github.com/Jeffail/benthos/v3@v3.65.0/website/docs/components/inputs/nats.md (about) 1 --- 2 title: nats 3 type: input 4 status: stable 5 categories: ["Services"] 6 --- 7 8 <!-- 9 THIS FILE IS AUTOGENERATED! 10 11 To make changes please edit the contents of: 12 lib/input/nats.go 13 --> 14 15 import Tabs from '@theme/Tabs'; 16 import TabItem from '@theme/TabItem'; 17 18 19 Subscribe to a NATS subject. 20 21 22 <Tabs defaultValue="common" values={[ 23 { label: 'Common', value: 'common', }, 24 { label: 'Advanced', value: 'advanced', }, 25 ]}> 26 27 <TabItem value="common"> 28 29 ```yaml 30 # Common config fields, showing default values 31 input: 32 label: "" 33 nats: 34 urls: 35 - nats://127.0.0.1:4222 36 queue: benthos_queue 37 subject: benthos_messages 38 ``` 39 40 </TabItem> 41 <TabItem value="advanced"> 42 43 ```yaml 44 # All config fields, showing default values 45 input: 46 label: "" 47 nats: 48 urls: 49 - nats://127.0.0.1:4222 50 queue: benthos_queue 51 subject: benthos_messages 52 prefetch_count: 32 53 tls: 54 enabled: false 55 skip_cert_verify: false 56 enable_renegotiation: false 57 root_cas: "" 58 root_cas_file: "" 59 client_certs: [] 60 auth: 61 nkey_file: "" 62 user_credentials_file: "" 63 ``` 64 65 </TabItem> 66 </Tabs> 67 68 ### Metadata 69 70 This input adds the following metadata fields to each message: 71 72 ``` text 73 - nats_subject 74 - All message headers (when supported by the connection) 75 ``` 76 77 You can access these metadata fields using 78 [function interpolation](/docs/configuration/interpolation#metadata). 79 80 ### Authentication 81 82 There are several components within Benthos which utilise NATS services. You will find that each of these components 83 support optional advanced authentication parameters for [NKeys](https://docs.nats.io/nats-server/configuration/securing_nats/auth_intro/nkey_auth) 84 and [User Credentials](https://docs.nats.io/developing-with-nats/security/creds). 85 86 An in depth tutorial can be found [here](https://docs.nats.io/developing-with-nats/tutorials/jwt). 87 88 #### NKey file 89 90 The NATS server can use these NKeys in several ways for authentication. The simplest is for the server to be configured 91 with a list of known public keys and for the clients to respond to the challenge by signing it with its private NKey 92 configured in the `nkey_file` field. 93 94 More details [here](https://docs.nats.io/developing-with-nats/security/nkey). 95 96 #### User Credentials file 97 98 NATS server supports decentralized authentication based on JSON Web Tokens (JWT). Clients need an [user JWT](https://docs.nats.io/nats-server/configuration/securing_nats/jwt#json-web-tokens) 99 and a corresponding [NKey secret](https://docs.nats.io/developing-with-nats/security/nkey) when connecting to a server 100 which is configured to use this authentication scheme. 101 102 The `user_credentials_file` field should point to a file containing both the private key and the JWT and can be 103 generated with the [nsc tool](https://docs.nats.io/nats-tools/nsc). 104 105 More details [here](https://docs.nats.io/developing-with-nats/security/creds). 106 107 ## Fields 108 109 ### `urls` 110 111 A list of URLs to connect to. If an item of the list contains commas it will be expanded into multiple URLs. 112 113 114 Type: `array` 115 Default: `["nats://127.0.0.1:4222"]` 116 117 ```yaml 118 # Examples 119 120 urls: 121 - nats://127.0.0.1:4222 122 123 urls: 124 - nats://username:password@127.0.0.1:4222 125 ``` 126 127 ### `queue` 128 129 The queue to consume from. 130 131 132 Type: `string` 133 Default: `"benthos_queue"` 134 135 ### `subject` 136 137 A subject to consume from. 138 139 140 Type: `string` 141 Default: `"benthos_messages"` 142 143 ### `prefetch_count` 144 145 The maximum number of messages to pull at a time. 146 147 148 Type: `int` 149 Default: `32` 150 151 ### `tls` 152 153 Custom TLS settings can be used to override system defaults. 154 155 156 Type: `object` 157 158 ### `tls.enabled` 159 160 Whether custom TLS settings are enabled. 161 162 163 Type: `bool` 164 Default: `false` 165 166 ### `tls.skip_cert_verify` 167 168 Whether to skip server side certificate verification. 169 170 171 Type: `bool` 172 Default: `false` 173 174 ### `tls.enable_renegotiation` 175 176 Whether to allow the remote server to repeatedly request renegotiation. Enable this option if you're seeing the error message `local error: tls: no renegotiation`. 177 178 179 Type: `bool` 180 Default: `false` 181 Requires version 3.45.0 or newer 182 183 ### `tls.root_cas` 184 185 An optional root certificate authority to use. This is a string, representing a certificate chain from the parent trusted root certificate, to possible intermediate signing certificates, to the host certificate. 186 187 188 Type: `string` 189 Default: `""` 190 191 ```yaml 192 # Examples 193 194 root_cas: |- 195 -----BEGIN CERTIFICATE----- 196 ... 197 -----END CERTIFICATE----- 198 ``` 199 200 ### `tls.root_cas_file` 201 202 An optional path of a root certificate authority file to use. This is a file, often with a .pem extension, containing a certificate chain from the parent trusted root certificate, to possible intermediate signing certificates, to the host certificate. 203 204 205 Type: `string` 206 Default: `""` 207 208 ```yaml 209 # Examples 210 211 root_cas_file: ./root_cas.pem 212 ``` 213 214 ### `tls.client_certs` 215 216 A list of client certificates to use. For each certificate either the fields `cert` and `key`, or `cert_file` and `key_file` should be specified, but not both. 217 218 219 Type: `array` 220 Default: `[]` 221 222 ```yaml 223 # Examples 224 225 client_certs: 226 - cert: foo 227 key: bar 228 229 client_certs: 230 - cert_file: ./example.pem 231 key_file: ./example.key 232 ``` 233 234 ### `tls.client_certs[].cert` 235 236 A plain text certificate to use. 237 238 239 Type: `string` 240 Default: `""` 241 242 ### `tls.client_certs[].key` 243 244 A plain text certificate key to use. 245 246 247 Type: `string` 248 Default: `""` 249 250 ### `tls.client_certs[].cert_file` 251 252 The path to a certificate to use. 253 254 255 Type: `string` 256 Default: `""` 257 258 ### `tls.client_certs[].key_file` 259 260 The path of a certificate key to use. 261 262 263 Type: `string` 264 Default: `""` 265 266 ### `auth` 267 268 Optional configuration of NATS authentication parameters. 269 270 271 Type: `object` 272 273 ### `auth.nkey_file` 274 275 An optional file containing a NKey seed. 276 277 278 Type: `string` 279 Default: `""` 280 281 ```yaml 282 # Examples 283 284 nkey_file: ./seed.nk 285 ``` 286 287 ### `auth.user_credentials_file` 288 289 An optional file containing user credentials which consist of an user JWT and corresponding NKey seed. 290 291 292 Type: `string` 293 Default: `""` 294 295 ```yaml 296 # Examples 297 298 user_credentials_file: ./user.creds 299 ``` 300 301