Documentation ¶
Overview ¶
Package msd contains a client library to talk to Athenz MSD.
Index ¶
- func MSDSchema() *rdl.Schema
- type ActionName
- type AuthorityName
- type CompoundName
- type DomainName
- type EntityList
- type EntityName
- type MSDClient
- func (client *MSDClient) AddCredentials(header string, token string)
- func (client MSDClient) GetTransportPolicyRules(matchingTag string) (*TransportPolicyRules, string, error)
- func (client MSDClient) GetWorkloadsByIP(ip string, matchingTag string) (*Workloads, string, error)
- func (client MSDClient) GetWorkloadsByService(domainName DomainName, serviceName EntityName, matchingTag string) (*Workloads, string, error)
- type PathElement
- type ResourceName
- type ServiceName
- type SimpleName
- type TransportPolicyCondition
- type TransportPolicyEgressRule
- type TransportPolicyEnforcementState
- type TransportPolicyEntitySelector
- type TransportPolicyIngressRule
- type TransportPolicyMatch
- type TransportPolicyPeer
- type TransportPolicyPort
- type TransportPolicyProtocol
- type TransportPolicyRules
- type TransportPolicySubject
- type Workload
- type Workloads
- type YBase64
- type YEncoded
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
Types ¶
type AuthorityName ¶
type AuthorityName string
AuthorityName - Used as the prefix in a signed assertion. This uniquely identifies a signing authority.
type CompoundName ¶
type CompoundName string
CompoundName - A compound name. Most names in this API are compound names.
type DomainName ¶
type DomainName string
DomainName - A domain name is the general qualifier prefix, as its uniqueness is managed.
type EntityList ¶
type EntityList string
EntityList - An Entity list is comma separated compound Names
type EntityName ¶
type EntityName string
EntityName - An entity name is a short form of a resource name, including only the domain and entity.
type MSDClient ¶
type MSDClient struct { URL string Transport http.RoundTripper CredsHeader *string CredsToken *string Timeout time.Duration }
func NewClient ¶
func NewClient(url string, transport http.RoundTripper) MSDClient
NewClient creates and returns a new HTTP client object for the MSD service
func (*MSDClient) AddCredentials ¶
AddCredentials adds the credentials to the client for subsequent requests.
func (MSDClient) GetTransportPolicyRules ¶
func (client MSDClient) GetTransportPolicyRules(matchingTag string) (*TransportPolicyRules, string, error)
func (MSDClient) GetWorkloadsByIP ¶ added in v1.10.20
func (MSDClient) GetWorkloadsByService ¶ added in v1.10.20
func (client MSDClient) GetWorkloadsByService(domainName DomainName, serviceName EntityName, matchingTag string) (*Workloads, string, error)
type ResourceName ¶
type ResourceName string
ResourceName - A resource name Note that the EntityName part is optional, that is, a domain name followed by a colon is valid resource name.
type ServiceName ¶
type ServiceName string
ServiceName - A service name will generally be a unique subdomain.
type SimpleName ¶
type SimpleName string
SimpleName - Copyright The Athenz Authors Licensed under the terms of the Apache version 2.0 license. See LICENSE file for terms. Common name types used by several API definitions A simple identifier, an element of compound name.
type TransportPolicyCondition ¶
type TransportPolicyCondition struct { // // State of transport policy enforcement ( ENFORCE / REPORT ) // EnforcementState TransportPolicyEnforcementState `json:"enforcementState"` // // Acts as restrictions. If present, this transport policy should be // restricted to only mentioned instances. // Instances []string `json:"instances,omitempty" rdl:"optional" yaml:",omitempty"` }
TransportPolicyCondition - Transport policy condition. Used to specify additional restrictions for the subject of a transport policy
func NewTransportPolicyCondition ¶
func NewTransportPolicyCondition(init ...*TransportPolicyCondition) *TransportPolicyCondition
NewTransportPolicyCondition - creates an initialized TransportPolicyCondition instance, returns a pointer to it
func (*TransportPolicyCondition) UnmarshalJSON ¶
func (self *TransportPolicyCondition) UnmarshalJSON(b []byte) error
UnmarshalJSON is defined for proper JSON decoding of a TransportPolicyCondition
func (*TransportPolicyCondition) Validate ¶
func (self *TransportPolicyCondition) Validate() error
Validate - checks for missing required fields, etc
type TransportPolicyEgressRule ¶
type TransportPolicyEgressRule struct { // // Assertion id associated with this transport policy // Id int64 `json:"id"` // // Last modification timestamp of this transport policy // LastModified rdl.Timestamp `json:"lastModified"` // // Entity to which this transport policy applies // EntitySelector *TransportPolicyEntitySelector `json:"entitySelector"` // // Destination of network traffic // To *TransportPolicyPeer `json:"to"` }
TransportPolicyEgressRule - Transport policy egress rule
func NewTransportPolicyEgressRule ¶
func NewTransportPolicyEgressRule(init ...*TransportPolicyEgressRule) *TransportPolicyEgressRule
NewTransportPolicyEgressRule - creates an initialized TransportPolicyEgressRule instance, returns a pointer to it
func (*TransportPolicyEgressRule) Init ¶
func (self *TransportPolicyEgressRule) Init() *TransportPolicyEgressRule
Init - sets up the instance according to its default field values, if any
func (*TransportPolicyEgressRule) UnmarshalJSON ¶
func (self *TransportPolicyEgressRule) UnmarshalJSON(b []byte) error
UnmarshalJSON is defined for proper JSON decoding of a TransportPolicyEgressRule
func (*TransportPolicyEgressRule) Validate ¶
func (self *TransportPolicyEgressRule) Validate() error
Validate - checks for missing required fields, etc
type TransportPolicyEnforcementState ¶
type TransportPolicyEnforcementState int
TransportPolicyEnforcementState - Types of transport policy enforcement states
const ( ENFORCE TransportPolicyEnforcementState REPORT )
TransportPolicyEnforcementState constants
func NewTransportPolicyEnforcementState ¶
func NewTransportPolicyEnforcementState(init ...interface{}) TransportPolicyEnforcementState
NewTransportPolicyEnforcementState - return a string representation of the enum
func (TransportPolicyEnforcementState) MarshalJSON ¶
func (e TransportPolicyEnforcementState) MarshalJSON() ([]byte, error)
MarshalJSON is defined for proper JSON encoding of a TransportPolicyEnforcementState
func (TransportPolicyEnforcementState) String ¶
func (e TransportPolicyEnforcementState) String() string
String - return a string representation of the enum
func (TransportPolicyEnforcementState) SymbolSet ¶
func (e TransportPolicyEnforcementState) SymbolSet() []string
SymbolSet - return an array of all valid string representations (symbols) of the enum
func (*TransportPolicyEnforcementState) UnmarshalJSON ¶
func (e *TransportPolicyEnforcementState) UnmarshalJSON(b []byte) error
UnmarshalJSON is defined for proper JSON decoding of a TransportPolicyEnforcementState
type TransportPolicyEntitySelector ¶
type TransportPolicyEntitySelector struct { // // Requirements for selecting the subject for this transport policy. // Match *TransportPolicyMatch `json:"match"` // // List of network traffic port of the subject eligible for the transport // policy // Ports []*TransportPolicyPort `json:"ports"` }
TransportPolicyEntitySelector - Entity to which a transport policy applies. Describes the subject and port(s) for a transport policy.
func NewTransportPolicyEntitySelector ¶
func NewTransportPolicyEntitySelector(init ...*TransportPolicyEntitySelector) *TransportPolicyEntitySelector
NewTransportPolicyEntitySelector - creates an initialized TransportPolicyEntitySelector instance, returns a pointer to it
func (*TransportPolicyEntitySelector) Init ¶
func (self *TransportPolicyEntitySelector) Init() *TransportPolicyEntitySelector
Init - sets up the instance according to its default field values, if any
func (*TransportPolicyEntitySelector) UnmarshalJSON ¶
func (self *TransportPolicyEntitySelector) UnmarshalJSON(b []byte) error
UnmarshalJSON is defined for proper JSON decoding of a TransportPolicyEntitySelector
func (*TransportPolicyEntitySelector) Validate ¶
func (self *TransportPolicyEntitySelector) Validate() error
Validate - checks for missing required fields, etc
type TransportPolicyIngressRule ¶
type TransportPolicyIngressRule struct { // // Assertion id associated with this transport policy // Id int64 `json:"id"` // // Last modification timestamp of this transport policy // LastModified rdl.Timestamp `json:"lastModified"` // // Describes the entity to which this transport policy applies // EntitySelector *TransportPolicyEntitySelector `json:"entitySelector"` // // Source of network traffic // From *TransportPolicyPeer `json:"from"` }
TransportPolicyIngressRule - Transport policy ingress rule
func NewTransportPolicyIngressRule ¶
func NewTransportPolicyIngressRule(init ...*TransportPolicyIngressRule) *TransportPolicyIngressRule
NewTransportPolicyIngressRule - creates an initialized TransportPolicyIngressRule instance, returns a pointer to it
func (*TransportPolicyIngressRule) Init ¶
func (self *TransportPolicyIngressRule) Init() *TransportPolicyIngressRule
Init - sets up the instance according to its default field values, if any
func (*TransportPolicyIngressRule) UnmarshalJSON ¶
func (self *TransportPolicyIngressRule) UnmarshalJSON(b []byte) error
UnmarshalJSON is defined for proper JSON decoding of a TransportPolicyIngressRule
func (*TransportPolicyIngressRule) Validate ¶
func (self *TransportPolicyIngressRule) Validate() error
Validate - checks for missing required fields, etc
type TransportPolicyMatch ¶
type TransportPolicyMatch struct { // // Subject where this transport policy applies // AthenzService *TransportPolicySubject `json:"athenzService"` // // List of additional requirements for restrictions. Requirements are ANDed. // Conditions []*TransportPolicyCondition `json:"conditions"` }
TransportPolicyMatch - Selector for the subject of a transport policy
func NewTransportPolicyMatch ¶
func NewTransportPolicyMatch(init ...*TransportPolicyMatch) *TransportPolicyMatch
NewTransportPolicyMatch - creates an initialized TransportPolicyMatch instance, returns a pointer to it
func (*TransportPolicyMatch) Init ¶
func (self *TransportPolicyMatch) Init() *TransportPolicyMatch
Init - sets up the instance according to its default field values, if any
func (*TransportPolicyMatch) UnmarshalJSON ¶
func (self *TransportPolicyMatch) UnmarshalJSON(b []byte) error
UnmarshalJSON is defined for proper JSON decoding of a TransportPolicyMatch
func (*TransportPolicyMatch) Validate ¶
func (self *TransportPolicyMatch) Validate() error
Validate - checks for missing required fields, etc
type TransportPolicyPeer ¶
type TransportPolicyPeer struct { // // List of transport policy subjects // AthenzServices []*TransportPolicySubject `json:"athenzServices"` // // List of network traffic port part of this transport policy // Ports []*TransportPolicyPort `json:"ports"` }
TransportPolicyPeer - Source or destination for a transport policy
func NewTransportPolicyPeer ¶
func NewTransportPolicyPeer(init ...*TransportPolicyPeer) *TransportPolicyPeer
NewTransportPolicyPeer - creates an initialized TransportPolicyPeer instance, returns a pointer to it
func (*TransportPolicyPeer) Init ¶
func (self *TransportPolicyPeer) Init() *TransportPolicyPeer
Init - sets up the instance according to its default field values, if any
func (*TransportPolicyPeer) UnmarshalJSON ¶
func (self *TransportPolicyPeer) UnmarshalJSON(b []byte) error
UnmarshalJSON is defined for proper JSON decoding of a TransportPolicyPeer
func (*TransportPolicyPeer) Validate ¶
func (self *TransportPolicyPeer) Validate() error
Validate - checks for missing required fields, etc
type TransportPolicyPort ¶
type TransportPolicyPort struct { // // Start port of the port range. port and endPort will have same values for a // single port definition. // Port int32 `json:"port"` // // End port of the port range. port and endPort will have same values for a // single port definition. // EndPort int32 `json:"endPort"` // // Protocol for this transport policy // Protocol TransportPolicyProtocol `json:"protocol"` }
TransportPolicyPort - Transport policy port
func NewTransportPolicyPort ¶
func NewTransportPolicyPort(init ...*TransportPolicyPort) *TransportPolicyPort
NewTransportPolicyPort - creates an initialized TransportPolicyPort instance, returns a pointer to it
func (*TransportPolicyPort) UnmarshalJSON ¶
func (self *TransportPolicyPort) UnmarshalJSON(b []byte) error
UnmarshalJSON is defined for proper JSON decoding of a TransportPolicyPort
func (*TransportPolicyPort) Validate ¶
func (self *TransportPolicyPort) Validate() error
Validate - checks for missing required fields, etc
type TransportPolicyProtocol ¶
type TransportPolicyProtocol int
TransportPolicyProtocol - Types of transport policy protocols
const ( TCP TransportPolicyProtocol UDP )
TransportPolicyProtocol constants
func NewTransportPolicyProtocol ¶
func NewTransportPolicyProtocol(init ...interface{}) TransportPolicyProtocol
NewTransportPolicyProtocol - return a string representation of the enum
func (TransportPolicyProtocol) MarshalJSON ¶
func (e TransportPolicyProtocol) MarshalJSON() ([]byte, error)
MarshalJSON is defined for proper JSON encoding of a TransportPolicyProtocol
func (TransportPolicyProtocol) String ¶
func (e TransportPolicyProtocol) String() string
String - return a string representation of the enum
func (TransportPolicyProtocol) SymbolSet ¶
func (e TransportPolicyProtocol) SymbolSet() []string
SymbolSet - return an array of all valid string representations (symbols) of the enum
func (*TransportPolicyProtocol) UnmarshalJSON ¶
func (e *TransportPolicyProtocol) UnmarshalJSON(b []byte) error
UnmarshalJSON is defined for proper JSON decoding of a TransportPolicyProtocol
type TransportPolicyRules ¶
type TransportPolicyRules struct { // // List of ingress rules // Ingress []*TransportPolicyIngressRule `json:"ingress"` // // List of egress rules // Egress []*TransportPolicyEgressRule `json:"egress"` }
TransportPolicyRules - Transport policy containing ingress and egress rules
func NewTransportPolicyRules ¶
func NewTransportPolicyRules(init ...*TransportPolicyRules) *TransportPolicyRules
NewTransportPolicyRules - creates an initialized TransportPolicyRules instance, returns a pointer to it
func (*TransportPolicyRules) Init ¶
func (self *TransportPolicyRules) Init() *TransportPolicyRules
Init - sets up the instance according to its default field values, if any
func (*TransportPolicyRules) UnmarshalJSON ¶
func (self *TransportPolicyRules) UnmarshalJSON(b []byte) error
UnmarshalJSON is defined for proper JSON decoding of a TransportPolicyRules
func (*TransportPolicyRules) Validate ¶
func (self *TransportPolicyRules) Validate() error
Validate - checks for missing required fields, etc
type TransportPolicySubject ¶
type TransportPolicySubject struct { // // Name of the domain // DomainName DomainName `json:"domainName"` // // Name of the service // ServiceName EntityName `json:"serviceName"` }
TransportPolicySubject - Subject for a transport policy
func NewTransportPolicySubject ¶
func NewTransportPolicySubject(init ...*TransportPolicySubject) *TransportPolicySubject
NewTransportPolicySubject - creates an initialized TransportPolicySubject instance, returns a pointer to it
func (*TransportPolicySubject) UnmarshalJSON ¶
func (self *TransportPolicySubject) UnmarshalJSON(b []byte) error
UnmarshalJSON is defined for proper JSON decoding of a TransportPolicySubject
func (*TransportPolicySubject) Validate ¶
func (self *TransportPolicySubject) Validate() error
Validate - checks for missing required fields, etc
type Workload ¶ added in v1.10.20
type Workload struct { // // name of the domain, optional for getWorkloadsByService API call // DomainName DomainName `json:"domainName"` // // name of the service, , optional for getWorkloadsByService API call // ServiceName EntityName `json:"serviceName"` // // unique identifier for the workload, usually defined by provider // Uuid string `json:"uuid"` // // list of IP addresses associated with the workload, optional for // getWorkloadsByIP API call // IpAddresses []string `json:"ipAddresses"` // // hostname associated with the workload // Hostname string `json:"hostname"` // // infrastructure provider e.g. k8s, AWS, Azure, openstack etc. // Provider string `json:"provider"` // // most recent update timestamp in the backend // UpdateTime rdl.Timestamp `json:"updateTime"` // // certificate expiry time (ex: getNotAfter) // CertExpiryTime rdl.Timestamp `json:"certExpiryTime"` }
Workload - workload type describing workload associated with an identity
func NewWorkload ¶ added in v1.10.20
NewWorkload - creates an initialized Workload instance, returns a pointer to it
func (*Workload) Init ¶ added in v1.10.20
Init - sets up the instance according to its default field values, if any
func (*Workload) UnmarshalJSON ¶ added in v1.10.20
UnmarshalJSON is defined for proper JSON decoding of a Workload
type Workloads ¶ added in v1.10.20
type Workloads struct { // // list of workloads // WorkloadList []*Workload `json:"workloadList"` }
Workloads - list of workloads
func NewWorkloads ¶ added in v1.10.20
NewWorkloads - creates an initialized Workloads instance, returns a pointer to it
func (*Workloads) Init ¶ added in v1.10.20
Init - sets up the instance according to its default field values, if any
func (*Workloads) UnmarshalJSON ¶ added in v1.10.20
UnmarshalJSON is defined for proper JSON decoding of a Workloads