msd

package
v1.12.5 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 28, 2024 License: Apache-2.0 Imports: 12 Imported by: 1

README

msd-go-client

A Go client library to talk to Athenz MSD.

The model.go and client.go files are generated from msd_core, and checked in so users of this library need not know that.

Additionally, an implementation of rdl.Authorizer and rdl.Authenticator are provided that use this library to delegate that functionality to Athenz MSD.

License

Copyright The Athenz Authors

Licensed under the Apache License, Version 2.0

Documentation

Overview

Package msd contains a client library to talk to Athenz MSD.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func MSDSchema

func MSDSchema() *rdl.Schema

Types

type ActionName

type ActionName string

ActionName - An action (operation) name.

type AuthorityName

type AuthorityName string

AuthorityName - Used as the prefix in a signed assertion. This uniquely identifies a signing authority.

type BulkWorkloadRequest added in v1.11.44

type BulkWorkloadRequest struct {

	//
	// list of services, grouped by domain
	//
	DomainServices []*DomainServices `json:"domainServices"`

	//
	// whether to fetch static type workloads
	//
	FetchStaticTypeWorkloads *bool `json:"fetchStaticTypeWorkloads,omitempty" rdl:"optional" yaml:",omitempty"`

	//
	// whether to fetch dynamic type workloads
	//
	FetchDynamicTypeWorkloads *bool `json:"fetchDynamicTypeWorkloads,omitempty" rdl:"optional" yaml:",omitempty"`

	//
	// list of applicable static workload types, if not set then that means all.
	// Applicable only if fetchStaticTypeWorkloads is enabled
	//
	ApplicableStaticTypes []StaticWorkloadType `json:"applicableStaticTypes,omitempty" rdl:"optional" yaml:",omitempty"`

	//
	// resolve static workloads to IPs, if applicable
	//
	ResolveStaticWorkloads *bool `json:"resolveStaticWorkloads,omitempty" rdl:"optional" yaml:",omitempty"`
}

BulkWorkloadRequest - request type to search all workloads for a list of services grouped by domains

func NewBulkWorkloadRequest added in v1.11.44

func NewBulkWorkloadRequest(init ...*BulkWorkloadRequest) *BulkWorkloadRequest

NewBulkWorkloadRequest - creates an initialized BulkWorkloadRequest instance, returns a pointer to it

func (*BulkWorkloadRequest) Init added in v1.11.44

Init - sets up the instance according to its default field values, if any

func (*BulkWorkloadRequest) UnmarshalJSON added in v1.11.44

func (self *BulkWorkloadRequest) UnmarshalJSON(b []byte) error

UnmarshalJSON is defined for proper JSON decoding of a BulkWorkloadRequest

func (*BulkWorkloadRequest) Validate added in v1.11.44

func (self *BulkWorkloadRequest) Validate() error

Validate - checks for missing required fields, etc

type BulkWorkloadResponse added in v1.11.44

type BulkWorkloadResponse struct {

	//
	// list of services grouped by domain, those are not changed since time stamp
	// in matchingTag
	//
	UnmodifiedServices []*DomainServices `json:"unmodifiedServices"`

	//
	// matching workloads
	//
	Workloads *Workloads `json:"workloads"`
}

BulkWorkloadResponse - response of a bulk workload search request

func NewBulkWorkloadResponse added in v1.11.44

func NewBulkWorkloadResponse(init ...*BulkWorkloadResponse) *BulkWorkloadResponse

NewBulkWorkloadResponse - creates an initialized BulkWorkloadResponse instance, returns a pointer to it

func (*BulkWorkloadResponse) Init added in v1.11.44

Init - sets up the instance according to its default field values, if any

func (*BulkWorkloadResponse) UnmarshalJSON added in v1.11.44

func (self *BulkWorkloadResponse) UnmarshalJSON(b []byte) error

UnmarshalJSON is defined for proper JSON decoding of a BulkWorkloadResponse

func (*BulkWorkloadResponse) Validate added in v1.11.44

func (self *BulkWorkloadResponse) Validate() error

Validate - checks for missing required fields, etc

type CompositeInstance added in v1.11.63

type CompositeInstance struct {

	//
	// name of the domain
	//
	DomainName DomainName `json:"domainName"`

	//
	// name of the service
	//
	ServiceName EntityName `json:"serviceName"`

	//
	// instance name/id
	//
	Instance SimpleName `json:"instance"`

	//
	// instance type
	//
	InstanceType string `json:"instanceType" rdl:"optional" yaml:",omitempty"`

	//
	// name of the instance provider, for example aws/gcp
	//
	Provider string `json:"provider" rdl:"optional" yaml:",omitempty"`

	//
	// certificate expiry time (ex: getNotAfter), if applicable
	//
	CertExpiryTime *rdl.Timestamp `json:"certExpiryTime,omitempty" rdl:"optional" yaml:",omitempty"`

	//
	// certificate issue time (ex: getNotBefore), if applicable
	//
	CertIssueTime *rdl.Timestamp `json:"certIssueTime,omitempty" rdl:"optional" yaml:",omitempty"`
}

CompositeInstance - generic instance

func NewCompositeInstance added in v1.11.63

func NewCompositeInstance(init ...*CompositeInstance) *CompositeInstance

NewCompositeInstance - creates an initialized CompositeInstance instance, returns a pointer to it

func (*CompositeInstance) UnmarshalJSON added in v1.11.63

func (self *CompositeInstance) UnmarshalJSON(b []byte) error

UnmarshalJSON is defined for proper JSON decoding of a CompositeInstance

func (*CompositeInstance) Validate added in v1.11.63

func (self *CompositeInstance) Validate() error

Validate - checks for missing required fields, etc

type CompoundName

type CompoundName string

CompoundName - A compound name. Most names in this API are compound names.

type DomainName

type DomainName string

DomainName - A domain name is the general qualifier prefix, as its uniqueness is managed.

type DomainServices added in v1.11.44

type DomainServices struct {

	//
	// name of the domain
	//
	DomainName DomainName `json:"domainName"`

	//
	// list of service names
	//
	ServiceNames []EntityName `json:"serviceNames"`
}

DomainServices - request type to search all workloads for a domain and selected list of its services

func NewDomainServices added in v1.11.44

func NewDomainServices(init ...*DomainServices) *DomainServices

NewDomainServices - creates an initialized DomainServices instance, returns a pointer to it

func (*DomainServices) Init added in v1.11.44

func (self *DomainServices) Init() *DomainServices

Init - sets up the instance according to its default field values, if any

func (*DomainServices) UnmarshalJSON added in v1.11.44

func (self *DomainServices) UnmarshalJSON(b []byte) error

UnmarshalJSON is defined for proper JSON decoding of a DomainServices

func (*DomainServices) Validate added in v1.11.44

func (self *DomainServices) Validate() error

Validate - checks for missing required fields, etc

type DynamicWorkload added in v1.10.32

type DynamicWorkload struct {

	//
	// name of the domain
	//
	DomainName DomainName `json:"domainName"`

	//
	// name of the service
	//
	ServiceName EntityName `json:"serviceName"`

	//
	// unique identifier for the workload, usually defined by provider
	//
	Uuid string `json:"uuid"`

	//
	// list of IP addresses associated with the workload, optional for
	// getWorkloadsByIP API call
	//
	IpAddresses []string `json:"ipAddresses"`

	//
	// hostname associated with the workload
	//
	Hostname string `json:"hostname"`

	//
	// infrastructure provider e.g. Kubernetes, AWS, Azure, openstack etc.
	//
	Provider string `json:"provider"`

	//
	// most recent update timestamp in the backend
	//
	UpdateTime rdl.Timestamp `json:"updateTime"`

	//
	// certificate expiry time (ex: getNotAfter)
	//
	CertExpiryTime rdl.Timestamp `json:"certExpiryTime"`

	//
	// certificate issue time (ex: getNotBefore)
	//
	CertIssueTime *rdl.Timestamp `json:"certIssueTime,omitempty" rdl:"optional" yaml:",omitempty"`
}

DynamicWorkload - workload type describing workload bootstrapped with an identity

func NewDynamicWorkload added in v1.10.32

func NewDynamicWorkload(init ...*DynamicWorkload) *DynamicWorkload

NewDynamicWorkload - creates an initialized DynamicWorkload instance, returns a pointer to it

func (*DynamicWorkload) Init added in v1.10.32

func (self *DynamicWorkload) Init() *DynamicWorkload

Init - sets up the instance according to its default field values, if any

func (*DynamicWorkload) UnmarshalJSON added in v1.10.32

func (self *DynamicWorkload) UnmarshalJSON(b []byte) error

UnmarshalJSON is defined for proper JSON decoding of a DynamicWorkload

func (*DynamicWorkload) Validate added in v1.10.32

func (self *DynamicWorkload) Validate() error

Validate - checks for missing required fields, etc

type EntityList

type EntityList string

EntityList - An Entity list is comma separated compound Names

type EntityName

type EntityName string

EntityName - An entity name is a short form of a resource name, including only the domain and entity.

type IPBlock added in v1.10.39

type IPBlock struct {

	//
	// cidr notation. can be used for ipv4 or ipv6
	//
	Cidr string `json:"cidr"`
}

IPBlock - Struct representing ip blocks used by network policy in CIDR (Classless inter-domain routing) format

func NewIPBlock added in v1.10.39

func NewIPBlock(init ...*IPBlock) *IPBlock

NewIPBlock - creates an initialized IPBlock instance, returns a pointer to it

func (*IPBlock) UnmarshalJSON added in v1.10.39

func (self *IPBlock) UnmarshalJSON(b []byte) error

UnmarshalJSON is defined for proper JSON decoding of a IPBlock

func (*IPBlock) Validate added in v1.10.39

func (self *IPBlock) Validate() error

Validate - checks for missing required fields, etc

type KubernetesIPBlock added in v1.11.46

type KubernetesIPBlock struct {

	//
	// CIDR block representing IP range for source/target
	//
	Cidr string `json:"cidr"`

	//
	// Exception for CIDR blocks, if needed
	//
	Except []string `json:"except,omitempty" rdl:"optional" yaml:",omitempty"`
}

KubernetesIPBlock - Kubernetes network policy IP block source/target

func NewKubernetesIPBlock added in v1.11.46

func NewKubernetesIPBlock(init ...*KubernetesIPBlock) *KubernetesIPBlock

NewKubernetesIPBlock - creates an initialized KubernetesIPBlock instance, returns a pointer to it

func (*KubernetesIPBlock) UnmarshalJSON added in v1.11.46

func (self *KubernetesIPBlock) UnmarshalJSON(b []byte) error

UnmarshalJSON is defined for proper JSON decoding of a KubernetesIPBlock

func (*KubernetesIPBlock) Validate added in v1.11.46

func (self *KubernetesIPBlock) Validate() error

Validate - checks for missing required fields, etc

type KubernetesLabelSelector added in v1.11.46

type KubernetesLabelSelector struct {

	//
	// Array of label selector requirements. The requirements are ANDed.
	//
	MatchExpressions []*KubernetesLabelSelectorRequirement `json:"matchExpressions"`

	//
	// Map of label key/value pairs
	//
	MatchLabels map[string]string `json:"matchLabels"`
}

KubernetesLabelSelector - A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects.

func NewKubernetesLabelSelector added in v1.11.46

func NewKubernetesLabelSelector(init ...*KubernetesLabelSelector) *KubernetesLabelSelector

NewKubernetesLabelSelector - creates an initialized KubernetesLabelSelector instance, returns a pointer to it

func (*KubernetesLabelSelector) Init added in v1.11.46

Init - sets up the instance according to its default field values, if any

func (*KubernetesLabelSelector) UnmarshalJSON added in v1.11.46

func (self *KubernetesLabelSelector) UnmarshalJSON(b []byte) error

UnmarshalJSON is defined for proper JSON decoding of a KubernetesLabelSelector

func (*KubernetesLabelSelector) Validate added in v1.11.46

func (self *KubernetesLabelSelector) Validate() error

Validate - checks for missing required fields, etc

type KubernetesLabelSelectorRequirement added in v1.11.46

type KubernetesLabelSelectorRequirement struct {

	//
	// Label key that the selector applies to
	//
	Key string `json:"key"`

	//
	// Operator that is applied to the key. Valid operators are In, NotIn, Exists
	// and DoesNotExist.
	//
	Operator string `json:"operator"`

	//
	// Array of string values. If the operator is In or NotIn, the values array
	// must be non-empty. If the operator is Exists or DoesNotExist, the values
	// array must be empty.
	//
	Values []string `json:"values,omitempty" rdl:"optional" yaml:",omitempty"`
}

KubernetesLabelSelectorRequirement - A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

func NewKubernetesLabelSelectorRequirement added in v1.11.46

func NewKubernetesLabelSelectorRequirement(init ...*KubernetesLabelSelectorRequirement) *KubernetesLabelSelectorRequirement

NewKubernetesLabelSelectorRequirement - creates an initialized KubernetesLabelSelectorRequirement instance, returns a pointer to it

func (*KubernetesLabelSelectorRequirement) UnmarshalJSON added in v1.11.46

func (self *KubernetesLabelSelectorRequirement) UnmarshalJSON(b []byte) error

UnmarshalJSON is defined for proper JSON decoding of a KubernetesLabelSelectorRequirement

func (*KubernetesLabelSelectorRequirement) Validate added in v1.11.46

func (self *KubernetesLabelSelectorRequirement) Validate() error

Validate - checks for missing required fields, etc

type KubernetesNetworkPolicyEgressRule added in v1.11.46

type KubernetesNetworkPolicyEgressRule struct {

	//
	// Network policy target, when empty all sources are allowed
	//
	To []*KubernetesNetworkPolicyPeer `json:"to,omitempty" rdl:"optional" yaml:",omitempty"`

	//
	// Egress port(s), when empty all ports are allowed
	//
	Ports []*KubernetesNetworkPolicyPort `json:"ports,omitempty" rdl:"optional" yaml:",omitempty"`
}

KubernetesNetworkPolicyEgressRule - Kubernetes network policy egress rule

func NewKubernetesNetworkPolicyEgressRule added in v1.11.46

func NewKubernetesNetworkPolicyEgressRule(init ...*KubernetesNetworkPolicyEgressRule) *KubernetesNetworkPolicyEgressRule

NewKubernetesNetworkPolicyEgressRule - creates an initialized KubernetesNetworkPolicyEgressRule instance, returns a pointer to it

func (*KubernetesNetworkPolicyEgressRule) UnmarshalJSON added in v1.11.46

func (self *KubernetesNetworkPolicyEgressRule) UnmarshalJSON(b []byte) error

UnmarshalJSON is defined for proper JSON decoding of a KubernetesNetworkPolicyEgressRule

func (*KubernetesNetworkPolicyEgressRule) Validate added in v1.11.46

func (self *KubernetesNetworkPolicyEgressRule) Validate() error

Validate - checks for missing required fields, etc

type KubernetesNetworkPolicyIngressRule added in v1.11.46

type KubernetesNetworkPolicyIngressRule struct {

	//
	// Network policy source, when empty all sources are allowed
	//
	From []*KubernetesNetworkPolicyPeer `json:"from,omitempty" rdl:"optional" yaml:",omitempty"`

	//
	// Ingress port(s), when empty all ports are allowed
	//
	Ports []*KubernetesNetworkPolicyPort `json:"ports,omitempty" rdl:"optional" yaml:",omitempty"`
}

KubernetesNetworkPolicyIngressRule - Kubernetes network policy ingress rule

func NewKubernetesNetworkPolicyIngressRule added in v1.11.46

func NewKubernetesNetworkPolicyIngressRule(init ...*KubernetesNetworkPolicyIngressRule) *KubernetesNetworkPolicyIngressRule

NewKubernetesNetworkPolicyIngressRule - creates an initialized KubernetesNetworkPolicyIngressRule instance, returns a pointer to it

func (*KubernetesNetworkPolicyIngressRule) UnmarshalJSON added in v1.11.46

func (self *KubernetesNetworkPolicyIngressRule) UnmarshalJSON(b []byte) error

UnmarshalJSON is defined for proper JSON decoding of a KubernetesNetworkPolicyIngressRule

func (*KubernetesNetworkPolicyIngressRule) Validate added in v1.11.46

func (self *KubernetesNetworkPolicyIngressRule) Validate() error

Validate - checks for missing required fields, etc

type KubernetesNetworkPolicyPeer added in v1.11.46

type KubernetesNetworkPolicyPeer struct {

	//
	// Kubernetes pod selector for the network policy source/target
	//
	PodSelector *KubernetesLabelSelector `json:"podSelector,omitempty" rdl:"optional" yaml:",omitempty"`

	//
	// Kubernetes namespace selector for the network policy source/target
	//
	NamespaceSelector *KubernetesLabelSelector `json:"namespaceSelector,omitempty" rdl:"optional" yaml:",omitempty"`

	//
	// IP block for the network policy source/target
	//
	IpBlock *KubernetesIPBlock `json:"ipBlock,omitempty" rdl:"optional" yaml:",omitempty"`
}

KubernetesNetworkPolicyPeer - Kubernetes network policy peer (source/target)

func NewKubernetesNetworkPolicyPeer added in v1.11.46

func NewKubernetesNetworkPolicyPeer(init ...*KubernetesNetworkPolicyPeer) *KubernetesNetworkPolicyPeer

NewKubernetesNetworkPolicyPeer - creates an initialized KubernetesNetworkPolicyPeer instance, returns a pointer to it

func (*KubernetesNetworkPolicyPeer) UnmarshalJSON added in v1.11.46

func (self *KubernetesNetworkPolicyPeer) UnmarshalJSON(b []byte) error

UnmarshalJSON is defined for proper JSON decoding of a KubernetesNetworkPolicyPeer

func (*KubernetesNetworkPolicyPeer) Validate added in v1.11.46

func (self *KubernetesNetworkPolicyPeer) Validate() error

Validate - checks for missing required fields, etc

type KubernetesNetworkPolicyPort added in v1.11.46

type KubernetesNetworkPolicyPort struct {

	//
	// Start port of the port range. port and endPort will have same values for a
	// single port definition.
	//
	Port int32 `json:"port"`

	//
	// End port of the port range. port and endPort will have same values for a
	// single port definition.
	//
	EndPort int32 `json:"endPort"`

	//
	// Network policy protocol. Allowed values: TCP, UDP.
	//
	Protocol TransportPolicyProtocol `json:"protocol"`
}

KubernetesNetworkPolicyPort - Kubernetes network policy port range

func NewKubernetesNetworkPolicyPort added in v1.11.46

func NewKubernetesNetworkPolicyPort(init ...*KubernetesNetworkPolicyPort) *KubernetesNetworkPolicyPort

NewKubernetesNetworkPolicyPort - creates an initialized KubernetesNetworkPolicyPort instance, returns a pointer to it

func (*KubernetesNetworkPolicyPort) UnmarshalJSON added in v1.11.46

func (self *KubernetesNetworkPolicyPort) UnmarshalJSON(b []byte) error

UnmarshalJSON is defined for proper JSON decoding of a KubernetesNetworkPolicyPort

func (*KubernetesNetworkPolicyPort) Validate added in v1.11.46

func (self *KubernetesNetworkPolicyPort) Validate() error

Validate - checks for missing required fields, etc

type KubernetesNetworkPolicyRequest added in v1.11.46

type KubernetesNetworkPolicyRequest struct {

	//
	// Label key name used on pods to identify Athenz domain
	//
	AthenzDomainLabel string `json:"athenzDomainLabel" rdl:"optional" yaml:",omitempty"`

	//
	// Label key name used on pods to identify Athenz service
	//
	AthenzServiceLabel string `json:"athenzServiceLabel"`

	//
	// Network policy type, default is vanilla Kubernetes
	//
	NetworkPolicyType string `json:"networkPolicyType" rdl:"optional" yaml:",omitempty"`

	//
	// Requested network policy apiVersion
	//
	RequestedApiVersion string `json:"requestedApiVersion" rdl:"optional" yaml:",omitempty"`

	//
	// Kubernetes namespace for the network policy object
	//
	NetworkPolicyNamespace string `json:"networkPolicyNamespace" rdl:"optional" yaml:",omitempty"`

	//
	// Use athenzDomainLabel as namespace selector
	//
	DomainLabelAsNamespaceSelector *bool `json:"domainLabelAsNamespaceSelector,omitempty" rdl:"optional" yaml:",omitempty"`

	//
	// Use Athenz domain name in service label
	//
	DomainInServiceLabel *bool `json:"domainInServiceLabel,omitempty" rdl:"optional" yaml:",omitempty"`
}

KubernetesNetworkPolicyRequest - Request object containing Kubernetes network policy inputs

func NewKubernetesNetworkPolicyRequest added in v1.11.46

func NewKubernetesNetworkPolicyRequest(init ...*KubernetesNetworkPolicyRequest) *KubernetesNetworkPolicyRequest

NewKubernetesNetworkPolicyRequest - creates an initialized KubernetesNetworkPolicyRequest instance, returns a pointer to it

func (*KubernetesNetworkPolicyRequest) UnmarshalJSON added in v1.11.46

func (self *KubernetesNetworkPolicyRequest) UnmarshalJSON(b []byte) error

UnmarshalJSON is defined for proper JSON decoding of a KubernetesNetworkPolicyRequest

func (*KubernetesNetworkPolicyRequest) Validate added in v1.11.46

func (self *KubernetesNetworkPolicyRequest) Validate() error

Validate - checks for missing required fields, etc

type KubernetesNetworkPolicyResponse added in v1.11.46

type KubernetesNetworkPolicyResponse struct {

	//
	// Kubernetes network policy apiVersion
	//
	ApiVersion string `json:"apiVersion"`

	//
	// Kubernetes network policy kind
	//
	Kind string `json:"kind"`

	//
	// Kubernetes network policy metadata
	//
	Metadata map[string]string `json:"metadata"`

	//
	// Kubernetes network policy spec
	//
	Spec *KubernetesNetworkPolicySpec `json:"spec"`
}

KubernetesNetworkPolicyResponse - Response object containing Kubernetes network policy

func NewKubernetesNetworkPolicyResponse added in v1.11.46

func NewKubernetesNetworkPolicyResponse(init ...*KubernetesNetworkPolicyResponse) *KubernetesNetworkPolicyResponse

NewKubernetesNetworkPolicyResponse - creates an initialized KubernetesNetworkPolicyResponse instance, returns a pointer to it

func (*KubernetesNetworkPolicyResponse) Init added in v1.11.46

Init - sets up the instance according to its default field values, if any

func (*KubernetesNetworkPolicyResponse) UnmarshalJSON added in v1.11.46

func (self *KubernetesNetworkPolicyResponse) UnmarshalJSON(b []byte) error

UnmarshalJSON is defined for proper JSON decoding of a KubernetesNetworkPolicyResponse

func (*KubernetesNetworkPolicyResponse) Validate added in v1.11.46

func (self *KubernetesNetworkPolicyResponse) Validate() error

Validate - checks for missing required fields, etc

type KubernetesNetworkPolicySpec added in v1.11.46

type KubernetesNetworkPolicySpec struct {

	//
	// Kubernetes pod selector for the network policy target
	//
	PodSelector *KubernetesLabelSelector `json:"podSelector"`

	//
	// Network policy types - Ingress, Egress
	//
	PolicyTypes []string `json:"policyTypes"`

	//
	// Ingress network policy rules, if empty then all ingress traffic is blocked
	//
	Ingress []*KubernetesNetworkPolicyIngressRule `json:"ingress,omitempty" rdl:"optional" yaml:",omitempty"`

	//
	// Egress network policy rules, if empty then all egress traffic is blocked
	//
	Egress []*KubernetesNetworkPolicyEgressRule `json:"egress,omitempty" rdl:"optional" yaml:",omitempty"`
}

KubernetesNetworkPolicySpec - Kubernetes network policy spec

func NewKubernetesNetworkPolicySpec added in v1.11.46

func NewKubernetesNetworkPolicySpec(init ...*KubernetesNetworkPolicySpec) *KubernetesNetworkPolicySpec

NewKubernetesNetworkPolicySpec - creates an initialized KubernetesNetworkPolicySpec instance, returns a pointer to it

func (*KubernetesNetworkPolicySpec) Init added in v1.11.46

Init - sets up the instance according to its default field values, if any

func (*KubernetesNetworkPolicySpec) UnmarshalJSON added in v1.11.46

func (self *KubernetesNetworkPolicySpec) UnmarshalJSON(b []byte) error

UnmarshalJSON is defined for proper JSON decoding of a KubernetesNetworkPolicySpec

func (*KubernetesNetworkPolicySpec) Validate added in v1.11.46

func (self *KubernetesNetworkPolicySpec) Validate() error

Validate - checks for missing required fields, etc

type MSDClient

type MSDClient struct {
	URL             string
	Transport       http.RoundTripper
	CredsHeaders    map[string]string
	Timeout         time.Duration
	DisableRedirect bool
}

func NewClient

func NewClient(url string, transport http.RoundTripper) MSDClient

NewClient creates and returns a new HTTP client object for the MSD service

func (*MSDClient) AddCredentials

func (client *MSDClient) AddCredentials(header string, token string)

AddCredentials adds the credentials to the client for subsequent requests.

func (MSDClient) DeleteCompositeInstance added in v1.11.63

func (client MSDClient) DeleteCompositeInstance(domainName DomainName, serviceName EntityName, instance SimpleName, resourceOwner string) error

func (MSDClient) DeleteDynamicWorkload added in v1.11.6

func (client MSDClient) DeleteDynamicWorkload(domainName DomainName, serviceName EntityName, instanceId PathElement, resourceOwner string) error

func (MSDClient) DeleteStaticWorkload added in v1.11.6

func (client MSDClient) DeleteStaticWorkload(domainName DomainName, serviceName EntityName, name StaticWorkloadName, resourceOwner string) error

func (MSDClient) DeleteTransportPolicy added in v1.11.50

func (client MSDClient) DeleteTransportPolicy(domainName DomainName, serviceName EntityName, id int64, auditRef string, resourceOwner string) error

func (MSDClient) EvaluateNetworkPolicyChange added in v1.10.39

func (client MSDClient) EvaluateNetworkPolicyChange(detail *NetworkPolicyChangeImpactRequest) (*NetworkPolicyChangeImpactResponse, error)

func (MSDClient) GetRdlSchema added in v1.11.12

func (client MSDClient) GetRdlSchema() (*rdl.Schema, error)

func (MSDClient) GetStaticWorkloadServicesByType added in v1.11.27

func (client MSDClient) GetStaticWorkloadServicesByType(serviceType EntityName, serviceValue EntityName) (*StaticWorkloadServices, error)

func (MSDClient) GetTransportPolicyRules

func (client MSDClient) GetTransportPolicyRules(matchingTag string) (*TransportPolicyRules, string, error)

func (MSDClient) GetTransportPolicyRulesByDomain added in v1.11.40

func (client MSDClient) GetTransportPolicyRulesByDomain(domainName DomainName, matchingTag string) (*TransportPolicyRules, string, error)

func (MSDClient) GetTransportPolicyRulesByService added in v1.11.48

func (client MSDClient) GetTransportPolicyRulesByService(domainName DomainName, serviceName EntityName, matchingTag string) (*TransportPolicyRules, string, error)

func (MSDClient) GetTransportPolicyValidationStatus added in v1.10.40

func (client MSDClient) GetTransportPolicyValidationStatus(domainName DomainName) (*TransportPolicyValidationResponseList, error)

func (MSDClient) GetWorkloadsByDomain added in v1.11.40

func (client MSDClient) GetWorkloadsByDomain(domainName DomainName, matchingTag string) (*Workloads, string, error)

func (MSDClient) GetWorkloadsByDomainAndService added in v1.11.44

func (client MSDClient) GetWorkloadsByDomainAndService(request *BulkWorkloadRequest, matchingTag string) (*BulkWorkloadResponse, string, error)

func (MSDClient) GetWorkloadsByIP added in v1.10.20

func (client MSDClient) GetWorkloadsByIP(ip string, matchingTag string) (*Workloads, string, error)

func (MSDClient) GetWorkloadsByService added in v1.10.20

func (client MSDClient) GetWorkloadsByService(domainName DomainName, serviceName EntityName, matchingTag string) (*Workloads, string, error)

func (MSDClient) PostKubernetesNetworkPolicyRequest added in v1.11.46

func (client MSDClient) PostKubernetesNetworkPolicyRequest(domainName DomainName, serviceName EntityName, request *KubernetesNetworkPolicyRequest, matchingTag string) (*KubernetesNetworkPolicyResponse, string, error)

func (MSDClient) PutCompositeInstance added in v1.11.63

func (client MSDClient) PutCompositeInstance(domainName DomainName, serviceName EntityName, instance *CompositeInstance, resourceOwner string) error

func (MSDClient) PutDynamicWorkload added in v1.10.32

func (client MSDClient) PutDynamicWorkload(domainName DomainName, serviceName EntityName, options *WorkloadOptions, resourceOwner string) error

func (MSDClient) PutStaticWorkload added in v1.10.32

func (client MSDClient) PutStaticWorkload(domainName DomainName, serviceName EntityName, staticWorkload *StaticWorkload, resourceOwner string) error

func (MSDClient) PutTransportPolicy added in v1.11.47

func (client MSDClient) PutTransportPolicy(domainName DomainName, serviceName EntityName, auditRef string, resourceOwner string, payload *TransportPolicyRequest) (*TransportPolicyRules, error)

func (MSDClient) ValidateTransportPolicy added in v1.10.34

func (client MSDClient) ValidateTransportPolicy(transportPolicy *TransportPolicyValidationRequest) (*TransportPolicyValidationResponse, error)

type NetworkPolicyChangeEffect added in v1.10.39

type NetworkPolicyChangeEffect int

NetworkPolicyChangeEffect - IMPACT indicates that a change in network policy will interfere with workings of one or more transport policies NO_IMPACT indicates that a change in network policy will not interfere with workings of any transport policy

const (
	IMPACT NetworkPolicyChangeEffect
	NO_IMPACT
)

NetworkPolicyChangeEffect constants

func NewNetworkPolicyChangeEffect added in v1.10.39

func NewNetworkPolicyChangeEffect(init ...interface{}) NetworkPolicyChangeEffect

NewNetworkPolicyChangeEffect - return a string representation of the enum

func (NetworkPolicyChangeEffect) MarshalJSON added in v1.10.39

func (e NetworkPolicyChangeEffect) MarshalJSON() ([]byte, error)

MarshalJSON is defined for proper JSON encoding of a NetworkPolicyChangeEffect

func (NetworkPolicyChangeEffect) String added in v1.10.39

func (e NetworkPolicyChangeEffect) String() string

String - return a string representation of the enum

func (NetworkPolicyChangeEffect) SymbolSet added in v1.10.39

func (e NetworkPolicyChangeEffect) SymbolSet() []string

SymbolSet - return an array of all valid string representations (symbols) of the enum

func (*NetworkPolicyChangeEffect) UnmarshalJSON added in v1.10.39

func (e *NetworkPolicyChangeEffect) UnmarshalJSON(b []byte) error

UnmarshalJSON is defined for proper JSON decoding of a NetworkPolicyChangeEffect

type NetworkPolicyChangeImpactDetail added in v1.10.39

type NetworkPolicyChangeImpactDetail struct {

	//
	// Name of the domain of the corresponding transport policy
	//
	Domain DomainName `json:"domain"`

	//
	// Name of the Athenz policy corresponding to transport policy
	//
	Policy EntityName `json:"policy"`

	//
	// Unique id of the transport policy
	//
	TransportPolicyId int64 `json:"transportPolicyId"`
}

NetworkPolicyChangeImpactDetail -

func NewNetworkPolicyChangeImpactDetail added in v1.10.39

func NewNetworkPolicyChangeImpactDetail(init ...*NetworkPolicyChangeImpactDetail) *NetworkPolicyChangeImpactDetail

NewNetworkPolicyChangeImpactDetail - creates an initialized NetworkPolicyChangeImpactDetail instance, returns a pointer to it

func (*NetworkPolicyChangeImpactDetail) UnmarshalJSON added in v1.10.39

func (self *NetworkPolicyChangeImpactDetail) UnmarshalJSON(b []byte) error

UnmarshalJSON is defined for proper JSON decoding of a NetworkPolicyChangeImpactDetail

func (*NetworkPolicyChangeImpactDetail) Validate added in v1.10.39

func (self *NetworkPolicyChangeImpactDetail) Validate() error

Validate - checks for missing required fields, etc

type NetworkPolicyChangeImpactRequest added in v1.10.39

type NetworkPolicyChangeImpactRequest struct {

	//
	// from ip address range list in cidr format
	//
	From []*IPBlock `json:"from"`

	//
	// to ip address range list in cidr format
	//
	To []*IPBlock `json:"to"`

	//
	// list of ports. Facilitates multiple transports for the same source and
	// destinations.
	//
	Ports []*NetworkPolicyPorts `json:"ports"`
}

NetworkPolicyChangeImpactRequest - struct representing input details for evaluating network policies change impact on transport policies

func NewNetworkPolicyChangeImpactRequest added in v1.10.39

func NewNetworkPolicyChangeImpactRequest(init ...*NetworkPolicyChangeImpactRequest) *NetworkPolicyChangeImpactRequest

NewNetworkPolicyChangeImpactRequest - creates an initialized NetworkPolicyChangeImpactRequest instance, returns a pointer to it

func (*NetworkPolicyChangeImpactRequest) Init added in v1.10.39

Init - sets up the instance according to its default field values, if any

func (*NetworkPolicyChangeImpactRequest) UnmarshalJSON added in v1.10.39

func (self *NetworkPolicyChangeImpactRequest) UnmarshalJSON(b []byte) error

UnmarshalJSON is defined for proper JSON decoding of a NetworkPolicyChangeImpactRequest

func (*NetworkPolicyChangeImpactRequest) Validate added in v1.10.39

func (self *NetworkPolicyChangeImpactRequest) Validate() error

Validate - checks for missing required fields, etc

type NetworkPolicyChangeImpactResponse added in v1.10.39

type NetworkPolicyChangeImpactResponse struct {

	//
	// enum indicating effect of network policy change on one or more transport
	// policies
	//
	Effect NetworkPolicyChangeEffect `json:"effect"`

	//
	// if the above enum value is IMPACT then this optional object contains more
	// details about the impacted transport policies
	//
	Details []*NetworkPolicyChangeImpactDetail `json:"details,omitempty" rdl:"optional" yaml:",omitempty"`
}

NetworkPolicyChangeImpactResponse - struct representing response of evaluating network policies change impact on transport policies

func NewNetworkPolicyChangeImpactResponse added in v1.10.39

func NewNetworkPolicyChangeImpactResponse(init ...*NetworkPolicyChangeImpactResponse) *NetworkPolicyChangeImpactResponse

NewNetworkPolicyChangeImpactResponse - creates an initialized NetworkPolicyChangeImpactResponse instance, returns a pointer to it

func (*NetworkPolicyChangeImpactResponse) UnmarshalJSON added in v1.10.39

func (self *NetworkPolicyChangeImpactResponse) UnmarshalJSON(b []byte) error

UnmarshalJSON is defined for proper JSON decoding of a NetworkPolicyChangeImpactResponse

func (*NetworkPolicyChangeImpactResponse) Validate added in v1.10.39

func (self *NetworkPolicyChangeImpactResponse) Validate() error

Validate - checks for missing required fields, etc

type NetworkPolicyPort added in v1.10.39

type NetworkPolicyPort struct {

	//
	// Start port of the port range. port and endPort will have same values for a
	// single port definition.
	//
	Port int32 `json:"port"`

	//
	// End port of the port range. port and endPort will have same values for a
	// single port definition.
	//
	EndPort int32 `json:"endPort"`

	//
	// protocol used by the network policy
	//
	Protocol TransportPolicyProtocol `json:"protocol"`
}

NetworkPolicyPort - network policy port.

func NewNetworkPolicyPort added in v1.10.39

func NewNetworkPolicyPort(init ...*NetworkPolicyPort) *NetworkPolicyPort

NewNetworkPolicyPort - creates an initialized NetworkPolicyPort instance, returns a pointer to it

func (*NetworkPolicyPort) UnmarshalJSON added in v1.10.39

func (self *NetworkPolicyPort) UnmarshalJSON(b []byte) error

UnmarshalJSON is defined for proper JSON decoding of a NetworkPolicyPort

func (*NetworkPolicyPort) Validate added in v1.10.39

func (self *NetworkPolicyPort) Validate() error

Validate - checks for missing required fields, etc

type NetworkPolicyPorts added in v1.10.53

type NetworkPolicyPorts struct {

	//
	// list of source ports
	//
	SourcePorts []*NetworkPolicyPort `json:"sourcePorts"`

	//
	// list of destination ports
	//
	DestinationPorts []*NetworkPolicyPort `json:"destinationPorts"`
}

NetworkPolicyPorts - allows creating a unique tuple of source and destination ports

func NewNetworkPolicyPorts added in v1.10.53

func NewNetworkPolicyPorts(init ...*NetworkPolicyPorts) *NetworkPolicyPorts

NewNetworkPolicyPorts - creates an initialized NetworkPolicyPorts instance, returns a pointer to it

func (*NetworkPolicyPorts) Init added in v1.10.53

func (self *NetworkPolicyPorts) Init() *NetworkPolicyPorts

Init - sets up the instance according to its default field values, if any

func (*NetworkPolicyPorts) UnmarshalJSON added in v1.10.53

func (self *NetworkPolicyPorts) UnmarshalJSON(b []byte) error

UnmarshalJSON is defined for proper JSON decoding of a NetworkPolicyPorts

func (*NetworkPolicyPorts) Validate added in v1.10.53

func (self *NetworkPolicyPorts) Validate() error

Validate - checks for missing required fields, etc

type PathElement

type PathElement string

PathElement - A uri-safe path element

type PolicyPort added in v1.10.39

type PolicyPort struct {

	//
	// Start port of the port range. port and endPort will have same values for a
	// single port definition.
	//
	Port int32 `json:"port"`

	//
	// End port of the port range. port and endPort will have same values for a
	// single port definition.
	//
	EndPort int32 `json:"endPort"`
}

PolicyPort - generic policy port. Will be used by TransportPolicyPort and NetworkPolicyPort structs

func NewPolicyPort added in v1.10.39

func NewPolicyPort(init ...*PolicyPort) *PolicyPort

NewPolicyPort - creates an initialized PolicyPort instance, returns a pointer to it

func (*PolicyPort) UnmarshalJSON added in v1.10.39

func (self *PolicyPort) UnmarshalJSON(b []byte) error

UnmarshalJSON is defined for proper JSON decoding of a PolicyPort

func (*PolicyPort) Validate added in v1.10.39

func (self *PolicyPort) Validate() error

Validate - checks for missing required fields, etc

type ResourceName

type ResourceName string

ResourceName - A resource name Note that the EntityName part is optional, that is, a domain name followed by a colon is valid resource name.

type ServiceName

type ServiceName string

ServiceName - A service name will generally be a unique subdomain.

type SimpleName

type SimpleName string

SimpleName - Copyright The Athenz Authors Licensed under the terms of the Apache version 2.0 license. See LICENSE file for terms. Common name types used by several API definitions A simple identifier, an element of compound name.

type StaticWorkload added in v1.10.32

type StaticWorkload struct {

	//
	// name of the domain
	//
	DomainName DomainName `json:"domainName"`

	//
	// name of the service
	//
	ServiceName EntityName `json:"serviceName"`

	//
	// value representing one of the StaticWorkloadType enum
	//
	Type StaticWorkloadType `json:"type"`

	//
	// list of IP addresses associated with the workload, optional for
	// getWorkloadsByIP API call
	//
	IpAddresses []string `json:"ipAddresses,omitempty" rdl:"optional" yaml:",omitempty"`

	//
	// name associated with the workload. In most cases will be a FQDN
	//
	Name StaticWorkloadName `json:"name,omitempty" rdl:"optional" yaml:",omitempty"`

	//
	// most recent update timestamp in the backend
	//
	UpdateTime *rdl.Timestamp `json:"updateTime,omitempty" rdl:"optional" yaml:",omitempty"`
}

StaticWorkload - workload type describing workload indirectly associated with an identity ( without bootstrap )

func NewStaticWorkload added in v1.10.32

func NewStaticWorkload(init ...*StaticWorkload) *StaticWorkload

NewStaticWorkload - creates an initialized StaticWorkload instance, returns a pointer to it

func (*StaticWorkload) UnmarshalJSON added in v1.10.32

func (self *StaticWorkload) UnmarshalJSON(b []byte) error

UnmarshalJSON is defined for proper JSON decoding of a StaticWorkload

func (*StaticWorkload) Validate added in v1.10.32

func (self *StaticWorkload) Validate() error

Validate - checks for missing required fields, etc

type StaticWorkloadComponent added in v1.11.43

type StaticWorkloadComponent string

StaticWorkloadComponent -

type StaticWorkloadFQDN added in v1.11.43

type StaticWorkloadFQDN string

StaticWorkloadFQDN -

type StaticWorkloadName added in v1.11.43

type StaticWorkloadName string

StaticWorkloadName -

type StaticWorkloadService added in v1.11.27

type StaticWorkloadService struct {

	//
	// value representing one of the StaticWorkloadType enum
	//
	Type StaticWorkloadType `json:"type"`

	//
	// name of the service
	//
	ServiceName EntityName `json:"serviceName"`

	//
	// service instance
	//
	Instance EntityName `json:"instance"`
}

StaticWorkloadService - static workload service

func NewStaticWorkloadService added in v1.11.27

func NewStaticWorkloadService(init ...*StaticWorkloadService) *StaticWorkloadService

NewStaticWorkloadService - creates an initialized StaticWorkloadService instance, returns a pointer to it

func (*StaticWorkloadService) UnmarshalJSON added in v1.11.27

func (self *StaticWorkloadService) UnmarshalJSON(b []byte) error

UnmarshalJSON is defined for proper JSON decoding of a StaticWorkloadService

func (*StaticWorkloadService) Validate added in v1.11.27

func (self *StaticWorkloadService) Validate() error

Validate - checks for missing required fields, etc

type StaticWorkloadServices added in v1.11.27

type StaticWorkloadServices struct {
	StaticWorkloadServices []*StaticWorkloadService `json:"staticWorkloadServices"`
}

StaticWorkloadServices - list of services

func NewStaticWorkloadServices added in v1.11.27

func NewStaticWorkloadServices(init ...*StaticWorkloadServices) *StaticWorkloadServices

NewStaticWorkloadServices - creates an initialized StaticWorkloadServices instance, returns a pointer to it

func (*StaticWorkloadServices) Init added in v1.11.27

Init - sets up the instance according to its default field values, if any

func (*StaticWorkloadServices) UnmarshalJSON added in v1.11.27

func (self *StaticWorkloadServices) UnmarshalJSON(b []byte) error

UnmarshalJSON is defined for proper JSON decoding of a StaticWorkloadServices

func (*StaticWorkloadServices) Validate added in v1.11.27

func (self *StaticWorkloadServices) Validate() error

Validate - checks for missing required fields, etc

type StaticWorkloadType added in v1.10.32

type StaticWorkloadType int

StaticWorkloadType - Enum representing defined types of static workloads.

const (
	VIP StaticWorkloadType
	ENTERPRISE_APPLIANCE
	CLOUD_LB
	CLOUD_NAT
	EXTERNAL_APPLIANCE
	VIP_LB
	CLOUD_MANAGED
	SERVICE_SUBNET
)

StaticWorkloadType constants

func NewStaticWorkloadType added in v1.10.32

func NewStaticWorkloadType(init ...interface{}) StaticWorkloadType

NewStaticWorkloadType - return a string representation of the enum

func (StaticWorkloadType) MarshalJSON added in v1.10.32

func (e StaticWorkloadType) MarshalJSON() ([]byte, error)

MarshalJSON is defined for proper JSON encoding of a StaticWorkloadType

func (StaticWorkloadType) String added in v1.10.32

func (e StaticWorkloadType) String() string

String - return a string representation of the enum

func (StaticWorkloadType) SymbolSet added in v1.10.32

func (e StaticWorkloadType) SymbolSet() []string

SymbolSet - return an array of all valid string representations (symbols) of the enum

func (*StaticWorkloadType) UnmarshalJSON added in v1.10.32

func (e *StaticWorkloadType) UnmarshalJSON(b []byte) error

UnmarshalJSON is defined for proper JSON decoding of a StaticWorkloadType

type TransportPolicyCondition

type TransportPolicyCondition struct {

	//
	// State of transport policy enforcement ( ENFORCE / REPORT )
	//
	EnforcementState TransportPolicyEnforcementState `json:"enforcementState"`

	//
	// Acts as restrictions. If present, this transport policy should be
	// restricted to only mentioned instances.
	//
	Instances []string `json:"instances,omitempty" rdl:"optional" yaml:",omitempty"`

	//
	// Scope of transport policy
	//
	Scope []TransportPolicyScope `json:"scope,omitempty" rdl:"optional" yaml:",omitempty"`

	//
	// List of any additional conditions
	//
	AdditionalConditions []*TransportPolicySubjectSelectorRequirement `json:"additionalConditions,omitempty" rdl:"optional" yaml:",omitempty"`
}

TransportPolicyCondition - Transport policy condition. Used to specify additional restrictions for the subject of a transport policy

func NewTransportPolicyCondition

func NewTransportPolicyCondition(init ...*TransportPolicyCondition) *TransportPolicyCondition

NewTransportPolicyCondition - creates an initialized TransportPolicyCondition instance, returns a pointer to it

func (*TransportPolicyCondition) UnmarshalJSON

func (self *TransportPolicyCondition) UnmarshalJSON(b []byte) error

UnmarshalJSON is defined for proper JSON decoding of a TransportPolicyCondition

func (*TransportPolicyCondition) Validate

func (self *TransportPolicyCondition) Validate() error

Validate - checks for missing required fields, etc

type TransportPolicyEgressRule

type TransportPolicyEgressRule struct {

	//
	// Assertion id associated with this transport policy
	//
	Id int64 `json:"id"`

	//
	// Policy Identifier
	//
	Identifier EntityName `json:"identifier,omitempty" rdl:"optional" yaml:",omitempty"`

	//
	// Last modification timestamp of this transport policy
	//
	LastModified rdl.Timestamp `json:"lastModified"`

	//
	// Entity to which this transport policy applies
	//
	EntitySelector *TransportPolicyEntitySelector `json:"entitySelector"`

	//
	// Destination of network traffic
	//
	To *TransportPolicyPeer `json:"to,omitempty" rdl:"optional" yaml:",omitempty"`
}

TransportPolicyEgressRule - Transport policy egress rule

func NewTransportPolicyEgressRule

func NewTransportPolicyEgressRule(init ...*TransportPolicyEgressRule) *TransportPolicyEgressRule

NewTransportPolicyEgressRule - creates an initialized TransportPolicyEgressRule instance, returns a pointer to it

func (*TransportPolicyEgressRule) Init

Init - sets up the instance according to its default field values, if any

func (*TransportPolicyEgressRule) UnmarshalJSON

func (self *TransportPolicyEgressRule) UnmarshalJSON(b []byte) error

UnmarshalJSON is defined for proper JSON decoding of a TransportPolicyEgressRule

func (*TransportPolicyEgressRule) Validate

func (self *TransportPolicyEgressRule) Validate() error

Validate - checks for missing required fields, etc

type TransportPolicyEnforcementState

type TransportPolicyEnforcementState int

TransportPolicyEnforcementState - Types of transport policy enforcement states

const (
	ENFORCE TransportPolicyEnforcementState
	REPORT
)

TransportPolicyEnforcementState constants

func NewTransportPolicyEnforcementState

func NewTransportPolicyEnforcementState(init ...interface{}) TransportPolicyEnforcementState

NewTransportPolicyEnforcementState - return a string representation of the enum

func (TransportPolicyEnforcementState) MarshalJSON

func (e TransportPolicyEnforcementState) MarshalJSON() ([]byte, error)

MarshalJSON is defined for proper JSON encoding of a TransportPolicyEnforcementState

func (TransportPolicyEnforcementState) String

String - return a string representation of the enum

func (TransportPolicyEnforcementState) SymbolSet

func (e TransportPolicyEnforcementState) SymbolSet() []string

SymbolSet - return an array of all valid string representations (symbols) of the enum

func (*TransportPolicyEnforcementState) UnmarshalJSON

func (e *TransportPolicyEnforcementState) UnmarshalJSON(b []byte) error

UnmarshalJSON is defined for proper JSON decoding of a TransportPolicyEnforcementState

type TransportPolicyEntitySelector

type TransportPolicyEntitySelector struct {

	//
	// Requirements for selecting the subject for this transport policy.
	//
	Match *TransportPolicyMatch `json:"match"`

	//
	// List of network traffic port of the subject eligible for the transport
	// policy
	//
	Ports []*TransportPolicyPort `json:"ports"`
}

TransportPolicyEntitySelector - Entity to which a transport policy applies. Describes the subject and port(s) for a transport policy.

func NewTransportPolicyEntitySelector

func NewTransportPolicyEntitySelector(init ...*TransportPolicyEntitySelector) *TransportPolicyEntitySelector

NewTransportPolicyEntitySelector - creates an initialized TransportPolicyEntitySelector instance, returns a pointer to it

func (*TransportPolicyEntitySelector) Init

Init - sets up the instance according to its default field values, if any

func (*TransportPolicyEntitySelector) UnmarshalJSON

func (self *TransportPolicyEntitySelector) UnmarshalJSON(b []byte) error

UnmarshalJSON is defined for proper JSON decoding of a TransportPolicyEntitySelector

func (*TransportPolicyEntitySelector) Validate

func (self *TransportPolicyEntitySelector) Validate() error

Validate - checks for missing required fields, etc

type TransportPolicyIngressRule

type TransportPolicyIngressRule struct {

	//
	// Assertion id associated with this transport policy
	//
	Id int64 `json:"id"`

	//
	// Policy Identifier
	//
	Identifier EntityName `json:"identifier,omitempty" rdl:"optional" yaml:",omitempty"`

	//
	// Last modification timestamp of this transport policy
	//
	LastModified rdl.Timestamp `json:"lastModified"`

	//
	// Entity to which this transport policy applies
	//
	EntitySelector *TransportPolicyEntitySelector `json:"entitySelector"`

	//
	// Source of network traffic
	//
	From *TransportPolicyPeer `json:"from,omitempty" rdl:"optional" yaml:",omitempty"`
}

TransportPolicyIngressRule - Transport policy ingress rule

func NewTransportPolicyIngressRule

func NewTransportPolicyIngressRule(init ...*TransportPolicyIngressRule) *TransportPolicyIngressRule

NewTransportPolicyIngressRule - creates an initialized TransportPolicyIngressRule instance, returns a pointer to it

func (*TransportPolicyIngressRule) Init

Init - sets up the instance according to its default field values, if any

func (*TransportPolicyIngressRule) UnmarshalJSON

func (self *TransportPolicyIngressRule) UnmarshalJSON(b []byte) error

UnmarshalJSON is defined for proper JSON decoding of a TransportPolicyIngressRule

func (*TransportPolicyIngressRule) Validate

func (self *TransportPolicyIngressRule) Validate() error

Validate - checks for missing required fields, etc

type TransportPolicyMatch

type TransportPolicyMatch struct {

	//
	// Subject where this transport policy applies
	//
	AthenzService *TransportPolicySubject `json:"athenzService"`

	//
	// List of additional requirements for restrictions. Requirements are ANDed.
	//
	Conditions []*TransportPolicyCondition `json:"conditions"`
}

TransportPolicyMatch - Selector for the subject of a transport policy

func NewTransportPolicyMatch

func NewTransportPolicyMatch(init ...*TransportPolicyMatch) *TransportPolicyMatch

NewTransportPolicyMatch - creates an initialized TransportPolicyMatch instance, returns a pointer to it

func (*TransportPolicyMatch) Init

Init - sets up the instance according to its default field values, if any

func (*TransportPolicyMatch) UnmarshalJSON

func (self *TransportPolicyMatch) UnmarshalJSON(b []byte) error

UnmarshalJSON is defined for proper JSON decoding of a TransportPolicyMatch

func (*TransportPolicyMatch) Validate

func (self *TransportPolicyMatch) Validate() error

Validate - checks for missing required fields, etc

type TransportPolicyPeer

type TransportPolicyPeer struct {

	//
	// List of transport policy subjects
	//
	AthenzServices []*TransportPolicySubject `json:"athenzServices"`

	//
	// List of network traffic port part of this transport policy
	//
	Ports []*TransportPolicyPort `json:"ports"`
}

TransportPolicyPeer - Source or destination for a transport policy

func NewTransportPolicyPeer

func NewTransportPolicyPeer(init ...*TransportPolicyPeer) *TransportPolicyPeer

NewTransportPolicyPeer - creates an initialized TransportPolicyPeer instance, returns a pointer to it

func (*TransportPolicyPeer) Init

Init - sets up the instance according to its default field values, if any

func (*TransportPolicyPeer) UnmarshalJSON

func (self *TransportPolicyPeer) UnmarshalJSON(b []byte) error

UnmarshalJSON is defined for proper JSON decoding of a TransportPolicyPeer

func (*TransportPolicyPeer) Validate

func (self *TransportPolicyPeer) Validate() error

Validate - checks for missing required fields, etc

type TransportPolicyPort

type TransportPolicyPort struct {

	//
	// Start port of the port range. port and endPort will have same values for a
	// single port definition.
	//
	Port int32 `json:"port"`

	//
	// End port of the port range. port and endPort will have same values for a
	// single port definition.
	//
	EndPort int32 `json:"endPort"`

	//
	// Protocol for this transport policy
	//
	Protocol TransportPolicyProtocol `json:"protocol"`
}

TransportPolicyPort - Transport policy port

func NewTransportPolicyPort

func NewTransportPolicyPort(init ...*TransportPolicyPort) *TransportPolicyPort

NewTransportPolicyPort - creates an initialized TransportPolicyPort instance, returns a pointer to it

func (*TransportPolicyPort) UnmarshalJSON

func (self *TransportPolicyPort) UnmarshalJSON(b []byte) error

UnmarshalJSON is defined for proper JSON decoding of a TransportPolicyPort

func (*TransportPolicyPort) Validate

func (self *TransportPolicyPort) Validate() error

Validate - checks for missing required fields, etc

type TransportPolicyProtocol

type TransportPolicyProtocol int

TransportPolicyProtocol - Types of transport policy protocols

const (
	TCP TransportPolicyProtocol
	UDP
)

TransportPolicyProtocol constants

func NewTransportPolicyProtocol

func NewTransportPolicyProtocol(init ...interface{}) TransportPolicyProtocol

NewTransportPolicyProtocol - return a string representation of the enum

func (TransportPolicyProtocol) MarshalJSON

func (e TransportPolicyProtocol) MarshalJSON() ([]byte, error)

MarshalJSON is defined for proper JSON encoding of a TransportPolicyProtocol

func (TransportPolicyProtocol) String

func (e TransportPolicyProtocol) String() string

String - return a string representation of the enum

func (TransportPolicyProtocol) SymbolSet

func (e TransportPolicyProtocol) SymbolSet() []string

SymbolSet - return an array of all valid string representations (symbols) of the enum

func (*TransportPolicyProtocol) UnmarshalJSON

func (e *TransportPolicyProtocol) UnmarshalJSON(b []byte) error

UnmarshalJSON is defined for proper JSON decoding of a TransportPolicyProtocol

type TransportPolicyRequest added in v1.11.47

type TransportPolicyRequest struct {

	//
	// Direction of network traffic
	//
	Direction TransportPolicyTrafficDirection `json:"direction"`

	//
	// Policy Identifier
	//
	Identifier EntityName `json:"identifier"`

	//
	// Subject for the policy
	//
	Subject *TransportPolicySubject `json:"subject"`

	//
	// List of transport policy conditions
	//
	Conditions []*TransportPolicyCondition `json:"conditions,omitempty" rdl:"optional" yaml:",omitempty"`

	//
	// List of source network traffic ports
	//
	SourcePorts []*TransportPolicyPort `json:"sourcePorts"`

	//
	// List of destination network traffic ports
	//
	DestinationPorts []*TransportPolicyPort `json:"destinationPorts"`

	//
	// Source or destination of the policy depending on direction
	//
	Peers []*TransportPolicySubject `json:"peers,omitempty" rdl:"optional" yaml:",omitempty"`
}

TransportPolicyRequest - Input to create a transport policy

func NewTransportPolicyRequest added in v1.11.47

func NewTransportPolicyRequest(init ...*TransportPolicyRequest) *TransportPolicyRequest

NewTransportPolicyRequest - creates an initialized TransportPolicyRequest instance, returns a pointer to it

func (*TransportPolicyRequest) Init added in v1.11.47

Init - sets up the instance according to its default field values, if any

func (*TransportPolicyRequest) UnmarshalJSON added in v1.11.47

func (self *TransportPolicyRequest) UnmarshalJSON(b []byte) error

UnmarshalJSON is defined for proper JSON decoding of a TransportPolicyRequest

func (*TransportPolicyRequest) Validate added in v1.11.47

func (self *TransportPolicyRequest) Validate() error

Validate - checks for missing required fields, etc

type TransportPolicyRules

type TransportPolicyRules struct {

	//
	// List of ingress rules
	//
	Ingress []*TransportPolicyIngressRule `json:"ingress"`

	//
	// List of egress rules
	//
	Egress []*TransportPolicyEgressRule `json:"egress"`
}

TransportPolicyRules - Transport policy containing ingress and egress rules

func NewTransportPolicyRules

func NewTransportPolicyRules(init ...*TransportPolicyRules) *TransportPolicyRules

NewTransportPolicyRules - creates an initialized TransportPolicyRules instance, returns a pointer to it

func (*TransportPolicyRules) Init

Init - sets up the instance according to its default field values, if any

func (*TransportPolicyRules) UnmarshalJSON

func (self *TransportPolicyRules) UnmarshalJSON(b []byte) error

UnmarshalJSON is defined for proper JSON decoding of a TransportPolicyRules

func (*TransportPolicyRules) Validate

func (self *TransportPolicyRules) Validate() error

Validate - checks for missing required fields, etc

type TransportPolicyScope added in v1.11.21

type TransportPolicyScope int

TransportPolicyScope - Scope of transport policy

const (
	ALL TransportPolicyScope
	ONPREM
	AWS
	GCP
)

TransportPolicyScope constants

func NewTransportPolicyScope added in v1.11.21

func NewTransportPolicyScope(init ...interface{}) TransportPolicyScope

NewTransportPolicyScope - return a string representation of the enum

func (TransportPolicyScope) MarshalJSON added in v1.11.21

func (e TransportPolicyScope) MarshalJSON() ([]byte, error)

MarshalJSON is defined for proper JSON encoding of a TransportPolicyScope

func (TransportPolicyScope) String added in v1.11.21

func (e TransportPolicyScope) String() string

String - return a string representation of the enum

func (TransportPolicyScope) SymbolSet added in v1.11.21

func (e TransportPolicyScope) SymbolSet() []string

SymbolSet - return an array of all valid string representations (symbols) of the enum

func (*TransportPolicyScope) UnmarshalJSON added in v1.11.21

func (e *TransportPolicyScope) UnmarshalJSON(b []byte) error

UnmarshalJSON is defined for proper JSON decoding of a TransportPolicyScope

type TransportPolicySubject

type TransportPolicySubject struct {

	//
	// Name of the domain
	//
	DomainName TransportPolicySubjectDomainName `json:"domainName"`

	//
	// Name of the service
	//
	ServiceName TransportPolicySubjectServiceName `json:"serviceName"`

	//
	// External peer ( not in Athenz )
	//
	ExternalPeer TransportPolicySubjectExternal `json:"externalPeer,omitempty" rdl:"optional" yaml:",omitempty"`
}

TransportPolicySubject - Subject for a transport policy

func NewTransportPolicySubject

func NewTransportPolicySubject(init ...*TransportPolicySubject) *TransportPolicySubject

NewTransportPolicySubject - creates an initialized TransportPolicySubject instance, returns a pointer to it

func (*TransportPolicySubject) UnmarshalJSON

func (self *TransportPolicySubject) UnmarshalJSON(b []byte) error

UnmarshalJSON is defined for proper JSON decoding of a TransportPolicySubject

func (*TransportPolicySubject) Validate

func (self *TransportPolicySubject) Validate() error

Validate - checks for missing required fields, etc

type TransportPolicySubjectDomainName added in v1.10.40

type TransportPolicySubjectDomainName string

TransportPolicySubjectDomainName - DomainName in TransportPolicySubject should allow * to indicate ANY

type TransportPolicySubjectExternal added in v1.11.50

type TransportPolicySubjectExternal string

TransportPolicySubjectExternal -

type TransportPolicySubjectSelectorRequirement added in v1.11.47

type TransportPolicySubjectSelectorRequirement struct {

	//
	// key that the selector applies to
	//
	Key string `json:"key"`

	//
	// Operator that is applied to the key and value
	//
	Operator string `json:"operator"`

	//
	// Value that the selector applies to
	//
	Value string `json:"value"`
}

TransportPolicySubjectSelectorRequirement - A subject selector requirement is a selector that contains value, a key, and an operator that relates the key and value.

func NewTransportPolicySubjectSelectorRequirement added in v1.11.47

func NewTransportPolicySubjectSelectorRequirement(init ...*TransportPolicySubjectSelectorRequirement) *TransportPolicySubjectSelectorRequirement

NewTransportPolicySubjectSelectorRequirement - creates an initialized TransportPolicySubjectSelectorRequirement instance, returns a pointer to it

func (*TransportPolicySubjectSelectorRequirement) UnmarshalJSON added in v1.11.47

func (self *TransportPolicySubjectSelectorRequirement) UnmarshalJSON(b []byte) error

UnmarshalJSON is defined for proper JSON decoding of a TransportPolicySubjectSelectorRequirement

func (*TransportPolicySubjectSelectorRequirement) Validate added in v1.11.47

Validate - checks for missing required fields, etc

type TransportPolicySubjectServiceName added in v1.10.40

type TransportPolicySubjectServiceName string

TransportPolicySubjectServiceName - ServiceName in TransportPolicySubject should allow * to indicate ANY

type TransportPolicyTrafficDirection added in v1.10.34

type TransportPolicyTrafficDirection int

TransportPolicyTrafficDirection - Types of transport policy traffic direction

const (
	INGRESS TransportPolicyTrafficDirection
	EGRESS
)

TransportPolicyTrafficDirection constants

func NewTransportPolicyTrafficDirection added in v1.10.34

func NewTransportPolicyTrafficDirection(init ...interface{}) TransportPolicyTrafficDirection

NewTransportPolicyTrafficDirection - return a string representation of the enum

func (TransportPolicyTrafficDirection) MarshalJSON added in v1.10.34

func (e TransportPolicyTrafficDirection) MarshalJSON() ([]byte, error)

MarshalJSON is defined for proper JSON encoding of a TransportPolicyTrafficDirection

func (TransportPolicyTrafficDirection) String added in v1.10.34

String - return a string representation of the enum

func (TransportPolicyTrafficDirection) SymbolSet added in v1.10.34

func (e TransportPolicyTrafficDirection) SymbolSet() []string

SymbolSet - return an array of all valid string representations (symbols) of the enum

func (*TransportPolicyTrafficDirection) UnmarshalJSON added in v1.10.34

func (e *TransportPolicyTrafficDirection) UnmarshalJSON(b []byte) error

UnmarshalJSON is defined for proper JSON decoding of a TransportPolicyTrafficDirection

type TransportPolicyValidationRequest added in v1.10.34

type TransportPolicyValidationRequest struct {

	//
	// Describes the entity to which this transport policy applies
	//
	EntitySelector *TransportPolicyEntitySelector `json:"entitySelector"`

	//
	// source or destination of the network traffic depending on direction
	//
	Peer *TransportPolicyPeer `json:"peer"`

	//
	// If present, assertion id associated with this transport policy
	//
	Id               *int64                          `json:"id,omitempty" rdl:"optional" yaml:",omitempty"`
	TrafficDirection TransportPolicyTrafficDirection `json:"trafficDirection"`
}

TransportPolicyValidationRequest - Transport policy request object to be validated

func NewTransportPolicyValidationRequest added in v1.10.34

func NewTransportPolicyValidationRequest(init ...*TransportPolicyValidationRequest) *TransportPolicyValidationRequest

NewTransportPolicyValidationRequest - creates an initialized TransportPolicyValidationRequest instance, returns a pointer to it

func (*TransportPolicyValidationRequest) Init added in v1.10.34

Init - sets up the instance according to its default field values, if any

func (*TransportPolicyValidationRequest) UnmarshalJSON added in v1.10.34

func (self *TransportPolicyValidationRequest) UnmarshalJSON(b []byte) error

UnmarshalJSON is defined for proper JSON decoding of a TransportPolicyValidationRequest

func (*TransportPolicyValidationRequest) Validate added in v1.10.34

func (self *TransportPolicyValidationRequest) Validate() error

Validate - checks for missing required fields, etc

type TransportPolicyValidationResponse added in v1.10.34

type TransportPolicyValidationResponse struct {
	Status TransportPolicyValidationStatus `json:"status"`
	Errors []string                        `json:"errors,omitempty" rdl:"optional" yaml:",omitempty"`

	//
	// most recent update timestamp in the backend
	//
	UpdateTime *rdl.Timestamp `json:"updateTime,omitempty" rdl:"optional" yaml:",omitempty"`

	//
	// If present, assertion id associated with the transport policy
	//
	Id *int64 `json:"id,omitempty" rdl:"optional" yaml:",omitempty"`
}

TransportPolicyValidationResponse - Response object of transport policy rule validation

func NewTransportPolicyValidationResponse added in v1.10.34

func NewTransportPolicyValidationResponse(init ...*TransportPolicyValidationResponse) *TransportPolicyValidationResponse

NewTransportPolicyValidationResponse - creates an initialized TransportPolicyValidationResponse instance, returns a pointer to it

func (*TransportPolicyValidationResponse) UnmarshalJSON added in v1.10.34

func (self *TransportPolicyValidationResponse) UnmarshalJSON(b []byte) error

UnmarshalJSON is defined for proper JSON decoding of a TransportPolicyValidationResponse

func (*TransportPolicyValidationResponse) Validate added in v1.10.34

func (self *TransportPolicyValidationResponse) Validate() error

Validate - checks for missing required fields, etc

type TransportPolicyValidationResponseList added in v1.10.40

type TransportPolicyValidationResponseList struct {

	//
	// list of transport policy validation response
	//
	ResponseList []*TransportPolicyValidationResponse `json:"responseList"`
}

TransportPolicyValidationResponseList - List of TransportPolicyValidationResponse

func NewTransportPolicyValidationResponseList added in v1.10.40

func NewTransportPolicyValidationResponseList(init ...*TransportPolicyValidationResponseList) *TransportPolicyValidationResponseList

NewTransportPolicyValidationResponseList - creates an initialized TransportPolicyValidationResponseList instance, returns a pointer to it

func (*TransportPolicyValidationResponseList) Init added in v1.10.40

Init - sets up the instance according to its default field values, if any

func (*TransportPolicyValidationResponseList) UnmarshalJSON added in v1.10.40

func (self *TransportPolicyValidationResponseList) UnmarshalJSON(b []byte) error

UnmarshalJSON is defined for proper JSON decoding of a TransportPolicyValidationResponseList

func (*TransportPolicyValidationResponseList) Validate added in v1.10.40

Validate - checks for missing required fields, etc

type TransportPolicyValidationStatus added in v1.10.34

type TransportPolicyValidationStatus int

TransportPolicyValidationStatus - Validation Status of transport policy vs network policy

const (
	VALID TransportPolicyValidationStatus
	INVALID
	PARTIAL
)

TransportPolicyValidationStatus constants

func NewTransportPolicyValidationStatus added in v1.10.34

func NewTransportPolicyValidationStatus(init ...interface{}) TransportPolicyValidationStatus

NewTransportPolicyValidationStatus - return a string representation of the enum

func (TransportPolicyValidationStatus) MarshalJSON added in v1.10.34

func (e TransportPolicyValidationStatus) MarshalJSON() ([]byte, error)

MarshalJSON is defined for proper JSON encoding of a TransportPolicyValidationStatus

func (TransportPolicyValidationStatus) String added in v1.10.34

String - return a string representation of the enum

func (TransportPolicyValidationStatus) SymbolSet added in v1.10.34

func (e TransportPolicyValidationStatus) SymbolSet() []string

SymbolSet - return an array of all valid string representations (symbols) of the enum

func (*TransportPolicyValidationStatus) UnmarshalJSON added in v1.10.34

func (e *TransportPolicyValidationStatus) UnmarshalJSON(b []byte) error

UnmarshalJSON is defined for proper JSON decoding of a TransportPolicyValidationStatus

type Workload added in v1.10.20

type Workload struct {

	//
	// name of the domain
	//
	DomainName DomainName `json:"domainName"`

	//
	// name of the service
	//
	ServiceName EntityName `json:"serviceName"`

	//
	// unique identifier for the workload, usually defined by provider
	//
	Uuid string `json:"uuid"`

	//
	// list of IP addresses associated with the workload, optional for
	// getWorkloadsByIP API call
	//
	IpAddresses []string `json:"ipAddresses"`

	//
	// hostname associated with the workload
	//
	Hostname string `json:"hostname"`

	//
	// infrastructure provider e.g. Kubernetes, AWS, Azure, openstack etc.
	//
	Provider string `json:"provider"`

	//
	// most recent update timestamp in the backend
	//
	UpdateTime rdl.Timestamp `json:"updateTime"`

	//
	// certificate expiry time (ex: getNotAfter)
	//
	CertExpiryTime rdl.Timestamp `json:"certExpiryTime"`

	//
	// certificate issue time (ex: getNotBefore)
	//
	CertIssueTime *rdl.Timestamp `json:"certIssueTime,omitempty" rdl:"optional" yaml:",omitempty"`
}

Workload - kept for backward compatibility sake. Will be eventually deprecated in favor of DynamicWorkload

func NewWorkload added in v1.10.20

func NewWorkload(init ...*Workload) *Workload

NewWorkload - creates an initialized Workload instance, returns a pointer to it

func (*Workload) Init added in v1.10.20

func (self *Workload) Init() *Workload

Init - sets up the instance according to its default field values, if any

func (*Workload) UnmarshalJSON added in v1.10.20

func (self *Workload) UnmarshalJSON(b []byte) error

UnmarshalJSON is defined for proper JSON decoding of a Workload

func (*Workload) Validate added in v1.10.20

func (self *Workload) Validate() error

Validate - checks for missing required fields, etc

type WorkloadOptions added in v1.10.26

type WorkloadOptions struct {

	//
	// boolean flag to signal a change in IP state
	//
	IpChanged bool `json:"ipChanged"`
}

WorkloadOptions -

func NewWorkloadOptions added in v1.10.26

func NewWorkloadOptions(init ...*WorkloadOptions) *WorkloadOptions

NewWorkloadOptions - creates an initialized WorkloadOptions instance, returns a pointer to it

func (*WorkloadOptions) UnmarshalJSON added in v1.10.26

func (self *WorkloadOptions) UnmarshalJSON(b []byte) error

UnmarshalJSON is defined for proper JSON decoding of a WorkloadOptions

func (*WorkloadOptions) Validate added in v1.10.26

func (self *WorkloadOptions) Validate() error

Validate - checks for missing required fields, etc

type Workloads added in v1.10.20

type Workloads struct {

	//
	// list of workloads
	//
	WorkloadList []*Workload `json:"workloadList"`

	//
	// list of dynamic workloads
	//
	DynamicWorkloadList []*DynamicWorkload `json:"dynamicWorkloadList,omitempty" rdl:"optional" yaml:",omitempty"`

	//
	// list of static workloads
	//
	StaticWorkloadList []*StaticWorkload `json:"staticWorkloadList,omitempty" rdl:"optional" yaml:",omitempty"`
}

Workloads - list of workloads

func NewWorkloads added in v1.10.20

func NewWorkloads(init ...*Workloads) *Workloads

NewWorkloads - creates an initialized Workloads instance, returns a pointer to it

func (*Workloads) Init added in v1.10.20

func (self *Workloads) Init() *Workloads

Init - sets up the instance according to its default field values, if any

func (*Workloads) UnmarshalJSON added in v1.10.20

func (self *Workloads) UnmarshalJSON(b []byte) error

UnmarshalJSON is defined for proper JSON decoding of a Workloads

func (*Workloads) Validate added in v1.10.20

func (self *Workloads) Validate() error

Validate - checks for missing required fields, etc

type YBase64

type YBase64 string

YBase64 - The Y-specific URL-safe Base64 variant.

type YEncoded

type YEncoded string

YEncoded - YEncoded includes ybase64 chars, as well as = and %. This can represent a user cookie and URL-encoded values.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL