Documentation ¶
Index ¶
- type ChildPolicy
- type Cluster
- type ClusterGroup
- type ClusterUser
- type CreateJITPolicyRequest
- type Environment
- type Group
- type JITPolicy
- func (p *JITPolicy) GetAutomaticallyApproved() bool
- func (p *JITPolicy) GetChildPolicies() []ChildPolicy
- func (p *JITPolicy) GetDescription() string
- func (p *JITPolicy) GetDuration() uint
- func (p *JITPolicy) GetGroups() []Group
- func (p *JITPolicy) GetID() string
- func (p *JITPolicy) GetName() string
- func (p *JITPolicy) GetPolicyType() policytype.PolicyType
- func (p *JITPolicy) GetSubjects() []Subject
- func (p *JITPolicy) GetTimeExpires() *types.Timestamp
- type KubernetesPolicy
- func (p *KubernetesPolicy) GetClusterGroups() []ClusterGroup
- func (p *KubernetesPolicy) GetClusterGroupsAsStringList() []string
- func (p *KubernetesPolicy) GetClusterUsers() []ClusterUser
- func (p *KubernetesPolicy) GetClusterUsersAsStringList() []string
- func (p *KubernetesPolicy) GetClusters() []Cluster
- func (p *KubernetesPolicy) GetClustersAsStringList() []string
- func (p *KubernetesPolicy) GetEnvironments() []Environment
- func (p *KubernetesPolicy) GetEnvironmentsAsStringList() []string
- func (p *KubernetesPolicy) GetPolicyType() policytype.PolicyType
- type ListPolicyOptions
- type ModifyJITPolicyRequest
- type OrganizationControlsPolicy
- type PoliciesService
- func (s *PoliciesService) CreateJITPolicy(ctx context.Context, request *CreateJITPolicyRequest) (*JITPolicy, *http.Response, error)
- func (s *PoliciesService) CreateKubernetesPolicy(ctx context.Context, policy *KubernetesPolicy) (*KubernetesPolicy, *http.Response, error)
- func (s *PoliciesService) CreateOrganizationControlsPolicy(ctx context.Context, policy *OrganizationControlsPolicy) (*OrganizationControlsPolicy, *http.Response, error)
- func (s *PoliciesService) CreateProxyPolicy(ctx context.Context, policy *ProxyPolicy) (*ProxyPolicy, *http.Response, error)
- func (s *PoliciesService) CreateSessionRecordingPolicy(ctx context.Context, policy *SessionRecordingPolicy) (*SessionRecordingPolicy, *http.Response, error)
- func (s *PoliciesService) CreateTargetConnectPolicy(ctx context.Context, policy *TargetConnectPolicy) (*TargetConnectPolicy, *http.Response, error)
- func (s *PoliciesService) DeleteJITPolicy(ctx context.Context, policyID string) (*http.Response, error)
- func (s *PoliciesService) DeleteKubernetesPolicy(ctx context.Context, policyID string) (*http.Response, error)
- func (s *PoliciesService) DeleteOrganizationControlsPolicy(ctx context.Context, policyID string) (*http.Response, error)
- func (s *PoliciesService) DeleteProxyPolicy(ctx context.Context, policyID string) (*http.Response, error)
- func (s *PoliciesService) DeleteSessionRecordingPolicy(ctx context.Context, policyID string) (*http.Response, error)
- func (s *PoliciesService) DeleteTargetConnectPolicy(ctx context.Context, policyID string) (*http.Response, error)
- func (s *PoliciesService) GetJITPolicy(ctx context.Context, policyID string) (*JITPolicy, *http.Response, error)
- func (s *PoliciesService) GetKubernetesPolicy(ctx context.Context, policyID string) (*KubernetesPolicy, *http.Response, error)
- func (s *PoliciesService) GetOrganizationControlsPolicyPolicy(ctx context.Context, policyID string) (*OrganizationControlsPolicy, *http.Response, error)
- func (s *PoliciesService) GetProxyPolicy(ctx context.Context, policyID string) (*ProxyPolicy, *http.Response, error)
- func (s *PoliciesService) GetSessionRecordingPolicy(ctx context.Context, policyID string) (*SessionRecordingPolicy, *http.Response, error)
- func (s *PoliciesService) GetTargetConnectPolicy(ctx context.Context, policyID string) (*TargetConnectPolicy, *http.Response, error)
- func (s *PoliciesService) ListJITPolicies(ctx context.Context, opts *ListPolicyOptions) ([]JITPolicy, *http.Response, error)
- func (s *PoliciesService) ListKubernetesPolicies(ctx context.Context, opts *ListPolicyOptions) ([]KubernetesPolicy, *http.Response, error)
- func (s *PoliciesService) ListOrganizationControlsPolicies(ctx context.Context, opts *ListPolicyOptions) ([]OrganizationControlsPolicy, *http.Response, error)
- func (s *PoliciesService) ListProxyPolicies(ctx context.Context, opts *ListPolicyOptions) ([]ProxyPolicy, *http.Response, error)
- func (s *PoliciesService) ListSessionRecordingPolicies(ctx context.Context, opts *ListPolicyOptions) ([]SessionRecordingPolicy, *http.Response, error)
- func (s *PoliciesService) ListTargetConnectPolicies(ctx context.Context, opts *ListPolicyOptions) ([]TargetConnectPolicy, *http.Response, error)
- func (s *PoliciesService) ModifyJITPolicy(ctx context.Context, policyID string, request *ModifyJITPolicyRequest) (*JITPolicy, *http.Response, error)
- func (s *PoliciesService) ModifyKubernetesPolicy(ctx context.Context, policyID string, policy *KubernetesPolicy) (*KubernetesPolicy, *http.Response, error)
- func (s *PoliciesService) ModifyOrganizationControlsPolicy(ctx context.Context, policyID string, policy *OrganizationControlsPolicy) (*OrganizationControlsPolicy, *http.Response, error)
- func (s *PoliciesService) ModifyProxyPolicy(ctx context.Context, policyID string, policy *ProxyPolicy) (*ProxyPolicy, *http.Response, error)
- func (s *PoliciesService) ModifySessionRecordingPolicy(ctx context.Context, policyID string, policy *SessionRecordingPolicy) (*SessionRecordingPolicy, *http.Response, error)
- func (s *PoliciesService) ModifyTargetConnectPolicy(ctx context.Context, policyID string, policy *TargetConnectPolicy) (*TargetConnectPolicy, *http.Response, error)
- type Policy
- type PolicyInterface
- type ProxyPolicy
- func (p *ProxyPolicy) GetEnvironments() []Environment
- func (p *ProxyPolicy) GetEnvironmentsAsStringList() []string
- func (p *ProxyPolicy) GetPolicyType() policytype.PolicyType
- func (p *ProxyPolicy) GetTargetUsers() []TargetUser
- func (p *ProxyPolicy) GetTargetUsersAsStringList() []string
- func (p *ProxyPolicy) GetTargets() []Target
- type SessionRecordingPolicy
- type Subject
- type Target
- type TargetConnectPolicy
- func (p *TargetConnectPolicy) GetEnvironments() []Environment
- func (p *TargetConnectPolicy) GetEnvironmentsAsStringList() []string
- func (p *TargetConnectPolicy) GetPolicyType() policytype.PolicyType
- func (p *TargetConnectPolicy) GetTargetUsers() []TargetUser
- func (p *TargetConnectPolicy) GetTargetUsersAsStringList() []string
- func (p *TargetConnectPolicy) GetTargets() []Target
- func (p *TargetConnectPolicy) GetVerbs() []Verb
- func (p *TargetConnectPolicy) GetVerbsAsStringList() []string
- type TargetUser
- type Verb
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type ChildPolicy ¶
type ChildPolicy struct { ID string `json:"id"` // Type is one of TargetConnect, Kubernetes or Proxy Type policytype.PolicyType `json:"type"` Name string `json:"name"` }
ChildPolicy refers to another policy that a JIT policy applies to
type Cluster ¶
type Cluster struct {
ID string `json:"id"`
}
Cluster refers to the BastionZero Cluster target that a Kubernetes policy applies to
type ClusterGroup ¶
type ClusterGroup struct {
Name string `json:"name"`
}
ClusterGroup refers to the Kubernetes subject group that a Kubernetes policy applies to
type ClusterUser ¶
type ClusterUser struct {
Name string `json:"name"`
}
ClusterUser refers to the Kubernetes subject user that a Kubernetes policy applies to
type CreateJITPolicyRequest ¶
type CreateJITPolicyRequest struct { Name string `json:"name"` Description string `json:"description,omitempty"` TimeExpires *types.Timestamp `json:"timeExpires,omitempty"` Subjects []Subject `json:"subjects"` Groups []Group `json:"groups"` // ChildPolicies is a list of policy IDs that this JIT policy applies to ChildPolicies []string `json:"childPolicies"` // AutomaticallyApproved determines whether the creation of the policies // will be automatically approved or based on request and approval from // reviewers. AutomaticallyApproved bool `json:"automaticallyApproved"` // Duration is the amount of time (in minutes) after which the access // granted by this JIT policy will expire. Duration uint `json:"duration"` }
CreateJITPolicyRequest is used to create a new JIT policy
type Environment ¶
type Environment struct {
ID string `json:"id"`
}
Environment refers to the BastionZero environment that a policy applies to
type JITPolicy ¶
type JITPolicy struct { ID string `json:"id"` TimeExpires *types.Timestamp `json:"timeExpires"` Name string `json:"name"` Description string `json:"description"` Subjects []Subject `json:"subjects"` Groups []Group `json:"groups"` // ChildPolicies is a list of policies that this JIT policy applies to ChildPolicies []ChildPolicy `json:"childPolicies"` // AutomaticallyApproved determines whether the creation of the policies // will be automatically approved or based on request and approval from // reviewers. AutomaticallyApproved bool `json:"automaticallyApproved"` // Duration is the amount of time (in minutes) after which the access // granted by this JIT policy will expire. Duration uint `json:"duration"` }
JITPolicy represents a just in time policy. Just in time policies provide just in time access to targets.
func (*JITPolicy) GetAutomaticallyApproved ¶
func (*JITPolicy) GetChildPolicies ¶
func (p *JITPolicy) GetChildPolicies() []ChildPolicy
func (*JITPolicy) GetDescription ¶
func (*JITPolicy) GetDuration ¶
func (*JITPolicy) GetPolicyType ¶
func (p *JITPolicy) GetPolicyType() policytype.PolicyType
func (*JITPolicy) GetSubjects ¶
func (*JITPolicy) GetTimeExpires ¶
type KubernetesPolicy ¶
type KubernetesPolicy struct { Policy Environments *[]Environment `json:"environments,omitempty"` Clusters *[]Cluster `json:"clusters,omitempty"` ClusterUsers *[]ClusterUser `json:"clusterUsers,omitempty"` ClusterGroups *[]ClusterGroup `json:"clusterGroups,omitempty"` }
KubernetesPolicy represents a Kubernetes policy. Kubernetes policies provide access to Cluster targets.
func (*KubernetesPolicy) GetClusterGroups ¶
func (p *KubernetesPolicy) GetClusterGroups() []ClusterGroup
func (*KubernetesPolicy) GetClusterGroupsAsStringList ¶
func (p *KubernetesPolicy) GetClusterGroupsAsStringList() []string
func (*KubernetesPolicy) GetClusterUsers ¶
func (p *KubernetesPolicy) GetClusterUsers() []ClusterUser
func (*KubernetesPolicy) GetClusterUsersAsStringList ¶
func (p *KubernetesPolicy) GetClusterUsersAsStringList() []string
func (*KubernetesPolicy) GetClusters ¶
func (p *KubernetesPolicy) GetClusters() []Cluster
func (*KubernetesPolicy) GetClustersAsStringList ¶
func (p *KubernetesPolicy) GetClustersAsStringList() []string
func (*KubernetesPolicy) GetEnvironments ¶
func (p *KubernetesPolicy) GetEnvironments() []Environment
func (*KubernetesPolicy) GetEnvironmentsAsStringList ¶
func (p *KubernetesPolicy) GetEnvironmentsAsStringList() []string
func (*KubernetesPolicy) GetPolicyType ¶
func (p *KubernetesPolicy) GetPolicyType() policytype.PolicyType
type ListPolicyOptions ¶
type ListPolicyOptions struct { // Subjects is a comma-separated list of subject IDs. Filters the list of // policies to only those that contain the provided subject(s). Subjects string `url:"subjects,omitempty"` // Groups is a comma-separated list of group IDs. Filters the list of // policies to only those that contain the provided group(s). Groups string `url:"groups,omitempty"` }
ListPolicyOptions specifies the optional parameters to various List methods involving policy
type ModifyJITPolicyRequest ¶
type ModifyJITPolicyRequest struct { Name *string `json:"name,omitempty"` Description *string `json:"description,omitempty"` Subjects *[]Subject `json:"subjects,omitempty"` Groups *[]Group `json:"groups,omitempty"` // ChildPolicies is a list of policy IDs that this JIT policy applies to ChildPolicies *[]string `json:"childPolicies,omitempty"` // AutomaticallyApproved determines whether the creation of the policies // will be automatically approved or based on request and approval from // reviewers. AutomaticallyApproved *bool `json:"automaticallyApproved,omitempty"` // Duration is the amount of time (in minutes) after which the access // granted by this JIT policy will expire. Duration *uint `json:"duration,omitempty"` }
ModifyJITPolicyRequest is used to modify a JIT policy
type OrganizationControlsPolicy ¶ added in v0.9.0
type OrganizationControlsPolicy struct { Policy MFAEnabled *bool `json:"mfaEnabled,omitempty"` MFADuration *int `json:"mfaDuration,omitempty"` }
OrganizationControlsPolicy represents an OrganizationControls policy. This policy controls global mfa.
func (*OrganizationControlsPolicy) GetMFADuration ¶ added in v0.9.0
func (p *OrganizationControlsPolicy) GetMFADuration() int
func (*OrganizationControlsPolicy) GetMFAEnabled ¶ added in v0.9.0
func (p *OrganizationControlsPolicy) GetMFAEnabled() bool
func (*OrganizationControlsPolicy) GetPolicyType ¶ added in v0.9.0
func (p *OrganizationControlsPolicy) GetPolicyType() policytype.PolicyType
type PoliciesService ¶
PoliciesService handles communication with the policies endpoints of the BastionZero API.
BastionZero API docs: https://cloud.bastionzero.com/api/#tag--Policies
func (*PoliciesService) CreateJITPolicy ¶
func (s *PoliciesService) CreateJITPolicy(ctx context.Context, request *CreateJITPolicyRequest) (*JITPolicy, *http.Response, error)
CreateJITPolicy creates a new JIT policy.
BastionZero API docs: https://cloud.bastionzero.com/api/#post-/api/v2/policies/just-in-time
func (*PoliciesService) CreateKubernetesPolicy ¶
func (s *PoliciesService) CreateKubernetesPolicy(ctx context.Context, policy *KubernetesPolicy) (*KubernetesPolicy, *http.Response, error)
CreateKubernetesPolicy creates a new Kubernetes policy
BastionZero API docs: https://cloud.bastionzero.com/api/#post-/api/v2/policies/kubernetes
func (*PoliciesService) CreateOrganizationControlsPolicy ¶ added in v0.9.0
func (s *PoliciesService) CreateOrganizationControlsPolicy(ctx context.Context, policy *OrganizationControlsPolicy) (*OrganizationControlsPolicy, *http.Response, error)
CreateOrganizationControlsPolicy creates a new OrganizationControls policy
BastionZero API docs: https://cloud.bastionzero.com/api/#post-/api/v2/policies/organization-controls
func (*PoliciesService) CreateProxyPolicy ¶
func (s *PoliciesService) CreateProxyPolicy(ctx context.Context, policy *ProxyPolicy) (*ProxyPolicy, *http.Response, error)
CreateProxyPolicy creates a new proxy policy.
BastionZero API docs: https://cloud.bastionzero.com/api/#post-/api/v2/policies/proxy
func (*PoliciesService) CreateSessionRecordingPolicy ¶
func (s *PoliciesService) CreateSessionRecordingPolicy(ctx context.Context, policy *SessionRecordingPolicy) (*SessionRecordingPolicy, *http.Response, error)
CreateSessionRecordingPolicy creates a new session recording policy.
BastionZero API docs: https://cloud.bastionzero.com/api/#post-/api/v2/policies/session-recording
func (*PoliciesService) CreateTargetConnectPolicy ¶
func (s *PoliciesService) CreateTargetConnectPolicy(ctx context.Context, policy *TargetConnectPolicy) (*TargetConnectPolicy, *http.Response, error)
CreateTargetConnectPolicy creates a new target connect policy.
BastionZero API docs: https://cloud.bastionzero.com/api/#post-/api/v2/policies/target-connect
func (*PoliciesService) DeleteJITPolicy ¶
func (s *PoliciesService) DeleteJITPolicy(ctx context.Context, policyID string) (*http.Response, error)
DeleteJITPolicy deletes the specified JIT policy.
BastionZero API docs: https://cloud.bastionzero.com/api/#delete-/api/v2/policies/just-in-time/-id-
func (*PoliciesService) DeleteKubernetesPolicy ¶
func (s *PoliciesService) DeleteKubernetesPolicy(ctx context.Context, policyID string) (*http.Response, error)
DeleteKubernetesPolicy deletes the specified Kubernetes policy
BastionZero API docs: https://cloud.bastionzero.com/api/#delete-/api/v2/policies/kubernetes/-id-
func (*PoliciesService) DeleteOrganizationControlsPolicy ¶ added in v0.9.0
func (s *PoliciesService) DeleteOrganizationControlsPolicy(ctx context.Context, policyID string) (*http.Response, error)
DeleteOrganizationControlsPolicy deletes the specified OrganizationControls policy
BastionZero API docs: https://cloud.bastionzero.com/api/#delete-/api/v2/policies/organization-controls/-id-
func (*PoliciesService) DeleteProxyPolicy ¶
func (s *PoliciesService) DeleteProxyPolicy(ctx context.Context, policyID string) (*http.Response, error)
DeleteProxyPolicy deletes the specified proxy policy.
BastionZero API docs: https://cloud.bastionzero.com/api/#delete-/api/v2/policies/proxy/-id-
func (*PoliciesService) DeleteSessionRecordingPolicy ¶
func (s *PoliciesService) DeleteSessionRecordingPolicy(ctx context.Context, policyID string) (*http.Response, error)
DeleteSessionRecordingPolicy deletes the specified session recording policy.
BastionZero API docs: https://cloud.bastionzero.com/api/#delete-/api/v2/policies/session-recording/-id-
func (*PoliciesService) DeleteTargetConnectPolicy ¶
func (s *PoliciesService) DeleteTargetConnectPolicy(ctx context.Context, policyID string) (*http.Response, error)
DeleteTargetConnectPolicy deletes the specified target connect policy.
BastionZero API docs: https://cloud.bastionzero.com/api/#delete-/api/v2/policies/target-connect/-id-
func (*PoliciesService) GetJITPolicy ¶
func (s *PoliciesService) GetJITPolicy(ctx context.Context, policyID string) (*JITPolicy, *http.Response, error)
GetJITPolicy fetches the specified JIT policy.
BastionZero API docs: https://cloud.bastionzero.com/api/#get-/api/v2/policies/just-in-time/-id-
func (*PoliciesService) GetKubernetesPolicy ¶
func (s *PoliciesService) GetKubernetesPolicy(ctx context.Context, policyID string) (*KubernetesPolicy, *http.Response, error)
GetKubernetesPolicy fetches the specified Kubernetes policy
BastionZero API docs: https://cloud.bastionzero.com/api/#get-/api/v2/policies/kubernetes/-id-
func (*PoliciesService) GetOrganizationControlsPolicyPolicy ¶ added in v0.9.0
func (s *PoliciesService) GetOrganizationControlsPolicyPolicy(ctx context.Context, policyID string) (*OrganizationControlsPolicy, *http.Response, error)
GetOrganizationControlsPolicyPolicy fetches the specified OrganizationControlsPolicy policy
BastionZero API docs: https://cloud.bastionzero.com/api/#get-/api/v2/policies/organization-controls/-id-
func (*PoliciesService) GetProxyPolicy ¶
func (s *PoliciesService) GetProxyPolicy(ctx context.Context, policyID string) (*ProxyPolicy, *http.Response, error)
GetProxyPolicy fetches the specified proxy policy.
BastionZero API docs: https://cloud.bastionzero.com/api/#get-/api/v2/policies/proxy/-id-
func (*PoliciesService) GetSessionRecordingPolicy ¶
func (s *PoliciesService) GetSessionRecordingPolicy(ctx context.Context, policyID string) (*SessionRecordingPolicy, *http.Response, error)
GetSessionRecordingPolicy fetches the specified session recording policy.
BastionZero API docs: https://cloud.bastionzero.com/api/#get-/api/v2/policies/session-recording/-id-
func (*PoliciesService) GetTargetConnectPolicy ¶
func (s *PoliciesService) GetTargetConnectPolicy(ctx context.Context, policyID string) (*TargetConnectPolicy, *http.Response, error)
GetTargetConnectPolicy fetches the specified target connect policy.
BastionZero API docs: https://cloud.bastionzero.com/api/#get-/api/v2/policies/target-connect/-id-
func (*PoliciesService) ListJITPolicies ¶
func (s *PoliciesService) ListJITPolicies(ctx context.Context, opts *ListPolicyOptions) ([]JITPolicy, *http.Response, error)
ListJITPolicies lists all JIT policies.
BastionZero API docs: https://cloud.bastionzero.com/api/#get-/api/v2/policies/just-in-time
func (*PoliciesService) ListKubernetesPolicies ¶
func (s *PoliciesService) ListKubernetesPolicies(ctx context.Context, opts *ListPolicyOptions) ([]KubernetesPolicy, *http.Response, error)
ListKubernetesPolicies lists all Kubernetes policies
BastionZero API docs: https://cloud.bastionzero.com/api/#get-/api/v2/policies/kubernetes
func (*PoliciesService) ListOrganizationControlsPolicies ¶ added in v0.9.0
func (s *PoliciesService) ListOrganizationControlsPolicies(ctx context.Context, opts *ListPolicyOptions) ([]OrganizationControlsPolicy, *http.Response, error)
ListOrganizationControlsPolicies lists all Organization Controls policies
BastionZero API docs: https://cloud.bastionzero.com/api/#get-/api/v2/policies/organization-controls
func (*PoliciesService) ListProxyPolicies ¶
func (s *PoliciesService) ListProxyPolicies(ctx context.Context, opts *ListPolicyOptions) ([]ProxyPolicy, *http.Response, error)
ListProxyPolicies lists all proxy policies.
BastionZero API docs: https://cloud.bastionzero.com/api/#get-/api/v2/policies/proxy
func (*PoliciesService) ListSessionRecordingPolicies ¶
func (s *PoliciesService) ListSessionRecordingPolicies(ctx context.Context, opts *ListPolicyOptions) ([]SessionRecordingPolicy, *http.Response, error)
ListSessionRecordingPolicies lists all session recording policies.
BastionZero API docs: https://cloud.bastionzero.com/api/#get-/api/v2/policies/session-recording
func (*PoliciesService) ListTargetConnectPolicies ¶
func (s *PoliciesService) ListTargetConnectPolicies(ctx context.Context, opts *ListPolicyOptions) ([]TargetConnectPolicy, *http.Response, error)
ListTargetConnectPolicies lists all target connect policies.
BastionZero API docs: https://cloud.bastionzero.com/api/#get-/api/v2/policies/target-connect
func (*PoliciesService) ModifyJITPolicy ¶
func (s *PoliciesService) ModifyJITPolicy(ctx context.Context, policyID string, request *ModifyJITPolicyRequest) (*JITPolicy, *http.Response, error)
ModifyJITPolicy updates a JIT policy.
BastionZero API docs: https://cloud.bastionzero.com/api/#patch-/api/v2/policies/just-in-time/-id-
func (*PoliciesService) ModifyKubernetesPolicy ¶
func (s *PoliciesService) ModifyKubernetesPolicy(ctx context.Context, policyID string, policy *KubernetesPolicy) (*KubernetesPolicy, *http.Response, error)
ModifyKubernetesPolicy updates a Kubernetes policy. All user populated fields are mutable except for policy.TimeExpires.
BastionZero API docs: https://cloud.bastionzero.com/api/#patch-/api/v2/policies/kubernetes/-id-
func (*PoliciesService) ModifyOrganizationControlsPolicy ¶ added in v0.9.0
func (s *PoliciesService) ModifyOrganizationControlsPolicy(ctx context.Context, policyID string, policy *OrganizationControlsPolicy) (*OrganizationControlsPolicy, *http.Response, error)
ModifyOrganizationControlsPolicy updates a OrganizationControls policy. All user populated fields are mutable except for policy.TimeExpires.
BastionZero API docs: https://cloud.bastionzero.com/api/#patch-/api/v2/policies/organization-controls/-id-
func (*PoliciesService) ModifyProxyPolicy ¶
func (s *PoliciesService) ModifyProxyPolicy(ctx context.Context, policyID string, policy *ProxyPolicy) (*ProxyPolicy, *http.Response, error)
ModifyProxyPolicy updates a proxy policy. All user populated fields are mutable except for policy.TimeExpires.
BastionZero API docs: https://cloud.bastionzero.com/api/#patch-/api/v2/policies/proxy/-id-
func (*PoliciesService) ModifySessionRecordingPolicy ¶
func (s *PoliciesService) ModifySessionRecordingPolicy(ctx context.Context, policyID string, policy *SessionRecordingPolicy) (*SessionRecordingPolicy, *http.Response, error)
ModifySessionRecordingPolicy updates a session recording policy. All user populated fields are mutable except for policy.TimeExpires.
BastionZero API docs: https://cloud.bastionzero.com/api/#patch-/api/v2/policies/session-recording/-id-
func (*PoliciesService) ModifyTargetConnectPolicy ¶
func (s *PoliciesService) ModifyTargetConnectPolicy(ctx context.Context, policyID string, policy *TargetConnectPolicy) (*TargetConnectPolicy, *http.Response, error)
ModifyTargetConnectPolicy updates a target connect policy. All user populated fields are mutable except for policy.TimeExpires.
BastionZero API docs: https://cloud.bastionzero.com/api/#patch-/api/v2/policies/target-connect/-id-
type Policy ¶
type Policy struct { // ID of the policy. Populated by the server ID string `json:"id,omitempty"` // User-initialized fields // // TimeExpires is an optional timestamp of when the policy should be deleted // by the server. TimeExpires *types.Timestamp `json:"timeExpires,omitempty"` // User-mutable fields // // Name is the name of the policy Name string `json:"name,omitempty"` // Description is an optional description that describes the policy Description *string `json:"description,omitempty"` // Subjects is a list of BastionZero subjects the policy applies to Subjects *[]Subject `json:"subjects,omitempty"` // Groups is a list of IdP groups the policy applies to Groups *[]Group `json:"groups,omitempty"` }
Policy abstracts common attributes from any kind of BastionZero policy
func (*Policy) GetDescription ¶
func (*Policy) GetSubjects ¶
func (*Policy) GetTimeExpires ¶
type PolicyInterface ¶
type PolicyInterface interface { // GetID returns the policy's unique ID. GetID() string // GetTimeExpires returns the policy's expiration if set. Otherwise, returns // nil. GetTimeExpires() *types.Timestamp // GetName returns the policy's name. GetName() string // GetDescription returns the policy's description if set. Otherwise, // returns an empty string. GetDescription() string // GetSubjects returns the policy's list of subjects that the policy applies // to if set. Otherwise, returns an empty slice. GetSubjects() []Subject // GetGroups returns the policy's list of groups that the policy applies to // if set. Otherwise, returns an empty slice. GetGroups() []Group // GetPolicyType returns the policy's type. GetPolicyType() policytype.PolicyType }
PolicyInterface lets you work with common policy attributes from any kind of BastionZero policy
type ProxyPolicy ¶
type ProxyPolicy struct { Policy Environments *[]Environment `json:"environments,omitempty"` Targets *[]Target `json:"targets,omitempty"` TargetUsers *[]TargetUser `json:"targetUsers,omitempty"` }
ProxyPolicy represents a proxy policy. Proxy policies provide access to DB and Web targets.
func (*ProxyPolicy) GetEnvironments ¶
func (p *ProxyPolicy) GetEnvironments() []Environment
func (*ProxyPolicy) GetEnvironmentsAsStringList ¶
func (p *ProxyPolicy) GetEnvironmentsAsStringList() []string
func (*ProxyPolicy) GetPolicyType ¶
func (p *ProxyPolicy) GetPolicyType() policytype.PolicyType
func (*ProxyPolicy) GetTargetUsers ¶
func (p *ProxyPolicy) GetTargetUsers() []TargetUser
func (*ProxyPolicy) GetTargetUsersAsStringList ¶
func (p *ProxyPolicy) GetTargetUsersAsStringList() []string
func (*ProxyPolicy) GetTargets ¶
func (p *ProxyPolicy) GetTargets() []Target
type SessionRecordingPolicy ¶
SessionRecordingPolicy represents a session recording policy. Session recording policies govern whether users' I/O during shell connections are recorded.
func (*SessionRecordingPolicy) GetPolicyType ¶
func (p *SessionRecordingPolicy) GetPolicyType() policytype.PolicyType
func (*SessionRecordingPolicy) GetRecordInput ¶
func (p *SessionRecordingPolicy) GetRecordInput() bool
type Subject ¶
type Subject struct { ID string `json:"id"` Type subjecttype.SubjectType `json:"type"` }
Subject refers to the subject that a policy applies to
type Target ¶
type Target struct { ID string `json:"id"` Type targettype.TargetType `json:"type"` }
Target refers to the BastionZero target that a policy applies to
type TargetConnectPolicy ¶
type TargetConnectPolicy struct { Policy Environments *[]Environment `json:"environments,omitempty"` Targets *[]Target `json:"targets,omitempty"` TargetUsers *[]TargetUser `json:"targetUsers,omitempty"` Verbs *[]Verb `json:"verbs,omitempty"` }
TargetConnectPolicy represents a target connect policy. Target connect policies provide access to Bzero and DynamicAccessConfig targets.
func (*TargetConnectPolicy) GetEnvironments ¶
func (p *TargetConnectPolicy) GetEnvironments() []Environment
func (*TargetConnectPolicy) GetEnvironmentsAsStringList ¶
func (p *TargetConnectPolicy) GetEnvironmentsAsStringList() []string
func (*TargetConnectPolicy) GetPolicyType ¶
func (p *TargetConnectPolicy) GetPolicyType() policytype.PolicyType
func (*TargetConnectPolicy) GetTargetUsers ¶
func (p *TargetConnectPolicy) GetTargetUsers() []TargetUser
func (*TargetConnectPolicy) GetTargetUsersAsStringList ¶
func (p *TargetConnectPolicy) GetTargetUsersAsStringList() []string
func (*TargetConnectPolicy) GetTargets ¶
func (p *TargetConnectPolicy) GetTargets() []Target
func (*TargetConnectPolicy) GetVerbs ¶
func (p *TargetConnectPolicy) GetVerbs() []Verb
func (*TargetConnectPolicy) GetVerbsAsStringList ¶
func (p *TargetConnectPolicy) GetVerbsAsStringList() []string
type TargetUser ¶
type TargetUser struct {
Username string `json:"userName"`
}
TargetUser refers to the user that a policy applies to. When used in a target connect policy, it refers to a Unix username. When used in a proxy policy, it refers to a database user.
Source Files ¶
Directories ¶
Path | Synopsis |
---|---|
Code generated by "string-enumer -t PolicyType -o ./generated.go ."; DO NOT EDIT.
|
Code generated by "string-enumer -t PolicyType -o ./generated.go ."; DO NOT EDIT. |
Code generated by "string-enumer -t VerbType -o ./generated.go ."; DO NOT EDIT.
|
Code generated by "string-enumer -t VerbType -o ./generated.go ."; DO NOT EDIT. |