Documentation ¶
Index ¶
- Variables
- type Agent
- func (*Agent) Descriptor() ([]byte, []int)deprecated
- func (x *Agent) GetAttestationType() string
- func (x *Agent) GetBanned() bool
- func (x *Agent) GetId() *SPIFFEID
- func (x *Agent) GetSelectors() []*Selector
- func (x *Agent) GetX509SvidExpiresAt() int64
- func (x *Agent) GetX509SvidSerialNumber() string
- func (*Agent) ProtoMessage()
- func (x *Agent) ProtoReflect() protoreflect.Message
- func (x *Agent) Reset()
- func (x *Agent) String() string
- type AgentMask
- func (*AgentMask) Descriptor() ([]byte, []int)deprecated
- func (x *AgentMask) GetAttestationType() bool
- func (x *AgentMask) GetBanned() bool
- func (x *AgentMask) GetSelectors() bool
- func (x *AgentMask) GetX509SvidExpiresAt() bool
- func (x *AgentMask) GetX509SvidSerialNumber() bool
- func (*AgentMask) ProtoMessage()
- func (x *AgentMask) ProtoReflect() protoreflect.Message
- func (x *AgentMask) Reset()
- func (x *AgentMask) String() string
- type AttestationData
- func (*AttestationData) Descriptor() ([]byte, []int)deprecated
- func (x *AttestationData) GetPayload() []byte
- func (x *AttestationData) GetType() string
- func (*AttestationData) ProtoMessage()
- func (x *AttestationData) ProtoReflect() protoreflect.Message
- func (x *AttestationData) Reset()
- func (x *AttestationData) String() string
- type Bundle
- func (*Bundle) Descriptor() ([]byte, []int)deprecated
- func (x *Bundle) GetJwtAuthorities() []*JWTKey
- func (x *Bundle) GetRefreshHint() int64
- func (x *Bundle) GetSequenceNumber() uint64
- func (x *Bundle) GetTrustDomain() string
- func (x *Bundle) GetX509Authorities() []*X509Certificate
- func (*Bundle) ProtoMessage()
- func (x *Bundle) ProtoReflect() protoreflect.Message
- func (x *Bundle) Reset()
- func (x *Bundle) String() string
- type BundleMask
- func (*BundleMask) Descriptor() ([]byte, []int)deprecated
- func (x *BundleMask) GetJwtAuthorities() bool
- func (x *BundleMask) GetRefreshHint() bool
- func (x *BundleMask) GetSequenceNumber() bool
- func (x *BundleMask) GetX509Authorities() bool
- func (*BundleMask) ProtoMessage()
- func (x *BundleMask) ProtoReflect() protoreflect.Message
- func (x *BundleMask) Reset()
- func (x *BundleMask) String() string
- type Entry
- func (*Entry) Descriptor() ([]byte, []int)deprecated
- func (x *Entry) GetAdmin() bool
- func (x *Entry) GetDnsNames() []string
- func (x *Entry) GetDownstream() bool
- func (x *Entry) GetExpiresAt() int64
- func (x *Entry) GetFederatesWith() []string
- func (x *Entry) GetId() string
- func (x *Entry) GetParentId() *SPIFFEID
- func (x *Entry) GetRevisionNumber() int64
- func (x *Entry) GetSelectors() []*Selector
- func (x *Entry) GetSpiffeId() *SPIFFEID
- func (x *Entry) GetTtl() int32
- func (*Entry) ProtoMessage()
- func (x *Entry) ProtoReflect() protoreflect.Message
- func (x *Entry) Reset()
- func (x *Entry) String() string
- type EntryMask
- func (*EntryMask) Descriptor() ([]byte, []int)deprecated
- func (x *EntryMask) GetAdmin() bool
- func (x *EntryMask) GetDnsNames() bool
- func (x *EntryMask) GetDownstream() bool
- func (x *EntryMask) GetExpiresAt() bool
- func (x *EntryMask) GetFederatesWith() bool
- func (x *EntryMask) GetParentId() bool
- func (x *EntryMask) GetRevisionNumber() bool
- func (x *EntryMask) GetSelectors() bool
- func (x *EntryMask) GetSpiffeId() bool
- func (x *EntryMask) GetTtl() bool
- func (*EntryMask) ProtoMessage()
- func (x *EntryMask) ProtoReflect() protoreflect.Message
- func (x *EntryMask) Reset()
- func (x *EntryMask) String() string
- type FederatesWithMatch
- func (*FederatesWithMatch) Descriptor() ([]byte, []int)deprecated
- func (x *FederatesWithMatch) GetMatch() FederatesWithMatch_MatchBehavior
- func (x *FederatesWithMatch) GetTrustDomains() []string
- func (*FederatesWithMatch) ProtoMessage()
- func (x *FederatesWithMatch) ProtoReflect() protoreflect.Message
- func (x *FederatesWithMatch) Reset()
- func (x *FederatesWithMatch) String() string
- type FederatesWithMatch_MatchBehavior
- func (FederatesWithMatch_MatchBehavior) Descriptor() protoreflect.EnumDescriptor
- func (x FederatesWithMatch_MatchBehavior) Enum() *FederatesWithMatch_MatchBehavior
- func (FederatesWithMatch_MatchBehavior) EnumDescriptor() ([]byte, []int)deprecated
- func (x FederatesWithMatch_MatchBehavior) Number() protoreflect.EnumNumber
- func (x FederatesWithMatch_MatchBehavior) String() string
- func (FederatesWithMatch_MatchBehavior) Type() protoreflect.EnumType
- type JWTKey
- func (*JWTKey) Descriptor() ([]byte, []int)deprecated
- func (x *JWTKey) GetExpiresAt() int64
- func (x *JWTKey) GetKeyId() string
- func (x *JWTKey) GetPublicKey() []byte
- func (*JWTKey) ProtoMessage()
- func (x *JWTKey) ProtoReflect() protoreflect.Message
- func (x *JWTKey) Reset()
- func (x *JWTKey) String() string
- type JWTSVID
- func (*JWTSVID) Descriptor() ([]byte, []int)deprecated
- func (x *JWTSVID) GetExpiresAt() int64
- func (x *JWTSVID) GetId() *SPIFFEID
- func (x *JWTSVID) GetIssuedAt() int64
- func (x *JWTSVID) GetToken() string
- func (*JWTSVID) ProtoMessage()
- func (x *JWTSVID) ProtoReflect() protoreflect.Message
- func (x *JWTSVID) Reset()
- func (x *JWTSVID) String() string
- type JoinToken
- type PermissionDeniedDetails
- func (*PermissionDeniedDetails) Descriptor() ([]byte, []int)deprecated
- func (x *PermissionDeniedDetails) GetReason() PermissionDeniedDetails_Reason
- func (*PermissionDeniedDetails) ProtoMessage()
- func (x *PermissionDeniedDetails) ProtoReflect() protoreflect.Message
- func (x *PermissionDeniedDetails) Reset()
- func (x *PermissionDeniedDetails) String() string
- type PermissionDeniedDetails_Reason
- func (PermissionDeniedDetails_Reason) Descriptor() protoreflect.EnumDescriptor
- func (x PermissionDeniedDetails_Reason) Enum() *PermissionDeniedDetails_Reason
- func (PermissionDeniedDetails_Reason) EnumDescriptor() ([]byte, []int)deprecated
- func (x PermissionDeniedDetails_Reason) Number() protoreflect.EnumNumber
- func (x PermissionDeniedDetails_Reason) String() string
- func (PermissionDeniedDetails_Reason) Type() protoreflect.EnumType
- type SPIFFEID
- type Selector
- type SelectorMatch
- func (*SelectorMatch) Descriptor() ([]byte, []int)deprecated
- func (x *SelectorMatch) GetMatch() SelectorMatch_MatchBehavior
- func (x *SelectorMatch) GetSelectors() []*Selector
- func (*SelectorMatch) ProtoMessage()
- func (x *SelectorMatch) ProtoReflect() protoreflect.Message
- func (x *SelectorMatch) Reset()
- func (x *SelectorMatch) String() string
- type SelectorMatch_MatchBehavior
- func (SelectorMatch_MatchBehavior) Descriptor() protoreflect.EnumDescriptor
- func (x SelectorMatch_MatchBehavior) Enum() *SelectorMatch_MatchBehavior
- func (SelectorMatch_MatchBehavior) EnumDescriptor() ([]byte, []int)deprecated
- func (x SelectorMatch_MatchBehavior) Number() protoreflect.EnumNumber
- func (x SelectorMatch_MatchBehavior) String() string
- func (SelectorMatch_MatchBehavior) Type() protoreflect.EnumType
- type Status
- type X509Certificate
- type X509SVID
- func (*X509SVID) Descriptor() ([]byte, []int)deprecated
- func (x *X509SVID) GetCertChain() [][]byte
- func (x *X509SVID) GetExpiresAt() int64
- func (x *X509SVID) GetId() *SPIFFEID
- func (*X509SVID) ProtoMessage()
- func (x *X509SVID) ProtoReflect() protoreflect.Message
- func (x *X509SVID) Reset()
- func (x *X509SVID) String() string
Constants ¶
This section is empty.
Variables ¶
var ( FederatesWithMatch_MatchBehavior_name = map[int32]string{ 0: "MATCH_EXACT", 1: "MATCH_SUBSET", } FederatesWithMatch_MatchBehavior_value = map[string]int32{ "MATCH_EXACT": 0, "MATCH_SUBSET": 1, } )
Enum value maps for FederatesWithMatch_MatchBehavior.
var ( SelectorMatch_MatchBehavior_name = map[int32]string{ 0: "MATCH_EXACT", 1: "MATCH_SUBSET", } SelectorMatch_MatchBehavior_value = map[string]int32{ "MATCH_EXACT": 0, "MATCH_SUBSET": 1, } )
Enum value maps for SelectorMatch_MatchBehavior.
var ( PermissionDeniedDetails_Reason_name = map[int32]string{ 0: "UNKNOWN", 1: "AGENT_EXPIRED", 2: "AGENT_NOT_ATTESTED", 3: "AGENT_NOT_ACTIVE", 4: "AGENT_BANNED", } PermissionDeniedDetails_Reason_value = map[string]int32{ "UNKNOWN": 0, "AGENT_EXPIRED": 1, "AGENT_NOT_ATTESTED": 2, "AGENT_NOT_ACTIVE": 3, "AGENT_BANNED": 4, } )
Enum value maps for PermissionDeniedDetails_Reason.
var File_spire_api_types_agent_proto protoreflect.FileDescriptor
var File_spire_api_types_attestation_proto protoreflect.FileDescriptor
var File_spire_api_types_bundle_proto protoreflect.FileDescriptor
var File_spire_api_types_entry_proto protoreflect.FileDescriptor
var File_spire_api_types_federateswith_proto protoreflect.FileDescriptor
var File_spire_api_types_jointoken_proto protoreflect.FileDescriptor
var File_spire_api_types_jwtsvid_proto protoreflect.FileDescriptor
var File_spire_api_types_selector_proto protoreflect.FileDescriptor
var File_spire_api_types_spiffeid_proto protoreflect.FileDescriptor
var File_spire_api_types_status_proto protoreflect.FileDescriptor
var File_spire_api_types_x509svid_proto protoreflect.FileDescriptor
Functions ¶
This section is empty.
Types ¶
type Agent ¶
type Agent struct { // Output only. SPIFFE ID of the agent. Id *SPIFFEID `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` // Output only. The method by which the agent attested. AttestationType string `protobuf:"bytes,2,opt,name=attestation_type,json=attestationType,proto3" json:"attestation_type,omitempty"` // Output only. The X509-SVID serial number. X509SvidSerialNumber string `protobuf:"bytes,3,opt,name=x509svid_serial_number,json=x509svidSerialNumber,proto3" json:"x509svid_serial_number,omitempty"` // Output only. The X509-SVID expiration (seconds since Unix epoch). X509SvidExpiresAt int64 `protobuf:"varint,4,opt,name=x509svid_expires_at,json=x509svidExpiresAt,proto3" json:"x509svid_expires_at,omitempty"` // Output only. The selectors attributed to the agent during attestation. Selectors []*Selector `protobuf:"bytes,5,rep,name=selectors,proto3" json:"selectors,omitempty"` // Output only. Whether or not the agent is banned. Banned bool `protobuf:"varint,6,opt,name=banned,proto3" json:"banned,omitempty"` // contains filtered or unexported fields }
func (*Agent) Descriptor
deprecated
func (*Agent) GetAttestationType ¶
func (*Agent) GetSelectors ¶
func (*Agent) GetX509SvidExpiresAt ¶
func (*Agent) GetX509SvidSerialNumber ¶
func (*Agent) ProtoMessage ¶
func (*Agent) ProtoMessage()
func (*Agent) ProtoReflect ¶
func (x *Agent) ProtoReflect() protoreflect.Message
type AgentMask ¶
type AgentMask struct { // attestation_type field mask AttestationType bool `protobuf:"varint,2,opt,name=attestation_type,json=attestationType,proto3" json:"attestation_type,omitempty"` // x509svid_serial_number field mask X509SvidSerialNumber bool `protobuf:"varint,3,opt,name=x509svid_serial_number,json=x509svidSerialNumber,proto3" json:"x509svid_serial_number,omitempty"` // x509svid_expires_at field mask X509SvidExpiresAt bool `protobuf:"varint,4,opt,name=x509svid_expires_at,json=x509svidExpiresAt,proto3" json:"x509svid_expires_at,omitempty"` // selectors field mask Selectors bool `protobuf:"varint,5,opt,name=selectors,proto3" json:"selectors,omitempty"` // banned field mask Banned bool `protobuf:"varint,6,opt,name=banned,proto3" json:"banned,omitempty"` // contains filtered or unexported fields }
func (*AgentMask) Descriptor
deprecated
func (*AgentMask) GetAttestationType ¶
func (*AgentMask) GetSelectors ¶
func (*AgentMask) GetX509SvidExpiresAt ¶
func (*AgentMask) GetX509SvidSerialNumber ¶
func (*AgentMask) ProtoMessage ¶
func (*AgentMask) ProtoMessage()
func (*AgentMask) ProtoReflect ¶
func (x *AgentMask) ProtoReflect() protoreflect.Message
type AttestationData ¶
type AttestationData struct { // The type of attestation data. This is typically the name of the plugin // that produced that data. Type string `protobuf:"bytes,1,opt,name=type,proto3" json:"type,omitempty"` // The attestation data payload. Payload []byte `protobuf:"bytes,2,opt,name=payload,proto3" json:"payload,omitempty"` // contains filtered or unexported fields }
func (*AttestationData) Descriptor
deprecated
func (*AttestationData) Descriptor() ([]byte, []int)
Deprecated: Use AttestationData.ProtoReflect.Descriptor instead.
func (*AttestationData) GetPayload ¶
func (x *AttestationData) GetPayload() []byte
func (*AttestationData) GetType ¶
func (x *AttestationData) GetType() string
func (*AttestationData) ProtoMessage ¶
func (*AttestationData) ProtoMessage()
func (*AttestationData) ProtoReflect ¶
func (x *AttestationData) ProtoReflect() protoreflect.Message
func (*AttestationData) Reset ¶
func (x *AttestationData) Reset()
func (*AttestationData) String ¶
func (x *AttestationData) String() string
type Bundle ¶
type Bundle struct { // The name of the trust domain the bundle belongs to (e.g., "example.org"). TrustDomain string `protobuf:"bytes,1,opt,name=trust_domain,json=trustDomain,proto3" json:"trust_domain,omitempty"` // X.509 authorities for authenticating X509-SVIDs. X509Authorities []*X509Certificate `protobuf:"bytes,2,rep,name=x509_authorities,json=x509Authorities,proto3" json:"x509_authorities,omitempty"` // JWT authorities for authenticating JWT-SVIDs. JwtAuthorities []*JWTKey `protobuf:"bytes,3,rep,name=jwt_authorities,json=jwtAuthorities,proto3" json:"jwt_authorities,omitempty"` // A hint on how often the bundle should be refreshed from the bundle // provider, in seconds. Can be zero (meaning no hint available). RefreshHint int64 `protobuf:"varint,4,opt,name=refresh_hint,json=refreshHint,proto3" json:"refresh_hint,omitempty"` // The sequence number of the bundle. SequenceNumber uint64 `protobuf:"varint,5,opt,name=sequence_number,json=sequenceNumber,proto3" json:"sequence_number,omitempty"` // contains filtered or unexported fields }
func (*Bundle) Descriptor
deprecated
func (*Bundle) GetJwtAuthorities ¶
func (*Bundle) GetRefreshHint ¶
func (*Bundle) GetSequenceNumber ¶
func (*Bundle) GetTrustDomain ¶
func (*Bundle) GetX509Authorities ¶
func (x *Bundle) GetX509Authorities() []*X509Certificate
func (*Bundle) ProtoMessage ¶
func (*Bundle) ProtoMessage()
func (*Bundle) ProtoReflect ¶
func (x *Bundle) ProtoReflect() protoreflect.Message
type BundleMask ¶
type BundleMask struct { // x509_authorities field mask. X509Authorities bool `protobuf:"varint,2,opt,name=x509_authorities,json=x509Authorities,proto3" json:"x509_authorities,omitempty"` // jwt_authorities field mask. JwtAuthorities bool `protobuf:"varint,3,opt,name=jwt_authorities,json=jwtAuthorities,proto3" json:"jwt_authorities,omitempty"` // refresh_hint field mask. RefreshHint bool `protobuf:"varint,4,opt,name=refresh_hint,json=refreshHint,proto3" json:"refresh_hint,omitempty"` // sequence_number field mask. SequenceNumber bool `protobuf:"varint,5,opt,name=sequence_number,json=sequenceNumber,proto3" json:"sequence_number,omitempty"` // contains filtered or unexported fields }
func (*BundleMask) Descriptor
deprecated
func (*BundleMask) Descriptor() ([]byte, []int)
Deprecated: Use BundleMask.ProtoReflect.Descriptor instead.
func (*BundleMask) GetJwtAuthorities ¶
func (x *BundleMask) GetJwtAuthorities() bool
func (*BundleMask) GetRefreshHint ¶
func (x *BundleMask) GetRefreshHint() bool
func (*BundleMask) GetSequenceNumber ¶
func (x *BundleMask) GetSequenceNumber() bool
func (*BundleMask) GetX509Authorities ¶
func (x *BundleMask) GetX509Authorities() bool
func (*BundleMask) ProtoMessage ¶
func (*BundleMask) ProtoMessage()
func (*BundleMask) ProtoReflect ¶
func (x *BundleMask) ProtoReflect() protoreflect.Message
func (*BundleMask) Reset ¶
func (x *BundleMask) Reset()
func (*BundleMask) String ¶
func (x *BundleMask) String() string
type Entry ¶
type Entry struct { // Globally unique ID for the entry. Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` // The SPIFFE ID of the identity described by this entry. SpiffeId *SPIFFEID `protobuf:"bytes,2,opt,name=spiffe_id,json=spiffeId,proto3" json:"spiffe_id,omitempty"` // Who the entry is delegated to. If the entry describes a node, this is // set to the SPIFFE ID of the SPIRE server of the trust domain (e.g. // spiffe://example.org/spire/server). Otherwise, it will be set to a node // SPIFFE ID. ParentId *SPIFFEID `protobuf:"bytes,3,opt,name=parent_id,json=parentId,proto3" json:"parent_id,omitempty"` // The selectors which identify which entities match this entry. If this is // an entry for a node, these selectors represent selectors produced by // node attestation. Otherwise, these selectors represent those produced by // workload attestation. Selectors []*Selector `protobuf:"bytes,4,rep,name=selectors,proto3" json:"selectors,omitempty"` // The time to live for identities issued for this entry (in seconds). Ttl int32 `protobuf:"varint,5,opt,name=ttl,proto3" json:"ttl,omitempty"` // The names of trust domains the identity described by this entry // federates with. FederatesWith []string `protobuf:"bytes,6,rep,name=federates_with,json=federatesWith,proto3" json:"federates_with,omitempty"` // Whether or not the identity described by this entry is an administrative // workload. Administrative workloads are granted additional access to // various managerial server APIs, such as entry registration. Admin bool `protobuf:"varint,7,opt,name=admin,proto3" json:"admin,omitempty"` // Whether or not the identity described by this entry represents a // downstream SPIRE server. Downstream SPIRE servers have additional access // to various signing APIs, such as those used to sign X.509 CA // certificates and publish JWT signing keys. Downstream bool `protobuf:"varint,8,opt,name=downstream,proto3" json:"downstream,omitempty"` // When the entry expires (seconds since Unix epoch). ExpiresAt int64 `protobuf:"varint,9,opt,name=expires_at,json=expiresAt,proto3" json:"expires_at,omitempty"` // A list of DNS names associated with the identity described by this entry. DnsNames []string `protobuf:"bytes,10,rep,name=dns_names,json=dnsNames,proto3" json:"dns_names,omitempty"` // Revision number is bumped every time the entry is updated RevisionNumber int64 `protobuf:"varint,11,opt,name=revision_number,json=revisionNumber,proto3" json:"revision_number,omitempty"` // contains filtered or unexported fields }
func (*Entry) Descriptor
deprecated
func (*Entry) GetDnsNames ¶
func (*Entry) GetDownstream ¶
func (*Entry) GetExpiresAt ¶
func (*Entry) GetFederatesWith ¶
func (*Entry) GetParentId ¶
func (*Entry) GetRevisionNumber ¶
func (*Entry) GetSelectors ¶
func (*Entry) GetSpiffeId ¶
func (*Entry) ProtoMessage ¶
func (*Entry) ProtoMessage()
func (*Entry) ProtoReflect ¶
func (x *Entry) ProtoReflect() protoreflect.Message
type EntryMask ¶
type EntryMask struct { // spiffe_id field mask SpiffeId bool `protobuf:"varint,2,opt,name=spiffe_id,json=spiffeId,proto3" json:"spiffe_id,omitempty"` // parent_id field mask ParentId bool `protobuf:"varint,3,opt,name=parent_id,json=parentId,proto3" json:"parent_id,omitempty"` // selectors field mask Selectors bool `protobuf:"varint,4,opt,name=selectors,proto3" json:"selectors,omitempty"` // ttl field mask Ttl bool `protobuf:"varint,5,opt,name=ttl,proto3" json:"ttl,omitempty"` // federates_with field mask FederatesWith bool `protobuf:"varint,6,opt,name=federates_with,json=federatesWith,proto3" json:"federates_with,omitempty"` // admin field mask Admin bool `protobuf:"varint,7,opt,name=admin,proto3" json:"admin,omitempty"` // downstream field mask Downstream bool `protobuf:"varint,8,opt,name=downstream,proto3" json:"downstream,omitempty"` // expires_at field mask ExpiresAt bool `protobuf:"varint,9,opt,name=expires_at,json=expiresAt,proto3" json:"expires_at,omitempty"` // dns_names field mask DnsNames bool `protobuf:"varint,10,opt,name=dns_names,json=dnsNames,proto3" json:"dns_names,omitempty"` // revision_number field mask RevisionNumber bool `protobuf:"varint,11,opt,name=revision_number,json=revisionNumber,proto3" json:"revision_number,omitempty"` // contains filtered or unexported fields }
Field mask for Entry fields
func (*EntryMask) Descriptor
deprecated
func (*EntryMask) GetDnsNames ¶
func (*EntryMask) GetDownstream ¶
func (*EntryMask) GetExpiresAt ¶
func (*EntryMask) GetFederatesWith ¶
func (*EntryMask) GetParentId ¶
func (*EntryMask) GetRevisionNumber ¶
func (*EntryMask) GetSelectors ¶
func (*EntryMask) GetSpiffeId ¶
func (*EntryMask) ProtoMessage ¶
func (*EntryMask) ProtoMessage()
func (*EntryMask) ProtoReflect ¶
func (x *EntryMask) ProtoReflect() protoreflect.Message
type FederatesWithMatch ¶
type FederatesWithMatch struct { // The set of trust domain names to match on (e.g., "example.org"). TrustDomains []string `protobuf:"bytes,1,rep,name=trust_domains,json=trustDomains,proto3" json:"trust_domains,omitempty"` // How to match the trust domains. Match FederatesWithMatch_MatchBehavior `protobuf:"varint,2,opt,name=match,proto3,enum=spire.api.types.FederatesWithMatch_MatchBehavior" json:"match,omitempty"` // contains filtered or unexported fields }
func (*FederatesWithMatch) Descriptor
deprecated
func (*FederatesWithMatch) Descriptor() ([]byte, []int)
Deprecated: Use FederatesWithMatch.ProtoReflect.Descriptor instead.
func (*FederatesWithMatch) GetMatch ¶
func (x *FederatesWithMatch) GetMatch() FederatesWithMatch_MatchBehavior
func (*FederatesWithMatch) GetTrustDomains ¶
func (x *FederatesWithMatch) GetTrustDomains() []string
func (*FederatesWithMatch) ProtoMessage ¶
func (*FederatesWithMatch) ProtoMessage()
func (*FederatesWithMatch) ProtoReflect ¶
func (x *FederatesWithMatch) ProtoReflect() protoreflect.Message
func (*FederatesWithMatch) Reset ¶
func (x *FederatesWithMatch) Reset()
func (*FederatesWithMatch) String ¶
func (x *FederatesWithMatch) String() string
type FederatesWithMatch_MatchBehavior ¶
type FederatesWithMatch_MatchBehavior int32
const ( // Indicates that the federated trust domains in this match are // equal to the candidate trust domains, independent of ordering. FederatesWithMatch_MATCH_EXACT FederatesWithMatch_MatchBehavior = 0 // Indicates that all candidates which have a non-empty subset // of the provided set of trust domains will match. FederatesWithMatch_MATCH_SUBSET FederatesWithMatch_MatchBehavior = 1 )
func (FederatesWithMatch_MatchBehavior) Descriptor ¶
func (FederatesWithMatch_MatchBehavior) Descriptor() protoreflect.EnumDescriptor
func (FederatesWithMatch_MatchBehavior) Enum ¶
func (x FederatesWithMatch_MatchBehavior) Enum() *FederatesWithMatch_MatchBehavior
func (FederatesWithMatch_MatchBehavior) EnumDescriptor
deprecated
func (FederatesWithMatch_MatchBehavior) EnumDescriptor() ([]byte, []int)
Deprecated: Use FederatesWithMatch_MatchBehavior.Descriptor instead.
func (FederatesWithMatch_MatchBehavior) Number ¶
func (x FederatesWithMatch_MatchBehavior) Number() protoreflect.EnumNumber
func (FederatesWithMatch_MatchBehavior) String ¶
func (x FederatesWithMatch_MatchBehavior) String() string
func (FederatesWithMatch_MatchBehavior) Type ¶
func (FederatesWithMatch_MatchBehavior) Type() protoreflect.EnumType
type JWTKey ¶
type JWTKey struct { // The PKIX encoded public key. PublicKey []byte `protobuf:"bytes,1,opt,name=public_key,json=publicKey,proto3" json:"public_key,omitempty"` // The key identifier. KeyId string `protobuf:"bytes,2,opt,name=key_id,json=keyId,proto3" json:"key_id,omitempty"` // When the key expires (seconds since Unix epoch). If zero, the key does // not expire. ExpiresAt int64 `protobuf:"varint,3,opt,name=expires_at,json=expiresAt,proto3" json:"expires_at,omitempty"` // contains filtered or unexported fields }
func (*JWTKey) Descriptor
deprecated
func (*JWTKey) GetExpiresAt ¶
func (*JWTKey) GetPublicKey ¶
func (*JWTKey) ProtoMessage ¶
func (*JWTKey) ProtoMessage()
func (*JWTKey) ProtoReflect ¶
func (x *JWTKey) ProtoReflect() protoreflect.Message
type JWTSVID ¶
type JWTSVID struct { // The serialized JWT token. Token string `protobuf:"bytes,1,opt,name=token,proto3" json:"token,omitempty"` // The SPIFFE ID of the JWT-SVID. Id *SPIFFEID `protobuf:"bytes,2,opt,name=id,proto3" json:"id,omitempty"` // Expiration timestamp (seconds since Unix epoch). ExpiresAt int64 `protobuf:"varint,3,opt,name=expires_at,json=expiresAt,proto3" json:"expires_at,omitempty"` // Issuance timestamp (seconds since Unix epoch). IssuedAt int64 `protobuf:"varint,4,opt,name=issued_at,json=issuedAt,proto3" json:"issued_at,omitempty"` // contains filtered or unexported fields }
JWT SPIFFE Verifiable Identity Document. It contains the raw JWT token as well as a few denormalized fields for convenience.
func (*JWTSVID) Descriptor
deprecated
func (*JWTSVID) GetExpiresAt ¶
func (*JWTSVID) GetIssuedAt ¶
func (*JWTSVID) ProtoMessage ¶
func (*JWTSVID) ProtoMessage()
func (*JWTSVID) ProtoReflect ¶
func (x *JWTSVID) ProtoReflect() protoreflect.Message
type JoinToken ¶
type JoinToken struct { // The value of the token. Value string `protobuf:"bytes,1,opt,name=value,proto3" json:"value,omitempty"` // The token expiration (seconds since Unix epoch). ExpiresAt int64 `protobuf:"varint,2,opt,name=expires_at,json=expiresAt,proto3" json:"expires_at,omitempty"` // contains filtered or unexported fields }
func (*JoinToken) Descriptor
deprecated
func (*JoinToken) GetExpiresAt ¶
func (*JoinToken) ProtoMessage ¶
func (*JoinToken) ProtoMessage()
func (*JoinToken) ProtoReflect ¶
func (x *JoinToken) ProtoReflect() protoreflect.Message
type PermissionDeniedDetails ¶
type PermissionDeniedDetails struct { Reason PermissionDeniedDetails_Reason `protobuf:"varint,1,opt,name=reason,proto3,enum=spire.api.types.PermissionDeniedDetails_Reason" json:"reason,omitempty"` // contains filtered or unexported fields }
func (*PermissionDeniedDetails) Descriptor
deprecated
func (*PermissionDeniedDetails) Descriptor() ([]byte, []int)
Deprecated: Use PermissionDeniedDetails.ProtoReflect.Descriptor instead.
func (*PermissionDeniedDetails) GetReason ¶
func (x *PermissionDeniedDetails) GetReason() PermissionDeniedDetails_Reason
func (*PermissionDeniedDetails) ProtoMessage ¶
func (*PermissionDeniedDetails) ProtoMessage()
func (*PermissionDeniedDetails) ProtoReflect ¶
func (x *PermissionDeniedDetails) ProtoReflect() protoreflect.Message
func (*PermissionDeniedDetails) Reset ¶
func (x *PermissionDeniedDetails) Reset()
func (*PermissionDeniedDetails) String ¶
func (x *PermissionDeniedDetails) String() string
type PermissionDeniedDetails_Reason ¶
type PermissionDeniedDetails_Reason int32
const ( // Reason unknown. PermissionDeniedDetails_UNKNOWN PermissionDeniedDetails_Reason = 0 // Agent identity has expired. PermissionDeniedDetails_AGENT_EXPIRED PermissionDeniedDetails_Reason = 1 // Identity is not an attested agent. PermissionDeniedDetails_AGENT_NOT_ATTESTED PermissionDeniedDetails_Reason = 2 // Identity is not the active agent identity. PermissionDeniedDetails_AGENT_NOT_ACTIVE PermissionDeniedDetails_Reason = 3 // Agent has been banned. PermissionDeniedDetails_AGENT_BANNED PermissionDeniedDetails_Reason = 4 )
func (PermissionDeniedDetails_Reason) Descriptor ¶
func (PermissionDeniedDetails_Reason) Descriptor() protoreflect.EnumDescriptor
func (PermissionDeniedDetails_Reason) Enum ¶
func (x PermissionDeniedDetails_Reason) Enum() *PermissionDeniedDetails_Reason
func (PermissionDeniedDetails_Reason) EnumDescriptor
deprecated
func (PermissionDeniedDetails_Reason) EnumDescriptor() ([]byte, []int)
Deprecated: Use PermissionDeniedDetails_Reason.Descriptor instead.
func (PermissionDeniedDetails_Reason) Number ¶
func (x PermissionDeniedDetails_Reason) Number() protoreflect.EnumNumber
func (PermissionDeniedDetails_Reason) String ¶
func (x PermissionDeniedDetails_Reason) String() string
func (PermissionDeniedDetails_Reason) Type ¶
func (PermissionDeniedDetails_Reason) Type() protoreflect.EnumType
type SPIFFEID ¶
type SPIFFEID struct { // Trust domain portion the SPIFFE ID (e.g. "example.org") TrustDomain string `protobuf:"bytes,1,opt,name=trust_domain,json=trustDomain,proto3" json:"trust_domain,omitempty"` // The path component of the SPIFFE ID (e.g. "/foo/bar/baz"). The path // SHOULD have a leading slash. Consumers MUST normalize the path before // making any sort of comparison between IDs. Path string `protobuf:"bytes,2,opt,name=path,proto3" json:"path,omitempty"` // contains filtered or unexported fields }
A SPIFFE ID, consisting of the trust domain name and a path portions of the SPIFFE ID URI.
func (*SPIFFEID) Descriptor
deprecated
func (*SPIFFEID) GetTrustDomain ¶
func (*SPIFFEID) ProtoMessage ¶
func (*SPIFFEID) ProtoMessage()
func (*SPIFFEID) ProtoReflect ¶
func (x *SPIFFEID) ProtoReflect() protoreflect.Message
type Selector ¶
type Selector struct { // The type of the selector. This is typically the name of the plugin that // produces the selector. Type string `protobuf:"bytes,1,opt,name=type,proto3" json:"type,omitempty"` // The value of the selector. Value string `protobuf:"bytes,2,opt,name=value,proto3" json:"value,omitempty"` // contains filtered or unexported fields }
func (*Selector) Descriptor
deprecated
func (*Selector) ProtoMessage ¶
func (*Selector) ProtoMessage()
func (*Selector) ProtoReflect ¶
func (x *Selector) ProtoReflect() protoreflect.Message
type SelectorMatch ¶
type SelectorMatch struct { // The set of selectors to match on. Selectors []*Selector `protobuf:"bytes,1,rep,name=selectors,proto3" json:"selectors,omitempty"` // How to match the selectors. Match SelectorMatch_MatchBehavior `protobuf:"varint,2,opt,name=match,proto3,enum=spire.api.types.SelectorMatch_MatchBehavior" json:"match,omitempty"` // contains filtered or unexported fields }
func (*SelectorMatch) Descriptor
deprecated
func (*SelectorMatch) Descriptor() ([]byte, []int)
Deprecated: Use SelectorMatch.ProtoReflect.Descriptor instead.
func (*SelectorMatch) GetMatch ¶
func (x *SelectorMatch) GetMatch() SelectorMatch_MatchBehavior
func (*SelectorMatch) GetSelectors ¶
func (x *SelectorMatch) GetSelectors() []*Selector
func (*SelectorMatch) ProtoMessage ¶
func (*SelectorMatch) ProtoMessage()
func (*SelectorMatch) ProtoReflect ¶
func (x *SelectorMatch) ProtoReflect() protoreflect.Message
func (*SelectorMatch) Reset ¶
func (x *SelectorMatch) Reset()
func (*SelectorMatch) String ¶
func (x *SelectorMatch) String() string
type SelectorMatch_MatchBehavior ¶
type SelectorMatch_MatchBehavior int32
const ( // Indicates that the selectors in this match are equal to the // candidate selectors, independent of ordering. SelectorMatch_MATCH_EXACT SelectorMatch_MatchBehavior = 0 // Indicates that the selectors in this match are a subset of the // candidate selectors. SelectorMatch_MATCH_SUBSET SelectorMatch_MatchBehavior = 1 )
func (SelectorMatch_MatchBehavior) Descriptor ¶
func (SelectorMatch_MatchBehavior) Descriptor() protoreflect.EnumDescriptor
func (SelectorMatch_MatchBehavior) Enum ¶
func (x SelectorMatch_MatchBehavior) Enum() *SelectorMatch_MatchBehavior
func (SelectorMatch_MatchBehavior) EnumDescriptor
deprecated
func (SelectorMatch_MatchBehavior) EnumDescriptor() ([]byte, []int)
Deprecated: Use SelectorMatch_MatchBehavior.Descriptor instead.
func (SelectorMatch_MatchBehavior) Number ¶
func (x SelectorMatch_MatchBehavior) Number() protoreflect.EnumNumber
func (SelectorMatch_MatchBehavior) String ¶
func (x SelectorMatch_MatchBehavior) String() string
func (SelectorMatch_MatchBehavior) Type ¶
func (SelectorMatch_MatchBehavior) Type() protoreflect.EnumType
type Status ¶
type Status struct { // A status code, which should be an enum value of google.rpc.Code. Code int32 `protobuf:"varint,1,opt,name=code,proto3" json:"code,omitempty"` // A developer-facing error message. Message string `protobuf:"bytes,2,opt,name=message,proto3" json:"message,omitempty"` // contains filtered or unexported fields }
func (*Status) Descriptor
deprecated
func (*Status) GetMessage ¶
func (*Status) ProtoMessage ¶
func (*Status) ProtoMessage()
func (*Status) ProtoReflect ¶
func (x *Status) ProtoReflect() protoreflect.Message
type X509Certificate ¶
type X509Certificate struct { // The ASN.1 DER encoded bytes of the X.509 certificate. Asn1 []byte `protobuf:"bytes,1,opt,name=asn1,proto3" json:"asn1,omitempty"` // contains filtered or unexported fields }
func (*X509Certificate) Descriptor
deprecated
func (*X509Certificate) Descriptor() ([]byte, []int)
Deprecated: Use X509Certificate.ProtoReflect.Descriptor instead.
func (*X509Certificate) GetAsn1 ¶
func (x *X509Certificate) GetAsn1() []byte
func (*X509Certificate) ProtoMessage ¶
func (*X509Certificate) ProtoMessage()
func (*X509Certificate) ProtoReflect ¶
func (x *X509Certificate) ProtoReflect() protoreflect.Message
func (*X509Certificate) Reset ¶
func (x *X509Certificate) Reset()
func (*X509Certificate) String ¶
func (x *X509Certificate) String() string
type X509SVID ¶
type X509SVID struct { // Certificate and intermediates required to form a chain of trust back to // the X.509 authorities of the trust domain (ASN.1 DER encoded). CertChain [][]byte `protobuf:"bytes,1,rep,name=cert_chain,json=certChain,proto3" json:"cert_chain,omitempty"` // SPIFFE ID of the SVID. Id *SPIFFEID `protobuf:"bytes,2,opt,name=id,proto3" json:"id,omitempty"` // Expiration timestamp (seconds since Unix epoch). ExpiresAt int64 `protobuf:"varint,3,opt,name=expires_at,json=expiresAt,proto3" json:"expires_at,omitempty"` // contains filtered or unexported fields }
X.509 SPIFFE Verifiable Identity Document. It contains the raw X.509 certificate data as well as a few denormalized fields for convenience.
func (*X509SVID) Descriptor
deprecated
func (*X509SVID) GetCertChain ¶
func (*X509SVID) GetExpiresAt ¶
func (*X509SVID) ProtoMessage ¶
func (*X509SVID) ProtoMessage()
func (*X509SVID) ProtoReflect ¶
func (x *X509SVID) ProtoReflect() protoreflect.Message