v1

package
v0.71.4 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 2, 2021 License: Apache-2.0 Imports: 20 Imported by: 5

Documentation

Overview

Package security/v1 contains the API used to fetch security information.

Package v1 is a reverse proxy.

It translates gRPC into RESTful JSON APIs.

Index

Constants

View Source 
const (

	// EventTypeIPAllowlistCreated is the type of event fired after an IP allowlist has been created
	// SubjectID contains the ID of the allowlist.
	EventTypeIPAllowlistCreated = "security.ipallowlist.created"
	// EventTypeIPAllowlistUpdated is the type of event fired after an IP allowlist has been updated
	// SubjectID contains the ID of the allowlist.
	EventTypeIPAllowlistUpdated = "security.ipallowlist.updated"
	// EventTypeIPAllowlistDeleted is the type of event fired after an IP allowlist has been (marked for) deleted
	// SubjectID contains the ID of the allowlist.
	EventTypeIPAllowlistDeleted = "security.ipallowlist.deleted"
)
View Source 
const (

	// EventTypeIAMProviderCreated is the type of event fired after an IAM provider has been created
	// SubjectID contains the ID of the provider.
	EventTypeIAMProviderCreated = "security.iamprovider.created"
	// EventTypeIAMProviderUpdated is the type of event fired after an IAM provider has been updated
	// SubjectID contains the ID of the provider.
	EventTypeIAMProviderUpdated = "security.iamprovider.updated"
	// EventTypeIAMProviderDeleted is the type of event fired after an IAM provider has been (marked for) deleted
	// SubjectID contains the ID of the provider.
	EventTypeIAMProviderDeleted = "security.iamprovider.deleted"
)
View Source 
const (

	// PermissionIPAllowlistList is needed for listing IP allowlists in a project
	PermissionIPAllowlistList = "security.ipallowlist.list"
	// PermissionIPAllowlistGet is needed for fetching an individual IP allowlists in a project
	PermissionIPAllowlistGet = "security.ipallowlist.get"
	// PermissionIPAllowlistCreate is needed for create an IP allowlist
	PermissionIPAllowlistCreate = "security.ipallowlist.create"
	// PermissionIPAllowlistUpdate is needed for updating an IP allowlist
	PermissionIPAllowlistUpdate = "security.ipallowlist.update"
	// PermissionIPAllowlistDelete is needed for deleting an IP allowlist
	PermissionIPAllowlistDelete = "security.ipallowlist.delete"
)
View Source 
const (

	// PermissionIAMProviderList is needed for listing IAM providers in a project
	PermissionIAMProviderList = "security.iamprovider.list"
	// PermissionIAMProviderGet is needed for fetching an individual IAM providers in a project
	PermissionIAMProviderGet = "security.iamprovider.get"
	// PermissionIAMProviderCreate is needed for create an IAM provider
	PermissionIAMProviderCreate = "security.iamprovider.create"
	// PermissionIAMProviderUpdate is needed for updating an IAM provider
	PermissionIAMProviderUpdate = "security.iamprovider.update"
	// PermissionIAMProviderDelete is needed for deleting an IAM provider
	PermissionIAMProviderDelete = "security.iamprovider.delete"
	// PermissionIAMProviderSetDefault is needed for marking an IAM provider as the default in a project
	PermissionIAMProviderSetDefault = "security.iamprovider.set-default"
)
View Source 
const (
	// KindIPAllowlist is a constants for the kind of IPAllowlist resources.
	KindIPAllowlist = "IPAllowlist"
	// KindIAMProvider is a constants for the kind of IAMProvider resources.
	KindIAMProvider = "IAMProvider"
)
View Source 
const (
	// APIID contains identifier of this API
	APIID = "security/v1"
	// APIMajorVersion contains major version of this API
	APIMajorVersion = 2
	// APIMinorVersion contains minor version of this API
	APIMinorVersion = 1
	// APIPatchVersion contains patch version of this API
	APIPatchVersion = 1
)
View Source 
const (

	// IAMProviderTypeLDAP indicates an IAM provider of type LDAP
	IAMProviderTypeLDAP = "ldap"
)

Variables

View Source 
var (
	ErrInvalidLengthSecurity = fmt.Errorf("proto: negative length found during unmarshaling")
	ErrIntOverflowSecurity   = fmt.Errorf("proto: integer overflow")
)

Functions

func ForEachIPAllowlist added in v0.45.0 

func ForEachIPAllowlist(ctx context.Context, listFunc func(ctx context.Context, req *common.ListOptions) (*IPAllowlistList, error),
	opts *common.ListOptions, cb IPAllowlistCallback) error

ForEachIPAllowlist iterates over all IP allowlists in a project identified by given context ID, invoking the given callback for each IP allowlist.

func IAMProviderURL 

func IAMProviderURL(organizationID, projectID, iamproviderID string) string

IAMProviderURL creates a resource URL for the IAMProvider with given ID in given context.

func IPAllowlistURL added in v0.45.0 

func IPAllowlistURL(organizationID, projectID, ipallowlistID string) string

IPAllowlistURL creates a resource URL for the IPAllowlist with given ID in given context.

func RegisterSecurityServiceHandler 

func RegisterSecurityServiceHandler(ctx context.Context, mux *runtime.ServeMux, conn *grpc.ClientConn) error

RegisterSecurityServiceHandler registers the http handlers for service SecurityService to "mux". The handlers forward requests to the grpc endpoint over "conn".

func RegisterSecurityServiceHandlerClient 

func RegisterSecurityServiceHandlerClient(ctx context.Context, mux *runtime.ServeMux, client SecurityServiceClient) error

RegisterSecurityServiceHandlerClient registers the http handlers for service SecurityService to "mux". The handlers forward requests to the grpc endpoint over the given implementation of "SecurityServiceClient". Note: the gRPC framework executes interceptors within the gRPC handler. If the passed in "SecurityServiceClient" doesn't go through the normal gRPC flow (creating a gRPC client etc.) then it will be up to the passed in "SecurityServiceClient" to call the correct interceptors.

func RegisterSecurityServiceHandlerFromEndpoint 

func RegisterSecurityServiceHandlerFromEndpoint(ctx context.Context, mux *runtime.ServeMux, endpoint string, opts []grpc.DialOption) (err error)

RegisterSecurityServiceHandlerFromEndpoint is same as RegisterSecurityServiceHandler but automatically dials to "endpoint" and closes the connection when "ctx" gets done.

func RegisterSecurityServiceHandlerServer 

func RegisterSecurityServiceHandlerServer(ctx context.Context, mux *runtime.ServeMux, server SecurityServiceServer) error

RegisterSecurityServiceHandlerServer registers the http handlers for service SecurityService to "mux". UnaryRPC :call SecurityServiceServer directly. StreamingRPC :currently unsupported pending https://github.com/grpc/grpc-go/issues/906.

func RegisterSecurityServiceServer 

func RegisterSecurityServiceServer(s *grpc.Server, srv SecurityServiceServer)

Types

type IAMProvider 

type IAMProvider struct {
	// System identifier of the provider.
	// This is a read-only value.
	Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
	// URL of the provider.
	// This is a read-only value.
	Url string `protobuf:"bytes,2,opt,name=url,proto3" json:"url,omitempty"`
	// Name of the provider.
	Name string `protobuf:"bytes,3,opt,name=name,proto3" json:"name,omitempty"`
	// Description of the provider.
	Description string `protobuf:"bytes,4,opt,name=description,proto3" json:"description,omitempty"`
	// Identifier of the project that contains this provider.
	ProjectId string `protobuf:"bytes,5,opt,name=project_id,json=projectId,proto3" json:"project_id,omitempty"`
	// Type of provider
	Type string `protobuf:"bytes,6,opt,name=type,proto3" json:"type,omitempty"`
	// The creation timestamp of this provider.
	// This is a read-only value.
	CreatedAt *types.Timestamp `protobuf:"bytes,7,opt,name=created_at,json=createdAt,proto3" json:"created_at,omitempty"`
	// The deletion timestamp of the provider
	// This is a read-only value.
	DeletedAt *types.Timestamp `protobuf:"bytes,8,opt,name=deleted_at,json=deletedAt,proto3" json:"deleted_at,omitempty"`
	// Set when this provider is deleted.
	// This is a read-only value.
	IsDeleted bool `protobuf:"varint,9,opt,name=is_deleted,json=isDeleted,proto3" json:"is_deleted,omitempty"`
	// Identifier of the user who created this provider.
	// This is a read-only value.
	CreatedById string `protobuf:"bytes,10,opt,name=created_by_id,json=createdById,proto3" json:"created_by_id,omitempty"`
	// Set when this provider is the default in its project.
	// This is a read-only value.
	IsDefault bool `protobuf:"varint,11,opt,name=is_default,json=isDefault,proto3" json:"is_default,omitempty"`
	// If set, this IAM provider cannot be deleted.
	// To delete, first update the with locked set to false.
	Locked               bool                      `protobuf:"varint,12,opt,name=locked,proto3" json:"locked,omitempty"`
	LdapSettings         *IAMProvider_LDAPSettings `protobuf:"bytes,101,opt,name=ldap_settings,json=ldapSettings,proto3" json:"ldap_settings,omitempty"`
	XXX_NoUnkeyedLiteral struct{}                  `json:"-"`
	XXX_unrecognized     []byte                    `json:"-"`
	XXX_sizecache        int32                     `json:"-"`
}

IAMProvider provides configuration for a custom Identity & Access management provider for deployments.

func (*IAMProvider) Descriptor 

func (*IAMProvider) Descriptor() ([]byte, []int)

func (*IAMProvider) GetCreatedAt 

func (m *IAMProvider) GetCreatedAt() *types.Timestamp

func (*IAMProvider) GetCreatedById 

func (m *IAMProvider) GetCreatedById() string

func (*IAMProvider) GetDeletedAt 

func (m *IAMProvider) GetDeletedAt() *types.Timestamp

func (*IAMProvider) GetDescription 

func (m *IAMProvider) GetDescription() string

func (*IAMProvider) GetId 

func (m *IAMProvider) GetId() string

func (*IAMProvider) GetIsDefault 

func (m *IAMProvider) GetIsDefault() bool

func (*IAMProvider) GetIsDeleted 

func (m *IAMProvider) GetIsDeleted() bool

func (*IAMProvider) GetLdapSettings 

func (m *IAMProvider) GetLdapSettings() *IAMProvider_LDAPSettings

func (*IAMProvider) GetLocked added in v0.47.0 

func (m *IAMProvider) GetLocked() bool

func (*IAMProvider) GetName 

func (m *IAMProvider) GetName() string

func (*IAMProvider) GetProjectId 

func (m *IAMProvider) GetProjectId() string

func (*IAMProvider) GetType 

func (m *IAMProvider) GetType() string

func (*IAMProvider) GetUrl 

func (m *IAMProvider) GetUrl() string

func (*IAMProvider) Marshal 

func (m *IAMProvider) Marshal() (dAtA []byte, err error)

func (*IAMProvider) MarshalTo 

func (m *IAMProvider) MarshalTo(dAtA []byte) (int, error)

func (*IAMProvider) MarshalToSizedBuffer 

func (m *IAMProvider) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*IAMProvider) ProtoMessage 

func (*IAMProvider) ProtoMessage()

func (*IAMProvider) Reset 

func (m *IAMProvider) Reset()

func (*IAMProvider) Size 

func (m *IAMProvider) Size() (n int)

func (*IAMProvider) String 

func (m *IAMProvider) String() string

func (*IAMProvider) Unmarshal 

func (m *IAMProvider) Unmarshal(dAtA []byte) error

func (*IAMProvider) XXX_DiscardUnknown 

func (m *IAMProvider) XXX_DiscardUnknown()

func (*IAMProvider) XXX_Marshal 

func (m *IAMProvider) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*IAMProvider) XXX_Merge 

func (m *IAMProvider) XXX_Merge(src proto.Message)

func (*IAMProvider) XXX_Size 

func (m *IAMProvider) XXX_Size() int

func (*IAMProvider) XXX_Unmarshal 

func (m *IAMProvider) XXX_Unmarshal(b []byte) error

type IAMProviderList 

type IAMProviderList struct {
	Items                []*IAMProvider `protobuf:"bytes,1,rep,name=items,proto3" json:"items,omitempty"`
	XXX_NoUnkeyedLiteral struct{}       `json:"-"`
	XXX_unrecognized     []byte         `json:"-"`
	XXX_sizecache        int32          `json:"-"`
}

List of IAM providers.

func (*IAMProviderList) Descriptor 

func (*IAMProviderList) Descriptor() ([]byte, []int)

func (*IAMProviderList) GetItems 

func (m *IAMProviderList) GetItems() []*IAMProvider

func (*IAMProviderList) Marshal 

func (m *IAMProviderList) Marshal() (dAtA []byte, err error)

func (*IAMProviderList) MarshalTo 

func (m *IAMProviderList) MarshalTo(dAtA []byte) (int, error)

func (*IAMProviderList) MarshalToSizedBuffer 

func (m *IAMProviderList) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*IAMProviderList) ProtoMessage 

func (*IAMProviderList) ProtoMessage()

func (*IAMProviderList) Reset 

func (m *IAMProviderList) Reset()

func (*IAMProviderList) Size 

func (m *IAMProviderList) Size() (n int)

func (*IAMProviderList) String 

func (m *IAMProviderList) String() string

func (*IAMProviderList) Unmarshal 

func (m *IAMProviderList) Unmarshal(dAtA []byte) error

func (*IAMProviderList) XXX_DiscardUnknown 

func (m *IAMProviderList) XXX_DiscardUnknown()

func (*IAMProviderList) XXX_Marshal 

func (m *IAMProviderList) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*IAMProviderList) XXX_Merge 

func (m *IAMProviderList) XXX_Merge(src proto.Message)

func (*IAMProviderList) XXX_Size 

func (m *IAMProviderList) XXX_Size() int

func (*IAMProviderList) XXX_Unmarshal 

func (m *IAMProviderList) XXX_Unmarshal(b []byte) error

type IAMProvider_LDAPSettings 

type IAMProvider_LDAPSettings struct {
	// Hostname or IP address of the server
	Server string `protobuf:"bytes,1,opt,name=server,proto3" json:"server,omitempty"`
	// Port number of the server (defaults to 389)
	Port int32 `protobuf:"varint,2,opt,name=port,proto3" json:"port,omitempty"`
	// Base distinguished name under which the search takes place
	BaseDistinguishedName string `` /* 126-byte string literal not displayed */
	// distinguished name for a read-only LDAP user to which ArangoDB can bind to search the LDAP server
	BindDistinguishedName string `` /* 126-byte string literal not displayed */
	// Password name for a read-only LDAP user to which ArangoDB can bind to search the LDAP server.
	// This is a set-only field. During get/list requests, this field will be empty.
	BindPassword string `protobuf:"bytes,5,opt,name=bind_password,json=bindPassword,proto3" json:"bind_password,omitempty"`
	// Refresh rate in seconds (defaults to 300)
	RefreshRate int32 `protobuf:"varint,6,opt,name=refresh_rate,json=refreshRate,proto3" json:"refresh_rate,omitempty"`
	// PEM encoded version of the CA certificate used by the LDAP server.
	TlsCaCertificatePem string `protobuf:"bytes,10,opt,name=tls_ca_certificate_pem,json=tlsCaCertificatePem,proto3" json:"tls_ca_certificate_pem,omitempty"`
	// If set, calls into the underlying LDAP library are serialized.
	// This option can be used to work around thread-unsafe LDAP library functionality.
	Serialized bool `protobuf:"varint,20,opt,name=serialized,proto3" json:"serialized,omitempty"`
	// Timeout (in seconds) used when waiting to enter the LDAP library call serialization lock.
	// This is only meaningful when serialized has been set to true.
	SerializeTimeoutSec int32 `protobuf:"varint,21,opt,name=serialize_timeout_sec,json=serializeTimeoutSec,proto3" json:"serialize_timeout_sec,omitempty"`
	// Number of retries to attempt a connection to the LDAP server.
	// Setting this to values greater than zero will make ArangoDB retry to contact the
	// LDAP server in case no connection can be made initially.
	Retries int32 `protobuf:"varint,22,opt,name=retries,proto3" json:"retries,omitempty"`
	// If set, the LDAP library will implicitly restart connections.
	Restart bool `protobuf:"varint,23,opt,name=restart,proto3" json:"restart,omitempty"`
	// If set, the LDAP library will implicitly chase referrals.
	Referrals bool `protobuf:"varint,24,opt,name=referrals,proto3" json:"referrals,omitempty"`
	// Timeout value (in seconds) for synchronous LDAP API calls (a value of 0 means default timeout).
	TimeoutSec int32 `protobuf:"varint,25,opt,name=timeout_sec,json=timeoutSec,proto3" json:"timeout_sec,omitempty"`
	// Timeout value (in seconds) after which network operations following the initial
	// connection return in case of no activity (a value of 0 means default timeout).
	NetworkTimeoutSec int32 `protobuf:"varint,26,opt,name=network_timeout_sec,json=networkTimeoutSec,proto3" json:"network_timeout_sec,omitempty"`
	// If set, the LDAP library will connect asynchronously.
	AsyncConnect bool `protobuf:"varint,27,opt,name=async_connect,json=asyncConnect,proto3" json:"async_connect,omitempty"`
	// Prefix for simple authentication
	Prefix string `protobuf:"bytes,100,opt,name=prefix,proto3" json:"prefix,omitempty"`
	// Suffix for simple authentication
	Suffix string `protobuf:"bytes,101,opt,name=suffix,proto3" json:"suffix,omitempty"`
	// LDAP search scope with possible values "base" (just search the base distinguished name),
	// "sub" (recursive search under the base distinguished name) or
	// "one" (search the base’s immediate children) (default: "sub").
	SearchScope string `protobuf:"bytes,200,opt,name=search_scope,json=searchScope,proto3" json:"search_scope,omitempty"`
	// LDAP filter expression which limits the set of LDAP users being considered
	// (default: "objectClass=*"" which means all objects).
	SearchFilter string `protobuf:"bytes,201,opt,name=search_filter,json=searchFilter,proto3" json:"search_filter,omitempty"`
	// Specifies the attribute in the user objects which is used to match the ArangoDB user name (default: "uid").
	SearchAttribute string `protobuf:"bytes,202,opt,name=search_attribute,json=searchAttribute,proto3" json:"search_attribute,omitempty"`
	// If set, this field specifies the name of the attribute used to fetch the roles of a user.
	RolesAttributeName string `protobuf:"bytes,300,opt,name=roles_attribute_name,json=rolesAttributeName,proto3" json:"roles_attribute_name,omitempty"`
	// If set, then the string {USER} in the value of this field is replaced with the distinguished
	// name of the authenticated LDAP user and the resulting search expression is used to
	// match distinguished names of LDAP objects representing roles of that user.
	RolesSearch string `protobuf:"bytes,301,opt,name=roles_search,json=rolesSearch,proto3" json:"roles_search,omitempty"`
	// Regular expression that is used to filter roles.
	// Only roles that match the regular expression are used.
	RolesInclude string `protobuf:"bytes,400,opt,name=roles_include,json=rolesInclude,proto3" json:"roles_include,omitempty"`
	// Regular expression that is used to filter roles.
	// Only roles that do not match the regular expression are used.
	RolesExclude string `protobuf:"bytes,401,opt,name=roles_exclude,json=rolesExclude,proto3" json:"roles_exclude,omitempty"`
	// A regular expression in the format of a replacement text (/re/text/).
	// This regular expression is applied to the role name found.
	// This is especially useful in the roles-search variant to extract the real role name out of the dn value.
	RolesTransformation string `protobuf:"bytes,402,opt,name=roles_transformation,json=rolesTransformation,proto3" json:"roles_transformation,omitempty"`
	// Name of role associated with the superuser.
	// Any user belonging to this role gains superuser status.
	// This role is checked after applying the roles_transformation expression.
	SuperUserRole        string   `protobuf:"bytes,403,opt,name=super_user_role,json=superUserRole,proto3" json:"super_user_role,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

LDAP provider specific settings

func (*IAMProvider_LDAPSettings) Descriptor 

func (*IAMProvider_LDAPSettings) Descriptor() ([]byte, []int)

func (*IAMProvider_LDAPSettings) GetAsyncConnect 

func (m *IAMProvider_LDAPSettings) GetAsyncConnect() bool

func (*IAMProvider_LDAPSettings) GetBaseDistinguishedName 

func (m *IAMProvider_LDAPSettings) GetBaseDistinguishedName() string

func (*IAMProvider_LDAPSettings) GetBindDistinguishedName 

func (m *IAMProvider_LDAPSettings) GetBindDistinguishedName() string

func (*IAMProvider_LDAPSettings) GetBindPassword 

func (m *IAMProvider_LDAPSettings) GetBindPassword() string

func (*IAMProvider_LDAPSettings) GetNetworkTimeoutSec 

func (m *IAMProvider_LDAPSettings) GetNetworkTimeoutSec() int32

func (*IAMProvider_LDAPSettings) GetPort 

func (m *IAMProvider_LDAPSettings) GetPort() int32

func (*IAMProvider_LDAPSettings) GetPrefix 

func (m *IAMProvider_LDAPSettings) GetPrefix() string

func (*IAMProvider_LDAPSettings) GetReferrals 

func (m *IAMProvider_LDAPSettings) GetReferrals() bool

func (*IAMProvider_LDAPSettings) GetRefreshRate 

func (m *IAMProvider_LDAPSettings) GetRefreshRate() int32

func (*IAMProvider_LDAPSettings) GetRestart 

func (m *IAMProvider_LDAPSettings) GetRestart() bool

func (*IAMProvider_LDAPSettings) GetRetries 

func (m *IAMProvider_LDAPSettings) GetRetries() int32

func (*IAMProvider_LDAPSettings) GetRolesAttributeName 

func (m *IAMProvider_LDAPSettings) GetRolesAttributeName() string

func (*IAMProvider_LDAPSettings) GetRolesExclude 

func (m *IAMProvider_LDAPSettings) GetRolesExclude() string

func (*IAMProvider_LDAPSettings) GetRolesInclude 

func (m *IAMProvider_LDAPSettings) GetRolesInclude() string

func (*IAMProvider_LDAPSettings) GetRolesSearch 

func (m *IAMProvider_LDAPSettings) GetRolesSearch() string

func (*IAMProvider_LDAPSettings) GetRolesTransformation 

func (m *IAMProvider_LDAPSettings) GetRolesTransformation() string

func (*IAMProvider_LDAPSettings) GetSearchAttribute 

func (m *IAMProvider_LDAPSettings) GetSearchAttribute() string

func (*IAMProvider_LDAPSettings) GetSearchFilter 

func (m *IAMProvider_LDAPSettings) GetSearchFilter() string

func (*IAMProvider_LDAPSettings) GetSearchScope 

func (m *IAMProvider_LDAPSettings) GetSearchScope() string

func (*IAMProvider_LDAPSettings) GetSerializeTimeoutSec 

func (m *IAMProvider_LDAPSettings) GetSerializeTimeoutSec() int32

func (*IAMProvider_LDAPSettings) GetSerialized 

func (m *IAMProvider_LDAPSettings) GetSerialized() bool

func (*IAMProvider_LDAPSettings) GetServer 

func (m *IAMProvider_LDAPSettings) GetServer() string

func (*IAMProvider_LDAPSettings) GetSuffix 

func (m *IAMProvider_LDAPSettings) GetSuffix() string

func (*IAMProvider_LDAPSettings) GetSuperUserRole 

func (m *IAMProvider_LDAPSettings) GetSuperUserRole() string

func (*IAMProvider_LDAPSettings) GetTimeoutSec 

func (m *IAMProvider_LDAPSettings) GetTimeoutSec() int32

func (*IAMProvider_LDAPSettings) GetTlsCaCertificatePem 

func (m *IAMProvider_LDAPSettings) GetTlsCaCertificatePem() string

func (*IAMProvider_LDAPSettings) Marshal 

func (m *IAMProvider_LDAPSettings) Marshal() (dAtA []byte, err error)

func (*IAMProvider_LDAPSettings) MarshalTo 

func (m *IAMProvider_LDAPSettings) MarshalTo(dAtA []byte) (int, error)

func (*IAMProvider_LDAPSettings) MarshalToSizedBuffer 

func (m *IAMProvider_LDAPSettings) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*IAMProvider_LDAPSettings) ProtoMessage 

func (*IAMProvider_LDAPSettings) ProtoMessage()

func (*IAMProvider_LDAPSettings) Reset 

func (m *IAMProvider_LDAPSettings) Reset()

func (*IAMProvider_LDAPSettings) Size 

func (m *IAMProvider_LDAPSettings) Size() (n int)

func (*IAMProvider_LDAPSettings) String 

func (m *IAMProvider_LDAPSettings) String() string

func (*IAMProvider_LDAPSettings) Unmarshal 

func (m *IAMProvider_LDAPSettings) Unmarshal(dAtA []byte) error

func (*IAMProvider_LDAPSettings) XXX_DiscardUnknown 

func (m *IAMProvider_LDAPSettings) XXX_DiscardUnknown()

func (*IAMProvider_LDAPSettings) XXX_Marshal 

func (m *IAMProvider_LDAPSettings) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*IAMProvider_LDAPSettings) XXX_Merge 

func (m *IAMProvider_LDAPSettings) XXX_Merge(src proto.Message)

func (*IAMProvider_LDAPSettings) XXX_Size 

func (m *IAMProvider_LDAPSettings) XXX_Size() int

func (*IAMProvider_LDAPSettings) XXX_Unmarshal 

func (m *IAMProvider_LDAPSettings) XXX_Unmarshal(b []byte) error

type IPAllowlist added in v0.45.0 

type IPAllowlist struct {
	// System identifier of the allowlist.
	// This is a read-only value.
	Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
	// URL of the allowlist.
	// This is a read-only value.
	Url string `protobuf:"bytes,2,opt,name=url,proto3" json:"url,omitempty"`
	// Name of the allowlist.
	Name string `protobuf:"bytes,3,opt,name=name,proto3" json:"name,omitempty"`
	// Description of the allowlist.
	Description string `protobuf:"bytes,4,opt,name=description,proto3" json:"description,omitempty"`
	// Identifier of the project that contains this allowlist.
	ProjectId string `protobuf:"bytes,5,opt,name=project_id,json=projectId,proto3" json:"project_id,omitempty"`
	// List of CIDR ranges.
	// Values must follow format as defined in RFC 4632 and RFC 4291.
	CidrRanges []string `protobuf:"bytes,6,rep,name=cidr_ranges,json=cidrRanges,proto3" json:"cidr_ranges,omitempty"`
	// The creation timestamp of this allowlist.
	// This is a read-only value.
	CreatedAt *types.Timestamp `protobuf:"bytes,7,opt,name=created_at,json=createdAt,proto3" json:"created_at,omitempty"`
	// The deletion timestamp of the allowlist
	// This is a read-only value.
	DeletedAt *types.Timestamp `protobuf:"bytes,8,opt,name=deleted_at,json=deletedAt,proto3" json:"deleted_at,omitempty"`
	// Set when this allowlist is deleted.
	// This is a read-only value.
	IsDeleted bool `protobuf:"varint,9,opt,name=is_deleted,json=isDeleted,proto3" json:"is_deleted,omitempty"`
	// Identifier of the user who created this allowlist.
	// This is a read-only value.
	CreatedById string `protobuf:"bytes,10,opt,name=created_by_id,json=createdById,proto3" json:"created_by_id,omitempty"`
	// If set, this allow list cannot be deleted.
	// To delete, first update the with locked set to false.
	Locked bool `protobuf:"varint,11,opt,name=locked,proto3" json:"locked,omitempty"`
	// The list of warnings which are related to the IP allow list.
	// This is a read-only value.
	Warnings []string `protobuf:"bytes,12,rep,name=warnings,proto3" json:"warnings,omitempty"`
	// If set, a few additional IP addresses are added to allow for remote
	// connectivity inspection of the deployment by the Oasis platform.
	RemoteInspectionAllowed bool     `` /* 134-byte string literal not displayed */
	XXX_NoUnkeyedLiteral    struct{} `json:"-"`
	XXX_unrecognized        []byte   `json:"-"`
	XXX_sizecache           int32    `json:"-"`
}

IPAllowlist represents a list of CIDR ranges from which a deployment is accessible.

func (*IPAllowlist) Descriptor added in v0.45.0 

func (*IPAllowlist) Descriptor() ([]byte, []int)

func (*IPAllowlist) GetCidrRanges added in v0.45.0 

func (m *IPAllowlist) GetCidrRanges() []string

func (*IPAllowlist) GetCreatedAt added in v0.45.0 

func (m *IPAllowlist) GetCreatedAt() *types.Timestamp

func (*IPAllowlist) GetCreatedById added in v0.45.0 

func (m *IPAllowlist) GetCreatedById() string

func (*IPAllowlist) GetDeletedAt added in v0.45.0 

func (m *IPAllowlist) GetDeletedAt() *types.Timestamp

func (*IPAllowlist) GetDescription added in v0.45.0 

func (m *IPAllowlist) GetDescription() string

func (*IPAllowlist) GetId added in v0.45.0 

func (m *IPAllowlist) GetId() string

func (*IPAllowlist) GetIsDeleted added in v0.45.0 

func (m *IPAllowlist) GetIsDeleted() bool

func (*IPAllowlist) GetLocked added in v0.47.0 

func (m *IPAllowlist) GetLocked() bool

func (*IPAllowlist) GetName added in v0.45.0 

func (m *IPAllowlist) GetName() string

func (*IPAllowlist) GetProjectId added in v0.45.0 

func (m *IPAllowlist) GetProjectId() string

func (*IPAllowlist) GetRemoteInspectionAllowed added in v0.70.7 

func (m *IPAllowlist) GetRemoteInspectionAllowed() bool

func (*IPAllowlist) GetUrl added in v0.45.0 

func (m *IPAllowlist) GetUrl() string

func (*IPAllowlist) GetWarnings added in v0.56.0 

func (m *IPAllowlist) GetWarnings() []string

func (*IPAllowlist) Marshal added in v0.45.0 

func (m *IPAllowlist) Marshal() (dAtA []byte, err error)

func (*IPAllowlist) MarshalTo added in v0.45.0 

func (m *IPAllowlist) MarshalTo(dAtA []byte) (int, error)

func (*IPAllowlist) MarshalToSizedBuffer added in v0.45.0 

func (m *IPAllowlist) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*IPAllowlist) ProtoMessage added in v0.45.0 

func (*IPAllowlist) ProtoMessage()

func (*IPAllowlist) Reset added in v0.45.0 

func (m *IPAllowlist) Reset()

func (*IPAllowlist) Size added in v0.45.0 

func (m *IPAllowlist) Size() (n int)

func (*IPAllowlist) String added in v0.45.0 

func (m *IPAllowlist) String() string

func (*IPAllowlist) Unmarshal added in v0.45.0 

func (m *IPAllowlist) Unmarshal(dAtA []byte) error

func (*IPAllowlist) XXX_DiscardUnknown added in v0.45.0 

func (m *IPAllowlist) XXX_DiscardUnknown()

func (*IPAllowlist) XXX_Marshal added in v0.45.0 

func (m *IPAllowlist) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*IPAllowlist) XXX_Merge added in v0.45.0 

func (m *IPAllowlist) XXX_Merge(src proto.Message)

func (*IPAllowlist) XXX_Size added in v0.45.0 

func (m *IPAllowlist) XXX_Size() int

func (*IPAllowlist) XXX_Unmarshal added in v0.45.0 

func (m *IPAllowlist) XXX_Unmarshal(b []byte) error

type IPAllowlistCallback added in v0.45.0 

type IPAllowlistCallback func(context.Context, *IPAllowlist) error

IPAllowlistCallback is a callback for individual IP allowlist.

type IPAllowlistList added in v0.45.0 

type IPAllowlistList struct {
	Items                []*IPAllowlist `protobuf:"bytes,1,rep,name=items,proto3" json:"items,omitempty"`
	XXX_NoUnkeyedLiteral struct{}       `json:"-"`
	XXX_unrecognized     []byte         `json:"-"`
	XXX_sizecache        int32          `json:"-"`
}

List of IP allowlists.

func (*IPAllowlistList) Descriptor added in v0.45.0 

func (*IPAllowlistList) Descriptor() ([]byte, []int)

func (*IPAllowlistList) GetItems added in v0.45.0 

func (m *IPAllowlistList) GetItems() []*IPAllowlist

func (*IPAllowlistList) Marshal added in v0.45.0 

func (m *IPAllowlistList) Marshal() (dAtA []byte, err error)

func (*IPAllowlistList) MarshalTo added in v0.45.0 

func (m *IPAllowlistList) MarshalTo(dAtA []byte) (int, error)

func (*IPAllowlistList) MarshalToSizedBuffer added in v0.45.0 

func (m *IPAllowlistList) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*IPAllowlistList) ProtoMessage added in v0.45.0 

func (*IPAllowlistList) ProtoMessage()

func (*IPAllowlistList) Reset added in v0.45.0 

func (m *IPAllowlistList) Reset()

func (*IPAllowlistList) Size added in v0.45.0 

func (m *IPAllowlistList) Size() (n int)

func (*IPAllowlistList) String added in v0.45.0 

func (m *IPAllowlistList) String() string

func (*IPAllowlistList) Unmarshal added in v0.45.0 

func (m *IPAllowlistList) Unmarshal(dAtA []byte) error

func (*IPAllowlistList) XXX_DiscardUnknown added in v0.45.0 

func (m *IPAllowlistList) XXX_DiscardUnknown()

func (*IPAllowlistList) XXX_Marshal added in v0.45.0 

func (m *IPAllowlistList) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*IPAllowlistList) XXX_Merge added in v0.45.0 

func (m *IPAllowlistList) XXX_Merge(src proto.Message)

func (*IPAllowlistList) XXX_Size added in v0.45.0 

func (m *IPAllowlistList) XXX_Size() int

func (*IPAllowlistList) XXX_Unmarshal added in v0.45.0 

func (m *IPAllowlistList) XXX_Unmarshal(b []byte) error

type SecurityServiceClient 

type SecurityServiceClient interface {
	// Get the current API version of this service.
	// Required permissions:
	// - None
	GetAPIVersion(ctx context.Context, in *v1.Empty, opts ...grpc.CallOption) (*v1.Version, error)
	// Fetch all IP allowlists that belong to the project identified by the given
	// context ID.
	// Required permissions:
	// - security.ipallowlist.list on the project identified by the given context ID.
	ListIPAllowlists(ctx context.Context, in *v1.ListOptions, opts ...grpc.CallOption) (*IPAllowlistList, error)
	// Fetch an IP allowlist by its id.
	// Required permissions:
	// - security.ipallowlist.get on the IP allowlist
	GetIPAllowlist(ctx context.Context, in *v1.IDOptions, opts ...grpc.CallOption) (*IPAllowlist, error)
	// Create a new IP allowlist
	// Required permissions:
	// - security.ipallowlist.create on the project that owns the IP allowlist.
	CreateIPAllowlist(ctx context.Context, in *IPAllowlist, opts ...grpc.CallOption) (*IPAllowlist, error)
	// Update an IP allowlist
	// Required permissions:
	// - security.ipallowlist.update on the IP allowlist
	UpdateIPAllowlist(ctx context.Context, in *IPAllowlist, opts ...grpc.CallOption) (*IPAllowlist, error)
	// Delete an IP allowlist.
	// Note that IP allowlists are initially only marked for deletion.
	// Once all their dependent deployments are removed, the allowlist is removed.
	// Required permissions:
	// - security.ipallowlist.delete on the IP allowlist
	DeleteIPAllowlist(ctx context.Context, in *v1.IDOptions, opts ...grpc.CallOption) (*v1.Empty, error)
	// Fetch all IAM providers that belong to the project identified by the given
	// context ID.
	// Required permissions:
	// - security.iamprovider.list on the project identified by the given context ID.
	ListIAMProviders(ctx context.Context, in *v1.ListOptions, opts ...grpc.CallOption) (*IAMProviderList, error)
	// Fetch an IAM provider by its id.
	// Required permissions:
	// - security.iamprovider.get on the IAM provider
	GetIAMProvider(ctx context.Context, in *v1.IDOptions, opts ...grpc.CallOption) (*IAMProvider, error)
	// Create a new IAM provider
	// Required permissions:
	// - security.iamprovider.create on the project that owns the IAM provider.
	CreateIAMProvider(ctx context.Context, in *IAMProvider, opts ...grpc.CallOption) (*IAMProvider, error)
	// Update an IAM provider
	// Required permissions:
	// - security.iamprovider.update on the IAM provider
	UpdateIAMProvider(ctx context.Context, in *IAMProvider, opts ...grpc.CallOption) (*IAMProvider, error)
	// Delete an IAM provider.
	// Note that IAM providers are initially only marked for deletion.
	// Once all their dependent deployments are removed, the provider is removed.
	// Required permissions:
	// - security.iamprovider.delete on the IP whitelist
	DeleteIAMProvider(ctx context.Context, in *v1.IDOptions, opts ...grpc.CallOption) (*v1.Empty, error)
	// Mark the given IAM provider as default for its containing project.
	// Required permissions:
	// - security.iamprovider.set-default on the project that owns the provider.
	SetDefaultIAMProvider(ctx context.Context, in *IAMProvider, opts ...grpc.CallOption) (*v1.Empty, error)
}

SecurityServiceClient is the client API for SecurityService service.

For semantics around ctx use and closing/ending streaming RPCs, please refer to https://godoc.org/google.golang.org/grpc#ClientConn.NewStream.

func NewSecurityServiceClient 

func NewSecurityServiceClient(cc *grpc.ClientConn) SecurityServiceClient

type SecurityServiceServer 

type SecurityServiceServer interface {
	// Get the current API version of this service.
	// Required permissions:
	// - None
	GetAPIVersion(context.Context, *v1.Empty) (*v1.Version, error)
	// Fetch all IP allowlists that belong to the project identified by the given
	// context ID.
	// Required permissions:
	// - security.ipallowlist.list on the project identified by the given context ID.
	ListIPAllowlists(context.Context, *v1.ListOptions) (*IPAllowlistList, error)
	// Fetch an IP allowlist by its id.
	// Required permissions:
	// - security.ipallowlist.get on the IP allowlist
	GetIPAllowlist(context.Context, *v1.IDOptions) (*IPAllowlist, error)
	// Create a new IP allowlist
	// Required permissions:
	// - security.ipallowlist.create on the project that owns the IP allowlist.
	CreateIPAllowlist(context.Context, *IPAllowlist) (*IPAllowlist, error)
	// Update an IP allowlist
	// Required permissions:
	// - security.ipallowlist.update on the IP allowlist
	UpdateIPAllowlist(context.Context, *IPAllowlist) (*IPAllowlist, error)
	// Delete an IP allowlist.
	// Note that IP allowlists are initially only marked for deletion.
	// Once all their dependent deployments are removed, the allowlist is removed.
	// Required permissions:
	// - security.ipallowlist.delete on the IP allowlist
	DeleteIPAllowlist(context.Context, *v1.IDOptions) (*v1.Empty, error)
	// Fetch all IAM providers that belong to the project identified by the given
	// context ID.
	// Required permissions:
	// - security.iamprovider.list on the project identified by the given context ID.
	ListIAMProviders(context.Context, *v1.ListOptions) (*IAMProviderList, error)
	// Fetch an IAM provider by its id.
	// Required permissions:
	// - security.iamprovider.get on the IAM provider
	GetIAMProvider(context.Context, *v1.IDOptions) (*IAMProvider, error)
	// Create a new IAM provider
	// Required permissions:
	// - security.iamprovider.create on the project that owns the IAM provider.
	CreateIAMProvider(context.Context, *IAMProvider) (*IAMProvider, error)
	// Update an IAM provider
	// Required permissions:
	// - security.iamprovider.update on the IAM provider
	UpdateIAMProvider(context.Context, *IAMProvider) (*IAMProvider, error)
	// Delete an IAM provider.
	// Note that IAM providers are initially only marked for deletion.
	// Once all their dependent deployments are removed, the provider is removed.
	// Required permissions:
	// - security.iamprovider.delete on the IP whitelist
	DeleteIAMProvider(context.Context, *v1.IDOptions) (*v1.Empty, error)
	// Mark the given IAM provider as default for its containing project.
	// Required permissions:
	// - security.iamprovider.set-default on the project that owns the provider.
	SetDefaultIAMProvider(context.Context, *IAMProvider) (*v1.Empty, error)
}

SecurityServiceServer is the server API for SecurityService service.

type UnimplementedSecurityServiceServer 

type UnimplementedSecurityServiceServer struct {
}

UnimplementedSecurityServiceServer can be embedded to have forward compatible implementations.

func (*UnimplementedSecurityServiceServer) CreateIAMProvider 

func (*UnimplementedSecurityServiceServer) CreateIAMProvider(ctx context.Context, req *IAMProvider) (*IAMProvider, error)

func (*UnimplementedSecurityServiceServer) CreateIPAllowlist added in v0.45.0 

func (*UnimplementedSecurityServiceServer) CreateIPAllowlist(ctx context.Context, req *IPAllowlist) (*IPAllowlist, error)

func (*UnimplementedSecurityServiceServer) DeleteIAMProvider 

func (*UnimplementedSecurityServiceServer) DeleteIAMProvider(ctx context.Context, req *v1.IDOptions) (*v1.Empty, error)

func (*UnimplementedSecurityServiceServer) DeleteIPAllowlist added in v0.45.0 

func (*UnimplementedSecurityServiceServer) DeleteIPAllowlist(ctx context.Context, req *v1.IDOptions) (*v1.Empty, error)

func (*UnimplementedSecurityServiceServer) GetAPIVersion 

func (*UnimplementedSecurityServiceServer) GetAPIVersion(ctx context.Context, req *v1.Empty) (*v1.Version, error)

func (*UnimplementedSecurityServiceServer) GetIAMProvider 

func (*UnimplementedSecurityServiceServer) GetIAMProvider(ctx context.Context, req *v1.IDOptions) (*IAMProvider, error)

func (*UnimplementedSecurityServiceServer) GetIPAllowlist added in v0.45.0 

func (*UnimplementedSecurityServiceServer) GetIPAllowlist(ctx context.Context, req *v1.IDOptions) (*IPAllowlist, error)

func (*UnimplementedSecurityServiceServer) ListIAMProviders 

func (*UnimplementedSecurityServiceServer) ListIAMProviders(ctx context.Context, req *v1.ListOptions) (*IAMProviderList, error)

func (*UnimplementedSecurityServiceServer) ListIPAllowlists added in v0.45.0 

func (*UnimplementedSecurityServiceServer) ListIPAllowlists(ctx context.Context, req *v1.ListOptions) (*IPAllowlistList, error)

func (*UnimplementedSecurityServiceServer) SetDefaultIAMProvider 

func (*UnimplementedSecurityServiceServer) SetDefaultIAMProvider(ctx context.Context, req *IAMProvider) (*v1.Empty, error)

func (*UnimplementedSecurityServiceServer) UpdateIAMProvider 

func (*UnimplementedSecurityServiceServer) UpdateIAMProvider(ctx context.Context, req *IAMProvider) (*IAMProvider, error)

func (*UnimplementedSecurityServiceServer) UpdateIPAllowlist added in v0.45.0 

func (*UnimplementedSecurityServiceServer) UpdateIPAllowlist(ctx context.Context, req *IPAllowlist) (*IPAllowlist, error)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.