security

package
v0.0.0-...-99f0945 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 13, 2025 License: Apache-2.0 Imports: 7 Imported by: 0

Documentation

Overview

Code generated by protoc-gen-jsonshim. DO NOT EDIT.

Index

Constants

This section is empty.

Variables

View Source
var (
	Scope_name = map[int32]string{
		0: "GLOBAL",
		1: "NAMESPACE",
		2: "WORKLOAD_SELECTOR",
	}
	Scope_value = map[string]int32{
		"GLOBAL":            0,
		"NAMESPACE":         1,
		"WORKLOAD_SELECTOR": 2,
	}
)

Enum value maps for Scope.

View Source
var (
	Action_name = map[int32]string{
		0: "ALLOW",
		1: "DENY",
	}
	Action_value = map[string]int32{
		"ALLOW": 0,
		"DENY":  1,
	}
)

Enum value maps for Action.

View Source
var (
	AuthorizationMarshaler   = &jsonpb.Marshaler{}
	AuthorizationUnmarshaler = &jsonpb.Unmarshaler{AllowUnknownFields: true}
)
View Source
var File_workloadapi_security_authorization_proto protoreflect.FileDescriptor

Functions

This section is empty.

Types

type Action

type Action int32
const (
	// Allow the request if it matches with the rules.
	Action_ALLOW Action = 0
	// Deny the request if it matches with the rules.
	Action_DENY Action = 1
)

func (Action) Descriptor

func (Action) Descriptor() protoreflect.EnumDescriptor

func (Action) Enum

func (x Action) Enum() *Action

func (Action) EnumDescriptor deprecated

func (Action) EnumDescriptor() ([]byte, []int)

Deprecated: Use Action.Descriptor instead.

func (Action) Number

func (x Action) Number() protoreflect.EnumNumber

func (Action) String

func (x Action) String() string

func (Action) Type

func (Action) Type() protoreflect.EnumType

type Address

type Address struct {
	Address []byte `protobuf:"bytes,1,opt,name=address,proto3" json:"address,omitempty"`
	Length  uint32 `protobuf:"varint,2,opt,name=length,proto3" json:"length,omitempty"`
	// contains filtered or unexported fields
}

func (*Address) Descriptor deprecated

func (*Address) Descriptor() ([]byte, []int)

Deprecated: Use Address.ProtoReflect.Descriptor instead.

func (*Address) GetAddress

func (x *Address) GetAddress() []byte

func (*Address) GetLength

func (x *Address) GetLength() uint32

func (*Address) MarshalJSON

func (this *Address) MarshalJSON() ([]byte, error)

MarshalJSON is a custom marshaler for Address

func (*Address) ProtoMessage

func (*Address) ProtoMessage()

func (*Address) ProtoReflect

func (x *Address) ProtoReflect() protoreflect.Message

func (*Address) Reset

func (x *Address) Reset()

func (*Address) String

func (x *Address) String() string

func (*Address) UnmarshalJSON

func (this *Address) UnmarshalJSON(b []byte) error

UnmarshalJSON is a custom unmarshaler for Address

type Authorization

type Authorization struct {
	Name      string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	Namespace string `protobuf:"bytes,2,opt,name=namespace,proto3" json:"namespace,omitempty"`
	// Determine the scope of this RBAC policy.
	// If set to NAMESPACE, the 'namespace' field value will be used.
	Scope Scope `protobuf:"varint,3,opt,name=scope,proto3,enum=istio.security.Scope" json:"scope,omitempty"`
	// The action to take if the request is matched with the rules.
	// Default is ALLOW if not specified.
	Action Action `protobuf:"varint,4,opt,name=action,proto3,enum=istio.security.Action" json:"action,omitempty"`
	// Set of RBAC policy groups each containing its rules.
	// If at least one of the groups is matched the policy action will
	// take place.
	// Groups are OR-ed.
	Groups []*Group `protobuf:"bytes,5,rep,name=groups,proto3" json:"groups,omitempty"`
	// contains filtered or unexported fields
}

func (*Authorization) Descriptor deprecated

func (*Authorization) Descriptor() ([]byte, []int)

Deprecated: Use Authorization.ProtoReflect.Descriptor instead.

func (*Authorization) GetAction

func (x *Authorization) GetAction() Action

func (*Authorization) GetGroups

func (x *Authorization) GetGroups() []*Group

func (*Authorization) GetName

func (x *Authorization) GetName() string

func (*Authorization) GetNamespace

func (x *Authorization) GetNamespace() string

func (*Authorization) GetScope

func (x *Authorization) GetScope() Scope

func (*Authorization) MarshalJSON

func (this *Authorization) MarshalJSON() ([]byte, error)

MarshalJSON is a custom marshaler for Authorization

func (*Authorization) ProtoMessage

func (*Authorization) ProtoMessage()

func (*Authorization) ProtoReflect

func (x *Authorization) ProtoReflect() protoreflect.Message

func (*Authorization) Reset

func (x *Authorization) Reset()

func (*Authorization) String

func (x *Authorization) String() string

func (*Authorization) UnmarshalJSON

func (this *Authorization) UnmarshalJSON(b []byte) error

UnmarshalJSON is a custom unmarshaler for Authorization

type Group

type Group struct {

	// Rules are AND-ed
	// This is a generic form of the authz policy's to, from and when
	Rules []*Rules `protobuf:"bytes,1,rep,name=rules,proto3" json:"rules,omitempty"`
	// contains filtered or unexported fields
}

func (*Group) Descriptor deprecated

func (*Group) Descriptor() ([]byte, []int)

Deprecated: Use Group.ProtoReflect.Descriptor instead.

func (*Group) GetRules

func (x *Group) GetRules() []*Rules

func (*Group) MarshalJSON

func (this *Group) MarshalJSON() ([]byte, error)

MarshalJSON is a custom marshaler for Group

func (*Group) ProtoMessage

func (*Group) ProtoMessage()

func (*Group) ProtoReflect

func (x *Group) ProtoReflect() protoreflect.Message

func (*Group) Reset

func (x *Group) Reset()

func (*Group) String

func (x *Group) String() string

func (*Group) UnmarshalJSON

func (this *Group) UnmarshalJSON(b []byte) error

UnmarshalJSON is a custom unmarshaler for Group

type Match

type Match struct {
	Namespaces          []*StringMatch         `protobuf:"bytes,1,rep,name=namespaces,proto3" json:"namespaces,omitempty"`
	NotNamespaces       []*StringMatch         `protobuf:"bytes,2,rep,name=not_namespaces,json=notNamespaces,proto3" json:"not_namespaces,omitempty"`
	ServiceAccounts     []*ServiceAccountMatch `protobuf:"bytes,11,rep,name=service_accounts,json=serviceAccounts,proto3" json:"service_accounts,omitempty"`
	NotServiceAccounts  []*ServiceAccountMatch `protobuf:"bytes,12,rep,name=not_service_accounts,json=notServiceAccounts,proto3" json:"not_service_accounts,omitempty"`
	Principals          []*StringMatch         `protobuf:"bytes,3,rep,name=principals,proto3" json:"principals,omitempty"`
	NotPrincipals       []*StringMatch         `protobuf:"bytes,4,rep,name=not_principals,json=notPrincipals,proto3" json:"not_principals,omitempty"`
	SourceIps           []*Address             `protobuf:"bytes,5,rep,name=source_ips,json=sourceIps,proto3" json:"source_ips,omitempty"`
	NotSourceIps        []*Address             `protobuf:"bytes,6,rep,name=not_source_ips,json=notSourceIps,proto3" json:"not_source_ips,omitempty"`
	DestinationIps      []*Address             `protobuf:"bytes,7,rep,name=destination_ips,json=destinationIps,proto3" json:"destination_ips,omitempty"`
	NotDestinationIps   []*Address             `protobuf:"bytes,8,rep,name=not_destination_ips,json=notDestinationIps,proto3" json:"not_destination_ips,omitempty"`
	DestinationPorts    []uint32               `protobuf:"varint,9,rep,packed,name=destination_ports,json=destinationPorts,proto3" json:"destination_ports,omitempty"`
	NotDestinationPorts []uint32               `` /* 129-byte string literal not displayed */
	// contains filtered or unexported fields
}

func (*Match) Descriptor deprecated

func (*Match) Descriptor() ([]byte, []int)

Deprecated: Use Match.ProtoReflect.Descriptor instead.

func (*Match) GetDestinationIps

func (x *Match) GetDestinationIps() []*Address

func (*Match) GetDestinationPorts

func (x *Match) GetDestinationPorts() []uint32

func (*Match) GetNamespaces

func (x *Match) GetNamespaces() []*StringMatch

func (*Match) GetNotDestinationIps

func (x *Match) GetNotDestinationIps() []*Address

func (*Match) GetNotDestinationPorts

func (x *Match) GetNotDestinationPorts() []uint32

func (*Match) GetNotNamespaces

func (x *Match) GetNotNamespaces() []*StringMatch

func (*Match) GetNotPrincipals

func (x *Match) GetNotPrincipals() []*StringMatch

func (*Match) GetNotServiceAccounts

func (x *Match) GetNotServiceAccounts() []*ServiceAccountMatch

func (*Match) GetNotSourceIps

func (x *Match) GetNotSourceIps() []*Address

func (*Match) GetPrincipals

func (x *Match) GetPrincipals() []*StringMatch

func (*Match) GetServiceAccounts

func (x *Match) GetServiceAccounts() []*ServiceAccountMatch

func (*Match) GetSourceIps

func (x *Match) GetSourceIps() []*Address

func (*Match) MarshalJSON

func (this *Match) MarshalJSON() ([]byte, error)

MarshalJSON is a custom marshaler for Match

func (*Match) ProtoMessage

func (*Match) ProtoMessage()

func (*Match) ProtoReflect

func (x *Match) ProtoReflect() protoreflect.Message

func (*Match) Reset

func (x *Match) Reset()

func (*Match) String

func (x *Match) String() string

func (*Match) UnmarshalJSON

func (this *Match) UnmarshalJSON(b []byte) error

UnmarshalJSON is a custom unmarshaler for Match

type Rules

type Rules struct {

	// Conditions within a rule are AND-ed (e.g. ALL conditions must be true)
	Matches []*Match `protobuf:"bytes,2,rep,name=matches,proto3" json:"matches,omitempty"`
	// contains filtered or unexported fields
}

func (*Rules) Descriptor deprecated

func (*Rules) Descriptor() ([]byte, []int)

Deprecated: Use Rules.ProtoReflect.Descriptor instead.

func (*Rules) GetMatches

func (x *Rules) GetMatches() []*Match

func (*Rules) MarshalJSON

func (this *Rules) MarshalJSON() ([]byte, error)

MarshalJSON is a custom marshaler for Rules

func (*Rules) ProtoMessage

func (*Rules) ProtoMessage()

func (*Rules) ProtoReflect

func (x *Rules) ProtoReflect() protoreflect.Message

func (*Rules) Reset

func (x *Rules) Reset()

func (*Rules) String

func (x *Rules) String() string

func (*Rules) UnmarshalJSON

func (this *Rules) UnmarshalJSON(b []byte) error

UnmarshalJSON is a custom unmarshaler for Rules

type Scope

type Scope int32
const (
	// ALL means that the authorization policy will be applied to all workloads
	// in the mesh (any namespace).
	Scope_GLOBAL Scope = 0
	// NAMESPACE means that the policy will only be applied to workloads in a
	// specific namespace.
	Scope_NAMESPACE Scope = 1
	// WORKLOAD_SELECTOR means that the policy will only be applied to specific
	// workloads that were selected by their labels.
	Scope_WORKLOAD_SELECTOR Scope = 2
)

func (Scope) Descriptor

func (Scope) Descriptor() protoreflect.EnumDescriptor

func (Scope) Enum

func (x Scope) Enum() *Scope

func (Scope) EnumDescriptor deprecated

func (Scope) EnumDescriptor() ([]byte, []int)

Deprecated: Use Scope.Descriptor instead.

func (Scope) Number

func (x Scope) Number() protoreflect.EnumNumber

func (Scope) String

func (x Scope) String() string

func (Scope) Type

func (Scope) Type() protoreflect.EnumType

type ServiceAccountMatch

type ServiceAccountMatch struct {
	Namespace      string `protobuf:"bytes,1,opt,name=namespace,proto3" json:"namespace,omitempty"`
	ServiceAccount string `protobuf:"bytes,2,opt,name=serviceAccount,proto3" json:"serviceAccount,omitempty"`
	// contains filtered or unexported fields
}

func (*ServiceAccountMatch) Descriptor deprecated

func (*ServiceAccountMatch) Descriptor() ([]byte, []int)

Deprecated: Use ServiceAccountMatch.ProtoReflect.Descriptor instead.

func (*ServiceAccountMatch) GetNamespace

func (x *ServiceAccountMatch) GetNamespace() string

func (*ServiceAccountMatch) GetServiceAccount

func (x *ServiceAccountMatch) GetServiceAccount() string

func (*ServiceAccountMatch) MarshalJSON

func (this *ServiceAccountMatch) MarshalJSON() ([]byte, error)

MarshalJSON is a custom marshaler for ServiceAccountMatch

func (*ServiceAccountMatch) ProtoMessage

func (*ServiceAccountMatch) ProtoMessage()

func (*ServiceAccountMatch) ProtoReflect

func (x *ServiceAccountMatch) ProtoReflect() protoreflect.Message

func (*ServiceAccountMatch) Reset

func (x *ServiceAccountMatch) Reset()

func (*ServiceAccountMatch) String

func (x *ServiceAccountMatch) String() string

func (*ServiceAccountMatch) UnmarshalJSON

func (this *ServiceAccountMatch) UnmarshalJSON(b []byte) error

UnmarshalJSON is a custom unmarshaler for ServiceAccountMatch

type StringMatch

type StringMatch struct {

	// Types that are valid to be assigned to MatchType:
	//
	//	*StringMatch_Exact
	//	*StringMatch_Prefix
	//	*StringMatch_Suffix
	//	*StringMatch_Presence
	MatchType isStringMatch_MatchType `protobuf_oneof:"match_type"`
	// contains filtered or unexported fields
}

func (*StringMatch) Descriptor deprecated

func (*StringMatch) Descriptor() ([]byte, []int)

Deprecated: Use StringMatch.ProtoReflect.Descriptor instead.

func (*StringMatch) GetExact

func (x *StringMatch) GetExact() string

func (*StringMatch) GetMatchType

func (x *StringMatch) GetMatchType() isStringMatch_MatchType

func (*StringMatch) GetPrefix

func (x *StringMatch) GetPrefix() string

func (*StringMatch) GetPresence

func (x *StringMatch) GetPresence() *emptypb.Empty

func (*StringMatch) GetSuffix

func (x *StringMatch) GetSuffix() string

func (*StringMatch) MarshalJSON

func (this *StringMatch) MarshalJSON() ([]byte, error)

MarshalJSON is a custom marshaler for StringMatch

func (*StringMatch) ProtoMessage

func (*StringMatch) ProtoMessage()

func (*StringMatch) ProtoReflect

func (x *StringMatch) ProtoReflect() protoreflect.Message

func (*StringMatch) Reset

func (x *StringMatch) Reset()

func (*StringMatch) String

func (x *StringMatch) String() string

func (*StringMatch) UnmarshalJSON

func (this *StringMatch) UnmarshalJSON(b []byte) error

UnmarshalJSON is a custom unmarshaler for StringMatch

type StringMatch_Exact

type StringMatch_Exact struct {
	// exact string match
	Exact string `protobuf:"bytes,1,opt,name=exact,proto3,oneof"`
}

type StringMatch_Prefix

type StringMatch_Prefix struct {
	// prefix-based match
	Prefix string `protobuf:"bytes,2,opt,name=prefix,proto3,oneof"`
}

type StringMatch_Presence

type StringMatch_Presence struct {
	Presence *emptypb.Empty `protobuf:"bytes,4,opt,name=presence,proto3,oneof"`
}

type StringMatch_Suffix

type StringMatch_Suffix struct {
	// suffix-based match
	Suffix string `protobuf:"bytes,3,opt,name=suffix,proto3,oneof"`
}

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL