was created.
- enabled Boolean
- Whether the plugin is applied. Default: true
- gateway
Plugin StringAi Mcp Proxy Id - A string representing a UUID (universally unique identifier).
- instance
Name String - A unique string representing a UTF-8 encoded name.
- ordering
Gateway
Plugin Ai Mcp Proxy Ordering - partials
List<Gateway
Plugin Ai Mcp Proxy Partial> - A list of partials to be used by the plugin.
- protocols List<String>
- A set of strings representing HTTP protocols. Default: ["grpc","grpcs","http","https"]
- route
Gateway
Plugin Ai Mcp Proxy Route - If set, the plugin will only activate when receiving requests via the specified route. Leave unset for the plugin to activate regardless of the route being used.
- service
Gateway
Plugin Ai Mcp Proxy Service - If set, the plugin will only activate when receiving requests via one of the routes belonging to the specified Service. Leave unset for the plugin to activate regardless of the Service being matched.
- List<String>
- An optional set of strings associated with the Plugin for grouping and filtering.
- updated
At Double - Unix epoch when the resource was last updated.
- condition string
- An expression used for conditional control over plugin execution. If the expression evaluates to
trueduring the request flow, the plugin is executed; otherwise, it is skipped. - config
Gateway
Plugin Ai Mcp Proxy Config - control
Plane stringId - The UUID of your control plane. This variable is available in the Konnect manager. Requires replacement if changed.
- created
At number - Unix epoch when the resource was created.
- enabled boolean
- Whether the plugin is applied. Default: true
- gateway
Plugin stringAi Mcp Proxy Id - A string representing a UUID (universally unique identifier).
- instance
Name string - A unique string representing a UTF-8 encoded name.
- ordering
Gateway
Plugin Ai Mcp Proxy Ordering - partials
Gateway
Plugin Ai Mcp Proxy Partial[] - A list of partials to be used by the plugin.
- protocols string[]
- A set of strings representing HTTP protocols. Default: ["grpc","grpcs","http","https"]
- route
Gateway
Plugin Ai Mcp Proxy Route - If set, the plugin will only activate when receiving requests via the specified route. Leave unset for the plugin to activate regardless of the route being used.
- service
Gateway
Plugin Ai Mcp Proxy Service - If set, the plugin will only activate when receiving requests via one of the routes belonging to the specified Service. Leave unset for the plugin to activate regardless of the Service being matched.
- string[]
- An optional set of strings associated with the Plugin for grouping and filtering.
- updated
At number - Unix epoch when the resource was last updated.
- condition str
- An expression used for conditional control over plugin execution. If the expression evaluates to
trueduring the request flow, the plugin is executed; otherwise, it is skipped. - config
Gateway
Plugin Ai Mcp Proxy Config Args - control_
plane_ strid - The UUID of your control plane. This variable is available in the Konnect manager. Requires replacement if changed.
- created_
at float - Unix epoch when the resource was created.
- enabled bool
- Whether the plugin is applied. Default: true
- gateway_
plugin_ strai_ mcp_ proxy_ id - A string representing a UUID (universally unique identifier).
- instance_
name str - A unique string representing a UTF-8 encoded name.
- ordering
Gateway
Plugin Ai Mcp Proxy Ordering Args - partials
Sequence[Gateway
Plugin Ai Mcp Proxy Partial Args] - A list of partials to be used by the plugin.
- protocols Sequence[str]
- A set of strings representing HTTP protocols. Default: ["grpc","grpcs","http","https"]
- route
Gateway
Plugin Ai Mcp Proxy Route Args - If set, the plugin will only activate when receiving requests via the specified route. Leave unset for the plugin to activate regardless of the route being used.
- service
Gateway
Plugin Ai Mcp Proxy Service Args - If set, the plugin will only activate when receiving requests via one of the routes belonging to the specified Service. Leave unset for the plugin to activate regardless of the Service being matched.
- Sequence[str]
- An optional set of strings associated with the Plugin for grouping and filtering.
- updated_
at float - Unix epoch when the resource was last updated.
- condition String
- An expression used for conditional control over plugin execution. If the expression evaluates to
trueduring the request flow, the plugin is executed; otherwise, it is skipped. - config Property Map
- control
Plane StringId - The UUID of your control plane. This variable is available in the Konnect manager. Requires replacement if changed.
- created
At Number - Unix epoch when the resource was created.
- enabled Boolean
- Whether the plugin is applied. Default: true
- gateway
Plugin StringAi Mcp Proxy Id - A string representing a UUID (universally unique identifier).
- instance
Name String - A unique string representing a UTF-8 encoded name.
- ordering Property Map
- partials List<Property Map>
- A list of partials to be used by the plugin.
- protocols List<String>
- A set of strings representing HTTP protocols. Default: ["grpc","grpcs","http","https"]
- route Property Map
- If set, the plugin will only activate when receiving requests via the specified route. Leave unset for the plugin to activate regardless of the route being used.
- service Property Map
- If set, the plugin will only activate when receiving requests via one of the routes belonging to the specified Service. Leave unset for the plugin to activate regardless of the Service being matched.
- List<String>
- An optional set of strings associated with the Plugin for grouping and filtering.
- updated
At Number - Unix epoch when the resource was last updated.
Supporting Types
GatewayPluginAiMcpProxyConfig, GatewayPluginAiMcpProxyConfigArgs
- Mode string
- The mode of the MCP proxy. Possible values are: 'passthrough-listener', 'conversion-listener', 'conversion-only', 'listener'. possible known values include one of ["conversion-listener", "conversion-only", "listener", "passthrough-listener"]
- Access
Token stringClaim Field - The claim in the OAuth2 access token to use as the subject for ACL evaluation when 'aclattributetype' is set to 'oauthaccesstoken'. Nested claim can be fetched by using a jq filter starts with dot, e.g., ".user.email": https://jqlang.org/manual/#object-identifier-index.
- Acl
Attribute stringType - The type of attributes that ACL is evaluated with. Should only be configured on listener modes, not conversion-only. possible known values include one of ["consumer", "oauthaccesstoken"]; Default: "consumer"
- Consumer
Identifier string - Which subject type entries in ACL lists refer to for per-consumer matching. Should only be configured on listener modes, not conversion-only. possible known values include one of ["consumerid", "customid", "username"]; Default: "username"
- Default
Acls List<GatewayPlugin Ai Mcp Proxy Config Default Acl> - Optional list of default ACL rules keyed by scope (for example: tools).
- Include
Consumer boolGroups - If enabled (true), allows Consumer Group names to be used in default and per-primitive ACL. Should only be configured on listener modes, not conversion-only. Default: false
- Logging
Gateway
Plugin Ai Mcp Proxy Config Logging - Max
Request doubleBody Size - max allowed body size allowed to be handled as MCP request. 0 means unlimited, but the size of this body will still be limited by Nginx's clientmaxbody_size. Default: 1048576
- Server
Gateway
Plugin Ai Mcp Proxy Config Server - Tools
List<Gateway
Plugin Ai Mcp Proxy Config Tool>
- Mode string
- The mode of the MCP proxy. Possible values are: 'passthrough-listener', 'conversion-listener', 'conversion-only', 'listener'. possible known values include one of ["conversion-listener", "conversion-only", "listener", "passthrough-listener"]
- Access
Token stringClaim Field - The claim in the OAuth2 access token to use as the subject for ACL evaluation when 'aclattributetype' is set to 'oauthaccesstoken'. Nested claim can be fetched by using a jq filter starts with dot, e.g., ".user.email": https://jqlang.org/manual/#object-identifier-index.
- Acl
Attribute stringType - The type of attributes that ACL is evaluated with. Should only be configured on listener modes, not conversion-only. possible known values include one of ["consumer", "oauthaccesstoken"]; Default: "consumer"
- Consumer
Identifier string - Which subject type entries in ACL lists refer to for per-consumer matching. Should only be configured on listener modes, not conversion-only. possible known values include one of ["consumerid", "customid", "username"]; Default: "username"
- Default
Acls []GatewayPlugin Ai Mcp Proxy Config Default Acl - Optional list of default ACL rules keyed by scope (for example: tools).
- Include
Consumer boolGroups - If enabled (true), allows Consumer Group names to be used in default and per-primitive ACL. Should only be configured on listener modes, not conversion-only. Default: false
- Logging
Gateway
Plugin Ai Mcp Proxy Config Logging - Max
Request float64Body Size - max allowed body size allowed to be handled as MCP request. 0 means unlimited, but the size of this body will still be limited by Nginx's clientmaxbody_size. Default: 1048576
- Server
Gateway
Plugin Ai Mcp Proxy Config Server - Tools
[]Gateway
Plugin Ai Mcp Proxy Config Tool
- mode String
- The mode of the MCP proxy. Possible values are: 'passthrough-listener', 'conversion-listener', 'conversion-only', 'listener'. possible known values include one of ["conversion-listener", "conversion-only", "listener", "passthrough-listener"]
- access
Token StringClaim Field - The claim in the OAuth2 access token to use as the subject for ACL evaluation when 'aclattributetype' is set to 'oauthaccesstoken'. Nested claim can be fetched by using a jq filter starts with dot, e.g., ".user.email": https://jqlang.org/manual/#object-identifier-index.
- acl
Attribute StringType - The type of attributes that ACL is evaluated with. Should only be configured on listener modes, not conversion-only. possible known values include one of ["consumer", "oauthaccesstoken"]; Default: "consumer"
- consumer
Identifier String - Which subject type entries in ACL lists refer to for per-consumer matching. Should only be configured on listener modes, not conversion-only. possible known values include one of ["consumerid", "customid", "username"]; Default: "username"
- default
Acls List<GatewayPlugin Ai Mcp Proxy Config Default Acl> - Optional list of default ACL rules keyed by scope (for example: tools).
- include
Consumer BooleanGroups - If enabled (true), allows Consumer Group names to be used in default and per-primitive ACL. Should only be configured on listener modes, not conversion-only. Default: false
- logging
Gateway
Plugin Ai Mcp Proxy Config Logging - max
Request DoubleBody Size - max allowed body size allowed to be handled as MCP request. 0 means unlimited, but the size of this body will still be limited by Nginx's clientmaxbody_size. Default: 1048576
- server
Gateway
Plugin Ai Mcp Proxy Config Server - tools
List<Gateway
Plugin Ai Mcp Proxy Config Tool>
- mode string
- The mode of the MCP proxy. Possible values are: 'passthrough-listener', 'conversion-listener', 'conversion-only', 'listener'. possible known values include one of ["conversion-listener", "conversion-only", "listener", "passthrough-listener"]
- access
Token stringClaim Field - The claim in the OAuth2 access token to use as the subject for ACL evaluation when 'aclattributetype' is set to 'oauthaccesstoken'. Nested claim can be fetched by using a jq filter starts with dot, e.g., ".user.email": https://jqlang.org/manual/#object-identifier-index.
- acl
Attribute stringType - The type of attributes that ACL is evaluated with. Should only be configured on listener modes, not conversion-only. possible known values include one of ["consumer", "oauthaccesstoken"]; Default: "consumer"
- consumer
Identifier string - Which subject type entries in ACL lists refer to for per-consumer matching. Should only be configured on listener modes, not conversion-only. possible known values include one of ["consumerid", "customid", "username"]; Default: "username"
- default
Acls GatewayPlugin Ai Mcp Proxy Config Default Acl[] - Optional list of default ACL rules keyed by scope (for example: tools).
- include
Consumer booleanGroups - If enabled (true), allows Consumer Group names to be used in default and per-primitive ACL. Should only be configured on listener modes, not conversion-only. Default: false
- logging
Gateway
Plugin Ai Mcp Proxy Config Logging - max
Request numberBody Size - max allowed body size allowed to be handled as MCP request. 0 means unlimited, but the size of this body will still be limited by Nginx's clientmaxbody_size. Default: 1048576
- server
Gateway
Plugin Ai Mcp Proxy Config Server - tools
Gateway
Plugin Ai Mcp Proxy Config Tool[]
- mode str
- The mode of the MCP proxy. Possible values are: 'passthrough-listener', 'conversion-listener', 'conversion-only', 'listener'. possible known values include one of ["conversion-listener", "conversion-only", "listener", "passthrough-listener"]
- access_
token_ strclaim_ field - The claim in the OAuth2 access token to use as the subject for ACL evaluation when 'aclattributetype' is set to 'oauthaccesstoken'. Nested claim can be fetched by using a jq filter starts with dot, e.g., ".user.email": https://jqlang.org/manual/#object-identifier-index.
- acl_
attribute_ strtype - The type of attributes that ACL is evaluated with. Should only be configured on listener modes, not conversion-only. possible known values include one of ["consumer", "oauthaccesstoken"]; Default: "consumer"
- consumer_
identifier str - Which subject type entries in ACL lists refer to for per-consumer matching. Should only be configured on listener modes, not conversion-only. possible known values include one of ["consumerid", "customid", "username"]; Default: "username"
- default_
acls Sequence[GatewayPlugin Ai Mcp Proxy Config Default Acl] - Optional list of default ACL rules keyed by scope (for example: tools).
- include_
consumer_ boolgroups - If enabled (true), allows Consumer Group names to be used in default and per-primitive ACL. Should only be configured on listener modes, not conversion-only. Default: false
- logging
Gateway
Plugin Ai Mcp Proxy Config Logging - max_
request_ floatbody_ size - max allowed body size allowed to be handled as MCP request. 0 means unlimited, but the size of this body will still be limited by Nginx's clientmaxbody_size. Default: 1048576
- server
Gateway
Plugin Ai Mcp Proxy Config Server - tools
Sequence[Gateway
Plugin Ai Mcp Proxy Config Tool]
- mode String
- The mode of the MCP proxy. Possible values are: 'passthrough-listener', 'conversion-listener', 'conversion-only', 'listener'. possible known values include one of ["conversion-listener", "conversion-only", "listener", "passthrough-listener"]
- access
Token StringClaim Field - The claim in the OAuth2 access token to use as the subject for ACL evaluation when 'aclattributetype' is set to 'oauthaccesstoken'. Nested claim can be fetched by using a jq filter starts with dot, e.g., ".user.email": https://jqlang.org/manual/#object-identifier-index.
- acl
Attribute StringType - The type of attributes that ACL is evaluated with. Should only be configured on listener modes, not conversion-only. possible known values include one of ["consumer", "oauthaccesstoken"]; Default: "consumer"
- consumer
Identifier String - Which subject type entries in ACL lists refer to for per-consumer matching. Should only be configured on listener modes, not conversion-only. possible known values include one of ["consumerid", "customid", "username"]; Default: "username"
- default
Acls List<Property Map> - Optional list of default ACL rules keyed by scope (for example: tools).
- include
Consumer BooleanGroups - If enabled (true), allows Consumer Group names to be used in default and per-primitive ACL. Should only be configured on listener modes, not conversion-only. Default: false
- logging Property Map
- max
Request NumberBody Size - max allowed body size allowed to be handled as MCP request. 0 means unlimited, but the size of this body will still be limited by Nginx's clientmaxbody_size. Default: 1048576
- server Property Map
- tools List<Property Map>
GatewayPluginAiMcpProxyConfigDefaultAcl, GatewayPluginAiMcpProxyConfigDefaultAclArgs
- Allows List<string>
- Subjects (e.g. Consumer name, Consumer Groups, or Claim values depending on configuration) explicitly allowed to access this scope.
- Denies List<string>
- Subjects (e.g. Consumer name, Consumer Groups, or Claim values depending on configuration) explicitly denied from this scope.
denytakes precedence overallow. - Scope string
- Scope for this default ACL entry (for example: 'tools'). Defaults to 'tools'. Default: "tools"
- Allows []string
- Subjects (e.g. Consumer name, Consumer Groups, or Claim values depending on configuration) explicitly allowed to access this scope.
- Denies []string
- Subjects (e.g. Consumer name, Consumer Groups, or Claim values depending on configuration) explicitly denied from this scope.
denytakes precedence overallow. - Scope string
- Scope for this default ACL entry (for example: 'tools'). Defaults to 'tools'. Default: "tools"
- allows List<String>
- Subjects (e.g. Consumer name, Consumer Groups, or Claim values depending on configuration) explicitly allowed to access this scope.
- denies List<String>
- Subjects (e.g. Consumer name, Consumer Groups, or Claim values depending on configuration) explicitly denied from this scope.
denytakes precedence overallow. - scope String
- Scope for this default ACL entry (for example: 'tools'). Defaults to 'tools'. Default: "tools"
- allows string[]
- Subjects (e.g. Consumer name, Consumer Groups, or Claim values depending on configuration) explicitly allowed to access this scope.
- denies string[]
- Subjects (e.g. Consumer name, Consumer Groups, or Claim values depending on configuration) explicitly denied from this scope.
denytakes precedence overallow. - scope string
- Scope for this default ACL entry (for example: 'tools'). Defaults to 'tools'. Default: "tools"
- allows Sequence[str]
- Subjects (e.g. Consumer name, Consumer Groups, or Claim values depending on configuration) explicitly allowed to access this scope.
- denies Sequence[str]
- Subjects (e.g. Consumer name, Consumer Groups, or Claim values depending on configuration) explicitly denied from this scope.
denytakes precedence overallow. - scope str
- Scope for this default ACL entry (for example: 'tools'). Defaults to 'tools'. Default: "tools"
- allows List<String>
- Subjects (e.g. Consumer name, Consumer Groups, or Claim values depending on configuration) explicitly allowed to access this scope.
- denies List<String>
- Subjects (e.g. Consumer name, Consumer Groups, or Claim values depending on configuration) explicitly denied from this scope.
denytakes precedence overallow. - scope String
- Scope for this default ACL entry (for example: 'tools'). Defaults to 'tools'. Default: "tools"
GatewayPluginAiMcpProxyConfigLogging, GatewayPluginAiMcpProxyConfigLoggingArgs
- Log
Audits bool - If true, emit audit logs for ACL evaluations. Default: false
- Log
Payloads bool - If enabled, will log the request and response body into the Kong log plugin(s) output. Default: false
- Log
Statistics bool - If enabled, will add mcp metrics into the Kong log plugin(s) output. Default: false
- Log
Audits bool - If true, emit audit logs for ACL evaluations. Default: false
- Log
Payloads bool - If enabled, will log the request and response body into the Kong log plugin(s) output. Default: false
- Log
Statistics bool - If enabled, will add mcp metrics into the Kong log plugin(s) output. Default: false
- log
Audits Boolean - If true, emit audit logs for ACL evaluations. Default: false
- log
Payloads Boolean - If enabled, will log the request and response body into the Kong log plugin(s) output. Default: false
- log
Statistics Boolean - If enabled, will add mcp metrics into the Kong log plugin(s) output. Default: false
- log
Audits boolean - If true, emit audit logs for ACL evaluations. Default: false
- log
Payloads boolean - If enabled, will log the request and response body into the Kong log plugin(s) output. Default: false
- log
Statistics boolean - If enabled, will add mcp metrics into the Kong log plugin(s) output. Default: false
- log_
audits bool - If true, emit audit logs for ACL evaluations. Default: false
- log_
payloads bool - If enabled, will log the request and response body into the Kong log plugin(s) output. Default: false
- log_
statistics bool - If enabled, will add mcp metrics into the Kong log plugin(s) output. Default: false
- log
Audits Boolean - If true, emit audit logs for ACL evaluations. Default: false
- log
Payloads Boolean - If enabled, will log the request and response body into the Kong log plugin(s) output. Default: false
- log
Statistics Boolean - If enabled, will add mcp metrics into the Kong log plugin(s) output. Default: false
GatewayPluginAiMcpProxyConfigServer, GatewayPluginAiMcpProxyConfigServerArgs
- Forward
Client boolHeaders - Whether to forward the client request headers to the upstream server when calling the tools. Default: true
- Session
Gateway
Plugin Ai Mcp Proxy Config Server Session - Enable managed session when Kong responds as MCP server in listener or conversion-listener modes. This doesn't affect the passthrough-listener mode as the state in that mode is maintained by the upstream MCP servers.
- Tag string
- The tag of the MCP server. This is used to filter the exported MCP tools. The field should contain exactly one tag.
- Timeout double
- The timeout for calling the tools in milliseconds. Default: 10000
- Forward
Client boolHeaders - Whether to forward the client request headers to the upstream server when calling the tools. Default: true
- Session
Gateway
Plugin Ai Mcp Proxy Config Server Session - Enable managed session when Kong responds as MCP server in listener or conversion-listener modes. This doesn't affect the passthrough-listener mode as the state in that mode is maintained by the upstream MCP servers.
- Tag string
- The tag of the MCP server. This is used to filter the exported MCP tools. The field should contain exactly one tag.
- Timeout float64
- The timeout for calling the tools in milliseconds. Default: 10000
- forward
Client BooleanHeaders - Whether to forward the client request headers to the upstream server when calling the tools. Default: true
- session
Gateway
Plugin Ai Mcp Proxy Config Server Session - Enable managed session when Kong responds as MCP server in listener or conversion-listener modes. This doesn't affect the passthrough-listener mode as the state in that mode is maintained by the upstream MCP servers.
- tag String
- The tag of the MCP server. This is used to filter the exported MCP tools. The field should contain exactly one tag.
- timeout Double
- The timeout for calling the tools in milliseconds. Default: 10000
- forward
Client booleanHeaders - Whether to forward the client request headers to the upstream server when calling the tools. Default: true
- session
Gateway
Plugin Ai Mcp Proxy Config Server Session - Enable managed session when Kong responds as MCP server in listener or conversion-listener modes. This doesn't affect the passthrough-listener mode as the state in that mode is maintained by the upstream MCP servers.
- tag string
- The tag of the MCP server. This is used to filter the exported MCP tools. The field should contain exactly one tag.
- timeout number
- The timeout for calling the tools in milliseconds. Default: 10000
- forward_
client_ boolheaders - Whether to forward the client request headers to the upstream server when calling the tools. Default: true
- session
Gateway
Plugin Ai Mcp Proxy Config Server Session - Enable managed session when Kong responds as MCP server in listener or conversion-listener modes. This doesn't affect the passthrough-listener mode as the state in that mode is maintained by the upstream MCP servers.
- tag str
- The tag of the MCP server. This is used to filter the exported MCP tools. The field should contain exactly one tag.
- timeout float
- The timeout for calling the tools in milliseconds. Default: 10000
- forward
Client BooleanHeaders - Whether to forward the client request headers to the upstream server when calling the tools. Default: true
- session Property Map
- Enable managed session when Kong responds as MCP server in listener or conversion-listener modes. This doesn't affect the passthrough-listener mode as the state in that mode is maintained by the upstream MCP servers.
- tag String
- The tag of the MCP server. This is used to filter the exported MCP tools. The field should contain exactly one tag.
- timeout Number
- The timeout for calling the tools in milliseconds. Default: 10000
GatewayPluginAiMcpProxyConfigServerSession, GatewayPluginAiMcpProxyConfigServerSessionArgs
- Client
Gateway
Plugin Ai Mcp Proxy Config Server Session Client - The configuration for client-side session storage.
- Managed bool
- If enabled, Kong will maintain managed sessions with the MCP server. Default: true
- Redis
Gateway
Plugin Ai Mcp Proxy Config Server Session Redis - Session
Ttl double - The time-to-live (TTL) for each session in seconds. Default: 86400
- Strategy string
- The strategy for the session. If the value is 'client', the session is encrypted into MCP session id assigned to the client. If the value is not 'client', the session is stored in the configured database. possible known values include one of ["client", "redis"]
- Client
Gateway
Plugin Ai Mcp Proxy Config Server Session Client - The configuration for client-side session storage.
- Managed bool
- If enabled, Kong will maintain managed sessions with the MCP server. Default: true
- Redis
Gateway
Plugin Ai Mcp Proxy Config Server Session Redis - Session
Ttl float64 - The time-to-live (TTL) for each session in seconds. Default: 86400
- Strategy string
- The strategy for the session. If the value is 'client', the session is encrypted into MCP session id assigned to the client. If the value is not 'client', the session is stored in the configured database. possible known values include one of ["client", "redis"]
- client
Gateway
Plugin Ai Mcp Proxy Config Server Session Client - The configuration for client-side session storage.
- managed Boolean
- If enabled, Kong will maintain managed sessions with the MCP server. Default: true
- redis
Gateway
Plugin Ai Mcp Proxy Config Server Session Redis - session
Ttl Double - The time-to-live (TTL) for each session in seconds. Default: 86400
- strategy String
- The strategy for the session. If the value is 'client', the session is encrypted into MCP session id assigned to the client. If the value is not 'client', the session is stored in the configured database. possible known values include one of ["client", "redis"]
- client
Gateway
Plugin Ai Mcp Proxy Config Server Session Client - The configuration for client-side session storage.
- managed boolean
- If enabled, Kong will maintain managed sessions with the MCP server. Default: true
- redis
Gateway
Plugin Ai Mcp Proxy Config Server Session Redis - session
Ttl number - The time-to-live (TTL) for each session in seconds. Default: 86400
- strategy string
- The strategy for the session. If the value is 'client', the session is encrypted into MCP session id assigned to the client. If the value is not 'client', the session is stored in the configured database. possible known values include one of ["client", "redis"]
- client
Gateway
Plugin Ai Mcp Proxy Config Server Session Client - The configuration for client-side session storage.
- managed bool
- If enabled, Kong will maintain managed sessions with the MCP server. Default: true
- redis
Gateway
Plugin Ai Mcp Proxy Config Server Session Redis - session_
ttl float - The time-to-live (TTL) for each session in seconds. Default: 86400
- strategy str
- The strategy for the session. If the value is 'client', the session is encrypted into MCP session id assigned to the client. If the value is not 'client', the session is stored in the configured database. possible known values include one of ["client", "redis"]
- client Property Map
- The configuration for client-side session storage.
- managed Boolean
- If enabled, Kong will maintain managed sessions with the MCP server. Default: true
- redis Property Map
- session
Ttl Number - The time-to-live (TTL) for each session in seconds. Default: 86400
- strategy String
- The strategy for the session. If the value is 'client', the session is encrypted into MCP session id assigned to the client. If the value is not 'client', the session is stored in the configured database. possible known values include one of ["client", "redis"]
GatewayPluginAiMcpProxyConfigServerSessionClient, GatewayPluginAiMcpProxyConfigServerSessionClientArgs
- Secrets List<string>
- The secrets that are used in session encryption. Required when the strategy is 'client'. The first secret is used for encryption, while all secrets are used for decryption to support key rotation.
- Secrets []string
- The secrets that are used in session encryption. Required when the strategy is 'client'. The first secret is used for encryption, while all secrets are used for decryption to support key rotation.
- secrets List<String>
- The secrets that are used in session encryption. Required when the strategy is 'client'. The first secret is used for encryption, while all secrets are used for decryption to support key rotation.
- secrets string[]
- The secrets that are used in session encryption. Required when the strategy is 'client'. The first secret is used for encryption, while all secrets are used for decryption to support key rotation.
- secrets Sequence[str]
- The secrets that are used in session encryption. Required when the strategy is 'client'. The first secret is used for encryption, while all secrets are used for decryption to support key rotation.
- secrets List<String>
- The secrets that are used in session encryption. Required when the strategy is 'client'. The first secret is used for encryption, while all secrets are used for decryption to support key rotation.
GatewayPluginAiMcpProxyConfigServerSessionRedis, GatewayPluginAiMcpProxyConfigServerSessionRedisArgs
- Cloud
Authentication GatewayPlugin Ai Mcp Proxy Config Server Session Redis Cloud Authentication - Cloud auth related configs for connecting to a Cloud Provider's Redis instance.
- Cluster
Max doubleRedirections - Maximum retry attempts for redirection. Default: 5
- Cluster
Nodes List<GatewayPlugin Ai Mcp Proxy Config Server Session Redis Cluster Node> - Cluster addresses to use for Redis connections when the
redisstrategy is defined. Defining this field implies using a Redis Cluster. The minimum length of the array is 1 element. - Connect
Timeout double - An integer representing a timeout in milliseconds. Must be between 0 and 2^31-2. Default: 2000
- Connection
Is boolProxied - If the connection to Redis is proxied (e.g. Envoy), set it
true. Set thehostandportto point to the proxy address. Default: false - Database double
- Database to use for the Redis connection when using the
redisstrategy. Default: 0 - Host string
- A string representing a host name, such as example.com. Default: "127.0.0.1"
- Keepalive
Backlog double - Limits the total number of opened connections for a pool. If the connection pool is full, connection queues above the limit go into the backlog queue. If the backlog queue is full, subsequent connect operations fail and return
nil. Queued operations (subject to set timeouts) resume once the number of connections in the pool is less thankeepalive_pool_size. If latency is high or throughput is low, try increasing this value. Empirically, this value is larger thankeepalive_pool_size. - Keepalive
Pool doubleSize - The size limit for every cosocket connection pool associated with every remote server, per worker process. If neither
keepalive_pool_sizenorkeepalive_backlogis specified, no pool is created. Ifkeepalive_pool_sizeisn't specified butkeepalive_backlogis specified, then the pool uses the default value. Try to increase (e.g. 512) this value if latency is high or throughput is low. Default: 256 - Password string
- Password to use for Redis connections. If undefined, no AUTH commands are sent to Redis.
- Port double
- An integer representing a port number between 0 and 65535, inclusive. Default: 6379
- Read
Timeout double - An integer representing a timeout in milliseconds. Must be between 0 and 2^31-2. Default: 2000
- Send
Timeout double - An integer representing a timeout in milliseconds. Must be between 0 and 2^31-2. Default: 2000
- Sentinel
Master string - Sentinel master to use for Redis connections. Defining this value implies using Redis Sentinel.
- Sentinel
Nodes List<GatewayPlugin Ai Mcp Proxy Config Server Session Redis Sentinel Node> - Sentinel node addresses to use for Redis connections when the
redisstrategy is defined. Defining this field implies using a Redis Sentinel. The minimum length of the array is 1 element. - Sentinel
Password string - Sentinel password to authenticate with a Redis Sentinel instance. If undefined, no AUTH commands are sent to Redis Sentinels.
- Sentinel
Role string - Sentinel role to use for Redis connections when the
redisstrategy is defined. Defining this value implies using Redis Sentinel. possible known values include one of ["any", "master", "slave"] - Sentinel
Username string - Sentinel username to authenticate with a Redis Sentinel instance. If undefined, ACL authentication won't be performed. This requires Redis v6.2.0+.
- Server
Name string - A string representing an SNI (server name indication) value for TLS.
- Ssl bool
- If set to true, uses SSL to connect to Redis. Default: false
- Ssl
Verify bool - If set to true, verifies the validity of the server SSL certificate. If setting this parameter, also configure
lua_ssl_trusted_certificateinkong.confto specify the CA (or server) certificate used by your Redis server. You may also need to configurelua_ssl_verify_depthaccordingly. Default: false - Username string
- Username to use for Redis connections. If undefined, ACL authentication won't be performed. This requires Redis v6.0.0+. To be compatible with Redis v5.x.y, you can set it to
default.
- Cloud
Authentication GatewayPlugin Ai Mcp Proxy Config Server Session Redis Cloud Authentication - Cloud auth related configs for connecting to a Cloud Provider's Redis instance.
- Cluster
Max float64Redirections - Maximum retry attempts for redirection. Default: 5
- Cluster
Nodes []GatewayPlugin Ai Mcp Proxy Config Server Session Redis Cluster Node - Cluster addresses to use for Redis connections when the
redisstrategy is defined. Defining this field implies using a Redis Cluster. The minimum length of the array is 1 element. - Connect
Timeout float64 - An integer representing a timeout in milliseconds. Must be between 0 and 2^31-2. Default: 2000
- Connection
Is boolProxied - If the connection to Redis is proxied (e.g. Envoy), set it
true. Set thehostandportto point to the proxy address. Default: false - Database float64
- Database to use for the Redis connection when using the
redisstrategy. Default: 0 - Host string
- A string representing a host name, such as example.com. Default: "127.0.0.1"
- Keepalive
Backlog float64 - Limits the total number of opened connections for a pool. If the connection pool is full, connection queues above the limit go into the backlog queue. If the backlog queue is full, subsequent connect operations fail and return
nil. Queued operations (subject to set timeouts) resume once the number of connections in the pool is less thankeepalive_pool_size. If latency is high or throughput is low, try increasing this value. Empirically, this value is larger thankeepalive_pool_size. - Keepalive
Pool float64Size - The size limit for every cosocket connection pool associated with every remote server, per worker process. If neither
keepalive_pool_sizenorkeepalive_backlogis specified, no pool is created. Ifkeepalive_pool_sizeisn't specified butkeepalive_backlogis specified, then the pool uses the default value. Try to increase (e.g. 512) this value if latency is high or throughput is low. Default: 256 - Password string
- Password to use for Redis connections. If undefined, no AUTH commands are sent to Redis.
- Port float64
- An integer representing a port number between 0 and 65535, inclusive. Default: 6379
- Read
Timeout float64 - An integer representing a timeout in milliseconds. Must be between 0 and 2^31-2. Default: 2000
- Send
Timeout float64 - An integer representing a timeout in milliseconds. Must be between 0 and 2^31-2. Default: 2000
- Sentinel
Master string - Sentinel master to use for Redis connections. Defining this value implies using Redis Sentinel.
- Sentinel
Nodes []GatewayPlugin Ai Mcp Proxy Config Server Session Redis Sentinel Node - Sentinel node addresses to use for Redis connections when the
redisstrategy is defined. Defining this field implies using a Redis Sentinel. The minimum length of the array is 1 element. - Sentinel
Password string - Sentinel password to authenticate with a Redis Sentinel instance. If undefined, no AUTH commands are sent to Redis Sentinels.
- Sentinel
Role string - Sentinel role to use for Redis connections when the
redisstrategy is defined. Defining this value implies using Redis Sentinel. possible known values include one of ["any", "master", "slave"] - Sentinel
Username string - Sentinel username to authenticate with a Redis Sentinel instance. If undefined, ACL authentication won't be performed. This requires Redis v6.2.0+.
- Server
Name string - A string representing an SNI (server name indication) value for TLS.
- Ssl bool
- If set to true, uses SSL to connect to Redis. Default: false
- Ssl
Verify bool - If set to true, verifies the validity of the server SSL certificate. If setting this parameter, also configure
lua_ssl_trusted_certificateinkong.confto specify the CA (or server) certificate used by your Redis server. You may also need to configurelua_ssl_verify_depthaccordingly. Default: false - Username string
- Username to use for Redis connections. If undefined, ACL authentication won't be performed. This requires Redis v6.0.0+. To be compatible with Redis v5.x.y, you can set it to
default.
- cloud
Authentication GatewayPlugin Ai Mcp Proxy Config Server Session Redis Cloud Authentication - Cloud auth related configs for connecting to a Cloud Provider's Redis instance.
- cluster
Max DoubleRedirections - Maximum retry attempts for redirection. Default: 5
- cluster
Nodes List<GatewayPlugin Ai Mcp Proxy Config Server Session Redis Cluster Node> - Cluster addresses to use for Redis connections when the
redisstrategy is defined. Defining this field implies using a Redis Cluster. The minimum length of the array is 1 element. - connect
Timeout Double - An integer representing a timeout in milliseconds. Must be between 0 and 2^31-2. Default: 2000
- connection
Is BooleanProxied - If the connection to Redis is proxied (e.g. Envoy), set it
true. Set thehostandportto point to the proxy address. Default: false - database Double
- Database to use for the Redis connection when using the
redisstrategy. Default: 0 - host String
- A string representing a host name, such as example.com. Default: "127.0.0.1"
- keepalive
Backlog Double - Limits the total number of opened connections for a pool. If the connection pool is full, connection queues above the limit go into the backlog queue. If the backlog queue is full, subsequent connect operations fail and return
nil. Queued operations (subject to set timeouts) resume once the number of connections in the pool is less thankeepalive_pool_size. If latency is high or throughput is low, try increasing this value. Empirically, this value is larger thankeepalive_pool_size. - keepalive
Pool DoubleSize - The size limit for every cosocket connection pool associated with every remote server, per worker process. If neither
keepalive_pool_sizenorkeepalive_backlogis specified, no pool is created. Ifkeepalive_pool_sizeisn't specified butkeepalive_backlogis specified, then the pool uses the default value. Try to increase (e.g. 512) this value if latency is high or throughput is low. Default: 256 - password String
- Password to use for Redis connections. If undefined, no AUTH commands are sent to Redis.
- port Double
- An integer representing a port number between 0 and 65535, inclusive. Default: 6379
- read
Timeout Double - An integer representing a timeout in milliseconds. Must be between 0 and 2^31-2. Default: 2000
- send
Timeout Double - An integer representing a timeout in milliseconds. Must be between 0 and 2^31-2. Default: 2000
- sentinel
Master String - Sentinel master to use for Redis connections. Defining this value implies using Redis Sentinel.
- sentinel
Nodes List<GatewayPlugin Ai Mcp Proxy Config Server Session Redis Sentinel Node> - Sentinel node addresses to use for Redis connections when the
redisstrategy is defined. Defining this field implies using a Redis Sentinel. The minimum length of the array is 1 element. - sentinel
Password String - Sentinel password to authenticate with a Redis Sentinel instance. If undefined, no AUTH commands are sent to Redis Sentinels.
- sentinel
Role String - Sentinel role to use for Redis connections when the
redisstrategy is defined. Defining this value implies using Redis Sentinel. possible known values include one of ["any", "master", "slave"] - sentinel
Username String - Sentinel username to authenticate with a Redis Sentinel instance. If undefined, ACL authentication won't be performed. This requires Redis v6.2.0+.
- server
Name String - A string representing an SNI (server name indication) value for TLS.
- ssl Boolean
- If set to true, uses SSL to connect to Redis. Default: false
- ssl
Verify Boolean - If set to true, verifies the validity of the server SSL certificate. If setting this parameter, also configure
lua_ssl_trusted_certificateinkong.confto specify the CA (or server) certificate used by your Redis server. You may also need to configurelua_ssl_verify_depthaccordingly. Default: false - username String
- Username to use for Redis connections. If undefined, ACL authentication won't be performed. This requires Redis v6.0.0+. To be compatible with Redis v5.x.y, you can set it to
default.
- cloud
Authentication GatewayPlugin Ai Mcp Proxy Config Server Session Redis Cloud Authentication - Cloud auth related configs for connecting to a Cloud Provider's Redis instance.
- cluster
Max numberRedirections - Maximum retry attempts for redirection. Default: 5
- cluster
Nodes GatewayPlugin Ai Mcp Proxy Config Server Session Redis Cluster Node[] - Cluster addresses to use for Redis connections when the
redisstrategy is defined. Defining this field implies using a Redis Cluster. The minimum length of the array is 1 element. - connect
Timeout number - An integer representing a timeout in milliseconds. Must be between 0 and 2^31-2. Default: 2000
- connection
Is booleanProxied - If the connection to Redis is proxied (e.g. Envoy), set it
true. Set thehostandportto point to the proxy address. Default: false - database number
- Database to use for the Redis connection when using the
redisstrategy. Default: 0 - host string
- A string representing a host name, such as example.com. Default: "127.0.0.1"
- keepalive
Backlog number - Limits the total number of opened connections for a pool. If the connection pool is full, connection queues above the limit go into the backlog queue. If the backlog queue is full, subsequent connect operations fail and return
nil. Queued operations (subject to set timeouts) resume once the number of connections in the pool is less thankeepalive_pool_size. If latency is high or throughput is low, try increasing this value. Empirically, this value is larger thankeepalive_pool_size. - keepalive
Pool numberSize - The size limit for every cosocket connection pool associated with every remote server, per worker process. If neither
keepalive_pool_sizenorkeepalive_backlogis specified, no pool is created. Ifkeepalive_pool_sizeisn't specified butkeepalive_backlogis specified, then the pool uses the default value. Try to increase (e.g. 512) this value if latency is high or throughput is low. Default: 256 - password string
- Password to use for Redis connections. If undefined, no AUTH commands are sent to Redis.
- port number
- An integer representing a port number between 0 and 65535, inclusive. Default: 6379
- read
Timeout number - An integer representing a timeout in milliseconds. Must be between 0 and 2^31-2. Default: 2000
- send
Timeout number - An integer representing a timeout in milliseconds. Must be between 0 and 2^31-2. Default: 2000
- sentinel
Master string - Sentinel master to use for Redis connections. Defining this value implies using Redis Sentinel.
- sentinel
Nodes GatewayPlugin Ai Mcp Proxy Config Server Session Redis Sentinel Node[] - Sentinel node addresses to use for Redis connections when the
redisstrategy is defined. Defining this field implies using a Redis Sentinel. The minimum length of the array is 1 element. - sentinel
Password string - Sentinel password to authenticate with a Redis Sentinel instance. If undefined, no AUTH commands are sent to Redis Sentinels.
- sentinel
Role string - Sentinel role to use for Redis connections when the
redisstrategy is defined. Defining this value implies using Redis Sentinel. possible known values include one of ["any", "master", "slave"] - sentinel
Username string - Sentinel username to authenticate with a Redis Sentinel instance. If undefined, ACL authentication won't be performed. This requires Redis v6.2.0+.
- server
Name string - A string representing an SNI (server name indication) value for TLS.
- ssl boolean
- If set to true, uses SSL to connect to Redis. Default: false
- ssl
Verify boolean - If set to true, verifies the validity of the server SSL certificate. If setting this parameter, also configure
lua_ssl_trusted_certificateinkong.confto specify the CA (or server) certificate used by your Redis server. You may also need to configurelua_ssl_verify_depthaccordingly. Default: false - username string
- Username to use for Redis connections. If undefined, ACL authentication won't be performed. This requires Redis v6.0.0+. To be compatible with Redis v5.x.y, you can set it to
default.
- cloud_
authentication GatewayPlugin Ai Mcp Proxy Config Server Session Redis Cloud Authentication - Cloud auth related configs for connecting to a Cloud Provider's Redis instance.
- cluster_
max_ floatredirections - Maximum retry attempts for redirection. Default: 5
- cluster_
nodes Sequence[GatewayPlugin Ai Mcp Proxy Config Server Session Redis Cluster Node] - Cluster addresses to use for Redis connections when the
redisstrategy is defined. Defining this field implies using a Redis Cluster. The minimum length of the array is 1 element. - connect_
timeout float - An integer representing a timeout in milliseconds. Must be between 0 and 2^31-2. Default: 2000
- connection_
is_ boolproxied - If the connection to Redis is proxied (e.g. Envoy), set it
true. Set thehostandportto point to the proxy address. Default: false - database float
- Database to use for the Redis connection when using the
redisstrategy. Default: 0 - host str
- A string representing a host name, such as example.com. Default: "127.0.0.1"
- keepalive_
backlog float - Limits the total number of opened connections for a pool. If the connection pool is full, connection queues above the limit go into the backlog queue. If the backlog queue is full, subsequent connect operations fail and return
nil. Queued operations (subject to set timeouts) resume once the number of connections in the pool is less thankeepalive_pool_size. If latency is high or throughput is low, try increasing this value. Empirically, this value is larger thankeepalive_pool_size. - keepalive_
pool_ floatsize - The size limit for every cosocket connection pool associated with every remote server, per worker process. If neither
keepalive_pool_sizenorkeepalive_backlogis specified, no pool is created. Ifkeepalive_pool_sizeisn't specified butkeepalive_backlogis specified, then the pool uses the default value. Try to increase (e.g. 512) this value if latency is high or throughput is low. Default: 256 - password str
- Password to use for Redis connections. If undefined, no AUTH commands are sent to Redis.
- port float
- An integer representing a port number between 0 and 65535, inclusive. Default: 6379
- read_
timeout float - An integer representing a timeout in milliseconds. Must be between 0 and 2^31-2. Default: 2000
- send_
timeout float - An integer representing a timeout in milliseconds. Must be between 0 and 2^31-2. Default: 2000
- sentinel_
master str - Sentinel master to use for Redis connections. Defining this value implies using Redis Sentinel.
- sentinel_
nodes Sequence[GatewayPlugin Ai Mcp Proxy Config Server Session Redis Sentinel Node] - Sentinel node addresses to use for Redis connections when the
redisstrategy is defined. Defining this field implies using a Redis Sentinel. The minimum length of the array is 1 element. - sentinel_
password str - Sentinel password to authenticate with a Redis Sentinel instance. If undefined, no AUTH commands are sent to Redis Sentinels.
- sentinel_
role str - Sentinel role to use for Redis connections when the
redisstrategy is defined. Defining this value implies using Redis Sentinel. possible known values include one of ["any", "master", "slave"] - sentinel_
username str - Sentinel username to authenticate with a Redis Sentinel instance. If undefined, ACL authentication won't be performed. This requires Redis v6.2.0+.
- server_
name str - A string representing an SNI (server name indication) value for TLS.
- ssl bool
- If set to true, uses SSL to connect to Redis. Default: false
- ssl_
verify bool - If set to true, verifies the validity of the server SSL certificate. If setting this parameter, also configure
lua_ssl_trusted_certificateinkong.confto specify the CA (or server) certificate used by your Redis server. You may also need to configurelua_ssl_verify_depthaccordingly. Default: false - username str
- Username to use for Redis connections. If undefined, ACL authentication won't be performed. This requires Redis v6.0.0+. To be compatible with Redis v5.x.y, you can set it to
default.
- cloud
Authentication Property Map - Cloud auth related configs for connecting to a Cloud Provider's Redis instance.
- cluster
Max NumberRedirections - Maximum retry attempts for redirection. Default: 5
- cluster
Nodes List<Property Map> - Cluster addresses to use for Redis connections when the
redisstrategy is defined. Defining this field implies using a Redis Cluster. The minimum length of the array is 1 element. - connect
Timeout Number - An integer representing a timeout in milliseconds. Must be between 0 and 2^31-2. Default: 2000
- connection
Is BooleanProxied - If the connection to Redis is proxied (e.g. Envoy), set it
true. Set thehostandportto point to the proxy address. Default: false - database Number
- Database to use for the Redis connection when using the
redisstrategy. Default: 0 - host String
- A string representing a host name, such as example.com. Default: "127.0.0.1"
- keepalive
Backlog Number - Limits the total number of opened connections for a pool. If the connection pool is full, connection queues above the limit go into the backlog queue. If the backlog queue is full, subsequent connect operations fail and return
nil. Queued operations (subject to set timeouts) resume once the number of connections in the pool is less thankeepalive_pool_size. If latency is high or throughput is low, try increasing this value. Empirically, this value is larger thankeepalive_pool_size. - keepalive
Pool NumberSize - The size limit for every cosocket connection pool associated with every remote server, per worker process. If neither
keepalive_pool_sizenorkeepalive_backlogis specified, no pool is created. Ifkeepalive_pool_sizeisn't specified butkeepalive_backlogis specified, then the pool uses the default value. Try to increase (e.g. 512) this value if latency is high or throughput is low. Default: 256 - password String
- Password to use for Redis connections. If undefined, no AUTH commands are sent to Redis.
- port Number
- An integer representing a port number between 0 and 65535, inclusive. Default: 6379
- read
Timeout Number - An integer representing a timeout in milliseconds. Must be between 0 and 2^31-2. Default: 2000
- send
Timeout Number - An integer representing a timeout in milliseconds. Must be between 0 and 2^31-2. Default: 2000
- sentinel
Master String - Sentinel master to use for Redis connections. Defining this value implies using Redis Sentinel.
- sentinel
Nodes List<Property Map> - Sentinel node addresses to use for Redis connections when the
redisstrategy is defined. Defining this field implies using a Redis Sentinel. The minimum length of the array is 1 element. - sentinel
Password String - Sentinel password to authenticate with a Redis Sentinel instance. If undefined, no AUTH commands are sent to Redis Sentinels.
- sentinel
Role String - Sentinel role to use for Redis connections when the
redisstrategy is defined. Defining this value implies using Redis Sentinel. possible known values include one of ["any", "master", "slave"] - sentinel
Username String - Sentinel username to authenticate with a Redis Sentinel instance. If undefined, ACL authentication won't be performed. This requires Redis v6.2.0+.
- server
Name String - A string representing an SNI (server name indication) value for TLS.
- ssl Boolean
- If set to true, uses SSL to connect to Redis. Default: false
- ssl
Verify Boolean - If set to true, verifies the validity of the server SSL certificate. If setting this parameter, also configure
lua_ssl_trusted_certificateinkong.confto specify the CA (or server) certificate used by your Redis server. You may also need to configurelua_ssl_verify_depthaccordingly. Default: false - username String
- Username to use for Redis connections. If undefined, ACL authentication won't be performed. This requires Redis v6.0.0+. To be compatible with Redis v5.x.y, you can set it to
default.
GatewayPluginAiMcpProxyConfigServerSessionRedisCloudAuthentication, GatewayPluginAiMcpProxyConfigServerSessionRedisCloudAuthenticationArgs
- Auth
Provider string - Auth providers to be used to authenticate to a Cloud Provider's Redis instance. possible known values include one of ["aws", "azure", "gcp"]
- Aws
Access stringKey Id - AWS Access Key ID to be used for authentication when
auth_provideris set toaws. - Aws
Assume stringRole Arn - The ARN of the IAM role to assume for generating ElastiCache IAM authentication tokens.
- Aws
Cache stringName - The name of the AWS Elasticache cluster when
auth_provideris set toaws. - Aws
Is boolServerless - This flag specifies whether the cluster is serverless when auth_provider is set to
aws. Default: true - Aws
Region string - The region of the AWS ElastiCache cluster when
auth_provideris set toaws. - Aws
Role stringSession Name - The session name for the temporary credentials when assuming the IAM role.
- Aws
Secret stringAccess Key - AWS Secret Access Key to be used for authentication when
auth_provideris set toaws. - Azure
Client stringId - Azure Client ID to be used for authentication when
auth_provideris set toazure. - Azure
Client stringSecret - Azure Client Secret to be used for authentication when
auth_provideris set toazure. - Azure
Tenant stringId - Azure Tenant ID to be used for authentication when
auth_provideris set toazure. - Gcp
Service stringAccount Json - GCP Service Account JSON to be used for authentication when
auth_provideris set togcp.
- Auth
Provider string - Auth providers to be used to authenticate to a Cloud Provider's Redis instance. possible known values include one of ["aws", "azure", "gcp"]
- Aws
Access stringKey Id - AWS Access Key ID to be used for authentication when
auth_provideris set toaws. - Aws
Assume stringRole Arn - The ARN of the IAM role to assume for generating ElastiCache IAM authentication tokens.
- Aws
Cache stringName - The name of the AWS Elasticache cluster when
auth_provideris set toaws. - Aws
Is boolServerless - This flag specifies whether the cluster is serverless when auth_provider is set to
aws. Default: true - Aws
Region string - The region of the AWS ElastiCache cluster when
auth_provideris set toaws. - Aws
Role stringSession Name - The session name for the temporary credentials when assuming the IAM role.
- Aws
Secret stringAccess Key - AWS Secret Access Key to be used for authentication when
auth_provideris set toaws. - Azure
Client stringId - Azure Client ID to be used for authentication when
auth_provideris set toazure. - Azure
Client stringSecret - Azure Client Secret to be used for authentication when
auth_provideris set toazure. - Azure
Tenant stringId - Azure Tenant ID to be used for authentication when
auth_provideris set toazure. - Gcp
Service stringAccount Json - GCP Service Account JSON to be used for authentication when
auth_provideris set togcp.
- auth
Provider String - Auth providers to be used to authenticate to a Cloud Provider's Redis instance. possible known values include one of ["aws", "azure", "gcp"]
- aws
Access StringKey Id - AWS Access Key ID to be used for authentication when
auth_provideris set toaws. - aws
Assume StringRole Arn - The ARN of the IAM role to assume for generating ElastiCache IAM authentication tokens.
- aws
Cache StringName - The name of the AWS Elasticache cluster when
auth_provideris set toaws. - aws
Is BooleanServerless - This flag specifies whether the cluster is serverless when auth_provider is set to
aws. Default: true - aws
Region String - The region of the AWS ElastiCache cluster when
auth_provideris set toaws. - aws
Role StringSession Name - The session name for the temporary credentials when assuming the IAM role.
- aws
Secret StringAccess Key - AWS Secret Access Key to be used for authentication when
auth_provideris set toaws. - azure
Client StringId - Azure Client ID to be used for authentication when
auth_provideris set toazure. - azure
Client StringSecret - Azure Client Secret to be used for authentication when
auth_provideris set toazure. - azure
Tenant StringId - Azure Tenant ID to be used for authentication when
auth_provideris set toazure. - gcp
Service StringAccount Json - GCP Service Account JSON to be used for authentication when
auth_provideris set togcp.
- auth
Provider string - Auth providers to be used to authenticate to a Cloud Provider's Redis instance. possible known values include one of ["aws", "azure", "gcp"]
- aws
Access stringKey Id - AWS Access Key ID to be used for authentication when
auth_provideris set toaws. - aws
Assume stringRole Arn - The ARN of the IAM role to assume for generating ElastiCache IAM authentication tokens.
- aws
Cache stringName - The name of the AWS Elasticache cluster when
auth_provideris set toaws. - aws
Is booleanServerless - This flag specifies whether the cluster is serverless when auth_provider is set to
aws. Default: true - aws
Region string - The region of the AWS ElastiCache cluster when
auth_provideris set toaws. - aws
Role stringSession Name - The session name for the temporary credentials when assuming the IAM role.
- aws
Secret stringAccess Key - AWS Secret Access Key to be used for authentication when
auth_provideris set toaws. - azure
Client stringId - Azure Client ID to be used for authentication when
auth_provideris set toazure. - azure
Client stringSecret - Azure Client Secret to be used for authentication when
auth_provideris set toazure. - azure
Tenant stringId - Azure Tenant ID to be used for authentication when
auth_provideris set toazure. - gcp
Service stringAccount Json - GCP Service Account JSON to be used for authentication when
auth_provideris set togcp.
- auth_
provider str - Auth providers to be used to authenticate to a Cloud Provider's Redis instance. possible known values include one of ["aws", "azure", "gcp"]
- aws_
access_ strkey_ id - AWS Access Key ID to be used for authentication when
auth_provideris set toaws. - aws_
assume_ strrole_ arn - The ARN of the IAM role to assume for generating ElastiCache IAM authentication tokens.
- aws_
cache_ strname - The name of the AWS Elasticache cluster when
auth_provideris set toaws. - aws_
is_ boolserverless - This flag specifies whether the cluster is serverless when auth_provider is set to
aws. Default: true - aws_
region str - The region of the AWS ElastiCache cluster when
auth_provideris set toaws. - aws_
role_ strsession_ name - The session name for the temporary credentials when assuming the IAM role.
- aws_
secret_ straccess_ key - AWS Secret Access Key to be used for authentication when
auth_provideris set toaws. - azure_
client_ strid - Azure Client ID to be used for authentication when
auth_provideris set toazure. - azure_
client_ strsecret - Azure Client Secret to be used for authentication when
auth_provideris set toazure. - azure_
tenant_ strid - Azure Tenant ID to be used for authentication when
auth_provideris set toazure. - gcp_
service_ straccount_ json - GCP Service Account JSON to be used for authentication when
auth_provideris set togcp.
- auth
Provider String - Auth providers to be used to authenticate to a Cloud Provider's Redis instance. possible known values include one of ["aws", "azure", "gcp"]
- aws
Access StringKey Id - AWS Access Key ID to be used for authentication when
auth_provideris set toaws. - aws
Assume StringRole Arn - The ARN of the IAM role to assume for generating ElastiCache IAM authentication tokens.
- aws
Cache StringName - The name of the AWS Elasticache cluster when
auth_provideris set toaws. - aws
Is BooleanServerless - This flag specifies whether the cluster is serverless when auth_provider is set to
aws. Default: true - aws
Region String - The region of the AWS ElastiCache cluster when
auth_provideris set toaws. - aws
Role StringSession Name - The session name for the temporary credentials when assuming the IAM role.
- aws
Secret StringAccess Key - AWS Secret Access Key to be used for authentication when
auth_provideris set toaws. - azure
Client StringId - Azure Client ID to be used for authentication when
auth_provideris set toazure. - azure
Client StringSecret - Azure Client Secret to be used for authentication when
auth_provideris set toazure. - azure
Tenant StringId - Azure Tenant ID to be used for authentication when
auth_provideris set toazure. - gcp
Service StringAccount Json - GCP Service Account JSON to be used for authentication when
auth_provideris set togcp.
GatewayPluginAiMcpProxyConfigServerSessionRedisClusterNode, GatewayPluginAiMcpProxyConfigServerSessionRedisClusterNodeArgs
GatewayPluginAiMcpProxyConfigServerSessionRedisSentinelNode, GatewayPluginAiMcpProxyConfigServerSessionRedisSentinelNodeArgs
GatewayPluginAiMcpProxyConfigTool, GatewayPluginAiMcpProxyConfigToolArgs
- Acl
Gateway
Plugin Ai Mcp Proxy Config Tool Acl - Optional per-primitive ACL.
denyhas higher precedence thanallow. - Annotations
Gateway
Plugin Ai Mcp Proxy Config Tool Annotations - Description string
- The description of the MCP tool. This is used to provide information about the tool's functionality and usage. Not Null
- Headers
Dictionary<string, Immutable
Array<string>> - The headers of the exported API. By default, Kong will extract the headers from API configuration. If the configured headers are not exactly matched, this field is required.
- Host string
- The host of the exported API, which must match the route's hosts. It should be the route's host. By default, Kong will extract the host from API configuration. If the configured host is wildcard, this field is required.
- Method string
- The method of the exported API, which must be one of the route's method. By default, Kong will extract the method from API configuration. If the configured method is not exactly matched, this field is required. possible known values include one of ["DELETE", "GET", "PATCH", "POST", "PUT"]
- Name string
- Tool identifier. In passthrough-listener mode, used to match remote MCP Server tools for ACL enforcement. In other modes, it is also used as the tool name (overrides tools.annotations.title if present).
- Parameters
List<Gateway
Plugin Ai Mcp Proxy Config Tool Parameter> - The API parameters specification defined in OpenAPI JSON format. For example, '[{"name": "city", "in": "query", "description": "Name of the city to get the weather for", "required": true, "schema": {"type": "string"}}]'.See https://swagger.io/docs/specification/v3_0/describing-parameters/ for more details.
- Path string
- The path of the exported API, which must match the route's paths. Path not starting with '/' are treated as relative path and the route path will be added as the prefix. If the upstream path is different from the route one, to match the route's path, use relative path and strip_path to strip the added prefix. Relative path is unsupported when the route path is regex. By default, Kong will extract the path from API configuration.
- Query
Dictionary<string, Immutable
Array<string>> - The query arguments of the exported API. If the generated query arguments are not exactly matched, this field is required.
- Request
Body string - The API requestBody specification defined in OpenAPI JSON format. For example, '{"content":{"application/x-www-form-urlencoded":{"schema":{"type":"object","properties":{"color":{"type":"array","items":{"type":"string"}}}}}}'.See https://swagger.io/docs/specification/v3_0/describing-request-body/describing-request-body/ for more details. Note that
$refis not supported so we need to inline the schema. Parsed as JSON. - Responses string
- The API responses specification defined in OpenAPI JSON format. This specification will be used to validate the upstream response and map it back to the structuredOutput. For example, '{"200":{"content":{"application/json":{"schema":{"type":"object","properties":{"result":{"type":"string"}}}}}}}'.See https://swagger.io/docs/specification/v3_0/describing-responses/ for more details.Only one non-error (status code < 400) response is supported. Note that
$refis not supported. Parsed as JSON. - Scheme string
- The scheme of the exported API, which must be one of the route's scheme. By default, Kong will extract the scheme from API configuration. If the configured scheme is not expected, this field can be used to override it. possible known values include one of ["http", "https"]
- Acl
Gateway
Plugin Ai Mcp Proxy Config Tool Acl - Optional per-primitive ACL.
denyhas higher precedence thanallow. - Annotations
Gateway
Plugin Ai Mcp Proxy Config Tool Annotations - Description string
- The description of the MCP tool. This is used to provide information about the tool's functionality and usage. Not Null
- Headers map[string][]string
- The headers of the exported API. By default, Kong will extract the headers from API configuration. If the configured headers are not exactly matched, this field is required.
- Host string
- The host of the exported API, which must match the route's hosts. It should be the route's host. By default, Kong will extract the host from API configuration. If the configured host is wildcard, this field is required.
- Method string
- The method of the exported API, which must be one of the route's method. By default, Kong will extract the method from API configuration. If the configured method is not exactly matched, this field is required. possible known values include one of ["DELETE", "GET", "PATCH", "POST", "PUT"]
- Name string
- Tool identifier. In passthrough-listener mode, used to match remote MCP Server tools for ACL enforcement. In other modes, it is also used as the tool name (overrides tools.annotations.title if present).
- Parameters
[]Gateway
Plugin Ai Mcp Proxy Config Tool Parameter - The API parameters specification defined in OpenAPI JSON format. For example, '[{"name": "city", "in": "query", "description": "Name of the city to get the weather for", "required": true, "schema": {"type": "string"}}]'.See https://swagger.io/docs/specification/v3_0/describing-parameters/ for more details.
- Path string
- The path of the exported API, which must match the route's paths. Path not starting with '/' are treated as relative path and the route path will be added as the prefix. If the upstream path is different from the route one, to match the route's path, use relative path and strip_path to strip the added prefix. Relative path is unsupported when the route path is regex. By default, Kong will extract the path from API configuration.
- Query map[string][]string
- The query arguments of the exported API. If the generated query arguments are not exactly matched, this field is required.
- Request
Body string - The API requestBody specification defined in OpenAPI JSON format. For example, '{"content":{"application/x-www-form-urlencoded":{"schema":{"type":"object","properties":{"color":{"type":"array","items":{"type":"string"}}}}}}'.See https://swagger.io/docs/specification/v3_0/describing-request-body/describing-request-body/ for more details. Note that
$refis not supported so we need to inline the schema. Parsed as JSON. - Responses string
- The API responses specification defined in OpenAPI JSON format. This specification will be used to validate the upstream response and map it back to the structuredOutput. For example, '{"200":{"content":{"application/json":{"schema":{"type":"object","properties":{"result":{"type":"string"}}}}}}}'.See https://swagger.io/docs/specification/v3_0/describing-responses/ for more details.Only one non-error (status code < 400) response is supported. Note that
$refis not supported. Parsed as JSON. - Scheme string
- The scheme of the exported API, which must be one of the route's scheme. By default, Kong will extract the scheme from API configuration. If the configured scheme is not expected, this field can be used to override it. possible known values include one of ["http", "https"]
- acl
Gateway
Plugin Ai Mcp Proxy Config Tool Acl - Optional per-primitive ACL.
denyhas higher precedence thanallow. - annotations
Gateway
Plugin Ai Mcp Proxy Config Tool Annotations - description String
- The description of the MCP tool. This is used to provide information about the tool's functionality and usage. Not Null
- headers Map<String,List<String>>
- The headers of the exported API. By default, Kong will extract the headers from API configuration. If the configured headers are not exactly matched, this field is required.
- host String
- The host of the exported API, which must match the route's hosts. It should be the route's host. By default, Kong will extract the host from API configuration. If the configured host is wildcard, this field is required.
- method String
- The method of the exported API, which must be one of the route's method. By default, Kong will extract the method from API configuration. If the configured method is not exactly matched, this field is required. possible known values include one of ["DELETE", "GET", "PATCH", "POST", "PUT"]
- name String
- Tool identifier. In passthrough-listener mode, used to match remote MCP Server tools for ACL enforcement. In other modes, it is also used as the tool name (overrides tools.annotations.title if present).
- parameters
List<Gateway
Plugin Ai Mcp Proxy Config Tool Parameter> - The API parameters specification defined in OpenAPI JSON format. For example, '[{"name": "city", "in": "query", "description": "Name of the city to get the weather for", "required": true, "schema": {"type": "string"}}]'.See https://swagger.io/docs/specification/v3_0/describing-parameters/ for more details.
- path String
- The path of the exported API, which must match the route's paths. Path not starting with '/' are treated as relative path and the route path will be added as the prefix. If the upstream path is different from the route one, to match the route's path, use relative path and strip_path to strip the added prefix. Relative path is unsupported when the route path is regex. By default, Kong will extract the path from API configuration.
- query Map<String,List<String>>
- The query arguments of the exported API. If the generated query arguments are not exactly matched, this field is required.
- request
Body String - The API requestBody specification defined in OpenAPI JSON format. For example, '{"content":{"application/x-www-form-urlencoded":{"schema":{"type":"object","properties":{"color":{"type":"array","items":{"type":"string"}}}}}}'.See https://swagger.io/docs/specification/v3_0/describing-request-body/describing-request-body/ for more details. Note that
$refis not supported so we need to inline the schema. Parsed as JSON. - responses String
- The API responses specification defined in OpenAPI JSON format. This specification will be used to validate the upstream response and map it back to the structuredOutput. For example, '{"200":{"content":{"application/json":{"schema":{"type":"object","properties":{"result":{"type":"string"}}}}}}}'.See https://swagger.io/docs/specification/v3_0/describing-responses/ for more details.Only one non-error (status code < 400) response is supported. Note that
$refis not supported. Parsed as JSON. - scheme String
- The scheme of the exported API, which must be one of the route's scheme. By default, Kong will extract the scheme from API configuration. If the configured scheme is not expected, this field can be used to override it. possible known values include one of ["http", "https"]
- acl
Gateway
Plugin Ai Mcp Proxy Config Tool Acl - Optional per-primitive ACL.
denyhas higher precedence thanallow. - annotations
Gateway
Plugin Ai Mcp Proxy Config Tool Annotations - description string
- The description of the MCP tool. This is used to provide information about the tool's functionality and usage. Not Null
- headers {[key: string]: string[]}
- The headers of the exported API. By default, Kong will extract the headers from API configuration. If the configured headers are not exactly matched, this field is required.
- host string
- The host of the exported API, which must match the route's hosts. It should be the route's host. By default, Kong will extract the host from API configuration. If the configured host is wildcard, this field is required.
- method string
- The method of the exported API, which must be one of the route's method. By default, Kong will extract the method from API configuration. If the configured method is not exactly matched, this field is required. possible known values include one of ["DELETE", "GET", "PATCH", "POST", "PUT"]
- name string
- Tool identifier. In passthrough-listener mode, used to match remote MCP Server tools for ACL enforcement. In other modes, it is also used as the tool name (overrides tools.annotations.title if present).
- parameters
Gateway
Plugin Ai Mcp Proxy Config Tool Parameter[] - The API parameters specification defined in OpenAPI JSON format. For example, '[{"name": "city", "in": "query", "description": "Name of the city to get the weather for", "required": true, "schema": {"type": "string"}}]'.See https://swagger.io/docs/specification/v3_0/describing-parameters/ for more details.
- path string
- The path of the exported API, which must match the route's paths. Path not starting with '/' are treated as relative path and the route path will be added as the prefix. If the upstream path is different from the route one, to match the route's path, use relative path and strip_path to strip the added prefix. Relative path is unsupported when the route path is regex. By default, Kong will extract the path from API configuration.
- query {[key: string]: string[]}
- The query arguments of the exported API. If the generated query arguments are not exactly matched, this field is required.
- request
Body string - The API requestBody specification defined in OpenAPI JSON format. For example, '{"content":{"application/x-www-form-urlencoded":{"schema":{"type":"object","properties":{"color":{"type":"array","items":{"type":"string"}}}}}}'.See https://swagger.io/docs/specification/v3_0/describing-request-body/describing-request-body/ for more details. Note that
$refis not supported so we need to inline the schema. Parsed as JSON. - responses string
- The API responses specification defined in OpenAPI JSON format. This specification will be used to validate the upstream response and map it back to the structuredOutput. For example, '{"200":{"content":{"application/json":{"schema":{"type":"object","properties":{"result":{"type":"string"}}}}}}}'.See https://swagger.io/docs/specification/v3_0/describing-responses/ for more details.Only one non-error (status code < 400) response is supported. Note that
$refis not supported. Parsed as JSON. - scheme string
- The scheme of the exported API, which must be one of the route's scheme. By default, Kong will extract the scheme from API configuration. If the configured scheme is not expected, this field can be used to override it. possible known values include one of ["http", "https"]
- acl
Gateway
Plugin Ai Mcp Proxy Config Tool Acl - Optional per-primitive ACL.
denyhas higher precedence thanallow. - annotations
Gateway
Plugin Ai Mcp Proxy Config Tool Annotations - description str
- The description of the MCP tool. This is used to provide information about the tool's functionality and usage. Not Null
- headers Mapping[str, Sequence[str]]
- The headers of the exported API. By default, Kong will extract the headers from API configuration. If the configured headers are not exactly matched, this field is required.
- host str
- The host of the exported API, which must match the route's hosts. It should be the route's host. By default, Kong will extract the host from API configuration. If the configured host is wildcard, this field is required.
- method str
- The method of the exported API, which must be one of the route's method. By default, Kong will extract the method from API configuration. If the configured method is not exactly matched, this field is required. possible known values include one of ["DELETE", "GET", "PATCH", "POST", "PUT"]
- name str
- Tool identifier. In passthrough-listener mode, used to match remote MCP Server tools for ACL enforcement. In other modes, it is also used as the tool name (overrides tools.annotations.title if present).
- parameters
Sequence[Gateway
Plugin Ai Mcp Proxy Config Tool Parameter] - The API parameters specification defined in OpenAPI JSON format. For example, '[{"name": "city", "in": "query", "description": "Name of the city to get the weather for", "required": true, "schema": {"type": "string"}}]'.See https://swagger.io/docs/specification/v3_0/describing-parameters/ for more details.
- path str
- The path of the exported API, which must match the route's paths. Path not starting with '/' are treated as relative path and the route path will be added as the prefix. If the upstream path is different from the route one, to match the route's path, use relative path and strip_path to strip the added prefix. Relative path is unsupported when the route path is regex. By default, Kong will extract the path from API configuration.
- query Mapping[str, Sequence[str]]
- The query arguments of the exported API. If the generated query arguments are not exactly matched, this field is required.
- request_
body str - The API requestBody specification defined in OpenAPI JSON format. For example, '{"content":{"application/x-www-form-urlencoded":{"schema":{"type":"object","properties":{"color":{"type":"array","items":{"type":"string"}}}}}}'.See https://swagger.io/docs/specification/v3_0/describing-request-body/describing-request-body/ for more details. Note that
$refis not supported so we need to inline the schema. Parsed as JSON. - responses str
- The API responses specification defined in OpenAPI JSON format. This specification will be used to validate the upstream response and map it back to the structuredOutput. For example, '{"200":{"content":{"application/json":{"schema":{"type":"object","properties":{"result":{"type":"string"}}}}}}}'.See https://swagger.io/docs/specification/v3_0/describing-responses/ for more details.Only one non-error (status code < 400) response is supported. Note that
$refis not supported. Parsed as JSON. - scheme str
- The scheme of the exported API, which must be one of the route's scheme. By default, Kong will extract the scheme from API configuration. If the configured scheme is not expected, this field can be used to override it. possible known values include one of ["http", "https"]
- acl Property Map
- Optional per-primitive ACL.
denyhas higher precedence thanallow. - annotations Property Map
- description String
- The description of the MCP tool. This is used to provide information about the tool's functionality and usage. Not Null
- headers Map<List<String>>
- The headers of the exported API. By default, Kong will extract the headers from API configuration. If the configured headers are not exactly matched, this field is required.
- host String
- The host of the exported API, which must match the route's hosts. It should be the route's host. By default, Kong will extract the host from API configuration. If the configured host is wildcard, this field is required.
- method String
- The method of the exported API, which must be one of the route's method. By default, Kong will extract the method from API configuration. If the configured method is not exactly matched, this field is required. possible known values include one of ["DELETE", "GET", "PATCH", "POST", "PUT"]
- name String
- Tool identifier. In passthrough-listener mode, used to match remote MCP Server tools for ACL enforcement. In other modes, it is also used as the tool name (overrides tools.annotations.title if present).
- parameters List<Property Map>
- The API parameters specification defined in OpenAPI JSON format. For example, '[{"name": "city", "in": "query", "description": "Name of the city to get the weather for", "required": true, "schema": {"type": "string"}}]'.See https://swagger.io/docs/specification/v3_0/describing-parameters/ for more details.
- path String
- The path of the exported API, which must match the route's paths. Path not starting with '/' are treated as relative path and the route path will be added as the prefix. If the upstream path is different from the route one, to match the route's path, use relative path and strip_path to strip the added prefix. Relative path is unsupported when the route path is regex. By default, Kong will extract the path from API configuration.
- query Map<List<String>>
- The query arguments of the exported API. If the generated query arguments are not exactly matched, this field is required.
- request
Body String - The API requestBody specification defined in OpenAPI JSON format. For example, '{"content":{"application/x-www-form-urlencoded":{"schema":{"type":"object","properties":{"color":{"type":"array","items":{"type":"string"}}}}}}'.See https://swagger.io/docs/specification/v3_0/describing-request-body/describing-request-body/ for more details. Note that
$refis not supported so we need to inline the schema. Parsed as JSON. - responses String
- The API responses specification defined in OpenAPI JSON format. This specification will be used to validate the upstream response and map it back to the structuredOutput. For example, '{"200":{"content":{"application/json":{"schema":{"type":"object","properties":{"result":{"type":"string"}}}}}}}'.See https://swagger.io/docs/specification/v3_0/describing-responses/ for more details.Only one non-error (status code < 400) response is supported. Note that
$refis not supported. Parsed as JSON. - scheme String
- The scheme of the exported API, which must be one of the route's scheme. By default, Kong will extract the scheme from API configuration. If the configured scheme is not expected, this field can be used to override it. possible known values include one of ["http", "https"]
GatewayPluginAiMcpProxyConfigToolAcl, GatewayPluginAiMcpProxyConfigToolAclArgs
- Allows List<string>
- Subjects (e.g. Consumer name, Consumer Groups, or Claim values depending on configuration) explicitly allowed to use this primitive.
- Denies List<string>
- Subjects (e.g. Consumer name, Consumer Groups, or Claim values depending on configuration) explicitly denied from using this primitive.
denytakes precedence overallow.
- Allows []string
- Subjects (e.g. Consumer name, Consumer Groups, or Claim values depending on configuration) explicitly allowed to use this primitive.
- Denies []string
- Subjects (e.g. Consumer name, Consumer Groups, or Claim values depending on configuration) explicitly denied from using this primitive.
denytakes precedence overallow.
- allows List<String>
- Subjects (e.g. Consumer name, Consumer Groups, or Claim values depending on configuration) explicitly allowed to use this primitive.
- denies List<String>
- Subjects (e.g. Consumer name, Consumer Groups, or Claim values depending on configuration) explicitly denied from using this primitive.
denytakes precedence overallow.
- allows string[]
- Subjects (e.g. Consumer name, Consumer Groups, or Claim values depending on configuration) explicitly allowed to use this primitive.
- denies string[]
- Subjects (e.g. Consumer name, Consumer Groups, or Claim values depending on configuration) explicitly denied from using this primitive.
denytakes precedence overallow.
- allows Sequence[str]
- Subjects (e.g. Consumer name, Consumer Groups, or Claim values depending on configuration) explicitly allowed to use this primitive.
- denies Sequence[str]
- Subjects (e.g. Consumer name, Consumer Groups, or Claim values depending on configuration) explicitly denied from using this primitive.
denytakes precedence overallow.
- allows List<String>
- Subjects (e.g. Consumer name, Consumer Groups, or Claim values depending on configuration) explicitly allowed to use this primitive.
- denies List<String>
- Subjects (e.g. Consumer name, Consumer Groups, or Claim values depending on configuration) explicitly denied from using this primitive.
denytakes precedence overallow.
GatewayPluginAiMcpProxyConfigToolAnnotations, GatewayPluginAiMcpProxyConfigToolAnnotationsArgs
- Destructive
Hint bool - If true, the tool may perform destructive updates
- Idempotent
Hint bool - If true, repeated calls with same args have no additional effect
- Open
World boolHint - If true, tool interacts with external entities
- Read
Only boolHint - If true, the tool does not modify its environment
- Title string
- Human-readable title for the tool
- Destructive
Hint bool - If true, the tool may perform destructive updates
- Idempotent
Hint bool - If true, repeated calls with same args have no additional effect
- Open
World boolHint - If true, tool interacts with external entities
- Read
Only boolHint - If true, the tool does not modify its environment
- Title string
- Human-readable title for the tool
- destructive
Hint Boolean - If true, the tool may perform destructive updates
- idempotent
Hint Boolean - If true, repeated calls with same args have no additional effect
- open
World BooleanHint - If true, tool interacts with external entities
- read
Only BooleanHint - If true, the tool does not modify its environment
- title String
- Human-readable title for the tool
- destructive
Hint boolean - If true, the tool may perform destructive updates
- idempotent
Hint boolean - If true, repeated calls with same args have no additional effect
- open
World booleanHint - If true, tool interacts with external entities
- read
Only booleanHint - If true, the tool does not modify its environment
- title string
- Human-readable title for the tool
- destructive_
hint bool - If true, the tool may perform destructive updates
- idempotent_
hint bool - If true, repeated calls with same args have no additional effect
- open_
world_ boolhint - If true, tool interacts with external entities
- read_
only_ boolhint - If true, the tool does not modify its environment
- title str
- Human-readable title for the tool
- destructive
Hint Boolean - If true, the tool may perform destructive updates
- idempotent
Hint Boolean - If true, repeated calls with same args have no additional effect
- open
World BooleanHint - If true, tool interacts with external entities
- read
Only BooleanHint - If true, the tool does not modify its environment
- title String
- Human-readable title for the tool
GatewayPluginAiMcpProxyConfigToolParameter, GatewayPluginAiMcpProxyConfigToolParameterArgs
- Description string
- In string
- Name string
- Required bool
- Schema
Gateway
Plugin Ai Mcp Proxy Config Tool Parameter Schema
- Description string
- In string
- Name string
- Required bool
- Schema
Gateway
Plugin Ai Mcp Proxy Config Tool Parameter Schema
- description String
- in String
- name String
- required Boolean
- schema
Gateway
Plugin Ai Mcp Proxy Config Tool Parameter Schema
- description string
- in string
- name string
- required boolean
- schema
Gateway
Plugin Ai Mcp Proxy Config Tool Parameter Schema
- description String
- in String
- name String
- required Boolean
- schema Property Map
GatewayPluginAiMcpProxyConfigToolParameterSchema, GatewayPluginAiMcpProxyConfigToolParameterSchemaArgs
- Type string
- Type string
- type String
- type string
- type str
- type String
GatewayPluginAiMcpProxyOrdering, GatewayPluginAiMcpProxyOrderingArgs
GatewayPluginAiMcpProxyOrderingAfter, GatewayPluginAiMcpProxyOrderingAfterArgs
- Accesses List<string>
- Accesses []string
- accesses List<String>
- accesses string[]
- accesses Sequence[str]
- accesses List<String>
GatewayPluginAiMcpProxyOrderingBefore, GatewayPluginAiMcpProxyOrderingBeforeArgs
- Accesses List<string>
- Accesses []string
- accesses List<String>
- accesses string[]
- accesses Sequence[str]
- accesses List<String>
GatewayPluginAiMcpProxyPartial, GatewayPluginAiMcpProxyPartialArgs
GatewayPluginAiMcpProxyRoute, GatewayPluginAiMcpProxyRouteArgs
- Id string
- Id string
- id String
- id string
- id str
- id String
GatewayPluginAiMcpProxyService, GatewayPluginAiMcpProxyServiceArgs
- Id string
- Id string
- id String
- id string
- id str
- id String
Import
In Terraform v1.5.0 and later, the import block can be used with the id attribute, for example:
terraform
import {
to = konnect_gateway_plugin_ai_mcp_proxy.my_konnect_gateway_plugin_ai_mcp_proxy
id = jsonencode({
control_plane_id = "9524ec7d-36d9-465d-a8c5-83a3c9390458"
id = "3473c251-5b6c-4f45-b1ff-7ede735a366d"
})
}
The pulumi import command can be used, for example:
$ pulumi import konnect:index/gatewayPluginAiMcpProxy:GatewayPluginAiMcpProxy my_konnect_gateway_plugin_ai_mcp_proxy '{"control_plane_id": "9524ec7d-36d9-465d-a8c5-83a3c9390458", "id": "3473c251-5b6c-4f45-b1ff-7ede735a366d"}'
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- konnect kong/terraform-provider-konnect
- License
- Notes
- This Pulumi package is based on the
konnectTerraform Provider.
Viewing docs for konnect 3.14.0
published on Friday, Apr 24, 2026 by kong
published on Friday, Apr 24, 2026 by kong
