rbacv2

package

v0.12.0 Latest Latest Go to latest Published: Jan 2, 2024 License: Apache-2.0 Imports: 19 Imported by: 14

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/envoyproxy/go-control-plane

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
type RBAC
type RBACMultiError
- func (m RBACMultiError) AllErrors() []error
- func (m RBACMultiError) Error() string
type RBACValidationError
type RBAC_EnforcementType

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	RBAC_EnforcementType_name = map[int32]string{
		0: "ONE_TIME_ON_FIRST_BYTE",
		1: "CONTINUOUS",
	}
	RBAC_EnforcementType_value = map[string]int32{
		"ONE_TIME_ON_FIRST_BYTE": 0,
		"CONTINUOUS":             1,
	}
)

Enum value maps for RBAC_EnforcementType.

View Source

var File_envoy_config_filter_network_rbac_v2_rbac_proto protoreflect.FileDescriptor

Functions ¶

This section is empty.

Types ¶

type RBAC ¶

type RBAC struct {

	// Specify the RBAC rules to be applied globally.
	// If absent, no enforcing RBAC policy will be applied.
	Rules *v2.RBAC `protobuf:"bytes,1,opt,name=rules,proto3" json:"rules,omitempty"`
	// Shadow rules are not enforced by the filter but will emit stats and logs
	// and can be used for rule testing.
	// If absent, no shadow RBAC policy will be applied.
	ShadowRules *v2.RBAC `protobuf:"bytes,2,opt,name=shadow_rules,json=shadowRules,proto3" json:"shadow_rules,omitempty"`
	// The prefix to use when emitting statistics.
	StatPrefix string `protobuf:"bytes,3,opt,name=stat_prefix,json=statPrefix,proto3" json:"stat_prefix,omitempty"`
	// RBAC enforcement strategy. By default RBAC will be enforced only once
	// when the first byte of data arrives from the downstream. When used in
	// conjunction with filters that emit dynamic metadata after decoding
	// every payload (e.g., Mongo, MySQL, Kafka) set the enforcement type to
	// CONTINUOUS to enforce RBAC policies on every message boundary.
	EnforcementType RBAC_EnforcementType `` /* 169-byte string literal not displayed */
	// contains filtered or unexported fields
}

RBAC network filter config.

Header should not be used in rules/shadow_rules in RBAC network filter as this information is only available in :ref:`RBAC http filter <config_http_filters_rbac>`.

func (*RBAC) Descriptor deprecated

func (*RBAC) Descriptor() ([]byte, []int)

Deprecated: Use RBAC.ProtoReflect.Descriptor instead.

func (*RBAC) GetEnforcementType ¶ added in v0.6.4

func (x *RBAC) GetEnforcementType() RBAC_EnforcementType

func (*RBAC) GetRules ¶

func (x *RBAC) GetRules() *v2.RBAC

func (*RBAC) GetShadowRules ¶

func (x *RBAC) GetShadowRules() *v2.RBAC

func (*RBAC) GetStatPrefix ¶

func (x *RBAC) GetStatPrefix() string

func (*RBAC) ProtoMessage ¶

func (*RBAC) ProtoMessage()

func (*RBAC) ProtoReflect ¶ added in v0.9.6

func (x *RBAC) ProtoReflect() protoreflect.Message

func (*RBAC) Reset ¶

func (x *RBAC) Reset()

func (*RBAC) String ¶

func (x *RBAC) String() string

func (*RBAC) Validate ¶

func (m *RBAC) Validate() error

Validate checks the field values on RBAC with the rules defined in the proto definition for this message. If any rules are violated, the first error encountered is returned, or nil if there are no violations.

func (*RBAC) ValidateAll ¶ added in v0.10.0

func (m *RBAC) ValidateAll() error

ValidateAll checks the field values on RBAC with the rules defined in the proto definition for this message. If any rules are violated, the result is a list of violation errors wrapped in RBACMultiError, or nil if none found.

type RBACMultiError ¶ added in v0.10.0

type RBACMultiError []error

RBACMultiError is an error wrapping multiple validation errors returned by RBAC.ValidateAll() if the designated constraints aren't met.

func (RBACMultiError) AllErrors ¶ added in v0.10.0

func (m RBACMultiError) AllErrors() []error

AllErrors returns a list of validation violation errors.

func (RBACMultiError) Error ¶ added in v0.10.0

func (m RBACMultiError) Error() string

Error returns a concatenation of all the error messages it wraps.

type RBACValidationError ¶

type RBACValidationError struct {
	// contains filtered or unexported fields
}

RBACValidationError is the validation error returned by RBAC.Validate if the designated constraints aren't met.

func (RBACValidationError) Cause ¶

func (e RBACValidationError) Cause() error

Cause function returns cause value.

func (RBACValidationError) Error ¶

func (e RBACValidationError) Error() string

Error satisfies the builtin error interface

func (RBACValidationError) ErrorName ¶ added in v0.7.0

func (e RBACValidationError) ErrorName() string

ErrorName returns error name.

func (RBACValidationError) Field ¶

func (e RBACValidationError) Field() string

Field function returns field value.

func (RBACValidationError) Key ¶

func (e RBACValidationError) Key() bool

Key function returns key value.

func (RBACValidationError) Reason ¶

func (e RBACValidationError) Reason() string

Reason function returns reason value.

type RBAC_EnforcementType ¶ added in v0.6.4

type RBAC_EnforcementType int32

const (
	// Apply RBAC policies when the first byte of data arrives on the connection.
	RBAC_ONE_TIME_ON_FIRST_BYTE RBAC_EnforcementType = 0
	// Continuously apply RBAC policies as data arrives. Use this mode when
	// using RBAC with message oriented protocols such as Mongo, MySQL, Kafka,
	// etc. when the protocol decoders emit dynamic metadata such as the
	// resources being accessed and the operations on the resources.
	RBAC_CONTINUOUS RBAC_EnforcementType = 1
)

func (RBAC_EnforcementType) Descriptor ¶ added in v0.9.6

func (RBAC_EnforcementType) Descriptor() protoreflect.EnumDescriptor

func (RBAC_EnforcementType) Enum ¶ added in v0.9.6

func (x RBAC_EnforcementType) Enum() *RBAC_EnforcementType

func (RBAC_EnforcementType) EnumDescriptor deprecated added in v0.6.4

func (RBAC_EnforcementType) EnumDescriptor() ([]byte, []int)

Deprecated: Use RBAC_EnforcementType.Descriptor instead.

func (RBAC_EnforcementType) Number ¶ added in v0.9.6

func (x RBAC_EnforcementType) Number() protoreflect.EnumNumber

func (RBAC_EnforcementType) String ¶ added in v0.6.4

func (x RBAC_EnforcementType) String() string

func (RBAC_EnforcementType) Type ¶ added in v0.9.6

func (RBAC_EnforcementType) Type() protoreflect.EnumType

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL