accessv1alpha1

package
v1.31.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: May 2, 2024 License: MIT Imports: 11 Imported by: 16

Documentation

Index

Constants

This section is empty.

Variables

View Source
var (
	GrantChange_name = map[int32]string{
		0: "GRANT_CHANGE_UNSPECIFIED",
		1: "GRANT_CHANGE_REQUESTED",
		2: "GRANT_CHANGE_ACTIVATED",
		3: "GRANT_CHANGE_EXTENDED",
		4: "GRANT_CHANGE_PROVISIONING_FAILED",
	}
	GrantChange_value = map[string]int32{
		"GRANT_CHANGE_UNSPECIFIED":         0,
		"GRANT_CHANGE_REQUESTED":           1,
		"GRANT_CHANGE_ACTIVATED":           2,
		"GRANT_CHANGE_EXTENDED":            3,
		"GRANT_CHANGE_PROVISIONING_FAILED": 4,
	}
)

Enum value maps for GrantChange.

View Source
var (
	DiagnosticLevel_name = map[int32]string{
		0: "DIAGNOSTIC_LEVEL_UNSPECIFIED",
		1: "DIAGNOSTIC_LEVEL_INFO",
		2: "DIAGNOSTIC_LEVEL_WARNING",
		3: "DIAGNOSTIC_LEVEL_ERROR",
	}
	DiagnosticLevel_value = map[string]int32{
		"DIAGNOSTIC_LEVEL_UNSPECIFIED": 0,
		"DIAGNOSTIC_LEVEL_INFO":        1,
		"DIAGNOSTIC_LEVEL_WARNING":     2,
		"DIAGNOSTIC_LEVEL_ERROR":       3,
	}
)

Enum value maps for DiagnosticLevel.

View Source
var (
	GrantStatus_name = map[int32]string{
		0: "GRANT_STATUS_UNSPECIFIED",
		1: "GRANT_STATUS_PENDING",
		3: "GRANT_STATUS_ACTIVE",
		4: "GRANT_STATUS_CLOSED",
	}
	GrantStatus_value = map[string]int32{
		"GRANT_STATUS_UNSPECIFIED": 0,
		"GRANT_STATUS_PENDING":     1,
		"GRANT_STATUS_ACTIVE":      3,
		"GRANT_STATUS_CLOSED":      4,
	}
)

Enum value maps for GrantStatus.

View Source
var (
	ProvisioningStatus_name = map[int32]string{
		0: "PROVISIONING_STATUS_UNSPECIFIED",
		1: "PROVISIONING_STATUS_NOT_ATTEMPTED",
		2: "PROVISIONING_STATUS_ATTEMPTING",
		3: "PROVISIONING_STATUS_SUCCESSFUL",
	}
	ProvisioningStatus_value = map[string]int32{
		"PROVISIONING_STATUS_UNSPECIFIED":   0,
		"PROVISIONING_STATUS_NOT_ATTEMPTED": 1,
		"PROVISIONING_STATUS_ATTEMPTING":    2,
		"PROVISIONING_STATUS_SUCCESSFUL":    3,
	}
)

Enum value maps for ProvisioningStatus.

View Source
var File_commonfate_access_v1alpha1_access_proto protoreflect.FileDescriptor
View Source
var File_commonfate_access_v1alpha1_access_request_proto protoreflect.FileDescriptor
View Source
var File_commonfate_access_v1alpha1_audit_logs_proto protoreflect.FileDescriptor
View Source
var File_commonfate_access_v1alpha1_diagnostic_proto protoreflect.FileDescriptor
View Source
var File_commonfate_access_v1alpha1_entities_proto protoreflect.FileDescriptor
View Source
var File_commonfate_access_v1alpha1_grant_proto protoreflect.FileDescriptor
View Source
var File_commonfate_access_v1alpha1_grants_proto protoreflect.FileDescriptor
View Source
var File_commonfate_access_v1alpha1_identity_proto protoreflect.FileDescriptor
View Source
var File_commonfate_access_v1alpha1_integration_audit_logs_proto protoreflect.FileDescriptor
View Source
var File_commonfate_access_v1alpha1_named_eid_proto protoreflect.FileDescriptor
View Source
var File_commonfate_access_v1alpha1_provisioner_proto protoreflect.FileDescriptor
View Source
var File_commonfate_access_v1alpha1_resource_proto protoreflect.FileDescriptor
View Source
var File_commonfate_access_v1alpha1_user_proto protoreflect.FileDescriptor

Functions

This section is empty.

Types

type AWSAccount

type AWSAccount struct {
	AccountId string `protobuf:"bytes,1,opt,name=account_id,json=accountId,proto3" json:"account_id,omitempty"`
	Role      string `protobuf:"bytes,2,opt,name=role,proto3" json:"role,omitempty"`
	// contains filtered or unexported fields
}

func (*AWSAccount) Descriptor deprecated

func (*AWSAccount) Descriptor() ([]byte, []int)

Deprecated: Use AWSAccount.ProtoReflect.Descriptor instead.

func (*AWSAccount) GetAccountId

func (x *AWSAccount) GetAccountId() string

func (*AWSAccount) GetRole

func (x *AWSAccount) GetRole() string

func (*AWSAccount) ProtoMessage

func (*AWSAccount) ProtoMessage()

func (*AWSAccount) ProtoReflect

func (x *AWSAccount) ProtoReflect() protoreflect.Message

func (*AWSAccount) Reset

func (x *AWSAccount) Reset()

func (*AWSAccount) String

func (x *AWSAccount) String() string

type AccessRequest

type AccessRequest struct {

	// The ID of the Access Request.
	Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
	// Batch ID of the Access Request. Access Requests created in the same
	// API call have the same Batch ID.
	BatchId string `protobuf:"bytes,2,opt,name=batch_id,json=batchId,proto3" json:"batch_id,omitempty"`
	// The grants under consideration for access.
	Grants []*Grant `protobuf:"bytes,3,rep,name=grants,proto3" json:"grants,omitempty"`
	// An access request is reviewable if one or more Grants in the request
	// requires a manual review.
	Reviewable bool `protobuf:"varint,4,opt,name=reviewable,proto3" json:"reviewable,omitempty"`
	// True if the Access Request already existed and wasn't created by the API call.
	Existing bool `protobuf:"varint,5,opt,name=existing,proto3" json:"existing,omitempty"`
	// The timestamp that the request was created at.
	CreatedAt *timestamppb.Timestamp `protobuf:"bytes,8,opt,name=created_at,json=createdAt,proto3" json:"created_at,omitempty"`
	// The justification supplied when the request was created
	Justification *Justification `protobuf:"bytes,9,opt,name=justification,proto3" json:"justification,omitempty"`
	// The user or service account that requested the access.
	//
	// If a service account requested access, the 'name' and 'email' may be empty.
	Principal    *User  `protobuf:"bytes,10,opt,name=principal,proto3" json:"principal,omitempty"`
	WorkflowId   string `protobuf:"bytes,11,opt,name=workflow_id,json=workflowId,proto3" json:"workflow_id,omitempty"`
	WorkflowName string `protobuf:"bytes,12,opt,name=workflow_name,json=workflowName,proto3" json:"workflow_name,omitempty"`
	// contains filtered or unexported fields
}

A request to be given entitlements allowing <Action> to be performed on <Resource>.

For example, if the action is 'Admin', and the resource is AWS::Account::123456789012, This request is for entitlements allowing Admin access to the account 123456789012.

func (*AccessRequest) Descriptor deprecated

func (*AccessRequest) Descriptor() ([]byte, []int)

Deprecated: Use AccessRequest.ProtoReflect.Descriptor instead.

func (*AccessRequest) GetBatchId

func (x *AccessRequest) GetBatchId() string

func (*AccessRequest) GetCreatedAt

func (x *AccessRequest) GetCreatedAt() *timestamppb.Timestamp

func (*AccessRequest) GetExisting

func (x *AccessRequest) GetExisting() bool

func (*AccessRequest) GetGrants

func (x *AccessRequest) GetGrants() []*Grant

func (*AccessRequest) GetId

func (x *AccessRequest) GetId() string

func (*AccessRequest) GetJustification added in v1.3.0

func (x *AccessRequest) GetJustification() *Justification

func (*AccessRequest) GetPrincipal added in v1.7.0

func (x *AccessRequest) GetPrincipal() *User

func (*AccessRequest) GetReviewable

func (x *AccessRequest) GetReviewable() bool

func (*AccessRequest) GetWorkflowId added in v1.28.0

func (x *AccessRequest) GetWorkflowId() string

func (*AccessRequest) GetWorkflowName added in v1.28.0

func (x *AccessRequest) GetWorkflowName() string

func (*AccessRequest) ProtoMessage

func (*AccessRequest) ProtoMessage()

func (*AccessRequest) ProtoReflect

func (x *AccessRequest) ProtoReflect() protoreflect.Message

func (*AccessRequest) Reset

func (x *AccessRequest) Reset()

func (*AccessRequest) String

func (x *AccessRequest) String() string

type ActivateAccessRequestRequest

type ActivateAccessRequestRequest struct {

	// The ID of the Access Request.
	Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
	// If provided, will only activate the grants with the specified IDs
	ActivateGrants []string `protobuf:"bytes,2,rep,name=activate_grants,json=activateGrants,proto3" json:"activate_grants,omitempty"`
	// contains filtered or unexported fields
}

func (*ActivateAccessRequestRequest) Descriptor deprecated

func (*ActivateAccessRequestRequest) Descriptor() ([]byte, []int)

Deprecated: Use ActivateAccessRequestRequest.ProtoReflect.Descriptor instead.

func (*ActivateAccessRequestRequest) GetActivateGrants

func (x *ActivateAccessRequestRequest) GetActivateGrants() []string

func (*ActivateAccessRequestRequest) GetId

func (*ActivateAccessRequestRequest) ProtoMessage

func (*ActivateAccessRequestRequest) ProtoMessage()

func (*ActivateAccessRequestRequest) ProtoReflect

func (*ActivateAccessRequestRequest) Reset

func (x *ActivateAccessRequestRequest) Reset()

func (*ActivateAccessRequestRequest) String

type ActivateAccessRequestResponse

type ActivateAccessRequestResponse struct {
	Diagnostics []*Diagnostic `protobuf:"bytes,1,rep,name=diagnostics,proto3" json:"diagnostics,omitempty"`
	// contains filtered or unexported fields
}

func (*ActivateAccessRequestResponse) Descriptor deprecated

func (*ActivateAccessRequestResponse) Descriptor() ([]byte, []int)

Deprecated: Use ActivateAccessRequestResponse.ProtoReflect.Descriptor instead.

func (*ActivateAccessRequestResponse) GetDiagnostics

func (x *ActivateAccessRequestResponse) GetDiagnostics() []*Diagnostic

func (*ActivateAccessRequestResponse) ProtoMessage

func (*ActivateAccessRequestResponse) ProtoMessage()

func (*ActivateAccessRequestResponse) ProtoReflect

func (*ActivateAccessRequestResponse) Reset

func (x *ActivateAccessRequestResponse) Reset()

func (*ActivateAccessRequestResponse) String

type ApproveAccessRequestRequest

type ApproveAccessRequestRequest struct {

	// The ID of the Access Request.
	Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
	// If provided, will only approve the grants with the specified IDs
	ApproveGrants []string `protobuf:"bytes,2,rep,name=approve_grants,json=approveGrants,proto3" json:"approve_grants,omitempty"`
	// contains filtered or unexported fields
}

func (*ApproveAccessRequestRequest) Descriptor deprecated

func (*ApproveAccessRequestRequest) Descriptor() ([]byte, []int)

Deprecated: Use ApproveAccessRequestRequest.ProtoReflect.Descriptor instead.

func (*ApproveAccessRequestRequest) GetApproveGrants

func (x *ApproveAccessRequestRequest) GetApproveGrants() []string

func (*ApproveAccessRequestRequest) GetId

func (*ApproveAccessRequestRequest) ProtoMessage

func (*ApproveAccessRequestRequest) ProtoMessage()

func (*ApproveAccessRequestRequest) ProtoReflect

func (*ApproveAccessRequestRequest) Reset

func (x *ApproveAccessRequestRequest) Reset()

func (*ApproveAccessRequestRequest) String

func (x *ApproveAccessRequestRequest) String() string

type ApproveAccessRequestResponse

type ApproveAccessRequestResponse struct {
	Diagnostics []*Diagnostic `protobuf:"bytes,1,rep,name=diagnostics,proto3" json:"diagnostics,omitempty"`
	// contains filtered or unexported fields
}

func (*ApproveAccessRequestResponse) Descriptor deprecated

func (*ApproveAccessRequestResponse) Descriptor() ([]byte, []int)

Deprecated: Use ApproveAccessRequestResponse.ProtoReflect.Descriptor instead.

func (*ApproveAccessRequestResponse) GetDiagnostics

func (x *ApproveAccessRequestResponse) GetDiagnostics() []*Diagnostic

func (*ApproveAccessRequestResponse) ProtoMessage

func (*ApproveAccessRequestResponse) ProtoMessage()

func (*ApproveAccessRequestResponse) ProtoReflect

func (*ApproveAccessRequestResponse) Reset

func (x *ApproveAccessRequestResponse) Reset()

func (*ApproveAccessRequestResponse) String

type AuditLog

type AuditLog struct {

	// an ID of the audit log event
	Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
	// the action which occurred
	Action string `protobuf:"bytes,2,opt,name=action,proto3" json:"action,omitempty"`
	// the actor which performed the action.
	Actor *User `protobuf:"bytes,3,opt,name=actor,proto3" json:"actor,omitempty"`
	// the timestamp the action occurred at.
	OccurredAt *timestamppb.Timestamp `protobuf:"bytes,4,opt,name=occurred_at,json=occurredAt,proto3" json:"occurred_at,omitempty"`
	// all related resources affected by the action.
	Targets []*v1alpha1.EID `protobuf:"bytes,5,rep,name=targets,proto3" json:"targets,omitempty"`
	// a human-friendly message describing the action.
	Message string `protobuf:"bytes,6,opt,name=message,proto3" json:"message,omitempty"`
	// additional context (omitted in user-facing audit logs,
	// as it contains sensitive information like IP addresses)
	Context *structpb.Struct `protobuf:"bytes,7,opt,name=context,proto3" json:"context,omitempty"`
	// the caller identity details, including information
	// such as the particular authentication token ID used
	// to perform the action.
	CallerIdentityChain []*IdentityLink `protobuf:"bytes,8,rep,name=caller_identity_chain,json=callerIdentityChain,proto3" json:"caller_identity_chain,omitempty"`
	// contains filtered or unexported fields
}

func (*AuditLog) Descriptor deprecated

func (*AuditLog) Descriptor() ([]byte, []int)

Deprecated: Use AuditLog.ProtoReflect.Descriptor instead.

func (*AuditLog) GetAction

func (x *AuditLog) GetAction() string

func (*AuditLog) GetActor

func (x *AuditLog) GetActor() *User

func (*AuditLog) GetCallerIdentityChain

func (x *AuditLog) GetCallerIdentityChain() []*IdentityLink

func (*AuditLog) GetContext

func (x *AuditLog) GetContext() *structpb.Struct

func (*AuditLog) GetId

func (x *AuditLog) GetId() string

func (*AuditLog) GetMessage

func (x *AuditLog) GetMessage() string

func (*AuditLog) GetOccurredAt

func (x *AuditLog) GetOccurredAt() *timestamppb.Timestamp

func (*AuditLog) GetTargets

func (x *AuditLog) GetTargets() []*v1alpha1.EID

func (*AuditLog) ProtoMessage

func (*AuditLog) ProtoMessage()

func (*AuditLog) ProtoReflect

func (x *AuditLog) ProtoReflect() protoreflect.Message

func (*AuditLog) Reset

func (x *AuditLog) Reset()

func (*AuditLog) String

func (x *AuditLog) String() string

type AuditLogPreview

type AuditLogPreview struct {
	Logs []*AuditLog `protobuf:"bytes,1,rep,name=logs,proto3" json:"logs,omitempty"`
	// An approximate count of activity events
	LogCount uint32 `protobuf:"varint,12,opt,name=log_count,json=logCount,proto3" json:"log_count,omitempty"`
	// contains filtered or unexported fields
}

func (*AuditLogPreview) Descriptor deprecated

func (*AuditLogPreview) Descriptor() ([]byte, []int)

Deprecated: Use AuditLogPreview.ProtoReflect.Descriptor instead.

func (*AuditLogPreview) GetLogCount

func (x *AuditLogPreview) GetLogCount() uint32

func (*AuditLogPreview) GetLogs

func (x *AuditLogPreview) GetLogs() []*AuditLog

func (*AuditLogPreview) ProtoMessage

func (*AuditLogPreview) ProtoMessage()

func (*AuditLogPreview) ProtoReflect

func (x *AuditLogPreview) ProtoReflect() protoreflect.Message

func (*AuditLogPreview) Reset

func (x *AuditLogPreview) Reset()

func (*AuditLogPreview) String

func (x *AuditLogPreview) String() string

type Availability

type Availability struct {

	// ID is just used internally and isn't really shown to users except for debugging purposes.
	// users refer to entitlements by the target and role, rather than the internal ID.
	Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
	// The particular resource which this entitlement gives access to
	Target *NamedEID `protobuf:"bytes,2,opt,name=target,proto3" json:"target,omitempty"`
	// The particular role this entitlement gives access to
	Role *NamedEID `protobuf:"bytes,3,opt,name=role,proto3" json:"role,omitempty"`
	// the JIT workflow associated with the entitlement.
	WorkflowId string `protobuf:"bytes,4,opt,name=workflow_id,json=workflowId,proto3" json:"workflow_id,omitempty"`
	// The permitted access duration.
	Duration  *durationpb.Duration `protobuf:"bytes,5,opt,name=duration,proto3" json:"duration,omitempty"`
	Priority  uint32               `protobuf:"varint,6,opt,name=priority,proto3" json:"priority,omitempty"`
	Reviewers *v1alpha1.EID        `protobuf:"bytes,7,opt,name=reviewers,proto3" json:"reviewers,omitempty"`
	// the ID of the selector which was used to match the targets
	TargetSelector *v1alpha1.EID `protobuf:"bytes,8,opt,name=target_selector,json=targetSelector,proto3" json:"target_selector,omitempty"`
	// The default duration of the access.
	DefaultDuration *durationpb.Duration `protobuf:"bytes,9,opt,name=default_duration,json=defaultDuration,proto3" json:"default_duration,omitempty"`
	// contains filtered or unexported fields
}

func (*Availability) Descriptor deprecated

func (*Availability) Descriptor() ([]byte, []int)

Deprecated: Use Availability.ProtoReflect.Descriptor instead.

func (*Availability) GetDefaultDuration added in v1.31.0

func (x *Availability) GetDefaultDuration() *durationpb.Duration

func (*Availability) GetDuration

func (x *Availability) GetDuration() *durationpb.Duration

func (*Availability) GetId

func (x *Availability) GetId() string

func (*Availability) GetPriority

func (x *Availability) GetPriority() uint32

func (*Availability) GetReviewers

func (x *Availability) GetReviewers() *v1alpha1.EID

func (*Availability) GetRole

func (x *Availability) GetRole() *NamedEID

func (*Availability) GetTarget

func (x *Availability) GetTarget() *NamedEID

func (*Availability) GetTargetSelector

func (x *Availability) GetTargetSelector() *v1alpha1.EID

func (*Availability) GetWorkflowId

func (x *Availability) GetWorkflowId() string

func (*Availability) ProtoMessage

func (*Availability) ProtoMessage()

func (*Availability) ProtoReflect

func (x *Availability) ProtoReflect() protoreflect.Message

func (*Availability) Reset

func (x *Availability) Reset()

func (*Availability) String

func (x *Availability) String() string

type BatchEnsureRequest

type BatchEnsureRequest struct {

	// The entitlements to request access to.
	Entitlements []*EntitlementInput `protobuf:"bytes,1,rep,name=entitlements,proto3" json:"entitlements,omitempty"`
	// Optional justification as to why access is required.
	Justification *Justification `protobuf:"bytes,2,opt,name=justification,proto3" json:"justification,omitempty"`
	// If true, will return a preview of changes rather than actually provisioning access.
	DryRun bool `protobuf:"varint,3,opt,name=dry_run,json=dryRun,proto3" json:"dry_run,omitempty"`
	// contains filtered or unexported fields
}

func (*BatchEnsureRequest) Descriptor deprecated

func (*BatchEnsureRequest) Descriptor() ([]byte, []int)

Deprecated: Use BatchEnsureRequest.ProtoReflect.Descriptor instead.

func (*BatchEnsureRequest) GetDryRun

func (x *BatchEnsureRequest) GetDryRun() bool

func (*BatchEnsureRequest) GetEntitlements

func (x *BatchEnsureRequest) GetEntitlements() []*EntitlementInput

func (*BatchEnsureRequest) GetJustification

func (x *BatchEnsureRequest) GetJustification() *Justification

func (*BatchEnsureRequest) ProtoMessage

func (*BatchEnsureRequest) ProtoMessage()

func (*BatchEnsureRequest) ProtoReflect

func (x *BatchEnsureRequest) ProtoReflect() protoreflect.Message

func (*BatchEnsureRequest) Reset

func (x *BatchEnsureRequest) Reset()

func (*BatchEnsureRequest) String

func (x *BatchEnsureRequest) String() string

type BatchEnsureResponse

type BatchEnsureResponse struct {

	// An ID which can be used to debug the evaluation of the access policies
	// associated with the request.
	TraceId string        `protobuf:"bytes,1,opt,name=trace_id,json=traceId,proto3" json:"trace_id,omitempty"`
	Grants  []*GrantState `protobuf:"bytes,2,rep,name=grants,proto3" json:"grants,omitempty"`
	// User-facing diagnostic warnings, for messages such as the user not having permissions
	// to request some of the entitlements they asked for.
	//
	// Rather than failing the entire operation the Access Handler returns warnings.
	Diagnostics []*Diagnostic `protobuf:"bytes,6,rep,name=diagnostics,proto3" json:"diagnostics,omitempty"`
	// contains filtered or unexported fields
}

func (*BatchEnsureResponse) Descriptor deprecated

func (*BatchEnsureResponse) Descriptor() ([]byte, []int)

Deprecated: Use BatchEnsureResponse.ProtoReflect.Descriptor instead.

func (*BatchEnsureResponse) GetDiagnostics

func (x *BatchEnsureResponse) GetDiagnostics() []*Diagnostic

func (*BatchEnsureResponse) GetGrants

func (x *BatchEnsureResponse) GetGrants() []*GrantState

func (*BatchEnsureResponse) GetTraceId

func (x *BatchEnsureResponse) GetTraceId() string

func (*BatchEnsureResponse) ProtoMessage

func (*BatchEnsureResponse) ProtoMessage()

func (*BatchEnsureResponse) ProtoReflect

func (x *BatchEnsureResponse) ProtoReflect() protoreflect.Message

func (*BatchEnsureResponse) Reset

func (x *BatchEnsureResponse) Reset()

func (*BatchEnsureResponse) String

func (x *BatchEnsureResponse) String() string

type BatchPutAuditLogRequest

type BatchPutAuditLogRequest struct {
	GrantId   string                 `protobuf:"bytes,1,opt,name=grant_id,json=grantId,proto3" json:"grant_id,omitempty"`
	AuditLogs []*IntegrationAuditLog `protobuf:"bytes,2,rep,name=audit_logs,json=auditLogs,proto3" json:"audit_logs,omitempty"`
	// contains filtered or unexported fields
}

func (*BatchPutAuditLogRequest) Descriptor deprecated

func (*BatchPutAuditLogRequest) Descriptor() ([]byte, []int)

Deprecated: Use BatchPutAuditLogRequest.ProtoReflect.Descriptor instead.

func (*BatchPutAuditLogRequest) GetAuditLogs

func (x *BatchPutAuditLogRequest) GetAuditLogs() []*IntegrationAuditLog

func (*BatchPutAuditLogRequest) GetGrantId

func (x *BatchPutAuditLogRequest) GetGrantId() string

func (*BatchPutAuditLogRequest) ProtoMessage

func (*BatchPutAuditLogRequest) ProtoMessage()

func (*BatchPutAuditLogRequest) ProtoReflect

func (x *BatchPutAuditLogRequest) ProtoReflect() protoreflect.Message

func (*BatchPutAuditLogRequest) Reset

func (x *BatchPutAuditLogRequest) Reset()

func (*BatchPutAuditLogRequest) String

func (x *BatchPutAuditLogRequest) String() string

type BatchPutAuditLogResponse

type BatchPutAuditLogResponse struct {
	// contains filtered or unexported fields
}

func (*BatchPutAuditLogResponse) Descriptor deprecated

func (*BatchPutAuditLogResponse) Descriptor() ([]byte, []int)

Deprecated: Use BatchPutAuditLogResponse.ProtoReflect.Descriptor instead.

func (*BatchPutAuditLogResponse) ProtoMessage

func (*BatchPutAuditLogResponse) ProtoMessage()

func (*BatchPutAuditLogResponse) ProtoReflect

func (x *BatchPutAuditLogResponse) ProtoReflect() protoreflect.Message

func (*BatchPutAuditLogResponse) Reset

func (x *BatchPutAuditLogResponse) Reset()

func (*BatchPutAuditLogResponse) String

func (x *BatchPutAuditLogResponse) String() string

type CloseAccessRequestRequest

type CloseAccessRequestRequest struct {

	// The ID of the Access Request.
	Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
	// If provided, will only close the grants with the specified IDs
	CloseGrants []string `protobuf:"bytes,2,rep,name=close_grants,json=closeGrants,proto3" json:"close_grants,omitempty"`
	// contains filtered or unexported fields
}

func (*CloseAccessRequestRequest) Descriptor deprecated

func (*CloseAccessRequestRequest) Descriptor() ([]byte, []int)

Deprecated: Use CloseAccessRequestRequest.ProtoReflect.Descriptor instead.

func (*CloseAccessRequestRequest) GetCloseGrants

func (x *CloseAccessRequestRequest) GetCloseGrants() []string

func (*CloseAccessRequestRequest) GetId

func (x *CloseAccessRequestRequest) GetId() string

func (*CloseAccessRequestRequest) ProtoMessage

func (*CloseAccessRequestRequest) ProtoMessage()

func (*CloseAccessRequestRequest) ProtoReflect

func (*CloseAccessRequestRequest) Reset

func (x *CloseAccessRequestRequest) Reset()

func (*CloseAccessRequestRequest) String

func (x *CloseAccessRequestRequest) String() string

type CloseAccessRequestResponse

type CloseAccessRequestResponse struct {
	Diagnostics []*Diagnostic `protobuf:"bytes,1,rep,name=diagnostics,proto3" json:"diagnostics,omitempty"`
	// contains filtered or unexported fields
}

func (*CloseAccessRequestResponse) Descriptor deprecated

func (*CloseAccessRequestResponse) Descriptor() ([]byte, []int)

Deprecated: Use CloseAccessRequestResponse.ProtoReflect.Descriptor instead.

func (*CloseAccessRequestResponse) GetDiagnostics

func (x *CloseAccessRequestResponse) GetDiagnostics() []*Diagnostic

func (*CloseAccessRequestResponse) ProtoMessage

func (*CloseAccessRequestResponse) ProtoMessage()

func (*CloseAccessRequestResponse) ProtoReflect

func (*CloseAccessRequestResponse) Reset

func (x *CloseAccessRequestResponse) Reset()

func (*CloseAccessRequestResponse) String

func (x *CloseAccessRequestResponse) String() string

type DebugEntitlementAccessRequest added in v1.25.0

type DebugEntitlementAccessRequest struct {
	Principal *Specifier `protobuf:"bytes,1,opt,name=principal,proto3" json:"principal,omitempty"`
	Target    *Specifier `protobuf:"bytes,2,opt,name=target,proto3" json:"target,omitempty"`
	Role      *Specifier `protobuf:"bytes,3,opt,name=role,proto3" json:"role,omitempty"`
	// contains filtered or unexported fields
}

func (*DebugEntitlementAccessRequest) Descriptor deprecated added in v1.25.0

func (*DebugEntitlementAccessRequest) Descriptor() ([]byte, []int)

Deprecated: Use DebugEntitlementAccessRequest.ProtoReflect.Descriptor instead.

func (*DebugEntitlementAccessRequest) GetPrincipal added in v1.25.0

func (x *DebugEntitlementAccessRequest) GetPrincipal() *Specifier

func (*DebugEntitlementAccessRequest) GetRole added in v1.25.0

func (*DebugEntitlementAccessRequest) GetTarget added in v1.25.0

func (x *DebugEntitlementAccessRequest) GetTarget() *Specifier

func (*DebugEntitlementAccessRequest) ProtoMessage added in v1.25.0

func (*DebugEntitlementAccessRequest) ProtoMessage()

func (*DebugEntitlementAccessRequest) ProtoReflect added in v1.25.0

func (*DebugEntitlementAccessRequest) Reset added in v1.25.0

func (x *DebugEntitlementAccessRequest) Reset()

func (*DebugEntitlementAccessRequest) String added in v1.25.0

type DebugEntitlementAccessResponse added in v1.25.0

type DebugEntitlementAccessResponse struct {

	// Whether or not the principal can request access to this entitlement
	CanRequest bool `protobuf:"varint,1,opt,name=can_request,json=canRequest,proto3" json:"can_request,omitempty"`
	// Whether or not it is auto approved
	AutoApproved bool `protobuf:"varint,2,opt,name=auto_approved,json=autoApproved,proto3" json:"auto_approved,omitempty"`
	// The Cedar Policys which contributed to the authorizations decisions
	Reason *EntitlementAccessReason `protobuf:"bytes,3,opt,name=reason,proto3" json:"reason,omitempty"`
	// Cedar PolicySets which contributed to the authorization decisions.
	PolicySets []*v1alpha11.PolicySet `protobuf:"bytes,4,rep,name=policy_sets,json=policySets,proto3" json:"policy_sets,omitempty"`
	// Entities which contributed to the authorization decisions.
	Entities []*v1alpha1.Entity `protobuf:"bytes,5,rep,name=entities,proto3" json:"entities,omitempty"`
	// contains filtered or unexported fields
}

func (*DebugEntitlementAccessResponse) Descriptor deprecated added in v1.25.0

func (*DebugEntitlementAccessResponse) Descriptor() ([]byte, []int)

Deprecated: Use DebugEntitlementAccessResponse.ProtoReflect.Descriptor instead.

func (*DebugEntitlementAccessResponse) GetAutoApproved added in v1.25.0

func (x *DebugEntitlementAccessResponse) GetAutoApproved() bool

func (*DebugEntitlementAccessResponse) GetCanRequest added in v1.25.0

func (x *DebugEntitlementAccessResponse) GetCanRequest() bool

func (*DebugEntitlementAccessResponse) GetEntities added in v1.25.0

func (x *DebugEntitlementAccessResponse) GetEntities() []*v1alpha1.Entity

func (*DebugEntitlementAccessResponse) GetPolicySets added in v1.25.0

func (x *DebugEntitlementAccessResponse) GetPolicySets() []*v1alpha11.PolicySet

func (*DebugEntitlementAccessResponse) GetReason added in v1.25.0

func (*DebugEntitlementAccessResponse) ProtoMessage added in v1.25.0

func (*DebugEntitlementAccessResponse) ProtoMessage()

func (*DebugEntitlementAccessResponse) ProtoReflect added in v1.25.0

func (*DebugEntitlementAccessResponse) Reset added in v1.25.0

func (x *DebugEntitlementAccessResponse) Reset()

func (*DebugEntitlementAccessResponse) String added in v1.25.0

type Diagnostic

type Diagnostic struct {
	Level DiagnosticLevel `protobuf:"varint,1,opt,name=level,proto3,enum=commonfate.access.v1alpha1.DiagnosticLevel" json:"level,omitempty"`
	// The resource the diagnostic message relates to.
	// Can be empty if the message doesn't relate to a particular resource.
	Resource *v1alpha1.EID `protobuf:"bytes,2,opt,name=resource,proto3" json:"resource,omitempty"`
	// The message.
	Message string `protobuf:"bytes,3,opt,name=message,proto3" json:"message,omitempty"`
	// contains filtered or unexported fields
}

func (*Diagnostic) Descriptor deprecated

func (*Diagnostic) Descriptor() ([]byte, []int)

Deprecated: Use Diagnostic.ProtoReflect.Descriptor instead.

func (*Diagnostic) GetLevel

func (x *Diagnostic) GetLevel() DiagnosticLevel

func (*Diagnostic) GetMessage

func (x *Diagnostic) GetMessage() string

func (*Diagnostic) GetResource

func (x *Diagnostic) GetResource() *v1alpha1.EID

func (*Diagnostic) ProtoMessage

func (*Diagnostic) ProtoMessage()

func (*Diagnostic) ProtoReflect

func (x *Diagnostic) ProtoReflect() protoreflect.Message

func (*Diagnostic) Reset

func (x *Diagnostic) Reset()

func (*Diagnostic) String

func (x *Diagnostic) String() string

type DiagnosticLevel

type DiagnosticLevel int32
const (
	DiagnosticLevel_DIAGNOSTIC_LEVEL_UNSPECIFIED DiagnosticLevel = 0
	DiagnosticLevel_DIAGNOSTIC_LEVEL_INFO        DiagnosticLevel = 1
	DiagnosticLevel_DIAGNOSTIC_LEVEL_WARNING     DiagnosticLevel = 2
	DiagnosticLevel_DIAGNOSTIC_LEVEL_ERROR       DiagnosticLevel = 3
)

func (DiagnosticLevel) Descriptor

func (DiagnosticLevel) Enum

func (x DiagnosticLevel) Enum() *DiagnosticLevel

func (DiagnosticLevel) EnumDescriptor deprecated

func (DiagnosticLevel) EnumDescriptor() ([]byte, []int)

Deprecated: Use DiagnosticLevel.Descriptor instead.

func (DiagnosticLevel) Number

func (DiagnosticLevel) String

func (x DiagnosticLevel) String() string

func (DiagnosticLevel) Type

type Entitlement added in v1.14.0

type Entitlement struct {

	// The particular resource which this entitlement gives access to
	Target *NamedEID `protobuf:"bytes,1,opt,name=target,proto3" json:"target,omitempty"`
	// The particular role this entitlement gives access to
	Role *NamedEID `protobuf:"bytes,2,opt,name=role,proto3" json:"role,omitempty"`
	// Whether or not it is auto approved
	AutoApproved bool `protobuf:"varint,3,opt,name=auto_approved,json=autoApproved,proto3" json:"auto_approved,omitempty"`
	// target_path is the hierarchical path to the particular entitlement target.
	// It is used in the Common Fate web console to display entitlements in a hierarchy view.
	// For example, an AWS account entitlement will have a path of
	// `Root OU -> Parent OU -> Child OU.`
	//
	// target_path is in sorted order, from the root path node to the immediate parent of the target.
	//
	// The target_path does not include the target itself.
	TargetPath []*NamedEID `protobuf:"bytes,4,rep,name=target_path,json=targetPath,proto3" json:"target_path,omitempty"`
	// The Cedar Policys which contributed to the authorizations decisions
	Reason *EntitlementAccessReason `protobuf:"bytes,5,opt,name=reason,proto3" json:"reason,omitempty"`
	// contains filtered or unexported fields
}

func (*Entitlement) Descriptor deprecated added in v1.14.0

func (*Entitlement) Descriptor() ([]byte, []int)

Deprecated: Use Entitlement.ProtoReflect.Descriptor instead.

func (*Entitlement) GetAutoApproved added in v1.16.0

func (x *Entitlement) GetAutoApproved() bool

func (*Entitlement) GetReason added in v1.25.0

func (x *Entitlement) GetReason() *EntitlementAccessReason

func (*Entitlement) GetRole added in v1.14.0

func (x *Entitlement) GetRole() *NamedEID

func (*Entitlement) GetTarget added in v1.14.0

func (x *Entitlement) GetTarget() *NamedEID

func (*Entitlement) GetTargetPath added in v1.24.0

func (x *Entitlement) GetTargetPath() []*NamedEID

func (*Entitlement) ProtoMessage added in v1.14.0

func (*Entitlement) ProtoMessage()

func (*Entitlement) ProtoReflect added in v1.14.0

func (x *Entitlement) ProtoReflect() protoreflect.Message

func (*Entitlement) Reset added in v1.14.0

func (x *Entitlement) Reset()

func (*Entitlement) String added in v1.14.0

func (x *Entitlement) String() string

type EntitlementAccessReason added in v1.25.0

type EntitlementAccessReason struct {

	// Cedar Policy IDs which contributed to the can_request authorization decision.
	CanRequestReason []string `protobuf:"bytes,1,rep,name=can_request_reason,json=canRequestReason,proto3" json:"can_request_reason,omitempty"`
	// Cedar Policy IDs which contributed to the auto_approval authorization decision.
	AutoApprovalReason []string `protobuf:"bytes,2,rep,name=auto_approval_reason,json=autoApprovalReason,proto3" json:"auto_approval_reason,omitempty"`
	// contains filtered or unexported fields
}

func (*EntitlementAccessReason) Descriptor deprecated added in v1.25.0

func (*EntitlementAccessReason) Descriptor() ([]byte, []int)

Deprecated: Use EntitlementAccessReason.ProtoReflect.Descriptor instead.

func (*EntitlementAccessReason) GetAutoApprovalReason added in v1.25.0

func (x *EntitlementAccessReason) GetAutoApprovalReason() []string

func (*EntitlementAccessReason) GetCanRequestReason added in v1.25.0

func (x *EntitlementAccessReason) GetCanRequestReason() []string

func (*EntitlementAccessReason) ProtoMessage added in v1.25.0

func (*EntitlementAccessReason) ProtoMessage()

func (*EntitlementAccessReason) ProtoReflect added in v1.25.0

func (x *EntitlementAccessReason) ProtoReflect() protoreflect.Message

func (*EntitlementAccessReason) Reset added in v1.25.0

func (x *EntitlementAccessReason) Reset()

func (*EntitlementAccessReason) String added in v1.25.0

func (x *EntitlementAccessReason) String() string

type EntitlementInput

type EntitlementInput struct {

	// The principal to grant access to.
	// If empty, the current caller will be used as the principal.
	Principal *Specifier `protobuf:"bytes,1,opt,name=principal,proto3" json:"principal,omitempty"`
	// The resource to grant the principal access to.
	Target *Specifier `protobuf:"bytes,2,opt,name=target,proto3" json:"target,omitempty"`
	// The role to grant the principal access to the resource with.
	Role     *Specifier           `protobuf:"bytes,3,opt,name=role,proto3" json:"role,omitempty"`
	Duration *durationpb.Duration `protobuf:"bytes,4,opt,name=duration,proto3,oneof" json:"duration,omitempty"`
	// contains filtered or unexported fields
}

func (*EntitlementInput) Descriptor deprecated

func (*EntitlementInput) Descriptor() ([]byte, []int)

Deprecated: Use EntitlementInput.ProtoReflect.Descriptor instead.

func (*EntitlementInput) GetDuration added in v1.12.3

func (x *EntitlementInput) GetDuration() *durationpb.Duration

func (*EntitlementInput) GetPrincipal

func (x *EntitlementInput) GetPrincipal() *Specifier

func (*EntitlementInput) GetRole

func (x *EntitlementInput) GetRole() *Specifier

func (*EntitlementInput) GetTarget

func (x *EntitlementInput) GetTarget() *Specifier

func (*EntitlementInput) ProtoMessage

func (*EntitlementInput) ProtoMessage()

func (*EntitlementInput) ProtoReflect

func (x *EntitlementInput) ProtoReflect() protoreflect.Message

func (*EntitlementInput) Reset

func (x *EntitlementInput) Reset()

func (*EntitlementInput) String

func (x *EntitlementInput) String() string

type GCPProject

type GCPProject struct {
	Project string `protobuf:"bytes,1,opt,name=project,proto3" json:"project,omitempty"`
	Role    string `protobuf:"bytes,2,opt,name=role,proto3" json:"role,omitempty"`
	// contains filtered or unexported fields
}

func (*GCPProject) Descriptor deprecated

func (*GCPProject) Descriptor() ([]byte, []int)

Deprecated: Use GCPProject.ProtoReflect.Descriptor instead.

func (*GCPProject) GetProject

func (x *GCPProject) GetProject() string

func (*GCPProject) GetRole

func (x *GCPProject) GetRole() string

func (*GCPProject) ProtoMessage

func (*GCPProject) ProtoMessage()

func (*GCPProject) ProtoReflect

func (x *GCPProject) ProtoReflect() protoreflect.Message

func (*GCPProject) Reset

func (x *GCPProject) Reset()

func (*GCPProject) String

func (x *GCPProject) String() string

type GetAccessRequestRequest

type GetAccessRequestRequest struct {

	// The ID of the Access Request.
	Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
	// contains filtered or unexported fields
}

func (*GetAccessRequestRequest) Descriptor deprecated

func (*GetAccessRequestRequest) Descriptor() ([]byte, []int)

Deprecated: Use GetAccessRequestRequest.ProtoReflect.Descriptor instead.

func (*GetAccessRequestRequest) GetId

func (x *GetAccessRequestRequest) GetId() string

func (*GetAccessRequestRequest) ProtoMessage

func (*GetAccessRequestRequest) ProtoMessage()

func (*GetAccessRequestRequest) ProtoReflect

func (x *GetAccessRequestRequest) ProtoReflect() protoreflect.Message

func (*GetAccessRequestRequest) Reset

func (x *GetAccessRequestRequest) Reset()

func (*GetAccessRequestRequest) String

func (x *GetAccessRequestRequest) String() string

type GetAccessRequestResponse

type GetAccessRequestResponse struct {
	AccessRequest *AccessRequest `protobuf:"bytes,1,opt,name=access_request,json=accessRequest,proto3" json:"access_request,omitempty"`
	// contains filtered or unexported fields
}

func (*GetAccessRequestResponse) Descriptor deprecated

func (*GetAccessRequestResponse) Descriptor() ([]byte, []int)

Deprecated: Use GetAccessRequestResponse.ProtoReflect.Descriptor instead.

func (*GetAccessRequestResponse) GetAccessRequest

func (x *GetAccessRequestResponse) GetAccessRequest() *AccessRequest

func (*GetAccessRequestResponse) ProtoMessage

func (*GetAccessRequestResponse) ProtoMessage()

func (*GetAccessRequestResponse) ProtoReflect

func (x *GetAccessRequestResponse) ProtoReflect() protoreflect.Message

func (*GetAccessRequestResponse) Reset

func (x *GetAccessRequestResponse) Reset()

func (*GetAccessRequestResponse) String

func (x *GetAccessRequestResponse) String() string

type GetCallerIdentityRequest

type GetCallerIdentityRequest struct {
	// contains filtered or unexported fields
}

func (*GetCallerIdentityRequest) Descriptor deprecated

func (*GetCallerIdentityRequest) Descriptor() ([]byte, []int)

Deprecated: Use GetCallerIdentityRequest.ProtoReflect.Descriptor instead.

func (*GetCallerIdentityRequest) ProtoMessage

func (*GetCallerIdentityRequest) ProtoMessage()

func (*GetCallerIdentityRequest) ProtoReflect

func (x *GetCallerIdentityRequest) ProtoReflect() protoreflect.Message

func (*GetCallerIdentityRequest) Reset

func (x *GetCallerIdentityRequest) Reset()

func (*GetCallerIdentityRequest) String

func (x *GetCallerIdentityRequest) String() string

type GetCallerIdentityResponse

type GetCallerIdentityResponse struct {

	// The chain of the identities for the user.
	// The final item in the chain is the current identity the user is acting as,
	// and is the 'principal' for authorization policy evaluations.
	//
	// For users authenticating with OIDC, the chain will usually look like:
	// 1. OIDC::Subject::"https://oidc-issuer.example.com/93fcac4b-ab67-405c-926b-184f8ba697a4"
	// 2. CF::User::"usr_2Z0WQkw9Ogpsn2Us6RuIBiDRYzJ"
	Chain []*IdentityLink `protobuf:"bytes,1,rep,name=chain,proto3" json:"chain,omitempty"`
	// The principal that the user is currently acting as.
	Principal *User `protobuf:"bytes,2,opt,name=principal,proto3" json:"principal,omitempty"`
	// contains filtered or unexported fields
}

func (*GetCallerIdentityResponse) Descriptor deprecated

func (*GetCallerIdentityResponse) Descriptor() ([]byte, []int)

Deprecated: Use GetCallerIdentityResponse.ProtoReflect.Descriptor instead.

func (*GetCallerIdentityResponse) GetChain

func (x *GetCallerIdentityResponse) GetChain() []*IdentityLink

func (*GetCallerIdentityResponse) GetPrincipal

func (x *GetCallerIdentityResponse) GetPrincipal() *User

func (*GetCallerIdentityResponse) ProtoMessage

func (*GetCallerIdentityResponse) ProtoMessage()

func (*GetCallerIdentityResponse) ProtoReflect

func (*GetCallerIdentityResponse) Reset

func (x *GetCallerIdentityResponse) Reset()

func (*GetCallerIdentityResponse) String

func (x *GetCallerIdentityResponse) String() string

type Grant

type Grant struct {

	// The ID of the Grant.
	Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
	// A user-friendly name describing the access, such as "AdministratorAccess to tax-api-prod"
	Name string `protobuf:"bytes,2,opt,name=name,proto3" json:"name,omitempty"`
	// The resource being requested.
	Target *NamedEID `protobuf:"bytes,3,opt,name=target,proto3" json:"target,omitempty"`
	// The role being requested, such as "View" or "Admin".
	Role *NamedEID `protobuf:"bytes,4,opt,name=role,proto3" json:"role,omitempty"`
	// The user or service account that requested the access.
	//
	// If a service account requested access, the 'name' and 'email' may be empty.
	Principal *User `protobuf:"bytes,5,opt,name=principal,proto3" json:"principal,omitempty"`
	// The status of the Grant.
	Status GrantStatus `protobuf:"varint,6,opt,name=status,proto3,enum=commonfate.access.v1alpha1.GrantStatus" json:"status,omitempty"`
	// For active grants, the time that the access is due to expire.
	ExpiresAt *timestamppb.Timestamp `protobuf:"bytes,8,opt,name=expires_at,json=expiresAt,proto3" json:"expires_at,omitempty"`
	// For active grants, the time that the user may attempt to extend the grant.
	// If empty, extension is not permitted.
	TryExtendAfter *timestamppb.Timestamp `protobuf:"bytes,9,opt,name=try_extend_after,json=tryExtendAfter,proto3" json:"try_extend_after,omitempty"`
	// The ID of the Access Request associated with the Grant.
	AccessRequestId string `protobuf:"bytes,10,opt,name=access_request_id,json=accessRequestId,proto3" json:"access_request_id,omitempty"`
	// Approved is true if there are any approving reviews on the Grant.
	Approved bool `protobuf:"varint,11,opt,name=approved,proto3" json:"approved,omitempty"`
	// The time that the grant was closed.
	ClosedAt *timestamppb.Timestamp `protobuf:"bytes,12,opt,name=closed_at,json=closedAt,proto3" json:"closed_at,omitempty"`
	// For grants which were activated, the time that the access was activated.
	ActivatedAt *timestamppb.Timestamp `protobuf:"bytes,13,opt,name=activated_at,json=activatedAt,proto3" json:"activated_at,omitempty"`
	// For grants which were activated, the time that the access was deprovisioned.
	DeprovisionedAt *timestamppb.Timestamp `protobuf:"bytes,14,opt,name=deprovisioned_at,json=deprovisionedAt,proto3" json:"deprovisioned_at,omitempty"`
	// The provisioning status of the Grant. This status tracks whether the entitlements have been successfully provisioned in the integration that Common Fate is provisioning access to, such as AWS or GCP.
	ProvisioningStatus ProvisioningStatus   `` /* 168-byte string literal not displayed */
	Duration           *durationpb.Duration `protobuf:"bytes,16,opt,name=duration,proto3" json:"duration,omitempty"`
	// contains filtered or unexported fields
}

func (*Grant) Descriptor deprecated

func (*Grant) Descriptor() ([]byte, []int)

Deprecated: Use Grant.ProtoReflect.Descriptor instead.

func (*Grant) GetAccessRequestId

func (x *Grant) GetAccessRequestId() string

func (*Grant) GetActivatedAt added in v1.7.0

func (x *Grant) GetActivatedAt() *timestamppb.Timestamp

func (*Grant) GetApproved

func (x *Grant) GetApproved() bool

func (*Grant) GetClosedAt added in v1.7.0

func (x *Grant) GetClosedAt() *timestamppb.Timestamp

func (*Grant) GetDeprovisionedAt added in v1.7.0

func (x *Grant) GetDeprovisionedAt() *timestamppb.Timestamp

func (*Grant) GetDuration added in v1.10.0

func (x *Grant) GetDuration() *durationpb.Duration

func (*Grant) GetExpiresAt

func (x *Grant) GetExpiresAt() *timestamppb.Timestamp

func (*Grant) GetId

func (x *Grant) GetId() string

func (*Grant) GetName

func (x *Grant) GetName() string

func (*Grant) GetPrincipal

func (x *Grant) GetPrincipal() *User

func (*Grant) GetProvisioningStatus added in v1.8.0

func (x *Grant) GetProvisioningStatus() ProvisioningStatus

func (*Grant) GetRole

func (x *Grant) GetRole() *NamedEID

func (*Grant) GetStatus

func (x *Grant) GetStatus() GrantStatus

func (*Grant) GetTarget

func (x *Grant) GetTarget() *NamedEID

func (*Grant) GetTryExtendAfter

func (x *Grant) GetTryExtendAfter() *timestamppb.Timestamp

func (*Grant) ProtoMessage

func (*Grant) ProtoMessage()

func (*Grant) ProtoReflect

func (x *Grant) ProtoReflect() protoreflect.Message

func (*Grant) Reset

func (x *Grant) Reset()

func (*Grant) String

func (x *Grant) String() string

type GrantChange

type GrantChange int32
const (
	GrantChange_GRANT_CHANGE_UNSPECIFIED GrantChange = 0
	// The Grant has been newly requested
	GrantChange_GRANT_CHANGE_REQUESTED GrantChange = 1
	// The Grant has been activated
	GrantChange_GRANT_CHANGE_ACTIVATED GrantChange = 2
	// The Grant has been extended
	GrantChange_GRANT_CHANGE_EXTENDED GrantChange = 3
	// The provisioning process failed for the Grant
	GrantChange_GRANT_CHANGE_PROVISIONING_FAILED GrantChange = 4
)

func (GrantChange) Descriptor

func (GrantChange) Enum

func (x GrantChange) Enum() *GrantChange

func (GrantChange) EnumDescriptor deprecated

func (GrantChange) EnumDescriptor() ([]byte, []int)

Deprecated: Use GrantChange.Descriptor instead.

func (GrantChange) Number

func (x GrantChange) Number() protoreflect.EnumNumber

func (GrantChange) String

func (x GrantChange) String() string

func (GrantChange) Type

type GrantState

type GrantState struct {
	Grant *Grant `protobuf:"bytes,1,opt,name=grant,proto3" json:"grant,omitempty"`
	// The change to the grant.
	// Will be unspecified if the grant has not been changed.
	Change GrantChange `protobuf:"varint,2,opt,name=change,proto3,enum=commonfate.access.v1alpha1.GrantChange" json:"change,omitempty"`
	// contains filtered or unexported fields
}

func (*GrantState) Descriptor deprecated

func (*GrantState) Descriptor() ([]byte, []int)

Deprecated: Use GrantState.ProtoReflect.Descriptor instead.

func (*GrantState) GetChange

func (x *GrantState) GetChange() GrantChange

func (*GrantState) GetGrant

func (x *GrantState) GetGrant() *Grant

func (*GrantState) ProtoMessage

func (*GrantState) ProtoMessage()

func (*GrantState) ProtoReflect

func (x *GrantState) ProtoReflect() protoreflect.Message

func (*GrantState) Reset

func (x *GrantState) Reset()

func (*GrantState) String

func (x *GrantState) String() string

type GrantStatus

type GrantStatus int32
const (
	GrantStatus_GRANT_STATUS_UNSPECIFIED GrantStatus = 0
	// Awaiting a manual review.
	GrantStatus_GRANT_STATUS_PENDING GrantStatus = 1
	// The grant to the entitlement is currently active.
	GrantStatus_GRANT_STATUS_ACTIVE GrantStatus = 3
	// No longer active. Grants may be closed due to several reasons, such as:
	// - the grant was cancelled by the user
	// - the grant was revoked by an administrator
	// - the grant has expired
	GrantStatus_GRANT_STATUS_CLOSED GrantStatus = 4
)

func (GrantStatus) Descriptor

func (GrantStatus) Enum

func (x GrantStatus) Enum() *GrantStatus

func (GrantStatus) EnumDescriptor deprecated

func (GrantStatus) EnumDescriptor() ([]byte, []int)

Deprecated: Use GrantStatus.Descriptor instead.

func (GrantStatus) Number

func (x GrantStatus) Number() protoreflect.EnumNumber

func (GrantStatus) String

func (x GrantStatus) String() string

func (GrantStatus) Type

type IdentityLink struct {
	Id    *v1alpha1.EID `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
	Label string        `protobuf:"bytes,2,opt,name=label,proto3" json:"label,omitempty"`
	// contains filtered or unexported fields
}

func (*IdentityLink) Descriptor deprecated

func (*IdentityLink) Descriptor() ([]byte, []int)

Deprecated: Use IdentityLink.ProtoReflect.Descriptor instead.

func (*IdentityLink) GetId

func (x *IdentityLink) GetId() *v1alpha1.EID

func (*IdentityLink) GetLabel

func (x *IdentityLink) GetLabel() string

func (*IdentityLink) ProtoMessage

func (*IdentityLink) ProtoMessage()

func (*IdentityLink) ProtoReflect

func (x *IdentityLink) ProtoReflect() protoreflect.Message

func (*IdentityLink) Reset

func (x *IdentityLink) Reset()

func (*IdentityLink) String

func (x *IdentityLink) String() string

type IntegrationAuditLog

type IntegrationAuditLog struct {

	// the action which occurred
	Action string `protobuf:"bytes,1,opt,name=action,proto3" json:"action,omitempty"`
	// the timestamp the action occurred at.
	OccurredAt *timestamppb.Timestamp `protobuf:"bytes,2,opt,name=occurred_at,json=occurredAt,proto3" json:"occurred_at,omitempty"`
	// a human-friendly message describing the action.
	Message string `protobuf:"bytes,3,opt,name=message,proto3" json:"message,omitempty"`
	// structured data details the audit log event
	Details *structpb.Struct `protobuf:"bytes,4,opt,name=details,proto3" json:"details,omitempty"`
	// contains filtered or unexported fields
}

func (*IntegrationAuditLog) Descriptor deprecated

func (*IntegrationAuditLog) Descriptor() ([]byte, []int)

Deprecated: Use IntegrationAuditLog.ProtoReflect.Descriptor instead.

func (*IntegrationAuditLog) GetAction

func (x *IntegrationAuditLog) GetAction() string

func (*IntegrationAuditLog) GetDetails

func (x *IntegrationAuditLog) GetDetails() *structpb.Struct

func (*IntegrationAuditLog) GetMessage

func (x *IntegrationAuditLog) GetMessage() string

func (*IntegrationAuditLog) GetOccurredAt

func (x *IntegrationAuditLog) GetOccurredAt() *timestamppb.Timestamp

func (*IntegrationAuditLog) ProtoMessage

func (*IntegrationAuditLog) ProtoMessage()

func (*IntegrationAuditLog) ProtoReflect

func (x *IntegrationAuditLog) ProtoReflect() protoreflect.Message

func (*IntegrationAuditLog) Reset

func (x *IntegrationAuditLog) Reset()

func (*IntegrationAuditLog) String

func (x *IntegrationAuditLog) String() string

type Justification

type Justification struct {
	Reason *string `protobuf:"bytes,1,opt,name=reason,proto3,oneof" json:"reason,omitempty"`
	// contains filtered or unexported fields
}

func (*Justification) Descriptor deprecated

func (*Justification) Descriptor() ([]byte, []int)

Deprecated: Use Justification.ProtoReflect.Descriptor instead.

func (*Justification) GetReason

func (x *Justification) GetReason() string

func (*Justification) ProtoMessage

func (*Justification) ProtoMessage()

func (*Justification) ProtoReflect

func (x *Justification) ProtoReflect() protoreflect.Message

func (*Justification) Reset

func (x *Justification) Reset()

func (*Justification) String

func (x *Justification) String() string

type NamedEID

type NamedEID struct {
	Eid  *v1alpha1.EID `protobuf:"bytes,1,opt,name=eid,proto3" json:"eid,omitempty"`
	Name string        `protobuf:"bytes,2,opt,name=name,proto3" json:"name,omitempty"`
	// contains filtered or unexported fields
}

func (*NamedEID) Descriptor deprecated

func (*NamedEID) Descriptor() ([]byte, []int)

Deprecated: Use NamedEID.ProtoReflect.Descriptor instead.

func (*NamedEID) Display

func (u *NamedEID) Display() string

func (*NamedEID) GetEid

func (x *NamedEID) GetEid() *v1alpha1.EID

func (*NamedEID) GetName

func (x *NamedEID) GetName() string

func (*NamedEID) ProtoMessage

func (*NamedEID) ProtoMessage()

func (*NamedEID) ProtoReflect

func (x *NamedEID) ProtoReflect() protoreflect.Message

func (*NamedEID) Reset

func (x *NamedEID) Reset()

func (*NamedEID) String

func (x *NamedEID) String() string

type PreviewEntitlementAccessRequest added in v1.16.0

type PreviewEntitlementAccessRequest struct {
	Target *Specifier `protobuf:"bytes,1,opt,name=target,proto3" json:"target,omitempty"`
	Role   *Specifier `protobuf:"bytes,2,opt,name=role,proto3" json:"role,omitempty"`
	// contains filtered or unexported fields
}

func (*PreviewEntitlementAccessRequest) Descriptor deprecated added in v1.16.0

func (*PreviewEntitlementAccessRequest) Descriptor() ([]byte, []int)

Deprecated: Use PreviewEntitlementAccessRequest.ProtoReflect.Descriptor instead.

func (*PreviewEntitlementAccessRequest) GetRole added in v1.16.0

func (*PreviewEntitlementAccessRequest) GetTarget added in v1.16.0

func (*PreviewEntitlementAccessRequest) ProtoMessage added in v1.16.0

func (*PreviewEntitlementAccessRequest) ProtoMessage()

func (*PreviewEntitlementAccessRequest) ProtoReflect added in v1.16.0

func (*PreviewEntitlementAccessRequest) Reset added in v1.16.0

func (*PreviewEntitlementAccessRequest) String added in v1.16.0

type PreviewEntitlementAccessResponse added in v1.16.0

type PreviewEntitlementAccessResponse struct {

	// The principals which have access to request access and whether that access will be auto approved
	Access []*PrincipalAccess `protobuf:"bytes,1,rep,name=access,proto3" json:"access,omitempty"`
	// contains filtered or unexported fields
}

func (*PreviewEntitlementAccessResponse) Descriptor deprecated added in v1.16.0

func (*PreviewEntitlementAccessResponse) Descriptor() ([]byte, []int)

Deprecated: Use PreviewEntitlementAccessResponse.ProtoReflect.Descriptor instead.

func (*PreviewEntitlementAccessResponse) GetAccess added in v1.16.0

func (*PreviewEntitlementAccessResponse) ProtoMessage added in v1.16.0

func (*PreviewEntitlementAccessResponse) ProtoMessage()

func (*PreviewEntitlementAccessResponse) ProtoReflect added in v1.16.0

func (*PreviewEntitlementAccessResponse) Reset added in v1.16.0

func (*PreviewEntitlementAccessResponse) String added in v1.16.0

type PreviewUserAccessRequest added in v1.17.0

type PreviewUserAccessRequest struct {
	Principal  *Specifier `protobuf:"bytes,1,opt,name=principal,proto3" json:"principal,omitempty"`
	TargetType *string    `protobuf:"bytes,2,opt,name=target_type,json=targetType,proto3,oneof" json:"target_type,omitempty"`
	// contains filtered or unexported fields
}

func (*PreviewUserAccessRequest) Descriptor deprecated added in v1.17.0

func (*PreviewUserAccessRequest) Descriptor() ([]byte, []int)

Deprecated: Use PreviewUserAccessRequest.ProtoReflect.Descriptor instead.

func (*PreviewUserAccessRequest) GetPrincipal added in v1.17.0

func (x *PreviewUserAccessRequest) GetPrincipal() *Specifier

func (*PreviewUserAccessRequest) GetTargetType added in v1.17.0

func (x *PreviewUserAccessRequest) GetTargetType() string

func (*PreviewUserAccessRequest) ProtoMessage added in v1.17.0

func (*PreviewUserAccessRequest) ProtoMessage()

func (*PreviewUserAccessRequest) ProtoReflect added in v1.17.0

func (x *PreviewUserAccessRequest) ProtoReflect() protoreflect.Message

func (*PreviewUserAccessRequest) Reset added in v1.17.0

func (x *PreviewUserAccessRequest) Reset()

func (*PreviewUserAccessRequest) String added in v1.17.0

func (x *PreviewUserAccessRequest) String() string

type PreviewUserAccessResponse added in v1.17.0

type PreviewUserAccessResponse struct {
	Entitlements []*Entitlement `protobuf:"bytes,1,rep,name=entitlements,proto3" json:"entitlements,omitempty"`
	// contains filtered or unexported fields
}

func (*PreviewUserAccessResponse) Descriptor deprecated added in v1.17.0

func (*PreviewUserAccessResponse) Descriptor() ([]byte, []int)

Deprecated: Use PreviewUserAccessResponse.ProtoReflect.Descriptor instead.

func (*PreviewUserAccessResponse) GetEntitlements added in v1.17.0

func (x *PreviewUserAccessResponse) GetEntitlements() []*Entitlement

func (*PreviewUserAccessResponse) ProtoMessage added in v1.17.0

func (*PreviewUserAccessResponse) ProtoMessage()

func (*PreviewUserAccessResponse) ProtoReflect added in v1.17.0

func (*PreviewUserAccessResponse) Reset added in v1.17.0

func (x *PreviewUserAccessResponse) Reset()

func (*PreviewUserAccessResponse) String added in v1.17.0

func (x *PreviewUserAccessResponse) String() string

type PrincipalAccess added in v1.16.0

type PrincipalAccess struct {
	Principal *User `protobuf:"bytes,1,opt,name=principal,proto3" json:"principal,omitempty"`
	// Whether or not it is auto approved
	AutoApproved bool `protobuf:"varint,2,opt,name=auto_approved,json=autoApproved,proto3" json:"auto_approved,omitempty"`
	// The Cedar Policys which contributed to the authorizations decisions
	Reason *EntitlementAccessReason `protobuf:"bytes,3,opt,name=reason,proto3" json:"reason,omitempty"`
	// contains filtered or unexported fields
}

func (*PrincipalAccess) Descriptor deprecated added in v1.16.0

func (*PrincipalAccess) Descriptor() ([]byte, []int)

Deprecated: Use PrincipalAccess.ProtoReflect.Descriptor instead.

func (*PrincipalAccess) GetAutoApproved added in v1.16.0

func (x *PrincipalAccess) GetAutoApproved() bool

func (*PrincipalAccess) GetPrincipal added in v1.16.0

func (x *PrincipalAccess) GetPrincipal() *User

func (*PrincipalAccess) GetReason added in v1.25.0

func (x *PrincipalAccess) GetReason() *EntitlementAccessReason

func (*PrincipalAccess) ProtoMessage added in v1.16.0

func (*PrincipalAccess) ProtoMessage()

func (*PrincipalAccess) ProtoReflect added in v1.16.0

func (x *PrincipalAccess) ProtoReflect() protoreflect.Message

func (*PrincipalAccess) Reset added in v1.16.0

func (x *PrincipalAccess) Reset()

func (*PrincipalAccess) String added in v1.16.0

func (x *PrincipalAccess) String() string

type ProvisionRequest

type ProvisionRequest struct {

	// The ID of the Grant.
	Grant     *v1alpha1.EID    `protobuf:"bytes,1,opt,name=grant,proto3" json:"grant,omitempty"`
	Principal *v1alpha1.Entity `protobuf:"bytes,2,opt,name=principal,proto3" json:"principal,omitempty"`
	// DomainPrincipal is the principal to grant access to,
	// mapped to the identity domain of the system that we're provisioning in.
	//
	// For example, instead of sending a user's email address, we send the
	// ID of the user in AWS IAM Identity Center.
	//
	// This field may be empty if Common Fate fails to map the principal.
	// A well-designed provisioner should attempt to fall back on data from
	// the core principal entity instead to provision access.
	DomainPrincipal *v1alpha1.Entity `protobuf:"bytes,3,opt,name=domain_principal,json=domainPrincipal,proto3" json:"domain_principal,omitempty"`
	Target          *v1alpha1.Entity `protobuf:"bytes,4,opt,name=target,proto3" json:"target,omitempty"`
	Role            *v1alpha1.Entity `protobuf:"bytes,5,opt,name=role,proto3" json:"role,omitempty"`
	// contains filtered or unexported fields
}

func (*ProvisionRequest) Descriptor deprecated

func (*ProvisionRequest) Descriptor() ([]byte, []int)

Deprecated: Use ProvisionRequest.ProtoReflect.Descriptor instead.

func (*ProvisionRequest) GetDomainPrincipal

func (x *ProvisionRequest) GetDomainPrincipal() *v1alpha1.Entity

func (*ProvisionRequest) GetGrant

func (x *ProvisionRequest) GetGrant() *v1alpha1.EID

func (*ProvisionRequest) GetPrincipal

func (x *ProvisionRequest) GetPrincipal() *v1alpha1.Entity

func (*ProvisionRequest) GetRole

func (x *ProvisionRequest) GetRole() *v1alpha1.Entity

func (*ProvisionRequest) GetTarget

func (x *ProvisionRequest) GetTarget() *v1alpha1.Entity

func (*ProvisionRequest) ProtoMessage

func (*ProvisionRequest) ProtoMessage()

func (*ProvisionRequest) ProtoReflect

func (x *ProvisionRequest) ProtoReflect() protoreflect.Message

func (*ProvisionRequest) Reset

func (x *ProvisionRequest) Reset()

func (*ProvisionRequest) String

func (x *ProvisionRequest) String() string

type ProvisionResponse

type ProvisionResponse struct {
	Entities       []*v1alpha1.Entity        `protobuf:"bytes,1,rep,name=entities,proto3" json:"entities,omitempty"`
	ChildRelations []*v1alpha1.ChildRelation `protobuf:"bytes,2,rep,name=child_relations,json=childRelations,proto3" json:"child_relations,omitempty"`
	// contains filtered or unexported fields
}

func (*ProvisionResponse) Descriptor deprecated

func (*ProvisionResponse) Descriptor() ([]byte, []int)

Deprecated: Use ProvisionResponse.ProtoReflect.Descriptor instead.

func (*ProvisionResponse) GetChildRelations

func (x *ProvisionResponse) GetChildRelations() []*v1alpha1.ChildRelation

func (*ProvisionResponse) GetEntities

func (x *ProvisionResponse) GetEntities() []*v1alpha1.Entity

func (*ProvisionResponse) ProtoMessage

func (*ProvisionResponse) ProtoMessage()

func (*ProvisionResponse) ProtoReflect

func (x *ProvisionResponse) ProtoReflect() protoreflect.Message

func (*ProvisionResponse) Reset

func (x *ProvisionResponse) Reset()

func (*ProvisionResponse) String

func (x *ProvisionResponse) String() string

type ProvisioningStatus added in v1.8.0

type ProvisioningStatus int32
const (
	ProvisioningStatus_PROVISIONING_STATUS_UNSPECIFIED ProvisioningStatus = 0
	// Provisioning has not been attempted. This is the value before the Grant is activated.
	ProvisioningStatus_PROVISIONING_STATUS_NOT_ATTEMPTED ProvisioningStatus = 1
	// The Grant is currently being provisioned.
	ProvisioningStatus_PROVISIONING_STATUS_ATTEMPTING ProvisioningStatus = 2
	// Provisioning has completed successfully.
	ProvisioningStatus_PROVISIONING_STATUS_SUCCESSFUL ProvisioningStatus = 3
)

func (ProvisioningStatus) Descriptor added in v1.8.0

func (ProvisioningStatus) Enum added in v1.8.0

func (ProvisioningStatus) EnumDescriptor deprecated added in v1.8.0

func (ProvisioningStatus) EnumDescriptor() ([]byte, []int)

Deprecated: Use ProvisioningStatus.Descriptor instead.

func (ProvisioningStatus) Number added in v1.8.0

func (ProvisioningStatus) String added in v1.8.0

func (x ProvisioningStatus) String() string

func (ProvisioningStatus) Type added in v1.8.0

type QueryAccessRequestsRequest

type QueryAccessRequestsRequest struct {

	// The token for the next page.
	PageToken string          `protobuf:"bytes,1,opt,name=page_token,json=pageToken,proto3" json:"page_token,omitempty"`
	Archived  bool            `protobuf:"varint,2,opt,name=archived,proto3" json:"archived,omitempty"`
	Order     *v1alpha1.Order `protobuf:"varint,3,opt,name=order,proto3,enum=commonfate.entity.v1alpha1.Order,oneof" json:"order,omitempty"`
	// contains filtered or unexported fields
}

func (*QueryAccessRequestsRequest) Descriptor deprecated

func (*QueryAccessRequestsRequest) Descriptor() ([]byte, []int)

Deprecated: Use QueryAccessRequestsRequest.ProtoReflect.Descriptor instead.

func (*QueryAccessRequestsRequest) GetArchived

func (x *QueryAccessRequestsRequest) GetArchived() bool

func (*QueryAccessRequestsRequest) GetOrder added in v1.3.0

func (*QueryAccessRequestsRequest) GetPageToken

func (x *QueryAccessRequestsRequest) GetPageToken() string

func (*QueryAccessRequestsRequest) ProtoMessage

func (*QueryAccessRequestsRequest) ProtoMessage()

func (*QueryAccessRequestsRequest) ProtoReflect

func (*QueryAccessRequestsRequest) Reset

func (x *QueryAccessRequestsRequest) Reset()

func (*QueryAccessRequestsRequest) String

func (x *QueryAccessRequestsRequest) String() string

type QueryAccessRequestsResponse

type QueryAccessRequestsResponse struct {
	AccessRequests []*AccessRequest `protobuf:"bytes,1,rep,name=access_requests,json=accessRequests,proto3" json:"access_requests,omitempty"`
	NextPageToken  string           `protobuf:"bytes,2,opt,name=next_page_token,json=nextPageToken,proto3" json:"next_page_token,omitempty"`
	// contains filtered or unexported fields
}

func (*QueryAccessRequestsResponse) Descriptor deprecated

func (*QueryAccessRequestsResponse) Descriptor() ([]byte, []int)

Deprecated: Use QueryAccessRequestsResponse.ProtoReflect.Descriptor instead.

func (*QueryAccessRequestsResponse) GetAccessRequests

func (x *QueryAccessRequestsResponse) GetAccessRequests() []*AccessRequest

func (*QueryAccessRequestsResponse) GetNextPageToken

func (x *QueryAccessRequestsResponse) GetNextPageToken() string

func (*QueryAccessRequestsResponse) ProtoMessage

func (*QueryAccessRequestsResponse) ProtoMessage()

func (*QueryAccessRequestsResponse) ProtoReflect

func (*QueryAccessRequestsResponse) Reset

func (x *QueryAccessRequestsResponse) Reset()

func (*QueryAccessRequestsResponse) String

func (x *QueryAccessRequestsResponse) String() string

type QueryApproversRequest added in v1.16.0

type QueryApproversRequest struct {

	// Types that are assignable to Query:
	//
	//	*QueryApproversRequest_TargetRole
	//	*QueryApproversRequest_Grant
	Query isQueryApproversRequest_Query `protobuf_oneof:"query"`
	// contains filtered or unexported fields
}

func (*QueryApproversRequest) Descriptor deprecated added in v1.16.0

func (*QueryApproversRequest) Descriptor() ([]byte, []int)

Deprecated: Use QueryApproversRequest.ProtoReflect.Descriptor instead.

func (*QueryApproversRequest) GetGrant added in v1.16.0

func (x *QueryApproversRequest) GetGrant() *v1alpha1.EID

func (*QueryApproversRequest) GetQuery added in v1.16.0

func (m *QueryApproversRequest) GetQuery() isQueryApproversRequest_Query

func (*QueryApproversRequest) GetTargetRole added in v1.16.0

func (x *QueryApproversRequest) GetTargetRole() *TargetRole

func (*QueryApproversRequest) ProtoMessage added in v1.16.0

func (*QueryApproversRequest) ProtoMessage()

func (*QueryApproversRequest) ProtoReflect added in v1.16.0

func (x *QueryApproversRequest) ProtoReflect() protoreflect.Message

func (*QueryApproversRequest) Reset added in v1.16.0

func (x *QueryApproversRequest) Reset()

func (*QueryApproversRequest) String added in v1.16.0

func (x *QueryApproversRequest) String() string

type QueryApproversRequest_Grant added in v1.16.0

type QueryApproversRequest_Grant struct {
	Grant *v1alpha1.EID `protobuf:"bytes,2,opt,name=grant,proto3,oneof"`
}

type QueryApproversRequest_TargetRole added in v1.16.0

type QueryApproversRequest_TargetRole struct {
	TargetRole *TargetRole `protobuf:"bytes,1,opt,name=target_role,json=targetRole,proto3,oneof"`
}

type QueryApproversResponse added in v1.16.0

type QueryApproversResponse struct {
	Approvers []*User `protobuf:"bytes,1,rep,name=approvers,proto3" json:"approvers,omitempty"`
	// contains filtered or unexported fields
}

func (*QueryApproversResponse) Descriptor deprecated added in v1.16.0

func (*QueryApproversResponse) Descriptor() ([]byte, []int)

Deprecated: Use QueryApproversResponse.ProtoReflect.Descriptor instead.

func (*QueryApproversResponse) GetApprovers added in v1.16.0

func (x *QueryApproversResponse) GetApprovers() []*User

func (*QueryApproversResponse) ProtoMessage added in v1.16.0

func (*QueryApproversResponse) ProtoMessage()

func (*QueryApproversResponse) ProtoReflect added in v1.16.0

func (x *QueryApproversResponse) ProtoReflect() protoreflect.Message

func (*QueryApproversResponse) Reset added in v1.16.0

func (x *QueryApproversResponse) Reset()

func (*QueryApproversResponse) String added in v1.16.0

func (x *QueryApproversResponse) String() string

type QueryAuditLogsRequest

type QueryAuditLogsRequest struct {

	// Query for audit logs relating to a particular target
	Target *v1alpha1.EID `protobuf:"bytes,1,opt,name=target,proto3" json:"target,omitempty"`
	// The token for the next page.
	PageToken string `protobuf:"bytes,10,opt,name=page_token,json=pageToken,proto3" json:"page_token,omitempty"`
	// contains filtered or unexported fields
}

func (*QueryAuditLogsRequest) Descriptor deprecated

func (*QueryAuditLogsRequest) Descriptor() ([]byte, []int)

Deprecated: Use QueryAuditLogsRequest.ProtoReflect.Descriptor instead.

func (*QueryAuditLogsRequest) GetPageToken

func (x *QueryAuditLogsRequest) GetPageToken() string

func (*QueryAuditLogsRequest) GetTarget

func (x *QueryAuditLogsRequest) GetTarget() *v1alpha1.EID

func (*QueryAuditLogsRequest) ProtoMessage

func (*QueryAuditLogsRequest) ProtoMessage()

func (*QueryAuditLogsRequest) ProtoReflect

func (x *QueryAuditLogsRequest) ProtoReflect() protoreflect.Message

func (*QueryAuditLogsRequest) Reset

func (x *QueryAuditLogsRequest) Reset()

func (*QueryAuditLogsRequest) String

func (x *QueryAuditLogsRequest) String() string

type QueryAuditLogsResponse

type QueryAuditLogsResponse struct {
	AuditLogs     []*AuditLog `protobuf:"bytes,1,rep,name=audit_logs,json=auditLogs,proto3" json:"audit_logs,omitempty"`
	NextPageToken string      `protobuf:"bytes,2,opt,name=next_page_token,json=nextPageToken,proto3" json:"next_page_token,omitempty"`
	// contains filtered or unexported fields
}

func (*QueryAuditLogsResponse) Descriptor deprecated

func (*QueryAuditLogsResponse) Descriptor() ([]byte, []int)

Deprecated: Use QueryAuditLogsResponse.ProtoReflect.Descriptor instead.

func (*QueryAuditLogsResponse) GetAuditLogs

func (x *QueryAuditLogsResponse) GetAuditLogs() []*AuditLog

func (*QueryAuditLogsResponse) GetNextPageToken

func (x *QueryAuditLogsResponse) GetNextPageToken() string

func (*QueryAuditLogsResponse) ProtoMessage

func (*QueryAuditLogsResponse) ProtoMessage()

func (*QueryAuditLogsResponse) ProtoReflect

func (x *QueryAuditLogsResponse) ProtoReflect() protoreflect.Message

func (*QueryAuditLogsResponse) Reset

func (x *QueryAuditLogsResponse) Reset()

func (*QueryAuditLogsResponse) String

func (x *QueryAuditLogsResponse) String() string

type QueryAvailabilitiesRequest

type QueryAvailabilitiesRequest struct {

	// The token for the next page.
	PageToken string `protobuf:"bytes,10,opt,name=page_token,json=pageToken,proto3" json:"page_token,omitempty"`
	// contains filtered or unexported fields
}

func (*QueryAvailabilitiesRequest) Descriptor deprecated

func (*QueryAvailabilitiesRequest) Descriptor() ([]byte, []int)

Deprecated: Use QueryAvailabilitiesRequest.ProtoReflect.Descriptor instead.

func (*QueryAvailabilitiesRequest) GetPageToken

func (x *QueryAvailabilitiesRequest) GetPageToken() string

func (*QueryAvailabilitiesRequest) ProtoMessage

func (*QueryAvailabilitiesRequest) ProtoMessage()

func (*QueryAvailabilitiesRequest) ProtoReflect

func (*QueryAvailabilitiesRequest) Reset

func (x *QueryAvailabilitiesRequest) Reset()

func (*QueryAvailabilitiesRequest) String

func (x *QueryAvailabilitiesRequest) String() string

type QueryAvailabilitiesResponse

type QueryAvailabilitiesResponse struct {
	Availabilities []*Availability `protobuf:"bytes,1,rep,name=availabilities,proto3" json:"availabilities,omitempty"`
	NextPageToken  string          `protobuf:"bytes,2,opt,name=next_page_token,json=nextPageToken,proto3" json:"next_page_token,omitempty"`
	// contains filtered or unexported fields
}

func (*QueryAvailabilitiesResponse) Descriptor deprecated

func (*QueryAvailabilitiesResponse) Descriptor() ([]byte, []int)

Deprecated: Use QueryAvailabilitiesResponse.ProtoReflect.Descriptor instead.

func (*QueryAvailabilitiesResponse) GetAvailabilities

func (x *QueryAvailabilitiesResponse) GetAvailabilities() []*Availability

func (*QueryAvailabilitiesResponse) GetNextPageToken

func (x *QueryAvailabilitiesResponse) GetNextPageToken() string

func (*QueryAvailabilitiesResponse) ProtoMessage

func (*QueryAvailabilitiesResponse) ProtoMessage()

func (*QueryAvailabilitiesResponse) ProtoReflect

func (*QueryAvailabilitiesResponse) Reset

func (x *QueryAvailabilitiesResponse) Reset()

func (*QueryAvailabilitiesResponse) String

func (x *QueryAvailabilitiesResponse) String() string

type QueryDescendentsRequest

type QueryDescendentsRequest struct {
	Parent     *v1alpha1.EID `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`
	EntityType string        `protobuf:"bytes,2,opt,name=entity_type,json=entityType,proto3" json:"entity_type,omitempty"`
	// The token for the next page.
	PageToken string `protobuf:"bytes,10,opt,name=page_token,json=pageToken,proto3" json:"page_token,omitempty"`
	// contains filtered or unexported fields
}

func (*QueryDescendentsRequest) Descriptor deprecated

func (*QueryDescendentsRequest) Descriptor() ([]byte, []int)

Deprecated: Use QueryDescendentsRequest.ProtoReflect.Descriptor instead.

func (*QueryDescendentsRequest) GetEntityType

func (x *QueryDescendentsRequest) GetEntityType() string

func (*QueryDescendentsRequest) GetPageToken

func (x *QueryDescendentsRequest) GetPageToken() string

func (*QueryDescendentsRequest) GetParent

func (x *QueryDescendentsRequest) GetParent() *v1alpha1.EID

func (*QueryDescendentsRequest) ProtoMessage

func (*QueryDescendentsRequest) ProtoMessage()

func (*QueryDescendentsRequest) ProtoReflect

func (x *QueryDescendentsRequest) ProtoReflect() protoreflect.Message

func (*QueryDescendentsRequest) Reset

func (x *QueryDescendentsRequest) Reset()

func (*QueryDescendentsRequest) String

func (x *QueryDescendentsRequest) String() string

type QueryDescendentsResponse

type QueryDescendentsResponse struct {
	Entities []*NamedEID `protobuf:"bytes,1,rep,name=entities,proto3" json:"entities,omitempty"`
	// The token for the next page.
	NextPageToken string `protobuf:"bytes,2,opt,name=next_page_token,json=nextPageToken,proto3" json:"next_page_token,omitempty"`
	// contains filtered or unexported fields
}

func (*QueryDescendentsResponse) Descriptor deprecated

func (*QueryDescendentsResponse) Descriptor() ([]byte, []int)

Deprecated: Use QueryDescendentsResponse.ProtoReflect.Descriptor instead.

func (*QueryDescendentsResponse) GetEntities

func (x *QueryDescendentsResponse) GetEntities() []*NamedEID

func (*QueryDescendentsResponse) GetNextPageToken

func (x *QueryDescendentsResponse) GetNextPageToken() string

func (*QueryDescendentsResponse) ProtoMessage

func (*QueryDescendentsResponse) ProtoMessage()

func (*QueryDescendentsResponse) ProtoReflect

func (x *QueryDescendentsResponse) ProtoReflect() protoreflect.Message

func (*QueryDescendentsResponse) Reset

func (x *QueryDescendentsResponse) Reset()

func (*QueryDescendentsResponse) String

func (x *QueryDescendentsResponse) String() string

type QueryEntitlementsRequest added in v1.14.0

type QueryEntitlementsRequest struct {
	TargetType *string `protobuf:"bytes,1,opt,name=target_type,json=targetType,proto3,oneof" json:"target_type,omitempty"`
	// The token for the next page.
	PageToken string `protobuf:"bytes,10,opt,name=page_token,json=pageToken,proto3" json:"page_token,omitempty"`
	// contains filtered or unexported fields
}

func (*QueryEntitlementsRequest) Descriptor deprecated added in v1.14.0

func (*QueryEntitlementsRequest) Descriptor() ([]byte, []int)

Deprecated: Use QueryEntitlementsRequest.ProtoReflect.Descriptor instead.

func (*QueryEntitlementsRequest) GetPageToken added in v1.14.0

func (x *QueryEntitlementsRequest) GetPageToken() string

func (*QueryEntitlementsRequest) GetTargetType added in v1.16.0

func (x *QueryEntitlementsRequest) GetTargetType() string

func (*QueryEntitlementsRequest) ProtoMessage added in v1.14.0

func (*QueryEntitlementsRequest) ProtoMessage()

func (*QueryEntitlementsRequest) ProtoReflect added in v1.14.0

func (x *QueryEntitlementsRequest) ProtoReflect() protoreflect.Message

func (*QueryEntitlementsRequest) Reset added in v1.14.0

func (x *QueryEntitlementsRequest) Reset()

func (*QueryEntitlementsRequest) String added in v1.14.0

func (x *QueryEntitlementsRequest) String() string

type QueryEntitlementsResponse added in v1.14.0

type QueryEntitlementsResponse struct {
	Entitlements  []*Entitlement `protobuf:"bytes,1,rep,name=entitlements,proto3" json:"entitlements,omitempty"`
	NextPageToken string         `protobuf:"bytes,2,opt,name=next_page_token,json=nextPageToken,proto3" json:"next_page_token,omitempty"`
	// contains filtered or unexported fields
}

func (*QueryEntitlementsResponse) Descriptor deprecated added in v1.14.0

func (*QueryEntitlementsResponse) Descriptor() ([]byte, []int)

Deprecated: Use QueryEntitlementsResponse.ProtoReflect.Descriptor instead.

func (*QueryEntitlementsResponse) GetEntitlements added in v1.14.0

func (x *QueryEntitlementsResponse) GetEntitlements() []*Entitlement

func (*QueryEntitlementsResponse) GetNextPageToken added in v1.14.0

func (x *QueryEntitlementsResponse) GetNextPageToken() string

func (*QueryEntitlementsResponse) ProtoMessage added in v1.14.0

func (*QueryEntitlementsResponse) ProtoMessage()

func (*QueryEntitlementsResponse) ProtoReflect added in v1.14.0

func (*QueryEntitlementsResponse) Reset added in v1.14.0

func (x *QueryEntitlementsResponse) Reset()

func (*QueryEntitlementsResponse) String added in v1.14.0

func (x *QueryEntitlementsResponse) String() string

type QueryGrantChildrenRequest

type QueryGrantChildrenRequest struct {
	Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
	// The token for the next page.
	PageToken string `protobuf:"bytes,2,opt,name=page_token,json=pageToken,proto3" json:"page_token,omitempty"`
	// contains filtered or unexported fields
}

func (*QueryGrantChildrenRequest) Descriptor deprecated

func (*QueryGrantChildrenRequest) Descriptor() ([]byte, []int)

Deprecated: Use QueryGrantChildrenRequest.ProtoReflect.Descriptor instead.

func (*QueryGrantChildrenRequest) GetId

func (x *QueryGrantChildrenRequest) GetId() string

func (*QueryGrantChildrenRequest) GetPageToken

func (x *QueryGrantChildrenRequest) GetPageToken() string

func (*QueryGrantChildrenRequest) ProtoMessage

func (*QueryGrantChildrenRequest) ProtoMessage()

func (*QueryGrantChildrenRequest) ProtoReflect

func (*QueryGrantChildrenRequest) Reset

func (x *QueryGrantChildrenRequest) Reset()

func (*QueryGrantChildrenRequest) String

func (x *QueryGrantChildrenRequest) String() string

type QueryGrantChildrenResponse

type QueryGrantChildrenResponse struct {
	Entities      []*v1alpha1.Entity `protobuf:"bytes,1,rep,name=entities,proto3" json:"entities,omitempty"`
	NextPageToken string             `protobuf:"bytes,2,opt,name=next_page_token,json=nextPageToken,proto3" json:"next_page_token,omitempty"`
	// contains filtered or unexported fields
}

func (*QueryGrantChildrenResponse) Descriptor deprecated

func (*QueryGrantChildrenResponse) Descriptor() ([]byte, []int)

Deprecated: Use QueryGrantChildrenResponse.ProtoReflect.Descriptor instead.

func (*QueryGrantChildrenResponse) GetEntities

func (x *QueryGrantChildrenResponse) GetEntities() []*v1alpha1.Entity

func (*QueryGrantChildrenResponse) GetNextPageToken

func (x *QueryGrantChildrenResponse) GetNextPageToken() string

func (*QueryGrantChildrenResponse) ProtoMessage

func (*QueryGrantChildrenResponse) ProtoMessage()

func (*QueryGrantChildrenResponse) ProtoReflect

func (*QueryGrantChildrenResponse) Reset

func (x *QueryGrantChildrenResponse) Reset()

func (*QueryGrantChildrenResponse) String

func (x *QueryGrantChildrenResponse) String() string

type QueryGrantsRequest

type QueryGrantsRequest struct {

	// The token for the next page.
	PageToken string        `protobuf:"bytes,1,opt,name=page_token,json=pageToken,proto3" json:"page_token,omitempty"`
	Principal *v1alpha1.EID `protobuf:"bytes,2,opt,name=principal,proto3" json:"principal,omitempty"`
	Target    *v1alpha1.EID `protobuf:"bytes,3,opt,name=target,proto3" json:"target,omitempty"`
	Role      *v1alpha1.EID `protobuf:"bytes,4,opt,name=role,proto3" json:"role,omitempty"`
	// The status of the Grant.
	Status *GrantStatus `protobuf:"varint,5,opt,name=status,proto3,enum=commonfate.access.v1alpha1.GrantStatus,oneof" json:"status,omitempty"`
	// contains filtered or unexported fields
}

func (*QueryGrantsRequest) Descriptor deprecated

func (*QueryGrantsRequest) Descriptor() ([]byte, []int)

Deprecated: Use QueryGrantsRequest.ProtoReflect.Descriptor instead.

func (*QueryGrantsRequest) GetPageToken

func (x *QueryGrantsRequest) GetPageToken() string

func (*QueryGrantsRequest) GetPrincipal

func (x *QueryGrantsRequest) GetPrincipal() *v1alpha1.EID

func (*QueryGrantsRequest) GetRole

func (x *QueryGrantsRequest) GetRole() *v1alpha1.EID

func (*QueryGrantsRequest) GetStatus

func (x *QueryGrantsRequest) GetStatus() GrantStatus

func (*QueryGrantsRequest) GetTarget

func (x *QueryGrantsRequest) GetTarget() *v1alpha1.EID

func (*QueryGrantsRequest) ProtoMessage

func (*QueryGrantsRequest) ProtoMessage()

func (*QueryGrantsRequest) ProtoReflect

func (x *QueryGrantsRequest) ProtoReflect() protoreflect.Message

func (*QueryGrantsRequest) Reset

func (x *QueryGrantsRequest) Reset()

func (*QueryGrantsRequest) String

func (x *QueryGrantsRequest) String() string

type QueryGrantsResponse

type QueryGrantsResponse struct {
	Grants        []*Grant `protobuf:"bytes,1,rep,name=grants,proto3" json:"grants,omitempty"`
	NextPageToken string   `protobuf:"bytes,2,opt,name=next_page_token,json=nextPageToken,proto3" json:"next_page_token,omitempty"`
	// contains filtered or unexported fields
}

func (*QueryGrantsResponse) Descriptor deprecated

func (*QueryGrantsResponse) Descriptor() ([]byte, []int)

Deprecated: Use QueryGrantsResponse.ProtoReflect.Descriptor instead.

func (*QueryGrantsResponse) GetGrants

func (x *QueryGrantsResponse) GetGrants() []*Grant

func (*QueryGrantsResponse) GetNextPageToken

func (x *QueryGrantsResponse) GetNextPageToken() string

func (*QueryGrantsResponse) ProtoMessage

func (*QueryGrantsResponse) ProtoMessage()

func (*QueryGrantsResponse) ProtoReflect

func (x *QueryGrantsResponse) ProtoReflect() protoreflect.Message

func (*QueryGrantsResponse) Reset

func (x *QueryGrantsResponse) Reset()

func (*QueryGrantsResponse) String

func (x *QueryGrantsResponse) String() string

type Resource

type Resource struct {

	// Types that are assignable to Resource:
	//
	//	*Resource_AwsAccount
	//	*Resource_GcpProject
	Resource isResource_Resource `protobuf_oneof:"resource"`
	// contains filtered or unexported fields
}

func (*Resource) Descriptor deprecated

func (*Resource) Descriptor() ([]byte, []int)

Deprecated: Use Resource.ProtoReflect.Descriptor instead.

func (*Resource) GetAwsAccount

func (x *Resource) GetAwsAccount() *AWSAccount

func (*Resource) GetGcpProject

func (x *Resource) GetGcpProject() *GCPProject

func (*Resource) GetResource

func (m *Resource) GetResource() isResource_Resource

func (*Resource) ProtoMessage

func (*Resource) ProtoMessage()

func (*Resource) ProtoReflect

func (x *Resource) ProtoReflect() protoreflect.Message

func (*Resource) Reset

func (x *Resource) Reset()

func (*Resource) String

func (x *Resource) String() string

type Resource_AwsAccount

type Resource_AwsAccount struct {
	AwsAccount *AWSAccount `protobuf:"bytes,1,opt,name=aws_account,json=awsAccount,proto3,oneof"`
}

type Resource_GcpProject

type Resource_GcpProject struct {
	GcpProject *GCPProject `protobuf:"bytes,2,opt,name=gcp_project,json=gcpProject,proto3,oneof"`
}

type Specifier

type Specifier struct {

	// Types that are assignable to Specify:
	//
	//	*Specifier_Eid
	//	*Specifier_Lookup
	Specify isSpecifier_Specify `protobuf_oneof:"specify"`
	// contains filtered or unexported fields
}

func (*Specifier) Descriptor deprecated

func (*Specifier) Descriptor() ([]byte, []int)

Deprecated: Use Specifier.ProtoReflect.Descriptor instead.

func (*Specifier) GetEid

func (x *Specifier) GetEid() *v1alpha1.EID

func (*Specifier) GetLookup

func (x *Specifier) GetLookup() string

func (*Specifier) GetSpecify

func (m *Specifier) GetSpecify() isSpecifier_Specify

func (*Specifier) ProtoMessage

func (*Specifier) ProtoMessage()

func (*Specifier) ProtoReflect

func (x *Specifier) ProtoReflect() protoreflect.Message

func (*Specifier) Reset

func (x *Specifier) Reset()

func (*Specifier) String

func (x *Specifier) String() string

type Specifier_Eid

type Specifier_Eid struct {
	// Specify a resource using a EID. If you're using Common Fate programatically
	// and you know the resource you want to specify, you should use this field.
	Eid *v1alpha1.EID `protobuf:"bytes,1,opt,name=eid,proto3,oneof"`
}

type Specifier_Lookup

type Specifier_Lookup struct {
	// Specify a resource using a string lookup. This is used in our CLI
	// to allow end users to look up resources by name, ID and/or EID.
	//
	// The order of matching is:
	// 1. the 'lookup' field will be parsed as a EID - if it's valid it will be a EID lookup
	// 2. the 'lookup' field will be matched against all resource IDs
	// 3. the 'lookup' field will be matched against all resource names.
	//
	// If the lookup is a valid EID but it is not found, the API will return a Not Found error.
	// The API will return an Invalid Arguments error if the lookup is ambiguous and could match
	// multiple resources.
	Lookup string `protobuf:"bytes,2,opt,name=lookup,proto3,oneof"`
}

type TargetRole added in v1.16.0

type TargetRole struct {
	Target *Specifier `protobuf:"bytes,1,opt,name=target,proto3" json:"target,omitempty"`
	Role   *Specifier `protobuf:"bytes,2,opt,name=role,proto3" json:"role,omitempty"`
	// contains filtered or unexported fields
}

func (*TargetRole) Descriptor deprecated added in v1.16.0

func (*TargetRole) Descriptor() ([]byte, []int)

Deprecated: Use TargetRole.ProtoReflect.Descriptor instead.

func (*TargetRole) GetRole added in v1.16.0

func (x *TargetRole) GetRole() *Specifier

func (*TargetRole) GetTarget added in v1.16.0

func (x *TargetRole) GetTarget() *Specifier

func (*TargetRole) ProtoMessage added in v1.16.0

func (*TargetRole) ProtoMessage()

func (*TargetRole) ProtoReflect added in v1.16.0

func (x *TargetRole) ProtoReflect() protoreflect.Message

func (*TargetRole) Reset added in v1.16.0

func (x *TargetRole) Reset()

func (*TargetRole) String added in v1.16.0

func (x *TargetRole) String() string

type User

type User struct {
	Eid   *v1alpha1.EID `protobuf:"bytes,1,opt,name=eid,proto3" json:"eid,omitempty"`
	Name  string        `protobuf:"bytes,2,opt,name=name,proto3" json:"name,omitempty"`
	Email string        `protobuf:"bytes,3,opt,name=email,proto3" json:"email,omitempty"`
	// contains filtered or unexported fields
}

func (*User) Descriptor deprecated

func (*User) Descriptor() ([]byte, []int)

Deprecated: Use User.ProtoReflect.Descriptor instead.

func (*User) Display

func (u *User) Display() string

func (*User) GetEid

func (x *User) GetEid() *v1alpha1.EID

func (*User) GetEmail

func (x *User) GetEmail() string

func (*User) GetName

func (x *User) GetName() string

func (*User) ProtoMessage

func (*User) ProtoMessage()

func (*User) ProtoReflect

func (x *User) ProtoReflect() protoreflect.Message

func (*User) Reset

func (x *User) Reset()

func (*User) String

func (x *User) String() string

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL