policy

package
v0.2.22 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 15, 2024 License: BSD-3-Clause-Clear Imports: 7 Imported by: 17

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	AttributeRuleTypeEnum_name = map[int32]string{
		0: "ATTRIBUTE_RULE_TYPE_ENUM_UNSPECIFIED",
		1: "ATTRIBUTE_RULE_TYPE_ENUM_ALL_OF",
		2: "ATTRIBUTE_RULE_TYPE_ENUM_ANY_OF",
		3: "ATTRIBUTE_RULE_TYPE_ENUM_HIERARCHY",
	}
	AttributeRuleTypeEnum_value = map[string]int32{
		"ATTRIBUTE_RULE_TYPE_ENUM_UNSPECIFIED": 0,
		"ATTRIBUTE_RULE_TYPE_ENUM_ALL_OF":      1,
		"ATTRIBUTE_RULE_TYPE_ENUM_ANY_OF":      2,
		"ATTRIBUTE_RULE_TYPE_ENUM_HIERARCHY":   3,
	}
)

Enum value maps for AttributeRuleTypeEnum.

View Source 
var (
	SubjectMappingOperatorEnum_name = map[int32]string{
		0: "SUBJECT_MAPPING_OPERATOR_ENUM_UNSPECIFIED",
		1: "SUBJECT_MAPPING_OPERATOR_ENUM_IN",
		2: "SUBJECT_MAPPING_OPERATOR_ENUM_NOT_IN",
		3: "SUBJECT_MAPPING_OPERATOR_ENUM_IN_CONTAINS",
	}
	SubjectMappingOperatorEnum_value = map[string]int32{
		"SUBJECT_MAPPING_OPERATOR_ENUM_UNSPECIFIED": 0,
		"SUBJECT_MAPPING_OPERATOR_ENUM_IN":          1,
		"SUBJECT_MAPPING_OPERATOR_ENUM_NOT_IN":      2,
		"SUBJECT_MAPPING_OPERATOR_ENUM_IN_CONTAINS": 3,
	}
)

Enum value maps for SubjectMappingOperatorEnum.

View Source 
var (
	ConditionBooleanTypeEnum_name = map[int32]string{
		0: "CONDITION_BOOLEAN_TYPE_ENUM_UNSPECIFIED",
		1: "CONDITION_BOOLEAN_TYPE_ENUM_AND",
		2: "CONDITION_BOOLEAN_TYPE_ENUM_OR",
	}
	ConditionBooleanTypeEnum_value = map[string]int32{
		"CONDITION_BOOLEAN_TYPE_ENUM_UNSPECIFIED": 0,
		"CONDITION_BOOLEAN_TYPE_ENUM_AND":         1,
		"CONDITION_BOOLEAN_TYPE_ENUM_OR":          2,
	}
)

Enum value maps for ConditionBooleanTypeEnum.

View Source 
var (
	KasPublicKeyAlgEnum_name = map[int32]string{
		0: "KAS_PUBLIC_KEY_ALG_ENUM_UNSPECIFIED",
		1: "KAS_PUBLIC_KEY_ALG_ENUM_RSA_2048",
		5: "KAS_PUBLIC_KEY_ALG_ENUM_EC_SECP256R1",
	}
	KasPublicKeyAlgEnum_value = map[string]int32{
		"KAS_PUBLIC_KEY_ALG_ENUM_UNSPECIFIED":  0,
		"KAS_PUBLIC_KEY_ALG_ENUM_RSA_2048":     1,
		"KAS_PUBLIC_KEY_ALG_ENUM_EC_SECP256R1": 5,
	}
)

Enum value maps for KasPublicKeyAlgEnum.

View Source 
var (
	Action_StandardAction_name = map[int32]string{
		0: "STANDARD_ACTION_UNSPECIFIED",
		1: "STANDARD_ACTION_DECRYPT",
		2: "STANDARD_ACTION_TRANSMIT",
	}
	Action_StandardAction_value = map[string]int32{
		"STANDARD_ACTION_UNSPECIFIED": 0,
		"STANDARD_ACTION_DECRYPT":     1,
		"STANDARD_ACTION_TRANSMIT":    2,
	}
)

Enum value maps for Action_StandardAction.

View Source 
var File_policy_objects_proto protoreflect.FileDescriptor
View Source 
var File_policy_selectors_proto protoreflect.FileDescriptor

Functions

This section is empty.

Types

type Action 

type Action struct {

	// Types that are assignable to Value:
	//
	//	*Action_Standard
	//	*Action_Custom
	Value isAction_Value `protobuf_oneof:"value"`
	// contains filtered or unexported fields
}

An action an entity can take

func (*Action) Descriptor deprecated 

func (*Action) Descriptor() ([]byte, []int)

Deprecated: Use Action.ProtoReflect.Descriptor instead.

func (*Action) GetCustom 

func (x *Action) GetCustom() string

func (*Action) GetStandard 

func (x *Action) GetStandard() Action_StandardAction

func (*Action) GetValue 

func (m *Action) GetValue() isAction_Value

func (*Action) ProtoMessage 

func (*Action) ProtoMessage()

func (*Action) ProtoReflect 

func (x *Action) ProtoReflect() protoreflect.Message

func (*Action) Reset 

func (x *Action) Reset()

func (*Action) String 

func (x *Action) String() string

type Action_Custom 

type Action_Custom struct {
	Custom string `protobuf:"bytes,2,opt,name=custom,proto3,oneof"`
}

type Action_Standard 

type Action_Standard struct {
	Standard Action_StandardAction `protobuf:"varint,1,opt,name=standard,proto3,enum=policy.Action_StandardAction,oneof"`
}

type Action_StandardAction 

type Action_StandardAction int32

Standard actions supported by the platform 

const (
	Action_STANDARD_ACTION_UNSPECIFIED Action_StandardAction = 0
	Action_STANDARD_ACTION_DECRYPT     Action_StandardAction = 1
	Action_STANDARD_ACTION_TRANSMIT    Action_StandardAction = 2
)

func (Action_StandardAction) Descriptor 

func (Action_StandardAction) Descriptor() protoreflect.EnumDescriptor

func (Action_StandardAction) Enum 

func (x Action_StandardAction) Enum() *Action_StandardAction

func (Action_StandardAction) EnumDescriptor deprecated 

func (Action_StandardAction) EnumDescriptor() ([]byte, []int)

Deprecated: Use Action_StandardAction.Descriptor instead.

func (Action_StandardAction) Number 

func (x Action_StandardAction) Number() protoreflect.EnumNumber

func (Action_StandardAction) String 

func (x Action_StandardAction) String() string

func (Action_StandardAction) Type 

func (Action_StandardAction) Type() protoreflect.EnumType

type Attribute 

type Attribute struct {
	Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
	// namespace of the attribute
	Namespace *Namespace `protobuf:"bytes,2,opt,name=namespace,proto3" json:"namespace,omitempty"`
	// attribute name
	Name string `protobuf:"bytes,3,opt,name=name,proto3" json:"name,omitempty"`
	// attribute rule enum
	Rule   AttributeRuleTypeEnum `protobuf:"varint,4,opt,name=rule,proto3,enum=policy.AttributeRuleTypeEnum" json:"rule,omitempty"`
	Values []*Value              `protobuf:"bytes,5,rep,name=values,proto3" json:"values,omitempty"`
	Grants []*KeyAccessServer    `protobuf:"bytes,6,rep,name=grants,proto3" json:"grants,omitempty"`
	Fqn    string                `protobuf:"bytes,7,opt,name=fqn,proto3" json:"fqn,omitempty"`
	// active by default until explicitly deactivated
	Active *wrapperspb.BoolValue `protobuf:"bytes,8,opt,name=active,proto3" json:"active,omitempty"`
	// Common metadata
	Metadata *common.Metadata `protobuf:"bytes,100,opt,name=metadata,proto3" json:"metadata,omitempty"`
	// contains filtered or unexported fields
}

func (*Attribute) Descriptor deprecated 

func (*Attribute) Descriptor() ([]byte, []int)

Deprecated: Use Attribute.ProtoReflect.Descriptor instead.

func (*Attribute) GetActive 

func (x *Attribute) GetActive() *wrapperspb.BoolValue

func (*Attribute) GetFqn 

func (x *Attribute) GetFqn() string

func (*Attribute) GetGrants 

func (x *Attribute) GetGrants() []*KeyAccessServer

func (*Attribute) GetId 

func (x *Attribute) GetId() string

func (*Attribute) GetMetadata 

func (x *Attribute) GetMetadata() *common.Metadata

func (*Attribute) GetName 

func (x *Attribute) GetName() string

func (*Attribute) GetNamespace 

func (x *Attribute) GetNamespace() *Namespace

func (*Attribute) GetRule 

func (x *Attribute) GetRule() AttributeRuleTypeEnum

func (*Attribute) GetValues 

func (x *Attribute) GetValues() []*Value

func (*Attribute) ProtoMessage 

func (*Attribute) ProtoMessage()

func (*Attribute) ProtoReflect 

func (x *Attribute) ProtoReflect() protoreflect.Message

func (*Attribute) Reset 

func (x *Attribute) Reset()

func (*Attribute) String 

func (x *Attribute) String() string

type AttributeDefinitionSelector 

type AttributeDefinitionSelector struct {
	WithKeyAccessGrants bool                                           `protobuf:"varint,1,opt,name=with_key_access_grants,json=withKeyAccessGrants,proto3" json:"with_key_access_grants,omitempty"`
	WithNamespace       *AttributeDefinitionSelector_NamespaceSelector `protobuf:"bytes,10,opt,name=with_namespace,json=withNamespace,proto3" json:"with_namespace,omitempty"`
	WithValues          *AttributeDefinitionSelector_ValueSelector     `protobuf:"bytes,11,opt,name=with_values,json=withValues,proto3" json:"with_values,omitempty"`
	// contains filtered or unexported fields
}

func (*AttributeDefinitionSelector) Descriptor deprecated 

func (*AttributeDefinitionSelector) Descriptor() ([]byte, []int)

Deprecated: Use AttributeDefinitionSelector.ProtoReflect.Descriptor instead.

func (*AttributeDefinitionSelector) GetWithKeyAccessGrants 

func (x *AttributeDefinitionSelector) GetWithKeyAccessGrants() bool

func (*AttributeDefinitionSelector) GetWithNamespace 

func (x *AttributeDefinitionSelector) GetWithNamespace() *AttributeDefinitionSelector_NamespaceSelector

func (*AttributeDefinitionSelector) GetWithValues 

func (x *AttributeDefinitionSelector) GetWithValues() *AttributeDefinitionSelector_ValueSelector

func (*AttributeDefinitionSelector) ProtoMessage 

func (*AttributeDefinitionSelector) ProtoMessage()

func (*AttributeDefinitionSelector) ProtoReflect 

func (x *AttributeDefinitionSelector) ProtoReflect() protoreflect.Message

func (*AttributeDefinitionSelector) Reset 

func (x *AttributeDefinitionSelector) Reset()

func (*AttributeDefinitionSelector) String 

func (x *AttributeDefinitionSelector) String() string

type AttributeDefinitionSelector_NamespaceSelector 

type AttributeDefinitionSelector_NamespaceSelector struct {
	// contains filtered or unexported fields
}

func (*AttributeDefinitionSelector_NamespaceSelector) Descriptor deprecated 

func (*AttributeDefinitionSelector_NamespaceSelector) Descriptor() ([]byte, []int)

Deprecated: Use AttributeDefinitionSelector_NamespaceSelector.ProtoReflect.Descriptor instead.

func (*AttributeDefinitionSelector_NamespaceSelector) ProtoMessage 

func (*AttributeDefinitionSelector_NamespaceSelector) ProtoMessage()

func (*AttributeDefinitionSelector_NamespaceSelector) ProtoReflect 

func (x *AttributeDefinitionSelector_NamespaceSelector) ProtoReflect() protoreflect.Message

func (*AttributeDefinitionSelector_NamespaceSelector) Reset 

func (x *AttributeDefinitionSelector_NamespaceSelector) Reset()

func (*AttributeDefinitionSelector_NamespaceSelector) String 

func (x *AttributeDefinitionSelector_NamespaceSelector) String() string

type AttributeDefinitionSelector_ValueSelector 

type AttributeDefinitionSelector_ValueSelector struct {
	WithKeyAccessGrants bool `protobuf:"varint,1,opt,name=with_key_access_grants,json=withKeyAccessGrants,proto3" json:"with_key_access_grants,omitempty"`
	WithSubjectMaps     bool `protobuf:"varint,2,opt,name=with_subject_maps,json=withSubjectMaps,proto3" json:"with_subject_maps,omitempty"`
	WithResourceMaps    bool `protobuf:"varint,3,opt,name=with_resource_maps,json=withResourceMaps,proto3" json:"with_resource_maps,omitempty"`
	// contains filtered or unexported fields
}

func (*AttributeDefinitionSelector_ValueSelector) Descriptor deprecated 

func (*AttributeDefinitionSelector_ValueSelector) Descriptor() ([]byte, []int)

Deprecated: Use AttributeDefinitionSelector_ValueSelector.ProtoReflect.Descriptor instead.

func (*AttributeDefinitionSelector_ValueSelector) GetWithKeyAccessGrants 

func (x *AttributeDefinitionSelector_ValueSelector) GetWithKeyAccessGrants() bool

func (*AttributeDefinitionSelector_ValueSelector) GetWithResourceMaps 

func (x *AttributeDefinitionSelector_ValueSelector) GetWithResourceMaps() bool

func (*AttributeDefinitionSelector_ValueSelector) GetWithSubjectMaps 

func (x *AttributeDefinitionSelector_ValueSelector) GetWithSubjectMaps() bool

func (*AttributeDefinitionSelector_ValueSelector) ProtoMessage 

func (*AttributeDefinitionSelector_ValueSelector) ProtoMessage()

func (*AttributeDefinitionSelector_ValueSelector) ProtoReflect 

func (x *AttributeDefinitionSelector_ValueSelector) ProtoReflect() protoreflect.Message

func (*AttributeDefinitionSelector_ValueSelector) Reset 

func (x *AttributeDefinitionSelector_ValueSelector) Reset()

func (*AttributeDefinitionSelector_ValueSelector) String 

func (x *AttributeDefinitionSelector_ValueSelector) String() string

type AttributeNamespaceSelector 

type AttributeNamespaceSelector struct {
	WithAttributes *AttributeNamespaceSelector_AttributeSelector `protobuf:"bytes,10,opt,name=with_attributes,json=withAttributes,proto3" json:"with_attributes,omitempty"`
	// contains filtered or unexported fields
}

func (*AttributeNamespaceSelector) Descriptor deprecated 

func (*AttributeNamespaceSelector) Descriptor() ([]byte, []int)

Deprecated: Use AttributeNamespaceSelector.ProtoReflect.Descriptor instead.

func (*AttributeNamespaceSelector) GetWithAttributes 

func (x *AttributeNamespaceSelector) GetWithAttributes() *AttributeNamespaceSelector_AttributeSelector

func (*AttributeNamespaceSelector) ProtoMessage 

func (*AttributeNamespaceSelector) ProtoMessage()

func (*AttributeNamespaceSelector) ProtoReflect 

func (x *AttributeNamespaceSelector) ProtoReflect() protoreflect.Message

func (*AttributeNamespaceSelector) Reset 

func (x *AttributeNamespaceSelector) Reset()

func (*AttributeNamespaceSelector) String 

func (x *AttributeNamespaceSelector) String() string

type AttributeNamespaceSelector_AttributeSelector 

type AttributeNamespaceSelector_AttributeSelector struct {
	WithKeyAccessGrants bool                                                        `protobuf:"varint,1,opt,name=with_key_access_grants,json=withKeyAccessGrants,proto3" json:"with_key_access_grants,omitempty"`
	WithValues          *AttributeNamespaceSelector_AttributeSelector_ValueSelector `protobuf:"bytes,10,opt,name=with_values,json=withValues,proto3" json:"with_values,omitempty"`
	// contains filtered or unexported fields
}

func (*AttributeNamespaceSelector_AttributeSelector) Descriptor deprecated 

func (*AttributeNamespaceSelector_AttributeSelector) Descriptor() ([]byte, []int)

Deprecated: Use AttributeNamespaceSelector_AttributeSelector.ProtoReflect.Descriptor instead.

func (*AttributeNamespaceSelector_AttributeSelector) GetWithKeyAccessGrants 

func (x *AttributeNamespaceSelector_AttributeSelector) GetWithKeyAccessGrants() bool

func (*AttributeNamespaceSelector_AttributeSelector) GetWithValues 

func (x *AttributeNamespaceSelector_AttributeSelector) GetWithValues() *AttributeNamespaceSelector_AttributeSelector_ValueSelector

func (*AttributeNamespaceSelector_AttributeSelector) ProtoMessage 

func (*AttributeNamespaceSelector_AttributeSelector) ProtoMessage()

func (*AttributeNamespaceSelector_AttributeSelector) ProtoReflect 

func (x *AttributeNamespaceSelector_AttributeSelector) ProtoReflect() protoreflect.Message

func (*AttributeNamespaceSelector_AttributeSelector) Reset 

func (x *AttributeNamespaceSelector_AttributeSelector) Reset()

func (*AttributeNamespaceSelector_AttributeSelector) String 

func (x *AttributeNamespaceSelector_AttributeSelector) String() string

type AttributeNamespaceSelector_AttributeSelector_ValueSelector 

type AttributeNamespaceSelector_AttributeSelector_ValueSelector struct {
	WithKeyAccessGrants bool `protobuf:"varint,1,opt,name=with_key_access_grants,json=withKeyAccessGrants,proto3" json:"with_key_access_grants,omitempty"`
	WithSubjectMaps     bool `protobuf:"varint,2,opt,name=with_subject_maps,json=withSubjectMaps,proto3" json:"with_subject_maps,omitempty"`
	WithResourceMaps    bool `protobuf:"varint,3,opt,name=with_resource_maps,json=withResourceMaps,proto3" json:"with_resource_maps,omitempty"`
	// contains filtered or unexported fields
}

func (*AttributeNamespaceSelector_AttributeSelector_ValueSelector) Descriptor deprecated 

func (*AttributeNamespaceSelector_AttributeSelector_ValueSelector) Descriptor() ([]byte, []int)

Deprecated: Use AttributeNamespaceSelector_AttributeSelector_ValueSelector.ProtoReflect.Descriptor instead.

func (*AttributeNamespaceSelector_AttributeSelector_ValueSelector) GetWithKeyAccessGrants 

func (x *AttributeNamespaceSelector_AttributeSelector_ValueSelector) GetWithKeyAccessGrants() bool

func (*AttributeNamespaceSelector_AttributeSelector_ValueSelector) GetWithResourceMaps 

func (x *AttributeNamespaceSelector_AttributeSelector_ValueSelector) GetWithResourceMaps() bool

func (*AttributeNamespaceSelector_AttributeSelector_ValueSelector) GetWithSubjectMaps 

func (x *AttributeNamespaceSelector_AttributeSelector_ValueSelector) GetWithSubjectMaps() bool

func (*AttributeNamespaceSelector_AttributeSelector_ValueSelector) ProtoMessage 

func (*AttributeNamespaceSelector_AttributeSelector_ValueSelector) ProtoMessage()

func (*AttributeNamespaceSelector_AttributeSelector_ValueSelector) ProtoReflect 

func (x *AttributeNamespaceSelector_AttributeSelector_ValueSelector) ProtoReflect() protoreflect.Message

func (*AttributeNamespaceSelector_AttributeSelector_ValueSelector) Reset 

func (x *AttributeNamespaceSelector_AttributeSelector_ValueSelector) Reset()

func (*AttributeNamespaceSelector_AttributeSelector_ValueSelector) String 

func (x *AttributeNamespaceSelector_AttributeSelector_ValueSelector) String() string

type AttributeRuleTypeEnum 

type AttributeRuleTypeEnum int32

buflint ENUM_VALUE_PREFIX: to make sure that C++ scoping rules aren't violated when users add new enum values to an enum in a given package 

const (
	AttributeRuleTypeEnum_ATTRIBUTE_RULE_TYPE_ENUM_UNSPECIFIED AttributeRuleTypeEnum = 0
	AttributeRuleTypeEnum_ATTRIBUTE_RULE_TYPE_ENUM_ALL_OF      AttributeRuleTypeEnum = 1
	AttributeRuleTypeEnum_ATTRIBUTE_RULE_TYPE_ENUM_ANY_OF      AttributeRuleTypeEnum = 2
	AttributeRuleTypeEnum_ATTRIBUTE_RULE_TYPE_ENUM_HIERARCHY   AttributeRuleTypeEnum = 3
)

func (AttributeRuleTypeEnum) Descriptor 

func (AttributeRuleTypeEnum) Descriptor() protoreflect.EnumDescriptor

func (AttributeRuleTypeEnum) Enum 

func (x AttributeRuleTypeEnum) Enum() *AttributeRuleTypeEnum

func (AttributeRuleTypeEnum) EnumDescriptor deprecated 

func (AttributeRuleTypeEnum) EnumDescriptor() ([]byte, []int)

Deprecated: Use AttributeRuleTypeEnum.Descriptor instead.

func (AttributeRuleTypeEnum) Number 

func (x AttributeRuleTypeEnum) Number() protoreflect.EnumNumber

func (AttributeRuleTypeEnum) String 

func (x AttributeRuleTypeEnum) String() string

func (AttributeRuleTypeEnum) Type 

func (AttributeRuleTypeEnum) Type() protoreflect.EnumType

type AttributeValueSelector 

type AttributeValueSelector struct {
	WithKeyAccessGrants bool                                      `protobuf:"varint,1,opt,name=with_key_access_grants,json=withKeyAccessGrants,proto3" json:"with_key_access_grants,omitempty"`
	WithSubjectMaps     bool                                      `protobuf:"varint,2,opt,name=with_subject_maps,json=withSubjectMaps,proto3" json:"with_subject_maps,omitempty"`
	WithResourceMaps    bool                                      `protobuf:"varint,3,opt,name=with_resource_maps,json=withResourceMaps,proto3" json:"with_resource_maps,omitempty"`
	WithAttribute       *AttributeValueSelector_AttributeSelector `protobuf:"bytes,10,opt,name=with_attribute,json=withAttribute,proto3" json:"with_attribute,omitempty"`
	// contains filtered or unexported fields
}

func (*AttributeValueSelector) Descriptor deprecated 

func (*AttributeValueSelector) Descriptor() ([]byte, []int)

Deprecated: Use AttributeValueSelector.ProtoReflect.Descriptor instead.

func (*AttributeValueSelector) GetWithAttribute 

func (x *AttributeValueSelector) GetWithAttribute() *AttributeValueSelector_AttributeSelector

func (*AttributeValueSelector) GetWithKeyAccessGrants 

func (x *AttributeValueSelector) GetWithKeyAccessGrants() bool

func (*AttributeValueSelector) GetWithResourceMaps 

func (x *AttributeValueSelector) GetWithResourceMaps() bool

func (*AttributeValueSelector) GetWithSubjectMaps 

func (x *AttributeValueSelector) GetWithSubjectMaps() bool

func (*AttributeValueSelector) ProtoMessage 

func (*AttributeValueSelector) ProtoMessage()

func (*AttributeValueSelector) ProtoReflect 

func (x *AttributeValueSelector) ProtoReflect() protoreflect.Message

func (*AttributeValueSelector) Reset 

func (x *AttributeValueSelector) Reset()

func (*AttributeValueSelector) String 

func (x *AttributeValueSelector) String() string

type AttributeValueSelector_AttributeSelector 

type AttributeValueSelector_AttributeSelector struct {
	WithKeyAccessGrants bool                                                        `protobuf:"varint,1,opt,name=with_key_access_grants,json=withKeyAccessGrants,proto3" json:"with_key_access_grants,omitempty"`
	WithNamespace       *AttributeValueSelector_AttributeSelector_NamespaceSelector `protobuf:"bytes,10,opt,name=with_namespace,json=withNamespace,proto3" json:"with_namespace,omitempty"`
	// contains filtered or unexported fields
}

func (*AttributeValueSelector_AttributeSelector) Descriptor deprecated 

func (*AttributeValueSelector_AttributeSelector) Descriptor() ([]byte, []int)

Deprecated: Use AttributeValueSelector_AttributeSelector.ProtoReflect.Descriptor instead.

func (*AttributeValueSelector_AttributeSelector) GetWithKeyAccessGrants 

func (x *AttributeValueSelector_AttributeSelector) GetWithKeyAccessGrants() bool

func (*AttributeValueSelector_AttributeSelector) GetWithNamespace 

func (x *AttributeValueSelector_AttributeSelector) GetWithNamespace() *AttributeValueSelector_AttributeSelector_NamespaceSelector

func (*AttributeValueSelector_AttributeSelector) ProtoMessage 

func (*AttributeValueSelector_AttributeSelector) ProtoMessage()

func (*AttributeValueSelector_AttributeSelector) ProtoReflect 

func (x *AttributeValueSelector_AttributeSelector) ProtoReflect() protoreflect.Message

func (*AttributeValueSelector_AttributeSelector) Reset 

func (x *AttributeValueSelector_AttributeSelector) Reset()

func (*AttributeValueSelector_AttributeSelector) String 

func (x *AttributeValueSelector_AttributeSelector) String() string

type AttributeValueSelector_AttributeSelector_NamespaceSelector 

type AttributeValueSelector_AttributeSelector_NamespaceSelector struct {
	// contains filtered or unexported fields
}

func (*AttributeValueSelector_AttributeSelector_NamespaceSelector) Descriptor deprecated 

func (*AttributeValueSelector_AttributeSelector_NamespaceSelector) Descriptor() ([]byte, []int)

Deprecated: Use AttributeValueSelector_AttributeSelector_NamespaceSelector.ProtoReflect.Descriptor instead.

func (*AttributeValueSelector_AttributeSelector_NamespaceSelector) ProtoMessage 

func (*AttributeValueSelector_AttributeSelector_NamespaceSelector) ProtoMessage()

func (*AttributeValueSelector_AttributeSelector_NamespaceSelector) ProtoReflect 

func (x *AttributeValueSelector_AttributeSelector_NamespaceSelector) ProtoReflect() protoreflect.Message

func (*AttributeValueSelector_AttributeSelector_NamespaceSelector) Reset 

func (x *AttributeValueSelector_AttributeSelector_NamespaceSelector) Reset()

func (*AttributeValueSelector_AttributeSelector_NamespaceSelector) String 

func (x *AttributeValueSelector_AttributeSelector_NamespaceSelector) String() string

type Condition 

type Condition struct {

	// a selector for a field value on a flattened Entity Representation (such as from idP/LDAP)
	SubjectExternalSelectorValue string `` /* 149-byte string literal not displayed */
	// the evaluation operator of relation
	Operator SubjectMappingOperatorEnum `protobuf:"varint,2,opt,name=operator,proto3,enum=policy.SubjectMappingOperatorEnum" json:"operator,omitempty"`
	// list of comparison values for the result of applying the subject_external_selector_value on a flattened Entity Representation (Subject), evaluated by the operator
	SubjectExternalValues []string `` /* 126-byte string literal not displayed */
	// contains filtered or unexported fields
}

* A Condition defines a rule of <the value at the flattened 'selector value' location> <operator> <subject external values>

func (*Condition) Descriptor deprecated 

func (*Condition) Descriptor() ([]byte, []int)

Deprecated: Use Condition.ProtoReflect.Descriptor instead.

func (*Condition) GetOperator 

func (x *Condition) GetOperator() SubjectMappingOperatorEnum

func (*Condition) GetSubjectExternalSelectorValue 

func (x *Condition) GetSubjectExternalSelectorValue() string

func (*Condition) GetSubjectExternalValues 

func (x *Condition) GetSubjectExternalValues() []string

func (*Condition) ProtoMessage 

func (*Condition) ProtoMessage()

func (*Condition) ProtoReflect 

func (x *Condition) ProtoReflect() protoreflect.Message

func (*Condition) Reset 

func (x *Condition) Reset()

func (*Condition) String 

func (x *Condition) String() string

type ConditionBooleanTypeEnum 

type ConditionBooleanTypeEnum int32

buflint ENUM_VALUE_PREFIX: to make sure that C++ scoping rules aren't violated when users add new enum values to an enum in a given package 

const (
	ConditionBooleanTypeEnum_CONDITION_BOOLEAN_TYPE_ENUM_UNSPECIFIED ConditionBooleanTypeEnum = 0
	ConditionBooleanTypeEnum_CONDITION_BOOLEAN_TYPE_ENUM_AND         ConditionBooleanTypeEnum = 1
	ConditionBooleanTypeEnum_CONDITION_BOOLEAN_TYPE_ENUM_OR          ConditionBooleanTypeEnum = 2
)

func (ConditionBooleanTypeEnum) Descriptor 

func (ConditionBooleanTypeEnum) Descriptor() protoreflect.EnumDescriptor

func (ConditionBooleanTypeEnum) Enum 

func (x ConditionBooleanTypeEnum) Enum() *ConditionBooleanTypeEnum

func (ConditionBooleanTypeEnum) EnumDescriptor deprecated 

func (ConditionBooleanTypeEnum) EnumDescriptor() ([]byte, []int)

Deprecated: Use ConditionBooleanTypeEnum.Descriptor instead.

func (ConditionBooleanTypeEnum) Number 

func (x ConditionBooleanTypeEnum) Number() protoreflect.EnumNumber

func (ConditionBooleanTypeEnum) String 

func (x ConditionBooleanTypeEnum) String() string

func (ConditionBooleanTypeEnum) Type 

func (ConditionBooleanTypeEnum) Type() protoreflect.EnumType

type ConditionGroup 

type ConditionGroup struct {
	Conditions []*Condition `protobuf:"bytes,1,rep,name=conditions,proto3" json:"conditions,omitempty"`
	// the boolean evaluation type across the conditions
	BooleanOperator ConditionBooleanTypeEnum `` /* 144-byte string literal not displayed */
	// contains filtered or unexported fields
}

A collection of Conditions evaluated by the boolean_operator provided

func (*ConditionGroup) Descriptor deprecated 

func (*ConditionGroup) Descriptor() ([]byte, []int)

Deprecated: Use ConditionGroup.ProtoReflect.Descriptor instead.

func (*ConditionGroup) GetBooleanOperator 

func (x *ConditionGroup) GetBooleanOperator() ConditionBooleanTypeEnum

func (*ConditionGroup) GetConditions 

func (x *ConditionGroup) GetConditions() []*Condition

func (*ConditionGroup) ProtoMessage 

func (*ConditionGroup) ProtoMessage()

func (*ConditionGroup) ProtoReflect 

func (x *ConditionGroup) ProtoReflect() protoreflect.Message

func (*ConditionGroup) Reset 

func (x *ConditionGroup) Reset()

func (*ConditionGroup) String 

func (x *ConditionGroup) String() string

type KasPublicKey added in v0.2.13 

type KasPublicKey struct {

	// x509 ASN.1 content in PEM envelope, usually
	Pem string `protobuf:"bytes,1,opt,name=pem,proto3" json:"pem,omitempty"`
	// A unique string identifier for this key
	Kid string `protobuf:"bytes,2,opt,name=kid,proto3" json:"kid,omitempty"`
	// A known algorithm type with any additional parameters encoded.
	// To start, these may be `rsa:2048` for encrypting ZTDF files and
	// `ec:secp256r1` for nanoTDF, but more formats may be added as needed.
	Alg KasPublicKeyAlgEnum `protobuf:"varint,3,opt,name=alg,proto3,enum=policy.KasPublicKeyAlgEnum" json:"alg,omitempty"`
	// contains filtered or unexported fields
}

A KAS public key and some associated metadata for further identifcation

func (*KasPublicKey) Descriptor deprecated added in v0.2.13 

func (*KasPublicKey) Descriptor() ([]byte, []int)

Deprecated: Use KasPublicKey.ProtoReflect.Descriptor instead.

func (*KasPublicKey) GetAlg added in v0.2.13 

func (x *KasPublicKey) GetAlg() KasPublicKeyAlgEnum

func (*KasPublicKey) GetKid added in v0.2.13 

func (x *KasPublicKey) GetKid() string

func (*KasPublicKey) GetPem added in v0.2.13 

func (x *KasPublicKey) GetPem() string

func (*KasPublicKey) ProtoMessage added in v0.2.13 

func (*KasPublicKey) ProtoMessage()

func (*KasPublicKey) ProtoReflect added in v0.2.13 

func (x *KasPublicKey) ProtoReflect() protoreflect.Message

func (*KasPublicKey) Reset added in v0.2.13 

func (x *KasPublicKey) Reset()

func (*KasPublicKey) String added in v0.2.13 

func (x *KasPublicKey) String() string

type KasPublicKeyAlgEnum added in v0.2.13 

type KasPublicKeyAlgEnum int32
const (
	KasPublicKeyAlgEnum_KAS_PUBLIC_KEY_ALG_ENUM_UNSPECIFIED  KasPublicKeyAlgEnum = 0
	KasPublicKeyAlgEnum_KAS_PUBLIC_KEY_ALG_ENUM_RSA_2048     KasPublicKeyAlgEnum = 1
	KasPublicKeyAlgEnum_KAS_PUBLIC_KEY_ALG_ENUM_EC_SECP256R1 KasPublicKeyAlgEnum = 5
)

func (KasPublicKeyAlgEnum) Descriptor added in v0.2.13 

func (KasPublicKeyAlgEnum) Descriptor() protoreflect.EnumDescriptor

func (KasPublicKeyAlgEnum) Enum added in v0.2.13 

func (x KasPublicKeyAlgEnum) Enum() *KasPublicKeyAlgEnum

func (KasPublicKeyAlgEnum) EnumDescriptor deprecated added in v0.2.13 

func (KasPublicKeyAlgEnum) EnumDescriptor() ([]byte, []int)

Deprecated: Use KasPublicKeyAlgEnum.Descriptor instead.

func (KasPublicKeyAlgEnum) Number added in v0.2.13 

func (x KasPublicKeyAlgEnum) Number() protoreflect.EnumNumber

func (KasPublicKeyAlgEnum) String added in v0.2.13 

func (x KasPublicKeyAlgEnum) String() string

func (KasPublicKeyAlgEnum) Type added in v0.2.13 

func (KasPublicKeyAlgEnum) Type() protoreflect.EnumType

type KasPublicKeySet added in v0.2.13 

type KasPublicKeySet struct {
	Keys []*KasPublicKey `protobuf:"bytes,1,rep,name=keys,proto3" json:"keys,omitempty"`
	// contains filtered or unexported fields
}

A list of known KAS public keys

func (*KasPublicKeySet) Descriptor deprecated added in v0.2.13 

func (*KasPublicKeySet) Descriptor() ([]byte, []int)

Deprecated: Use KasPublicKeySet.ProtoReflect.Descriptor instead.

func (*KasPublicKeySet) GetKeys added in v0.2.13 

func (x *KasPublicKeySet) GetKeys() []*KasPublicKey

func (*KasPublicKeySet) ProtoMessage added in v0.2.13 

func (*KasPublicKeySet) ProtoMessage()

func (*KasPublicKeySet) ProtoReflect added in v0.2.13 

func (x *KasPublicKeySet) ProtoReflect() protoreflect.Message

func (*KasPublicKeySet) Reset added in v0.2.13 

func (x *KasPublicKeySet) Reset()

func (*KasPublicKeySet) String added in v0.2.13 

func (x *KasPublicKeySet) String() string

type KeyAccessServer added in v0.2.0 

type KeyAccessServer struct {
	Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
	// Address of a KAS instance
	Uri       string     `protobuf:"bytes,2,opt,name=uri,proto3" json:"uri,omitempty"`
	PublicKey *PublicKey `protobuf:"bytes,3,opt,name=public_key,json=publicKey,proto3" json:"public_key,omitempty"`
	// Optional
	// Unique name of the KAS instance
	Name string `protobuf:"bytes,20,opt,name=name,proto3" json:"name,omitempty"`
	// Common metadata
	Metadata *common.Metadata `protobuf:"bytes,100,opt,name=metadata,proto3" json:"metadata,omitempty"`
	// contains filtered or unexported fields
}

Key Access Server Registry

func (*KeyAccessServer) Descriptor deprecated added in v0.2.0 

func (*KeyAccessServer) Descriptor() ([]byte, []int)

Deprecated: Use KeyAccessServer.ProtoReflect.Descriptor instead.

func (*KeyAccessServer) GetId added in v0.2.0 

func (x *KeyAccessServer) GetId() string

func (*KeyAccessServer) GetMetadata added in v0.2.0 

func (x *KeyAccessServer) GetMetadata() *common.Metadata

func (*KeyAccessServer) GetName added in v0.2.19 

func (x *KeyAccessServer) GetName() string

func (*KeyAccessServer) GetPublicKey added in v0.2.0 

func (x *KeyAccessServer) GetPublicKey() *PublicKey

func (*KeyAccessServer) GetUri added in v0.2.0 

func (x *KeyAccessServer) GetUri() string

func (*KeyAccessServer) ProtoMessage added in v0.2.0 

func (*KeyAccessServer) ProtoMessage()

func (*KeyAccessServer) ProtoReflect added in v0.2.0 

func (x *KeyAccessServer) ProtoReflect() protoreflect.Message

func (*KeyAccessServer) Reset added in v0.2.0 

func (x *KeyAccessServer) Reset()

func (*KeyAccessServer) String added in v0.2.0 

func (x *KeyAccessServer) String() string

type Namespace 

type Namespace struct {

	// generated uuid in database
	Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
	// used to partition Attribute Definitions, support by namespace AuthN and enable federation
	Name string `protobuf:"bytes,2,opt,name=name,proto3" json:"name,omitempty"`
	Fqn  string `protobuf:"bytes,3,opt,name=fqn,proto3" json:"fqn,omitempty"`
	// active by default until explicitly deactivated
	Active   *wrapperspb.BoolValue `protobuf:"bytes,4,opt,name=active,proto3" json:"active,omitempty"`
	Metadata *common.Metadata      `protobuf:"bytes,5,opt,name=metadata,proto3" json:"metadata,omitempty"`
	// KAS grants for the namespace
	Grants []*KeyAccessServer `protobuf:"bytes,6,rep,name=grants,proto3" json:"grants,omitempty"`
	// contains filtered or unexported fields
}

func (*Namespace) Descriptor deprecated 

func (*Namespace) Descriptor() ([]byte, []int)

Deprecated: Use Namespace.ProtoReflect.Descriptor instead.

func (*Namespace) GetActive 

func (x *Namespace) GetActive() *wrapperspb.BoolValue

func (*Namespace) GetFqn 

func (x *Namespace) GetFqn() string

func (*Namespace) GetGrants added in v0.2.12 

func (x *Namespace) GetGrants() []*KeyAccessServer

func (*Namespace) GetId 

func (x *Namespace) GetId() string

func (*Namespace) GetMetadata 

func (x *Namespace) GetMetadata() *common.Metadata

func (*Namespace) GetName 

func (x *Namespace) GetName() string

func (*Namespace) ProtoMessage 

func (*Namespace) ProtoMessage()

func (*Namespace) ProtoReflect 

func (x *Namespace) ProtoReflect() protoreflect.Message

func (*Namespace) Reset 

func (x *Namespace) Reset()

func (*Namespace) String 

func (x *Namespace) String() string

type PageRequest added in v0.2.19 

type PageRequest struct {

	// Optional
	// Set to configured default limit if not provided
	// Maximum limit set in platform config and enforced by services
	Limit int32 `protobuf:"varint,1,opt,name=limit,proto3" json:"limit,omitempty"`
	// Optional
	// Defaulted if not provided
	Offset int32 `protobuf:"varint,2,opt,name=offset,proto3" json:"offset,omitempty"`
	// contains filtered or unexported fields
}

func (*PageRequest) Descriptor deprecated added in v0.2.19 

func (*PageRequest) Descriptor() ([]byte, []int)

Deprecated: Use PageRequest.ProtoReflect.Descriptor instead.

func (*PageRequest) GetLimit added in v0.2.19 

func (x *PageRequest) GetLimit() int32

func (*PageRequest) GetOffset added in v0.2.19 

func (x *PageRequest) GetOffset() int32

func (*PageRequest) ProtoMessage added in v0.2.19 

func (*PageRequest) ProtoMessage()

func (*PageRequest) ProtoReflect added in v0.2.19 

func (x *PageRequest) ProtoReflect() protoreflect.Message

func (*PageRequest) Reset added in v0.2.19 

func (x *PageRequest) Reset()

func (*PageRequest) String added in v0.2.19 

func (x *PageRequest) String() string

type PageResponse added in v0.2.19 

type PageResponse struct {

	// Requested pagination offset
	CurrentOffset int32 `protobuf:"varint,1,opt,name=current_offset,json=currentOffset,proto3" json:"current_offset,omitempty"`
	// Calculated with request limit + offset or defaults
	// Empty when none remain after current page
	NextOffset int32 `protobuf:"varint,2,opt,name=next_offset,json=nextOffset,proto3" json:"next_offset,omitempty"`
	// Total count of entire list
	Total int32 `protobuf:"varint,3,opt,name=total,proto3" json:"total,omitempty"`
	// contains filtered or unexported fields
}

func (*PageResponse) Descriptor deprecated added in v0.2.19 

func (*PageResponse) Descriptor() ([]byte, []int)

Deprecated: Use PageResponse.ProtoReflect.Descriptor instead.

func (*PageResponse) GetCurrentOffset added in v0.2.19 

func (x *PageResponse) GetCurrentOffset() int32

func (*PageResponse) GetNextOffset added in v0.2.19 

func (x *PageResponse) GetNextOffset() int32

func (*PageResponse) GetTotal added in v0.2.19 

func (x *PageResponse) GetTotal() int32

func (*PageResponse) ProtoMessage added in v0.2.19 

func (*PageResponse) ProtoMessage()

func (*PageResponse) ProtoReflect added in v0.2.19 

func (x *PageResponse) ProtoReflect() protoreflect.Message

func (*PageResponse) Reset added in v0.2.19 

func (x *PageResponse) Reset()

func (*PageResponse) String added in v0.2.19 

func (x *PageResponse) String() string

type PublicKey added in v0.2.0 

type PublicKey struct {

	// Types that are assignable to PublicKey:
	//
	//	*PublicKey_Remote
	//	*PublicKey_Cached
	PublicKey isPublicKey_PublicKey `protobuf_oneof:"public_key"`
	// contains filtered or unexported fields
}

func (*PublicKey) Descriptor deprecated added in v0.2.0 

func (*PublicKey) Descriptor() ([]byte, []int)

Deprecated: Use PublicKey.ProtoReflect.Descriptor instead.

func (*PublicKey) GetCached added in v0.2.13 

func (x *PublicKey) GetCached() *KasPublicKeySet

func (*PublicKey) GetPublicKey added in v0.2.0 

func (m *PublicKey) GetPublicKey() isPublicKey_PublicKey

func (*PublicKey) GetRemote added in v0.2.0 

func (x *PublicKey) GetRemote() string

func (*PublicKey) ProtoMessage added in v0.2.0 

func (*PublicKey) ProtoMessage()

func (*PublicKey) ProtoReflect added in v0.2.0 

func (x *PublicKey) ProtoReflect() protoreflect.Message

func (*PublicKey) Reset added in v0.2.0 

func (x *PublicKey) Reset()

func (*PublicKey) String added in v0.2.0 

func (x *PublicKey) String() string

type PublicKey_Cached added in v0.2.13 

type PublicKey_Cached struct {
	// public key with additional information. Current preferred version
	Cached *KasPublicKeySet `protobuf:"bytes,3,opt,name=cached,proto3,oneof"`
}

type PublicKey_Remote added in v0.2.0 

type PublicKey_Remote struct {
	// kas public key url - optional since can also be retrieved via public key
	Remote string `protobuf:"bytes,1,opt,name=remote,proto3,oneof"`
}

type ResourceMapping 

type ResourceMapping struct {
	Id             string                `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
	Metadata       *common.Metadata      `protobuf:"bytes,2,opt,name=metadata,proto3" json:"metadata,omitempty"`
	AttributeValue *Value                `protobuf:"bytes,3,opt,name=attribute_value,json=attributeValue,proto3" json:"attribute_value,omitempty"`
	Terms          []string              `protobuf:"bytes,4,rep,name=terms,proto3" json:"terms,omitempty"`
	Group          *ResourceMappingGroup `protobuf:"bytes,5,opt,name=group,proto3" json:"group,omitempty"`
	// contains filtered or unexported fields
}

Resource Mappings (aka Access Control Resource Encodings aka ACRE) are structures supporting the mapping of Resources and Attribute Values

func (*ResourceMapping) Descriptor deprecated 

func (*ResourceMapping) Descriptor() ([]byte, []int)

Deprecated: Use ResourceMapping.ProtoReflect.Descriptor instead.

func (*ResourceMapping) GetAttributeValue 

func (x *ResourceMapping) GetAttributeValue() *Value

func (*ResourceMapping) GetGroup added in v0.2.11 

func (x *ResourceMapping) GetGroup() *ResourceMappingGroup

func (*ResourceMapping) GetId 

func (x *ResourceMapping) GetId() string

func (*ResourceMapping) GetMetadata 

func (x *ResourceMapping) GetMetadata() *common.Metadata

func (*ResourceMapping) GetTerms 

func (x *ResourceMapping) GetTerms() []string

func (*ResourceMapping) ProtoMessage 

func (*ResourceMapping) ProtoMessage()

func (*ResourceMapping) ProtoReflect 

func (x *ResourceMapping) ProtoReflect() protoreflect.Message

func (*ResourceMapping) Reset 

func (x *ResourceMapping) Reset()

func (*ResourceMapping) String 

func (x *ResourceMapping) String() string

type ResourceMappingGroup added in v0.2.11 

type ResourceMappingGroup struct {
	Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
	// the namespace containing the group of resource mappings
	NamespaceId string `protobuf:"bytes,2,opt,name=namespace_id,json=namespaceId,proto3" json:"namespace_id,omitempty"`
	// the common name for the group of resource mappings, which must be unique per namespace
	Name string `protobuf:"bytes,3,opt,name=name,proto3" json:"name,omitempty"`
	// Common metadata
	Metadata *common.Metadata `protobuf:"bytes,100,opt,name=metadata,proto3" json:"metadata,omitempty"`
	// contains filtered or unexported fields
}

Resource Mapping Groups are namespaced collections of Resource Mappings associated under a common group name.

func (*ResourceMappingGroup) Descriptor deprecated added in v0.2.11 

func (*ResourceMappingGroup) Descriptor() ([]byte, []int)

Deprecated: Use ResourceMappingGroup.ProtoReflect.Descriptor instead.

func (*ResourceMappingGroup) GetId added in v0.2.11 

func (x *ResourceMappingGroup) GetId() string

func (*ResourceMappingGroup) GetMetadata added in v0.2.15 

func (x *ResourceMappingGroup) GetMetadata() *common.Metadata

func (*ResourceMappingGroup) GetName added in v0.2.11 

func (x *ResourceMappingGroup) GetName() string

func (*ResourceMappingGroup) GetNamespaceId added in v0.2.11 

func (x *ResourceMappingGroup) GetNamespaceId() string

func (*ResourceMappingGroup) ProtoMessage added in v0.2.11 

func (*ResourceMappingGroup) ProtoMessage()

func (*ResourceMappingGroup) ProtoReflect added in v0.2.11 

func (x *ResourceMappingGroup) ProtoReflect() protoreflect.Message

func (*ResourceMappingGroup) Reset added in v0.2.11 

func (x *ResourceMappingGroup) Reset()

func (*ResourceMappingGroup) String added in v0.2.11 

func (x *ResourceMappingGroup) String() string

type SubjectConditionSet 

type SubjectConditionSet struct {
	Id          string           `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
	SubjectSets []*SubjectSet    `protobuf:"bytes,3,rep,name=subject_sets,json=subjectSets,proto3" json:"subject_sets,omitempty"`
	Metadata    *common.Metadata `protobuf:"bytes,100,opt,name=metadata,proto3" json:"metadata,omitempty"`
	// contains filtered or unexported fields
}

A container for multiple Subject Sets, each containing Condition Groups, each containing Conditions. Multiple Subject Sets in a SubjectConditionSet are evaluated with AND logic. As each Subject Mapping has only one Attribute Value, the SubjectConditionSet is reusable across multiple Subject Mappings / Attribute Values and is an independent unit.

func (*SubjectConditionSet) Descriptor deprecated 

func (*SubjectConditionSet) Descriptor() ([]byte, []int)

Deprecated: Use SubjectConditionSet.ProtoReflect.Descriptor instead.

func (*SubjectConditionSet) GetId 

func (x *SubjectConditionSet) GetId() string

func (*SubjectConditionSet) GetMetadata 

func (x *SubjectConditionSet) GetMetadata() *common.Metadata

func (*SubjectConditionSet) GetSubjectSets 

func (x *SubjectConditionSet) GetSubjectSets() []*SubjectSet

func (*SubjectConditionSet) ProtoMessage 

func (*SubjectConditionSet) ProtoMessage()

func (*SubjectConditionSet) ProtoReflect 

func (x *SubjectConditionSet) ProtoReflect() protoreflect.Message

func (*SubjectConditionSet) Reset 

func (x *SubjectConditionSet) Reset()

func (*SubjectConditionSet) String 

func (x *SubjectConditionSet) String() string

type SubjectMapping 

type SubjectMapping struct {
	Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
	// the Attribute Value mapped to; aka: "The Entity Entitlement Attribute"
	AttributeValue *Value `protobuf:"bytes,2,opt,name=attribute_value,json=attributeValue,proto3" json:"attribute_value,omitempty"`
	// the reusable SubjectConditionSet mapped to the given Attribute Value
	SubjectConditionSet *SubjectConditionSet `protobuf:"bytes,3,opt,name=subject_condition_set,json=subjectConditionSet,proto3" json:"subject_condition_set,omitempty"`
	// The actions permitted by subjects in this mapping
	Actions  []*Action        `protobuf:"bytes,4,rep,name=actions,proto3" json:"actions,omitempty"`
	Metadata *common.Metadata `protobuf:"bytes,100,opt,name=metadata,proto3" json:"metadata,omitempty"`
	// contains filtered or unexported fields
}

Subject Mapping: A Policy assigning Subject Set(s) to a permitted attribute value + action(s) combination

Example: Subjects in sets 1 and 2 are entitled attribute value http://wwww.example.org/attr/example/value/one with permitted actions TRANSMIT and DECRYPT { "id": "someid", "attribute_value": {example_one_attribute_value...}, "subject_condition_set": {"subject_sets":[{subject_set_1},{subject_set_2}]...}, "actions": [{"standard": "STANDARD_ACTION_DECRYPT"}", {"standard": "STANDARD_ACTION_TRANSMIT"}] }

func (*SubjectMapping) Descriptor deprecated 

func (*SubjectMapping) Descriptor() ([]byte, []int)

Deprecated: Use SubjectMapping.ProtoReflect.Descriptor instead.

func (*SubjectMapping) GetActions 

func (x *SubjectMapping) GetActions() []*Action

func (*SubjectMapping) GetAttributeValue 

func (x *SubjectMapping) GetAttributeValue() *Value

func (*SubjectMapping) GetId 

func (x *SubjectMapping) GetId() string

func (*SubjectMapping) GetMetadata 

func (x *SubjectMapping) GetMetadata() *common.Metadata

func (*SubjectMapping) GetSubjectConditionSet 

func (x *SubjectMapping) GetSubjectConditionSet() *SubjectConditionSet

func (*SubjectMapping) ProtoMessage 

func (*SubjectMapping) ProtoMessage()

func (*SubjectMapping) ProtoReflect 

func (x *SubjectMapping) ProtoReflect() protoreflect.Message

func (*SubjectMapping) Reset 

func (x *SubjectMapping) Reset()

func (*SubjectMapping) String 

func (x *SubjectMapping) String() string

type SubjectMappingOperatorEnum 

type SubjectMappingOperatorEnum int32

buflint ENUM_VALUE_PREFIX: to make sure that C++ scoping rules aren't violated when users add new enum values to an enum in a given package 

const (
	SubjectMappingOperatorEnum_SUBJECT_MAPPING_OPERATOR_ENUM_UNSPECIFIED SubjectMappingOperatorEnum = 0
	// operator that returns true if a value in a list matches the string
	SubjectMappingOperatorEnum_SUBJECT_MAPPING_OPERATOR_ENUM_IN SubjectMappingOperatorEnum = 1
	// operator that returns true if a value is not in a list that is matched by string
	SubjectMappingOperatorEnum_SUBJECT_MAPPING_OPERATOR_ENUM_NOT_IN SubjectMappingOperatorEnum = 2
	// operator that returns true if a value in a list contains the substring
	SubjectMappingOperatorEnum_SUBJECT_MAPPING_OPERATOR_ENUM_IN_CONTAINS SubjectMappingOperatorEnum = 3
)

func (SubjectMappingOperatorEnum) Descriptor 

func (SubjectMappingOperatorEnum) Descriptor() protoreflect.EnumDescriptor

func (SubjectMappingOperatorEnum) Enum 

func (x SubjectMappingOperatorEnum) Enum() *SubjectMappingOperatorEnum

func (SubjectMappingOperatorEnum) EnumDescriptor deprecated 

func (SubjectMappingOperatorEnum) EnumDescriptor() ([]byte, []int)

Deprecated: Use SubjectMappingOperatorEnum.Descriptor instead.

func (SubjectMappingOperatorEnum) Number 

func (x SubjectMappingOperatorEnum) Number() protoreflect.EnumNumber

func (SubjectMappingOperatorEnum) String 

func (x SubjectMappingOperatorEnum) String() string

func (SubjectMappingOperatorEnum) Type 

func (SubjectMappingOperatorEnum) Type() protoreflect.EnumType

type SubjectProperty 

type SubjectProperty struct {
	ExternalSelectorValue string `` /* 126-byte string literal not displayed */
	ExternalValue         string `protobuf:"bytes,2,opt,name=external_value,json=externalValue,proto3" json:"external_value,omitempty"`
	// contains filtered or unexported fields
}

A property of a Subject/Entity as its selector expression -> value result pair. This would mirror external user attributes retrieved from an authoritative source such as an IDP (Identity Provider) or User Store. Examples include such ADFS/LDAP, OKTA, etc. For now, a valid property must contain both a selector expression & a resulting value.

The external_selector_value is a specifier to select a value from a flattened external representation of an Entity (such as from idP/LDAP), and the external_value is the value selected by the external_selector_value on that Entity Representation (Subject Context). These mirror the Condition.

func (*SubjectProperty) Descriptor deprecated 

func (*SubjectProperty) Descriptor() ([]byte, []int)

Deprecated: Use SubjectProperty.ProtoReflect.Descriptor instead.

func (*SubjectProperty) GetExternalSelectorValue 

func (x *SubjectProperty) GetExternalSelectorValue() string

func (*SubjectProperty) GetExternalValue 

func (x *SubjectProperty) GetExternalValue() string

func (*SubjectProperty) ProtoMessage 

func (*SubjectProperty) ProtoMessage()

func (*SubjectProperty) ProtoReflect 

func (x *SubjectProperty) ProtoReflect() protoreflect.Message

func (*SubjectProperty) Reset 

func (x *SubjectProperty) Reset()

func (*SubjectProperty) String 

func (x *SubjectProperty) String() string

type SubjectSet 

type SubjectSet struct {

	// multiple Condition Groups are evaluated with AND logic
	ConditionGroups []*ConditionGroup `protobuf:"bytes,1,rep,name=condition_groups,json=conditionGroups,proto3" json:"condition_groups,omitempty"`
	// contains filtered or unexported fields
}

A collection of Condition Groups

func (*SubjectSet) Descriptor deprecated 

func (*SubjectSet) Descriptor() ([]byte, []int)

Deprecated: Use SubjectSet.ProtoReflect.Descriptor instead.

func (*SubjectSet) GetConditionGroups 

func (x *SubjectSet) GetConditionGroups() []*ConditionGroup

func (*SubjectSet) ProtoMessage 

func (*SubjectSet) ProtoMessage()

func (*SubjectSet) ProtoReflect 

func (x *SubjectSet) ProtoReflect() protoreflect.Message

func (*SubjectSet) Reset 

func (x *SubjectSet) Reset()

func (*SubjectSet) String 

func (x *SubjectSet) String() string

type Value 

type Value struct {

	// generated uuid in database
	Id        string     `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
	Attribute *Attribute `protobuf:"bytes,2,opt,name=attribute,proto3" json:"attribute,omitempty"`
	Value     string     `protobuf:"bytes,3,opt,name=value,proto3" json:"value,omitempty"`
	// list of key access servers
	Grants []*KeyAccessServer `protobuf:"bytes,5,rep,name=grants,proto3" json:"grants,omitempty"`
	Fqn    string             `protobuf:"bytes,6,opt,name=fqn,proto3" json:"fqn,omitempty"`
	// active by default until explicitly deactivated
	Active *wrapperspb.BoolValue `protobuf:"bytes,7,opt,name=active,proto3" json:"active,omitempty"`
	// subject mapping
	SubjectMappings []*SubjectMapping `protobuf:"bytes,8,rep,name=subject_mappings,json=subjectMappings,proto3" json:"subject_mappings,omitempty"`
	// Common metadata
	Metadata *common.Metadata `protobuf:"bytes,100,opt,name=metadata,proto3" json:"metadata,omitempty"`
	// contains filtered or unexported fields
}

func (*Value) Descriptor deprecated 

func (*Value) Descriptor() ([]byte, []int)

Deprecated: Use Value.ProtoReflect.Descriptor instead.

func (*Value) GetActive 

func (x *Value) GetActive() *wrapperspb.BoolValue

func (*Value) GetAttribute 

func (x *Value) GetAttribute() *Attribute

func (*Value) GetFqn 

func (x *Value) GetFqn() string

func (*Value) GetGrants 

func (x *Value) GetGrants() []*KeyAccessServer

func (*Value) GetId 

func (x *Value) GetId() string

func (*Value) GetMetadata 

func (x *Value) GetMetadata() *common.Metadata

func (*Value) GetSubjectMappings 

func (x *Value) GetSubjectMappings() []*SubjectMapping

func (*Value) GetValue 

func (x *Value) GetValue() string

func (*Value) ProtoMessage 

func (*Value) ProtoMessage()

func (*Value) ProtoReflect 

func (x *Value) ProtoReflect() protoreflect.Message

func (*Value) Reset 

func (x *Value) Reset()

func (*Value) String 

func (x *Value) String() string

Source Files

View all Source files

Directories

Path Synopsis
Package attributes is a reverse proxy.
 Package attributes is a reverse proxy.
attributesconnect
Package kasregistry is a reverse proxy.
 Package kasregistry is a reverse proxy.
kasregistryconnect
Package namespaces is a reverse proxy.
 Package namespaces is a reverse proxy.
namespacesconnect
Package resourcemapping is a reverse proxy.
 Package resourcemapping is a reverse proxy.
resourcemappingconnect
Package subjectmapping is a reverse proxy.
 Package subjectmapping is a reverse proxy.
subjectmappingconnect
Package unsafe is a reverse proxy.
 Package unsafe is a reverse proxy.
unsafeconnect

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.