msd

package
v1.10.25 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 23, 2021 License: Apache-2.0 Imports: 12 Imported by: 1

README

msd-go-client

A Go client library to talk to Athenz MSD.

The model.go and client.go files are generated from msd_core, and checked in so users of this library need not know that.

Additionally, an implementation of rdl.Authorizer and rdl.Authenticator are provided that use this library to delegate that functionality to Athenz MSD.

License

Copyright The Athenz Authors

Licensed under the Apache License, Version 2.0

Documentation

Overview

Package msd contains a client library to talk to Athenz MSD.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func MSDSchema

func MSDSchema() *rdl.Schema

Types

type ActionName

type ActionName string

ActionName - An action (operation) name.

type AuthorityName

type AuthorityName string

AuthorityName - Used as the prefix in a signed assertion. This uniquely identifies a signing authority.

type CompoundName

type CompoundName string

CompoundName - A compound name. Most names in this API are compound names.

type DomainName

type DomainName string

DomainName - A domain name is the general qualifier prefix, as its uniqueness is managed.

type EntityList

type EntityList string

EntityList - An Entity list is comma separated compound Names

type EntityName

type EntityName string

EntityName - An entity name is a short form of a resource name, including only the domain and entity.

type MSDClient

type MSDClient struct {
	URL         string
	Transport   http.RoundTripper
	CredsHeader *string
	CredsToken  *string
	Timeout     time.Duration
}

func NewClient

func NewClient(url string, transport http.RoundTripper) MSDClient

NewClient creates and returns a new HTTP client object for the MSD service

func (*MSDClient) AddCredentials

func (client *MSDClient) AddCredentials(header string, token string)

AddCredentials adds the credentials to the client for subsequent requests.

func (MSDClient) GetTransportPolicyRules

func (client MSDClient) GetTransportPolicyRules(matchingTag string) (*TransportPolicyRules, string, error)

func (MSDClient) GetWorkloadsByIP added in v1.10.20

func (client MSDClient) GetWorkloadsByIP(ip string, matchingTag string) (*Workloads, string, error)

func (MSDClient) GetWorkloadsByService added in v1.10.20

func (client MSDClient) GetWorkloadsByService(domainName DomainName, serviceName EntityName, matchingTag string) (*Workloads, string, error)

type PathElement

type PathElement string

PathElement - A uri-safe path element

type ResourceName

type ResourceName string

ResourceName - A resource name Note that the EntityName part is optional, that is, a domain name followed by a colon is valid resource name.

type ServiceName

type ServiceName string

ServiceName - A service name will generally be a unique subdomain.

type SimpleName

type SimpleName string

SimpleName - Copyright The Athenz Authors Licensed under the terms of the Apache version 2.0 license. See LICENSE file for terms. Common name types used by several API definitions A simple identifier, an element of compound name.

type TransportPolicyCondition

type TransportPolicyCondition struct {

	//
	// State of transport policy enforcement ( ENFORCE / REPORT )
	//
	EnforcementState TransportPolicyEnforcementState `json:"enforcementState"`

	//
	// Acts as restrictions. If present, this transport policy should be
	// restricted to only mentioned instances.
	//
	Instances []string `json:"instances,omitempty" rdl:"optional" yaml:",omitempty"`
}

TransportPolicyCondition - Transport policy condition. Used to specify additional restrictions for the subject of a transport policy

func NewTransportPolicyCondition

func NewTransportPolicyCondition(init ...*TransportPolicyCondition) *TransportPolicyCondition

NewTransportPolicyCondition - creates an initialized TransportPolicyCondition instance, returns a pointer to it

func (*TransportPolicyCondition) UnmarshalJSON

func (self *TransportPolicyCondition) UnmarshalJSON(b []byte) error

UnmarshalJSON is defined for proper JSON decoding of a TransportPolicyCondition

func (*TransportPolicyCondition) Validate

func (self *TransportPolicyCondition) Validate() error

Validate - checks for missing required fields, etc

type TransportPolicyEgressRule

type TransportPolicyEgressRule struct {

	//
	// Assertion id associated with this transport policy
	//
	Id int64 `json:"id"`

	//
	// Last modification timestamp of this transport policy
	//
	LastModified rdl.Timestamp `json:"lastModified"`

	//
	// Entity to which this transport policy applies
	//
	EntitySelector *TransportPolicyEntitySelector `json:"entitySelector"`

	//
	// Destination of network traffic
	//
	To *TransportPolicyPeer `json:"to"`
}

TransportPolicyEgressRule - Transport policy egress rule

func NewTransportPolicyEgressRule

func NewTransportPolicyEgressRule(init ...*TransportPolicyEgressRule) *TransportPolicyEgressRule

NewTransportPolicyEgressRule - creates an initialized TransportPolicyEgressRule instance, returns a pointer to it

func (*TransportPolicyEgressRule) Init

Init - sets up the instance according to its default field values, if any

func (*TransportPolicyEgressRule) UnmarshalJSON

func (self *TransportPolicyEgressRule) UnmarshalJSON(b []byte) error

UnmarshalJSON is defined for proper JSON decoding of a TransportPolicyEgressRule

func (*TransportPolicyEgressRule) Validate

func (self *TransportPolicyEgressRule) Validate() error

Validate - checks for missing required fields, etc

type TransportPolicyEnforcementState

type TransportPolicyEnforcementState int

TransportPolicyEnforcementState - Types of transport policy enforcement states

const (
	ENFORCE TransportPolicyEnforcementState
	REPORT
)

TransportPolicyEnforcementState constants

func NewTransportPolicyEnforcementState

func NewTransportPolicyEnforcementState(init ...interface{}) TransportPolicyEnforcementState

NewTransportPolicyEnforcementState - return a string representation of the enum

func (TransportPolicyEnforcementState) MarshalJSON

func (e TransportPolicyEnforcementState) MarshalJSON() ([]byte, error)

MarshalJSON is defined for proper JSON encoding of a TransportPolicyEnforcementState

func (TransportPolicyEnforcementState) String

String - return a string representation of the enum

func (TransportPolicyEnforcementState) SymbolSet

func (e TransportPolicyEnforcementState) SymbolSet() []string

SymbolSet - return an array of all valid string representations (symbols) of the enum

func (*TransportPolicyEnforcementState) UnmarshalJSON

func (e *TransportPolicyEnforcementState) UnmarshalJSON(b []byte) error

UnmarshalJSON is defined for proper JSON decoding of a TransportPolicyEnforcementState

type TransportPolicyEntitySelector

type TransportPolicyEntitySelector struct {

	//
	// Requirements for selecting the subject for this transport policy.
	//
	Match *TransportPolicyMatch `json:"match"`

	//
	// List of network traffic port of the subject eligible for the transport
	// policy
	//
	Ports []*TransportPolicyPort `json:"ports"`
}

TransportPolicyEntitySelector - Entity to which a transport policy applies. Describes the subject and port(s) for a transport policy.

func NewTransportPolicyEntitySelector

func NewTransportPolicyEntitySelector(init ...*TransportPolicyEntitySelector) *TransportPolicyEntitySelector

NewTransportPolicyEntitySelector - creates an initialized TransportPolicyEntitySelector instance, returns a pointer to it

func (*TransportPolicyEntitySelector) Init

Init - sets up the instance according to its default field values, if any

func (*TransportPolicyEntitySelector) UnmarshalJSON

func (self *TransportPolicyEntitySelector) UnmarshalJSON(b []byte) error

UnmarshalJSON is defined for proper JSON decoding of a TransportPolicyEntitySelector

func (*TransportPolicyEntitySelector) Validate

func (self *TransportPolicyEntitySelector) Validate() error

Validate - checks for missing required fields, etc

type TransportPolicyIngressRule

type TransportPolicyIngressRule struct {

	//
	// Assertion id associated with this transport policy
	//
	Id int64 `json:"id"`

	//
	// Last modification timestamp of this transport policy
	//
	LastModified rdl.Timestamp `json:"lastModified"`

	//
	// Describes the entity to which this transport policy applies
	//
	EntitySelector *TransportPolicyEntitySelector `json:"entitySelector"`

	//
	// Source of network traffic
	//
	From *TransportPolicyPeer `json:"from"`
}

TransportPolicyIngressRule - Transport policy ingress rule

func NewTransportPolicyIngressRule

func NewTransportPolicyIngressRule(init ...*TransportPolicyIngressRule) *TransportPolicyIngressRule

NewTransportPolicyIngressRule - creates an initialized TransportPolicyIngressRule instance, returns a pointer to it

func (*TransportPolicyIngressRule) Init

Init - sets up the instance according to its default field values, if any

func (*TransportPolicyIngressRule) UnmarshalJSON

func (self *TransportPolicyIngressRule) UnmarshalJSON(b []byte) error

UnmarshalJSON is defined for proper JSON decoding of a TransportPolicyIngressRule

func (*TransportPolicyIngressRule) Validate

func (self *TransportPolicyIngressRule) Validate() error

Validate - checks for missing required fields, etc

type TransportPolicyMatch

type TransportPolicyMatch struct {

	//
	// Subject where this transport policy applies
	//
	AthenzService *TransportPolicySubject `json:"athenzService"`

	//
	// List of additional requirements for restrictions. Requirements are ANDed.
	//
	Conditions []*TransportPolicyCondition `json:"conditions"`
}

TransportPolicyMatch - Selector for the subject of a transport policy

func NewTransportPolicyMatch

func NewTransportPolicyMatch(init ...*TransportPolicyMatch) *TransportPolicyMatch

NewTransportPolicyMatch - creates an initialized TransportPolicyMatch instance, returns a pointer to it

func (*TransportPolicyMatch) Init

Init - sets up the instance according to its default field values, if any

func (*TransportPolicyMatch) UnmarshalJSON

func (self *TransportPolicyMatch) UnmarshalJSON(b []byte) error

UnmarshalJSON is defined for proper JSON decoding of a TransportPolicyMatch

func (*TransportPolicyMatch) Validate

func (self *TransportPolicyMatch) Validate() error

Validate - checks for missing required fields, etc

type TransportPolicyPeer

type TransportPolicyPeer struct {

	//
	// List of transport policy subjects
	//
	AthenzServices []*TransportPolicySubject `json:"athenzServices"`

	//
	// List of network traffic port part of this transport policy
	//
	Ports []*TransportPolicyPort `json:"ports"`
}

TransportPolicyPeer - Source or destination for a transport policy

func NewTransportPolicyPeer

func NewTransportPolicyPeer(init ...*TransportPolicyPeer) *TransportPolicyPeer

NewTransportPolicyPeer - creates an initialized TransportPolicyPeer instance, returns a pointer to it

func (*TransportPolicyPeer) Init

Init - sets up the instance according to its default field values, if any

func (*TransportPolicyPeer) UnmarshalJSON

func (self *TransportPolicyPeer) UnmarshalJSON(b []byte) error

UnmarshalJSON is defined for proper JSON decoding of a TransportPolicyPeer

func (*TransportPolicyPeer) Validate

func (self *TransportPolicyPeer) Validate() error

Validate - checks for missing required fields, etc

type TransportPolicyPort

type TransportPolicyPort struct {

	//
	// Start port of the port range. port and endPort will have same values for a
	// single port definition.
	//
	Port int32 `json:"port"`

	//
	// End port of the port range. port and endPort will have same values for a
	// single port definition.
	//
	EndPort int32 `json:"endPort"`

	//
	// Protocol for this transport policy
	//
	Protocol TransportPolicyProtocol `json:"protocol"`
}

TransportPolicyPort - Transport policy port

func NewTransportPolicyPort

func NewTransportPolicyPort(init ...*TransportPolicyPort) *TransportPolicyPort

NewTransportPolicyPort - creates an initialized TransportPolicyPort instance, returns a pointer to it

func (*TransportPolicyPort) UnmarshalJSON

func (self *TransportPolicyPort) UnmarshalJSON(b []byte) error

UnmarshalJSON is defined for proper JSON decoding of a TransportPolicyPort

func (*TransportPolicyPort) Validate

func (self *TransportPolicyPort) Validate() error

Validate - checks for missing required fields, etc

type TransportPolicyProtocol

type TransportPolicyProtocol int

TransportPolicyProtocol - Types of transport policy protocols

const (
	TCP TransportPolicyProtocol
	UDP
)

TransportPolicyProtocol constants

func NewTransportPolicyProtocol

func NewTransportPolicyProtocol(init ...interface{}) TransportPolicyProtocol

NewTransportPolicyProtocol - return a string representation of the enum

func (TransportPolicyProtocol) MarshalJSON

func (e TransportPolicyProtocol) MarshalJSON() ([]byte, error)

MarshalJSON is defined for proper JSON encoding of a TransportPolicyProtocol

func (TransportPolicyProtocol) String

func (e TransportPolicyProtocol) String() string

String - return a string representation of the enum

func (TransportPolicyProtocol) SymbolSet

func (e TransportPolicyProtocol) SymbolSet() []string

SymbolSet - return an array of all valid string representations (symbols) of the enum

func (*TransportPolicyProtocol) UnmarshalJSON

func (e *TransportPolicyProtocol) UnmarshalJSON(b []byte) error

UnmarshalJSON is defined for proper JSON decoding of a TransportPolicyProtocol

type TransportPolicyRules

type TransportPolicyRules struct {

	//
	// List of ingress rules
	//
	Ingress []*TransportPolicyIngressRule `json:"ingress"`

	//
	// List of egress rules
	//
	Egress []*TransportPolicyEgressRule `json:"egress"`
}

TransportPolicyRules - Transport policy containing ingress and egress rules

func NewTransportPolicyRules

func NewTransportPolicyRules(init ...*TransportPolicyRules) *TransportPolicyRules

NewTransportPolicyRules - creates an initialized TransportPolicyRules instance, returns a pointer to it

func (*TransportPolicyRules) Init

Init - sets up the instance according to its default field values, if any

func (*TransportPolicyRules) UnmarshalJSON

func (self *TransportPolicyRules) UnmarshalJSON(b []byte) error

UnmarshalJSON is defined for proper JSON decoding of a TransportPolicyRules

func (*TransportPolicyRules) Validate

func (self *TransportPolicyRules) Validate() error

Validate - checks for missing required fields, etc

type TransportPolicySubject

type TransportPolicySubject struct {

	//
	// Name of the domain
	//
	DomainName DomainName `json:"domainName"`

	//
	// Name of the service
	//
	ServiceName EntityName `json:"serviceName"`
}

TransportPolicySubject - Subject for a transport policy

func NewTransportPolicySubject

func NewTransportPolicySubject(init ...*TransportPolicySubject) *TransportPolicySubject

NewTransportPolicySubject - creates an initialized TransportPolicySubject instance, returns a pointer to it

func (*TransportPolicySubject) UnmarshalJSON

func (self *TransportPolicySubject) UnmarshalJSON(b []byte) error

UnmarshalJSON is defined for proper JSON decoding of a TransportPolicySubject

func (*TransportPolicySubject) Validate

func (self *TransportPolicySubject) Validate() error

Validate - checks for missing required fields, etc

type Workload added in v1.10.20

type Workload struct {

	//
	// name of the domain, optional for getWorkloadsByService API call
	//
	DomainName DomainName `json:"domainName"`

	//
	// name of the service, , optional for getWorkloadsByService API call
	//
	ServiceName EntityName `json:"serviceName"`

	//
	// unique identifier for the workload, usually defined by provider
	//
	Uuid string `json:"uuid"`

	//
	// list of IP addresses associated with the workload, optional for
	// getWorkloadsByIP API call
	//
	IpAddresses []string `json:"ipAddresses"`

	//
	// hostname associated with the workload
	//
	Hostname string `json:"hostname"`

	//
	// infrastructure provider e.g. k8s, AWS, Azure, openstack etc.
	//
	Provider string `json:"provider"`

	//
	// most recent update timestamp in the backend
	//
	UpdateTime rdl.Timestamp `json:"updateTime"`

	//
	// certificate expiry time (ex: getNotAfter)
	//
	CertExpiryTime rdl.Timestamp `json:"certExpiryTime"`
}

Workload - workload type describing workload associated with an identity

func NewWorkload added in v1.10.20

func NewWorkload(init ...*Workload) *Workload

NewWorkload - creates an initialized Workload instance, returns a pointer to it

func (*Workload) Init added in v1.10.20

func (self *Workload) Init() *Workload

Init - sets up the instance according to its default field values, if any

func (*Workload) UnmarshalJSON added in v1.10.20

func (self *Workload) UnmarshalJSON(b []byte) error

UnmarshalJSON is defined for proper JSON decoding of a Workload

func (*Workload) Validate added in v1.10.20

func (self *Workload) Validate() error

Validate - checks for missing required fields, etc

type Workloads added in v1.10.20

type Workloads struct {

	//
	// list of workloads
	//
	WorkloadList []*Workload `json:"workloadList"`
}

Workloads - list of workloads

func NewWorkloads added in v1.10.20

func NewWorkloads(init ...*Workloads) *Workloads

NewWorkloads - creates an initialized Workloads instance, returns a pointer to it

func (*Workloads) Init added in v1.10.20

func (self *Workloads) Init() *Workloads

Init - sets up the instance according to its default field values, if any

func (*Workloads) UnmarshalJSON added in v1.10.20

func (self *Workloads) UnmarshalJSON(b []byte) error

UnmarshalJSON is defined for proper JSON decoding of a Workloads

func (*Workloads) Validate added in v1.10.20

func (self *Workloads) Validate() error

Validate - checks for missing required fields, etc

type YBase64

type YBase64 string

YBase64 - The Y-specific URL-safe Base64 variant.

type YEncoded

type YEncoded string

YEncoded - YEncoded includes ybase64 chars, as well as = and %. This can represent a user cookie and URL-encoded values.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL