go-control-plane: github.com/envoyproxy/go-control-plane/envoy/extensions/filters/network/rbac/v3 Index | Files

package envoy_extensions_filters_network_rbac_v3

import "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/network/rbac/v3"

Index

Package Files

rbac.pb.go rbac.pb.validate.go

Variables

var (
    RBAC_EnforcementType_name = map[int32]string{
        0:  "ONE_TIME_ON_FIRST_BYTE",
        1:  "CONTINUOUS",
    }
    RBAC_EnforcementType_value = map[string]int32{
        "ONE_TIME_ON_FIRST_BYTE": 0,
        "CONTINUOUS":             1,
    }
)

Enum value maps for RBAC_EnforcementType.

var File_envoy_extensions_filters_network_rbac_v3_rbac_proto protoreflect.FileDescriptor

type RBAC Uses

type RBAC struct {

    // Specify the RBAC rules to be applied globally.
    // If absent, no enforcing RBAC policy will be applied.
    Rules *v3.RBAC `protobuf:"bytes,1,opt,name=rules,proto3" json:"rules,omitempty"`
    // Shadow rules are not enforced by the filter but will emit stats and logs
    // and can be used for rule testing.
    // If absent, no shadow RBAC policy will be applied.
    ShadowRules *v3.RBAC `protobuf:"bytes,2,opt,name=shadow_rules,json=shadowRules,proto3" json:"shadow_rules,omitempty"`
    // The prefix to use when emitting statistics.
    StatPrefix string `protobuf:"bytes,3,opt,name=stat_prefix,json=statPrefix,proto3" json:"stat_prefix,omitempty"`
    // RBAC enforcement strategy. By default RBAC will be enforced only once
    // when the first byte of data arrives from the downstream. When used in
    // conjunction with filters that emit dynamic metadata after decoding
    // every payload (e.g., Mongo, MySQL, Kafka) set the enforcement type to
    // CONTINUOUS to enforce RBAC policies on every message boundary.
    EnforcementType RBAC_EnforcementType `protobuf:"varint,4,opt,name=enforcement_type,json=enforcementType,proto3,enum=envoy.extensions.filters.network.rbac.v3.RBAC_EnforcementType" json:"enforcement_type,omitempty"`
    // contains filtered or unexported fields
}

RBAC network filter config.

Header should not be used in rules/shadow_rules in RBAC network filter as this information is only available in :ref:`RBAC http filter <config_http_filters_rbac>`.

func (*RBAC) Descriptor Uses

func (*RBAC) Descriptor() ([]byte, []int)

Deprecated: Use RBAC.ProtoReflect.Descriptor instead.

func (*RBAC) GetEnforcementType Uses

func (x *RBAC) GetEnforcementType() RBAC_EnforcementType

func (*RBAC) GetRules Uses

func (x *RBAC) GetRules() *v3.RBAC

func (*RBAC) GetShadowRules Uses

func (x *RBAC) GetShadowRules() *v3.RBAC

func (*RBAC) GetStatPrefix Uses

func (x *RBAC) GetStatPrefix() string

func (*RBAC) ProtoMessage Uses

func (*RBAC) ProtoMessage()

func (*RBAC) ProtoReflect Uses

func (x *RBAC) ProtoReflect() protoreflect.Message

func (*RBAC) Reset Uses

func (x *RBAC) Reset()

func (*RBAC) String Uses

func (x *RBAC) String() string

func (*RBAC) Validate Uses

func (m *RBAC) Validate() error

Validate checks the field values on RBAC with the rules defined in the proto definition for this message. If any rules are violated, an error is returned.

type RBACValidationError Uses

type RBACValidationError struct {
    // contains filtered or unexported fields
}

RBACValidationError is the validation error returned by RBAC.Validate if the designated constraints aren't met.

func (RBACValidationError) Cause Uses

func (e RBACValidationError) Cause() error

Cause function returns cause value.

func (RBACValidationError) Error Uses

func (e RBACValidationError) Error() string

Error satisfies the builtin error interface

func (RBACValidationError) ErrorName Uses

func (e RBACValidationError) ErrorName() string

ErrorName returns error name.

func (RBACValidationError) Field Uses

func (e RBACValidationError) Field() string

Field function returns field value.

func (RBACValidationError) Key Uses

func (e RBACValidationError) Key() bool

Key function returns key value.

func (RBACValidationError) Reason Uses

func (e RBACValidationError) Reason() string

Reason function returns reason value.

type RBAC_EnforcementType Uses

type RBAC_EnforcementType int32
const (
    // Apply RBAC policies when the first byte of data arrives on the connection.
    RBAC_ONE_TIME_ON_FIRST_BYTE RBAC_EnforcementType = 0
    // Continuously apply RBAC policies as data arrives. Use this mode when
    // using RBAC with message oriented protocols such as Mongo, MySQL, Kafka,
    // etc. when the protocol decoders emit dynamic metadata such as the
    // resources being accessed and the operations on the resources.
    RBAC_CONTINUOUS RBAC_EnforcementType = 1
)

func (RBAC_EnforcementType) Descriptor Uses

func (RBAC_EnforcementType) Descriptor() protoreflect.EnumDescriptor

func (RBAC_EnforcementType) Enum Uses

func (x RBAC_EnforcementType) Enum() *RBAC_EnforcementType

func (RBAC_EnforcementType) EnumDescriptor Uses

func (RBAC_EnforcementType) EnumDescriptor() ([]byte, []int)

Deprecated: Use RBAC_EnforcementType.Descriptor instead.

func (RBAC_EnforcementType) Number Uses

func (x RBAC_EnforcementType) Number() protoreflect.EnumNumber

func (RBAC_EnforcementType) String Uses

func (x RBAC_EnforcementType) String() string

func (RBAC_EnforcementType) Type Uses

func (RBAC_EnforcementType) Type() protoreflect.EnumType

Package envoy_extensions_filters_network_rbac_v3 imports 19 packages (graph) and is imported by 11 packages. Updated 2021-01-08. Refresh now. Tools for package owners.