types

package
v7.0.0-...-185e5fd Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 29, 2021 License: Apache-2.0 Imports: 26 Imported by: 0

Documentation

Overview

Package types contains all types and logic required by the Teleport API.

Index

Constants

View Source 
const (
	// RotationStateStandby is initial status of the rotation -
	// nothing is being rotated.
	RotationStateStandby = "standby"
	// RotationStateInProgress - that rotation is in progress.
	RotationStateInProgress = "in_progress"
	// RotationPhaseStandby is the initial phase of the rotation
	// it means no operations have started.
	RotationPhaseStandby = "standby"
	// RotationPhaseInit = is a phase of the rotation
	// when new certificate authority is issued, but not used
	// It is necessary for remote trusted clusters to fetch the
	// new certificate authority, otherwise the new clients
	// will reject it
	RotationPhaseInit = "init"
	// RotationPhaseUpdateClients is a phase of the rotation
	// when client credentials will have to be updated and reloaded
	// but servers will use and respond with old credentials
	// because clients have no idea about new credentials at first.
	RotationPhaseUpdateClients = "update_clients"
	// RotationPhaseUpdateServers is a phase of the rotation
	// when servers will have to reload and should start serving
	// TLS and SSH certificates signed by new CA.
	RotationPhaseUpdateServers = "update_servers"
	// RotationPhaseRollback means that rotation is rolling
	// back to the old certificate authority.
	RotationPhaseRollback = "rollback"
	// RotationModeManual is a manual rotation mode when all phases
	// are set by the operator.
	RotationModeManual = "manual"
	// RotationModeAuto is set to go through all phases by the schedule.
	RotationModeAuto = "auto"
)
View Source 
const (
	// DefaultAPIGroup is a default group of permissions API,
	// lets us to add different permission types
	DefaultAPIGroup = "gravitational.io/teleport"

	// ActionRead grants read access (get, list)
	ActionRead = "read"

	// ActionWrite allows to write (create, update, delete)
	ActionWrite = "write"

	// Wildcard is a special wildcard character matching everything
	Wildcard = "*"

	// True holds "true" string value
	True = "true"

	// KindNamespace is a namespace
	KindNamespace = "namespace"

	// KindUser is a user resource
	KindUser = "user"

	// KindKeyPair is a public/private key pair
	KindKeyPair = "key_pair"

	// KindHostCert is a host certificate
	KindHostCert = "host_cert"

	// KindJWT is a JWT token signer.
	KindJWT = "jwt"

	// KindLicense is a license resource
	KindLicense = "license"

	// KindRole is a role resource
	KindRole = "role"

	// KindAccessRequest is an AccessRequest resource
	KindAccessRequest = "access_request"

	// KindPluginData is a PluginData resource
	KindPluginData = "plugin_data"

	// KindAccessPluginData is a resource directive that applies
	// only to plugin data associated with access requests.
	KindAccessPluginData = "access_plugin_data"

	// KindOIDC is OIDC connector resource
	KindOIDC = "oidc"

	// KindSAML is SAML connector resource
	KindSAML = "saml"

	// KindGithub is Github connector resource
	KindGithub = "github"

	// KindOIDCRequest is OIDC auth request resource
	KindOIDCRequest = "oidc_request"

	// KindSAMLRequest is SAML auth request resource
	KindSAMLRequest = "saml_request"

	// KindGithubRequest is Github auth request resource
	KindGithubRequest = "github_request"

	// KindSession is a recorded SSH session.
	KindSession = "session"

	// KindSSHSession is an active SSH session.
	KindSSHSession = "ssh_session"

	// KindWebSession is a web session resource
	KindWebSession = "web_session"

	// KindWebToken is a web token resource
	KindWebToken = "web_token"

	// KindAppSession represents an application specific web session.
	KindAppSession = "app_session"

	// KindEvent is structured audit logging event
	KindEvent = "event"

	// KindAuthServer is auth server resource
	KindAuthServer = "auth_server"

	// KindProxy is proxy resource
	KindProxy = "proxy"

	// KindNode is node resource
	KindNode = "node"

	// KindAppServer is an application server resource.
	KindAppServer = "app_server"

	// KindDatabaseServer is a database proxy server resource.
	KindDatabaseServer = "db_server"

	// KindToken is a provisioning token resource
	KindToken = "token"

	// KindCertAuthority is a certificate authority resource
	KindCertAuthority = "cert_authority"

	// KindReverseTunnel is a reverse tunnel connection
	KindReverseTunnel = "tunnel"

	// KindOIDCConnector is a OIDC connector resource
	KindOIDCConnector = "oidc"

	// KindSAMLConnector is a SAML connector resource
	KindSAMLConnector = "saml"

	// KindGithubConnector is Github OAuth2 connector resource
	KindGithubConnector = "github"

	// KindConnectors is a shortcut for all authentication connector
	KindConnectors = "connectors"

	// KindClusterAuthPreference is the type of authentication for this cluster.
	KindClusterAuthPreference = "cluster_auth_preference"

	// MetaNameClusterAuthPreference is the type of authentication for this cluster.
	MetaNameClusterAuthPreference = "cluster-auth-preference"

	// KindSessionRecordingConfig is the resource for session recording configuration.
	KindSessionRecordingConfig = "session_recording_config"

	// MetaNameSessionRecordingConfig is the exact name of the singleton resource for
	// session recording configuration.
	MetaNameSessionRecordingConfig = "session-recording-config"

	// KindClusterConfig is the resource that holds cluster level configuration.
	KindClusterConfig = "cluster_config"

	// MetaNameClusterConfig is the exact name of the cluster config singleton resource.
	MetaNameClusterConfig = "cluster-config"

	// KindClusterAuditConfig is the resource that holds cluster audit configuration.
	KindClusterAuditConfig = "cluster_audit_config"

	// MetaNameClusterAuditConfig is the exact name of the singleton resource holding
	// cluster audit configuration.
	MetaNameClusterAuditConfig = "cluster-audit-config"

	// KindClusterNetworkingConfig is the resource that holds cluster networking configuration.
	KindClusterNetworkingConfig = "cluster_networking_config"

	// MetaNameClusterNetworkingConfig is the exact name of the singleton resource holding
	// cluster networking configuration.
	MetaNameClusterNetworkingConfig = "cluster-networking-config"

	// KindSemaphore is the resource that provides distributed semaphore functionality
	KindSemaphore = "semaphore"

	// KindClusterName is a type of configuration resource that contains the cluster name.
	KindClusterName = "cluster_name"

	// MetaNameClusterName is the name of a configuration resource for cluster name.
	MetaNameClusterName = "cluster-name"

	// KindStaticTokens is a type of configuration resource that contains static tokens.
	KindStaticTokens = "static_tokens"

	// MetaNameStaticTokens is the name of a configuration resource for static tokens.
	MetaNameStaticTokens = "static-tokens"

	// KindTrustedCluster is a resource that contains trusted cluster configuration.
	KindTrustedCluster = "trusted_cluster"

	// KindAuthConnector allows access to OIDC and SAML connectors.
	KindAuthConnector = "auth_connector"

	// KindTunnelConnection specifies connection of a reverse tunnel to proxy
	KindTunnelConnection = "tunnel_connection"

	// KindRemoteCluster represents remote cluster connected via reverse tunnel
	// to proxy
	KindRemoteCluster = "remote_cluster"

	// KindResetPasswordToken is a token used to change user passwords
	KindResetPasswordToken = "user_token"

	// KindResetPasswordTokenSecrets is reset password token secrets
	KindResetPasswordTokenSecrets = "reset_password_token_secrets"

	// KindIdentity is local on disk identity resource
	KindIdentity = "identity"

	// KindState is local on disk process state
	KindState = "state"

	// KindKubeService is a kubernetes service resource
	KindKubeService = "kube_service"

	// KindMFADevice is an MFA device for a user.
	KindMFADevice = "mfa_device"

	// KindBilling represents access to cloud billing features
	KindBilling = "billing"

	// KindLock is a lock resource.
	KindLock = "lock"

	// KindNetworkRestrictions are restrictions for SSH sessions
	KindNetworkRestrictions = "network_restrictions"

	// MetaNameNetworkRestrictions is the exact name of the singleton resource for
	// network restrictions
	MetaNameNetworkRestrictions = "network-restrictions"

	// V4 is the fourth version of resources.
	V4 = "v4"

	// V3 is the third version of resources.
	V3 = "v3"

	// V2 is the second version of resources.
	V2 = "v2"

	// V1 is the first version of resources. Note: The first version was
	// not explicitly versioned.
	V1 = "v1"
)
View Source 
const (
	// VerbList is used to list all objects. Does not imply the ability to read a single object.
	VerbList = "list"

	// VerbCreate is used to create an object.
	VerbCreate = "create"

	// VerbRead is used to read a single object.
	VerbRead = "read"

	// VerbReadNoSecrets is used to read a single object without secrets.
	VerbReadNoSecrets = "readnosecrets"

	// VerbUpdate is used to update an object.
	VerbUpdate = "update"

	// VerbDelete is used to remove an object.
	VerbDelete = "delete"

	// VerbRotate is used to rotate certificate authorities
	// used only internally
	VerbRotate = "rotate"
)
View Source 
const (
	// OriginLabel is a resource metadata label name used to identify a source
	// that the resource originates from.
	OriginLabel = "teleport.dev/origin"

	// OriginConfigFile is an origin value indicating that the resource was
	// constructed as a default value.
	OriginDefaults = "defaults"

	// OriginConfigFile is an origin value indicating that the resource is
	// derived from static configuration.
	OriginConfigFile = "config-file"

	// OriginDynamic is an origin value indicating that the resource was
	// committed as dynamic configuration.
	OriginDynamic = "dynamic"
)
View Source 
const (
	// RecordAtNode is the default. Sessions are recorded at Teleport nodes.
	RecordAtNode = "node"

	// RecordAtProxy enables the recording proxy which intercepts and records
	// all sessions.
	RecordAtProxy = "proxy"

	// RecordOff is used to disable session recording completely.
	RecordOff = "off"

	// RecordAtNodeSync enables the nodes to stream sessions in sync mode
	// to the auth server
	RecordAtNodeSync = "node-sync"

	// RecordAtProxySync enables the recording proxy which intercepts and records
	// all sessions, streams the records synchronously
	RecordAtProxySync = "proxy-sync"
)
View Source 
const (
	// DatabaseTypeSelfHosted is the self-hosted type of database.
	DatabaseTypeSelfHosted = "self-hosted"
	// DatabaseTypeRDS is AWS-hosted RDS or Aurora database.
	DatabaseTypeRDS = "rds"
	// DatabaseTypeRedshift is AWS Redshift database.
	DatabaseTypeRedshift = "redshift"
	// DatabaseTypeCloudSQL is GCP-hosted Cloud SQL database.
	DatabaseTypeCloudSQL = "gcp"
)
View Source 
const EventOrderAscending = 0

EventOrderAscending is an ascending event order. In essence, events go from oldest to newest.

View Source 
const EventOrderDescending = 1

EventOrderDescending is an descending event order. In this ordering events go from newest to oldest.

View Source 
const LabelPattern = `^[a-zA-Z/.0-9_*-]+$`

LabelPattern is a regexp that describes a valid label key

View Source 
const SemaphoreKindConnection = "connection"

SemaphoreKindConnection is the semaphore kind used by the Concurrent Session Control feature to limit concurrent connections (corresponds to the `max_connections` role option).

Variables

View Source 
var (
	ErrInvalidLengthTypes        = fmt.Errorf("proto: negative length found during unmarshaling")
	ErrIntOverflowTypes          = fmt.Errorf("proto: integer overflow")
	ErrUnexpectedEndOfGroupTypes = fmt.Errorf("proto: unexpected end of group")
)
View Source 
var CertAuthTypes = []CertAuthType{HostCA, UserCA, JWTSigner}

CertAuthTypes lists all certificate authority types.

View Source 
var CertAuthoritySpecV2_SigningAlgType_name = map[int32]string{
	0: "UNKNOWN",
	1: "RSA_SHA1",
	2: "RSA_SHA2_256",
	3: "RSA_SHA2_512",
}
View Source 
var CertAuthoritySpecV2_SigningAlgType_value = map[string]int32{
	"UNKNOWN":      0,
	"RSA_SHA1":     1,
	"RSA_SHA2_256": 2,
	"RSA_SHA2_512": 3,
}
View Source 
var KeepAlive_KeepAliveType_name = map[int32]string{
	0: "UNKNOWN",
	1: "NODE",
	2: "APP",
	3: "DATABASE",
}
View Source 
var KeepAlive_KeepAliveType_value = map[string]int32{
	"UNKNOWN":  0,
	"NODE":     1,
	"APP":      2,
	"DATABASE": 3,
}
View Source 
var OriginValues = []string{OriginDefaults, OriginConfigFile, OriginDynamic}

OriginValues lists all possible origin values.

View Source 
var PrivateKeyType_name = map[int32]string{
	0: "RAW",
	1: "PKCS11",
}
View Source 
var PrivateKeyType_value = map[string]int32{
	"RAW":    0,
	"PKCS11": 1,
}
View Source 
var RequestState_name = map[int32]string{
	0: "NONE",
	1: "PENDING",
	2: "APPROVED",
	3: "DENIED",
}
View Source 
var RequestState_value = map[string]int32{
	"NONE":     0,
	"PENDING":  1,
	"APPROVED": 2,
	"DENIED":   3,
}
View Source 
var RotatePhases = []string{
	RotationPhaseInit,
	RotationPhaseStandby,
	RotationPhaseUpdateClients,
	RotationPhaseUpdateServers,
	RotationPhaseRollback,
}

RotatePhases lists all supported rotation phases

View Source 
var SessionRecordingModes = []string{RecordAtNode, RecordAtProxy, RecordOff, RecordAtNodeSync, RecordAtProxySync}

SessionRecordingModes lists all possible session recording modes.

View Source 
var WebSessionSubKinds = []string{KindAppSession, KindWebSession}

WebSessionSubKinds lists subkinds of web session resources

Functions

func BoolDefaultTrue 

func BoolDefaultTrue(v *BoolOption) bool

BoolDefaultTrue returns true if v is not set (pointer is nil) otherwise returns real boolean value

func CombineLabels 

func CombineLabels(static map[string]string, dynamic map[string]CommandLabelV2) map[string]string

CombineLabels combines the passed in static and dynamic labels.

func IsValidLabelKey 

func IsValidLabelKey(s string) bool

IsValidLabelKey checks if the supplied string matches the label key regexp.

func IsValidNamespace 

func IsValidNamespace(s string) bool

IsValidNamespace checks if the namespace provided is valid

func LabelsAsString 

func LabelsAsString(static map[string]string, dynamic map[string]CommandLabelV2) string

LabelsAsString combines static and dynamic labels and returns a comma separated string.

func LabelsToV2 

func LabelsToV2(labels map[string]CommandLabel) map[string]CommandLabelV2

LabelsToV2 converts labels from interface to V2 spec

func ProcessNamespace 

func ProcessNamespace(namespace string) string

ProcessNamespace sets default namespace in case if namespace is empty

func RemoveCASecrets 

func RemoveCASecrets(ca CertAuthority)

RemoveCASecrets removes private (SSH, TLS, and JWT) keys from certificate authority.

func V2ToLabels 

func V2ToLabels(l map[string]CommandLabelV2) map[string]CommandLabel

V2ToLabels converts concrete type to command label interface.

Types

type AWS 

type AWS struct {
	// Region is a AWS cloud region.
	Region string `protobuf:"bytes,1,opt,name=Region,proto3" json:"region,omitempty"`
	// Redshift contains Redshift specific settings.
	Redshift             Redshift `protobuf:"bytes,2,opt,name=Redshift,proto3" json:"redshift,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

AWS contains AWS specific settings such as region.

func (*AWS) Descriptor 

func (*AWS) Descriptor() ([]byte, []int)

func (*AWS) Marshal 

func (m *AWS) Marshal() (dAtA []byte, err error)

func (*AWS) MarshalTo 

func (m *AWS) MarshalTo(dAtA []byte) (int, error)

func (*AWS) MarshalToSizedBuffer 

func (m *AWS) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*AWS) ProtoMessage 

func (*AWS) ProtoMessage()

func (*AWS) Reset 

func (m *AWS) Reset()

func (*AWS) Size 

func (m *AWS) Size() (n int)

func (*AWS) String 

func (m *AWS) String() string

func (*AWS) Unmarshal 

func (m *AWS) Unmarshal(dAtA []byte) error

func (*AWS) XXX_DiscardUnknown 

func (m *AWS) XXX_DiscardUnknown()

func (*AWS) XXX_Marshal 

func (m *AWS) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*AWS) XXX_Merge 

func (m *AWS) XXX_Merge(src proto.Message)

func (*AWS) XXX_Size 

func (m *AWS) XXX_Size() int

func (*AWS) XXX_Unmarshal 

func (m *AWS) XXX_Unmarshal(b []byte) error

type AccessCapabilities 

type AccessCapabilities struct {
	// RequestableRoles is a list of existent roles which the user is allowed to request.
	RequestableRoles []string `protobuf:"bytes,1,rep,name=RequestableRoles,proto3" json:"requestable_roles,omitempty"`
	// SuggestedReviewers is a list of all reviewers which are suggested by the user's roles.
	SuggestedReviewers   []string `protobuf:"bytes,2,rep,name=SuggestedReviewers,proto3" json:"suggested_reviewers,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

AccessCapabilities is a summary of capabilities that a user is granted via their dynamic access privileges which may not be calculable by directly examining the user's own static roles.

func (*AccessCapabilities) Descriptor 

func (*AccessCapabilities) Descriptor() ([]byte, []int)

func (*AccessCapabilities) Marshal 

func (m *AccessCapabilities) Marshal() (dAtA []byte, err error)

func (*AccessCapabilities) MarshalTo 

func (m *AccessCapabilities) MarshalTo(dAtA []byte) (int, error)

func (*AccessCapabilities) MarshalToSizedBuffer 

func (m *AccessCapabilities) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*AccessCapabilities) ProtoMessage 

func (*AccessCapabilities) ProtoMessage()

func (*AccessCapabilities) Reset 

func (m *AccessCapabilities) Reset()

func (*AccessCapabilities) Size 

func (m *AccessCapabilities) Size() (n int)

func (*AccessCapabilities) String 

func (m *AccessCapabilities) String() string

func (*AccessCapabilities) Unmarshal 

func (m *AccessCapabilities) Unmarshal(dAtA []byte) error

func (*AccessCapabilities) XXX_DiscardUnknown 

func (m *AccessCapabilities) XXX_DiscardUnknown()

func (*AccessCapabilities) XXX_Marshal 

func (m *AccessCapabilities) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*AccessCapabilities) XXX_Merge 

func (m *AccessCapabilities) XXX_Merge(src proto.Message)

func (*AccessCapabilities) XXX_Size 

func (m *AccessCapabilities) XXX_Size() int

func (*AccessCapabilities) XXX_Unmarshal 

func (m *AccessCapabilities) XXX_Unmarshal(b []byte) error

type AccessCapabilitiesRequest 

type AccessCapabilitiesRequest struct {
	// User is the name of the user whose capabilities we are interested in (defaults to
	// the caller's own username).
	User string `protobuf:"bytes,1,opt,name=User,proto3" json:"user,omitempty"`
	// RequestableRoles is a flag indicating that we would like to view the list of roles
	// that the user is able to request.
	RequestableRoles bool `protobuf:"varint,2,opt,name=RequestableRoles,proto3" json:"requestable_roles,omitempty"`
	// SuggestedReviewers is a flag indicating that we would like to view the list of all
	// reviewers which are suggested by the user's roles.
	SuggestedReviewers   bool     `protobuf:"varint,3,opt,name=SuggestedReviewers,proto3" json:"suggested_reviewers,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

AccessCapabilitiesRequest encodes parameters for the GetAccessCapabilities method.

func (*AccessCapabilitiesRequest) Descriptor 

func (*AccessCapabilitiesRequest) Descriptor() ([]byte, []int)

func (*AccessCapabilitiesRequest) Marshal 

func (m *AccessCapabilitiesRequest) Marshal() (dAtA []byte, err error)

func (*AccessCapabilitiesRequest) MarshalTo 

func (m *AccessCapabilitiesRequest) MarshalTo(dAtA []byte) (int, error)

func (*AccessCapabilitiesRequest) MarshalToSizedBuffer 

func (m *AccessCapabilitiesRequest) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*AccessCapabilitiesRequest) ProtoMessage 

func (*AccessCapabilitiesRequest) ProtoMessage()

func (*AccessCapabilitiesRequest) Reset 

func (m *AccessCapabilitiesRequest) Reset()

func (*AccessCapabilitiesRequest) Size 

func (m *AccessCapabilitiesRequest) Size() (n int)

func (*AccessCapabilitiesRequest) String 

func (m *AccessCapabilitiesRequest) String() string

func (*AccessCapabilitiesRequest) Unmarshal 

func (m *AccessCapabilitiesRequest) Unmarshal(dAtA []byte) error

func (*AccessCapabilitiesRequest) XXX_DiscardUnknown 

func (m *AccessCapabilitiesRequest) XXX_DiscardUnknown()

func (*AccessCapabilitiesRequest) XXX_Marshal 

func (m *AccessCapabilitiesRequest) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*AccessCapabilitiesRequest) XXX_Merge 

func (m *AccessCapabilitiesRequest) XXX_Merge(src proto.Message)

func (*AccessCapabilitiesRequest) XXX_Size 

func (m *AccessCapabilitiesRequest) XXX_Size() int

func (*AccessCapabilitiesRequest) XXX_Unmarshal 

func (m *AccessCapabilitiesRequest) XXX_Unmarshal(b []byte) error

type AccessRequest 

type AccessRequest interface {
	Resource
	// GetUser gets the name of the requesting user
	GetUser() string
	// GetRoles gets the roles being requested by the user
	GetRoles() []string
	// SetRoles overrides the roles being requested by the user
	SetRoles([]string)
	// GetState gets the current state of the request
	GetState() RequestState
	// SetState sets the approval state of the request
	SetState(RequestState) error
	// GetCreationTime gets the time at which the request was
	// originally registered with the auth server.
	GetCreationTime() time.Time
	// SetCreationTime sets the creation time of the request.
	SetCreationTime(time.Time)
	// GetAccessExpiry gets the upper limit for which this request
	// may be considered active.
	GetAccessExpiry() time.Time
	// SetAccessExpiry sets the upper limit for which this request
	// may be considered active.
	SetAccessExpiry(time.Time)
	// GetRequestReason gets the reason for the request's creation.
	GetRequestReason() string
	// SetRequestReason sets the reason for the request's creation.
	SetRequestReason(string)
	// GetResolveReason gets the reason for the request's resolution.
	GetResolveReason() string
	// SetResolveReason sets the reason for the request's resolution.
	SetResolveReason(string)
	// GetResolveAnnotations gets the annotations associated with
	// the request's resolution.
	GetResolveAnnotations() map[string][]string
	// SetResolveAnnotations sets the annotations associated with
	// the request's resolution.
	SetResolveAnnotations(map[string][]string)
	// GetSystemAnnotations gets the teleport-applied annotations.
	GetSystemAnnotations() map[string][]string
	// SetSystemAnnotations sets the teleport-applied annotations.
	SetSystemAnnotations(map[string][]string)
	// GetOriginalRoles gets the original (pre-override) role list.
	GetOriginalRoles() []string
	// GetThresholds gets the review thresholds.
	GetThresholds() []AccessReviewThreshold
	// SetThresholds sets the review thresholds (internal use only).
	SetThresholds([]AccessReviewThreshold)
	// GetRoleThresholdMapping gets the rtm.  See documentation of the
	// AccessRequestSpecV3.RoleThresholdMapping field for details.
	GetRoleThresholdMapping() map[string]ThresholdIndexSets
	// SetRoleThresholdMapping sets the rtm (internal use only).  See documentation
	// of the AccessRequestSpecV3.RoleThresholdMapping field for details.
	SetRoleThresholdMapping(map[string]ThresholdIndexSets)
	// GetReviews gets the list of currently applied access reviews.
	GetReviews() []AccessReview
	// SetReviews sets the list of currently applied access reviews (internal use only).
	SetReviews([]AccessReview)
	// GetSuggestedReviewers gets the suggested reviewer list.
	GetSuggestedReviewers() []string
	// SetSuggestedReviewers sets the suggested reviewer list.
	SetSuggestedReviewers([]string)
}

AccessRequest is a request for temporarily granted roles

func NewAccessRequest 

func NewAccessRequest(name string, user string, roles ...string) (AccessRequest, error)

NewAccessRequest assembled an AccessRequest resource.

type AccessRequestConditions 

type AccessRequestConditions struct {
	// Roles is the name of roles which will match the request rule.
	Roles []string `protobuf:"bytes,1,rep,name=Roles,proto3" json:"roles,omitempty"`
	// ClaimsToRoles specifies a mapping from claims (traits) to teleport roles.
	ClaimsToRoles []ClaimMapping `protobuf:"bytes,2,rep,name=ClaimsToRoles,proto3" json:"claims_to_roles,omitempty"`
	// Annotations is a collection of annotations to be programmatically
	// appended to pending access requests at the time of their creation.
	// These annotations serve as a mechanism to propagate extra information
	// to plugins.  Since these annotations support variable interpolation
	// syntax, they also offer a mechanism for forwarding claims from an
	// external identity provider, to a plugin via `{{external.trait_name}}`
	// style substitutions.
	Annotations github_com_gravitational_teleport_api_types_wrappers.Traits `` /* 149-byte string literal not displayed */
	// Thresholds is a list of thresholds, one of which must be met in order for reviews
	// to trigger a state-transition.  If no thresholds are provided, a default threshold
	// of 1 for approval and denial is used.
	Thresholds []AccessReviewThreshold `protobuf:"bytes,4,rep,name=Thresholds,proto3" json:"thresholds,omitempty"`
	// SuggestedReviewers is a list of reviewer suggestions.  These can be teleport usernames, but
	// that is not a requirement.
	SuggestedReviewers   []string `protobuf:"bytes,5,rep,name=SuggestedReviewers,proto3" json:"suggested_reviewers,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

AccessRequestConditions is a matcher for allow/deny restrictions on access-requests.

func (*AccessRequestConditions) Descriptor 

func (*AccessRequestConditions) Descriptor() ([]byte, []int)

func (*AccessRequestConditions) Marshal 

func (m *AccessRequestConditions) Marshal() (dAtA []byte, err error)

func (*AccessRequestConditions) MarshalTo 

func (m *AccessRequestConditions) MarshalTo(dAtA []byte) (int, error)

func (*AccessRequestConditions) MarshalToSizedBuffer 

func (m *AccessRequestConditions) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*AccessRequestConditions) ProtoMessage 

func (*AccessRequestConditions) ProtoMessage()

func (*AccessRequestConditions) Reset 

func (m *AccessRequestConditions) Reset()

func (*AccessRequestConditions) Size 

func (m *AccessRequestConditions) Size() (n int)

func (*AccessRequestConditions) String 

func (m *AccessRequestConditions) String() string

func (*AccessRequestConditions) Unmarshal 

func (m *AccessRequestConditions) Unmarshal(dAtA []byte) error

func (*AccessRequestConditions) XXX_DiscardUnknown 

func (m *AccessRequestConditions) XXX_DiscardUnknown()

func (*AccessRequestConditions) XXX_Marshal 

func (m *AccessRequestConditions) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*AccessRequestConditions) XXX_Merge 

func (m *AccessRequestConditions) XXX_Merge(src proto.Message)

func (*AccessRequestConditions) XXX_Size 

func (m *AccessRequestConditions) XXX_Size() int

func (*AccessRequestConditions) XXX_Unmarshal 

func (m *AccessRequestConditions) XXX_Unmarshal(b []byte) error

type AccessRequestFilter 

type AccessRequestFilter struct {
	// ID specifies a request ID if set.
	ID string `protobuf:"bytes,1,opt,name=ID,proto3" json:"id,omitempty"`
	// User specifies a username if set.
	User string `protobuf:"bytes,2,opt,name=User,proto3" json:"user,omitempty"`
	// RequestState filters for requests in a specific state.
	State                RequestState `protobuf:"varint,3,opt,name=State,proto3,enum=types.RequestState" json:"state,omitempty"`
	XXX_NoUnkeyedLiteral struct{}     `json:"-"`
	XXX_unrecognized     []byte       `json:"-"`
	XXX_sizecache        int32        `json:"-"`
}

AccessRequestFilter encodes filter params for access requests.

func (*AccessRequestFilter) Descriptor 

func (*AccessRequestFilter) Descriptor() ([]byte, []int)

func (*AccessRequestFilter) FromMap 

func (f *AccessRequestFilter) FromMap(m map[string]string) error

FromMap copies values from a map into this AccessRequestFilter value

func (*AccessRequestFilter) IntoMap 

func (f *AccessRequestFilter) IntoMap() map[string]string

IntoMap copies AccessRequestFilter values into a map

func (*AccessRequestFilter) Marshal 

func (m *AccessRequestFilter) Marshal() (dAtA []byte, err error)

func (*AccessRequestFilter) MarshalTo 

func (m *AccessRequestFilter) MarshalTo(dAtA []byte) (int, error)

func (*AccessRequestFilter) MarshalToSizedBuffer 

func (m *AccessRequestFilter) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*AccessRequestFilter) Match 

func (f *AccessRequestFilter) Match(req AccessRequest) bool

Match checks if a given access request matches this filter.

func (*AccessRequestFilter) ProtoMessage 

func (*AccessRequestFilter) ProtoMessage()

func (*AccessRequestFilter) Reset 

func (m *AccessRequestFilter) Reset()

func (*AccessRequestFilter) Size 

func (m *AccessRequestFilter) Size() (n int)

func (*AccessRequestFilter) String 

func (m *AccessRequestFilter) String() string

func (*AccessRequestFilter) Unmarshal 

func (m *AccessRequestFilter) Unmarshal(dAtA []byte) error

func (*AccessRequestFilter) XXX_DiscardUnknown 

func (m *AccessRequestFilter) XXX_DiscardUnknown()

func (*AccessRequestFilter) XXX_Marshal 

func (m *AccessRequestFilter) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*AccessRequestFilter) XXX_Merge 

func (m *AccessRequestFilter) XXX_Merge(src proto.Message)

func (*AccessRequestFilter) XXX_Size 

func (m *AccessRequestFilter) XXX_Size() int

func (*AccessRequestFilter) XXX_Unmarshal 

func (m *AccessRequestFilter) XXX_Unmarshal(b []byte) error

type AccessRequestSpecV3 

type AccessRequestSpecV3 struct {
	// User is the name of the user to whom the roles will be applied.
	User string `protobuf:"bytes,1,opt,name=User,proto3" json:"user"`
	// Roles is the name of the roles being requested.
	Roles []string `protobuf:"bytes,2,rep,name=Roles,proto3" json:"roles"`
	// State is the current state of this access request.
	State RequestState `protobuf:"varint,3,opt,name=State,proto3,enum=types.RequestState" json:"state,omitempty"`
	// Created encodes the time at which the request was registered with the auth
	// server.
	Created time.Time `protobuf:"bytes,4,opt,name=Created,proto3,stdtime" json:"created,omitempty"`
	// Expires constrains the maximum lifetime of any login session for which this
	// request is active.
	Expires time.Time `protobuf:"bytes,5,opt,name=Expires,proto3,stdtime" json:"expires,omitempty"`
	// RequestReason is an optional message explaining the reason for the request.
	RequestReason string `protobuf:"bytes,6,opt,name=RequestReason,proto3" json:"request_reason,omitempty"`
	// ResolveReason is an optional message explaining the reason for the resolution
	// of the request (approval, denail, etc...).
	ResolveReason string `protobuf:"bytes,7,opt,name=ResolveReason,proto3" json:"resolve_reason,omitempty"`
	// ResolveAnnotations is a set of arbitrary values received from plugins or other
	// resolving parties during approval/denial.  Importantly, these annotations are
	// included in the access_request.update event, allowing plugins to propagate
	// arbitrary structured data to the audit log.
	ResolveAnnotations github_com_gravitational_teleport_api_types_wrappers.Traits `` /* 164-byte string literal not displayed */
	// SystemAnnotations is a set of programmatically generated annotations attached
	// to pending access requests by teleport.  These annotations are generated by
	// applying variable interpolation to the RoleConditions.Request.Annotations block
	// of a user's role(s).  These annotations serve as a mechanism for administrators
	// to pass extra information to plugins when they process pending access requests.
	SystemAnnotations github_com_gravitational_teleport_api_types_wrappers.Traits `` /* 162-byte string literal not displayed */
	// Thresholds is a list of review thresholds relevant to this request.  Order must be
	// preserved, as thresholds are referenced by index (internal use only).
	Thresholds []AccessReviewThreshold `protobuf:"bytes,10,rep,name=Thresholds,proto3" json:"thresholds,omitempty"`
	// RoleThresholdMapping encodes the relationship between the requested roles and
	// the review threshold requirements for the given role (internal use only).
	// By storing a representation of which thresholds must pass for each requested role, we
	// both eliminate the need to cache the requestor's roles directly, and allow future
	// versions of teleport to become smarter about calculating more granular requirements
	// in a backwards-compatible manner (i.e. calculation can become smarter in minor releases).
	// Storing this relationship on the request is necessary in order to avoid unexpected or
	// inconsistent behavior due to review submission timing.
	RoleThresholdMapping map[string]ThresholdIndexSets `` /* 165-byte string literal not displayed */
	// Reviews is a list of reviews applied to this request (internal use only).
	Reviews []AccessReview `protobuf:"bytes,12,rep,name=Reviews,proto3" json:"reviews,omitempty"`
	// SuggestedReviewers is a list of reviewer suggestions.  These can be teleport usernames, but
	// that is not a requirement.
	SuggestedReviewers   []string `protobuf:"bytes,13,rep,name=SuggestedReviewers,proto3" json:"suggested_reviewers,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

AccessRequestSpec is the specification for AccessRequest

func (*AccessRequestSpecV3) Descriptor 

func (*AccessRequestSpecV3) Descriptor() ([]byte, []int)

func (*AccessRequestSpecV3) Marshal 

func (m *AccessRequestSpecV3) Marshal() (dAtA []byte, err error)

func (*AccessRequestSpecV3) MarshalTo 

func (m *AccessRequestSpecV3) MarshalTo(dAtA []byte) (int, error)

func (*AccessRequestSpecV3) MarshalToSizedBuffer 

func (m *AccessRequestSpecV3) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*AccessRequestSpecV3) ProtoMessage 

func (*AccessRequestSpecV3) ProtoMessage()

func (*AccessRequestSpecV3) Reset 

func (m *AccessRequestSpecV3) Reset()

func (*AccessRequestSpecV3) Size 

func (m *AccessRequestSpecV3) Size() (n int)

func (*AccessRequestSpecV3) String 

func (m *AccessRequestSpecV3) String() string

func (*AccessRequestSpecV3) Unmarshal 

func (m *AccessRequestSpecV3) Unmarshal(dAtA []byte) error

func (*AccessRequestSpecV3) XXX_DiscardUnknown 

func (m *AccessRequestSpecV3) XXX_DiscardUnknown()

func (*AccessRequestSpecV3) XXX_Marshal 

func (m *AccessRequestSpecV3) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*AccessRequestSpecV3) XXX_Merge 

func (m *AccessRequestSpecV3) XXX_Merge(src proto.Message)

func (*AccessRequestSpecV3) XXX_Size 

func (m *AccessRequestSpecV3) XXX_Size() int

func (*AccessRequestSpecV3) XXX_Unmarshal 

func (m *AccessRequestSpecV3) XXX_Unmarshal(b []byte) error

type AccessRequestUpdate 

type AccessRequestUpdate struct {
	// RequestID is the ID of the request to be updated.
	RequestID string
	// State is the state that the target request
	// should resolve to.
	State RequestState
	// Reason is an optional description of *why* the
	// the request is being resolved.
	Reason string
	// Annotations supplies extra data associated with
	// the resolution; primarily for audit purposes.
	Annotations map[string][]string
	// Roles, if non-empty declares a list of roles
	// that should override the role list of the request.
	// This parameter is only accepted on approvals
	// and must be a subset of the role list originally
	// present on the request.
	Roles []string
}

AccessRequestUpdate encompasses the parameters of a SetAccessRequestState call.

func (*AccessRequestUpdate) Check 

func (u *AccessRequestUpdate) Check() error

Check validates the request's fields

type AccessRequestV3 

type AccessRequestV3 struct {
	// Kind is a resource kind
	Kind string `protobuf:"bytes,1,opt,name=Kind,proto3" json:"kind"`
	// SubKind is an optional resource sub kind, used in some resources
	SubKind string `protobuf:"bytes,2,opt,name=SubKind,proto3" json:"sub_kind,omitempty"`
	// Version is version
	Version string `protobuf:"bytes,3,opt,name=Version,proto3" json:"version"`
	// Metadata is AccessRequest metadata
	Metadata Metadata `protobuf:"bytes,4,opt,name=Metadata,proto3" json:"metadata"`
	// Spec is an AccessRequest specification
	Spec                 AccessRequestSpecV3 `protobuf:"bytes,5,opt,name=Spec,proto3" json:"spec"`
	XXX_NoUnkeyedLiteral struct{}            `json:"-"`
	XXX_unrecognized     []byte              `json:"-"`
	XXX_sizecache        int32               `json:"-"`
}

AccessRequest represents an access request resource specification

func (*AccessRequestV3) CheckAndSetDefaults 

func (r *AccessRequestV3) CheckAndSetDefaults() error

CheckAndSetDefaults validates set values and sets default values

func (*AccessRequestV3) Descriptor 

func (*AccessRequestV3) Descriptor() ([]byte, []int)

func (*AccessRequestV3) Expiry 

func (r *AccessRequestV3) Expiry() time.Time

Expiry gets Expiry

func (*AccessRequestV3) GetAccessExpiry 

func (r *AccessRequestV3) GetAccessExpiry() time.Time

GetAccessExpiry gets AccessExpiry

func (*AccessRequestV3) GetCreationTime 

func (r *AccessRequestV3) GetCreationTime() time.Time

GetCreationTime gets CreationTime

func (*AccessRequestV3) GetKind 

func (r *AccessRequestV3) GetKind() string

GetKind gets Kind

func (*AccessRequestV3) GetMetadata 

func (r *AccessRequestV3) GetMetadata() Metadata

GetMetadata gets Metadata

func (*AccessRequestV3) GetName 

func (r *AccessRequestV3) GetName() string

GetName gets Name

func (*AccessRequestV3) GetOriginalRoles 

func (r *AccessRequestV3) GetOriginalRoles() []string

func (*AccessRequestV3) GetRequestReason 

func (r *AccessRequestV3) GetRequestReason() string

GetRequestReason gets RequestReason

func (*AccessRequestV3) GetResolveAnnotations 

func (r *AccessRequestV3) GetResolveAnnotations() map[string][]string

GetResolveAnnotations gets ResolveAnnotations

func (*AccessRequestV3) GetResolveReason 

func (r *AccessRequestV3) GetResolveReason() string

GetResolveReason gets ResolveReason

func (*AccessRequestV3) GetResourceID 

func (r *AccessRequestV3) GetResourceID() int64

GetResourceID gets ResourceID

func (*AccessRequestV3) GetReviews 

func (r *AccessRequestV3) GetReviews() []AccessReview

GetReviews gets the list of currently applied access reviews.

func (*AccessRequestV3) GetRoleThresholdMapping 

func (r *AccessRequestV3) GetRoleThresholdMapping() map[string]ThresholdIndexSets

GetRoleThresholdMapping gets the rtm.

func (*AccessRequestV3) GetRoles 

func (r *AccessRequestV3) GetRoles() []string

GetRoles gets Roles

func (*AccessRequestV3) GetState 

func (r *AccessRequestV3) GetState() RequestState

GetState gets State

func (*AccessRequestV3) GetSubKind 

func (r *AccessRequestV3) GetSubKind() string

GetSubKind gets SubKind

func (*AccessRequestV3) GetSuggestedReviewers 

func (r *AccessRequestV3) GetSuggestedReviewers() []string

GetSuggestedReviewers gets the suggested reviewer list.

func (*AccessRequestV3) GetSystemAnnotations 

func (r *AccessRequestV3) GetSystemAnnotations() map[string][]string

GetSystemAnnotations gets SystemAnnotations

func (*AccessRequestV3) GetThresholds 

func (r *AccessRequestV3) GetThresholds() []AccessReviewThreshold

GetThresholds gets the review thresholds.

func (*AccessRequestV3) GetUser 

func (r *AccessRequestV3) GetUser() string

GetUser gets User

func (*AccessRequestV3) GetVersion 

func (r *AccessRequestV3) GetVersion() string

GetVersion gets Version

func (*AccessRequestV3) Marshal 

func (m *AccessRequestV3) Marshal() (dAtA []byte, err error)

func (*AccessRequestV3) MarshalTo 

func (m *AccessRequestV3) MarshalTo(dAtA []byte) (int, error)

func (*AccessRequestV3) MarshalToSizedBuffer 

func (m *AccessRequestV3) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*AccessRequestV3) ProtoMessage 

func (*AccessRequestV3) ProtoMessage()

func (*AccessRequestV3) Reset 

func (m *AccessRequestV3) Reset()

func (*AccessRequestV3) SetAccessExpiry 

func (r *AccessRequestV3) SetAccessExpiry(expiry time.Time)

SetAccessExpiry sets AccessExpiry

func (*AccessRequestV3) SetCreationTime 

func (r *AccessRequestV3) SetCreationTime(t time.Time)

SetCreationTime sets CreationTime

func (*AccessRequestV3) SetExpiry 

func (r *AccessRequestV3) SetExpiry(expiry time.Time)

SetExpiry sets Expiry

func (*AccessRequestV3) SetName 

func (r *AccessRequestV3) SetName(name string)

SetName sets Name

func (*AccessRequestV3) SetRequestReason 

func (r *AccessRequestV3) SetRequestReason(reason string)

SetRequestReason sets RequestReason

func (*AccessRequestV3) SetResolveAnnotations 

func (r *AccessRequestV3) SetResolveAnnotations(annotations map[string][]string)

SetResolveAnnotations sets ResolveAnnotations

func (*AccessRequestV3) SetResolveReason 

func (r *AccessRequestV3) SetResolveReason(reason string)

SetResolveReason sets ResolveReason

func (*AccessRequestV3) SetResourceID 

func (r *AccessRequestV3) SetResourceID(id int64)

SetResourceID sets ResourceID

func (*AccessRequestV3) SetReviews 

func (r *AccessRequestV3) SetReviews(revs []AccessReview)

SetReviews sets the list of currently applied access reviews.

func (*AccessRequestV3) SetRoleThresholdMapping 

func (r *AccessRequestV3) SetRoleThresholdMapping(rtm map[string]ThresholdIndexSets)

SetRoleThresholdMapping sets the rtm (internal use only).

func (*AccessRequestV3) SetRoles 

func (r *AccessRequestV3) SetRoles(roles []string)

SetRoles sets Roles

func (*AccessRequestV3) SetState 

func (r *AccessRequestV3) SetState(state RequestState) error

SetState sets State

func (*AccessRequestV3) SetSubKind 

func (r *AccessRequestV3) SetSubKind(subKind string)

SetSubKind sets SubKind

func (*AccessRequestV3) SetSuggestedReviewers 

func (r *AccessRequestV3) SetSuggestedReviewers(reviewers []string)

SetSuggestedReviewers sets the suggested reviewer list.

func (*AccessRequestV3) SetSystemAnnotations 

func (r *AccessRequestV3) SetSystemAnnotations(annotations map[string][]string)

SetSystemAnnotations sets SystemAnnotations

func (*AccessRequestV3) SetThresholds 

func (r *AccessRequestV3) SetThresholds(thresholds []AccessReviewThreshold)

SetThresholds sets the review thresholds.

func (*AccessRequestV3) Size 

func (m *AccessRequestV3) Size() (n int)

func (*AccessRequestV3) String 

func (r *AccessRequestV3) String() string

String returns a text representation of this AccessRequest

func (*AccessRequestV3) Unmarshal 

func (m *AccessRequestV3) Unmarshal(dAtA []byte) error

func (*AccessRequestV3) XXX_DiscardUnknown 

func (m *AccessRequestV3) XXX_DiscardUnknown()

func (*AccessRequestV3) XXX_Marshal 

func (m *AccessRequestV3) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*AccessRequestV3) XXX_Merge 

func (m *AccessRequestV3) XXX_Merge(src proto.Message)

func (*AccessRequestV3) XXX_Size 

func (m *AccessRequestV3) XXX_Size() int

func (*AccessRequestV3) XXX_Unmarshal 

func (m *AccessRequestV3) XXX_Unmarshal(b []byte) error

type AccessReview 

type AccessReview struct {
	// Author is the teleport username of the review author.
	Author string `protobuf:"bytes,1,opt,name=Author,proto3" json:"author"`
	// Roles is a list used for role-subselection (not yet fully supported).
	Roles []string `protobuf:"bytes,2,rep,name=Roles,proto3" json:"roles,omitempty"`
	// ProposedState is the proposed state (must be APPROVED or DENIED).
	ProposedState RequestState `protobuf:"varint,3,opt,name=ProposedState,proto3,enum=types.RequestState" json:"proposed_state,omitempty"`
	// Reason is an optional human-readable reason for why the above state
	// is being proposed.
	Reason string `protobuf:"bytes,4,opt,name=Reason,proto3" json:"reason,omitempty"`
	// Created is the time at which the review was created.
	Created time.Time `protobuf:"bytes,5,opt,name=Created,proto3,stdtime" json:"created,omitempty"`
	// Annotations is the proposed value of the request's resolve_annotations field.
	Annotations github_com_gravitational_teleport_api_types_wrappers.Traits `` /* 149-byte string literal not displayed */
	// ThresholdIndexes stores the indexes of thresholds which this review matches
	// (internal use only).
	ThresholdIndexes     []uint32 `protobuf:"varint,7,rep,packed,name=ThresholdIndexes,proto3" json:"i,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

AccessReview is a review to be applied to an access request.

func (AccessReview) Check 

func (s AccessReview) Check() error

func (*AccessReview) Descriptor 

func (*AccessReview) Descriptor() ([]byte, []int)

func (*AccessReview) Marshal 

func (m *AccessReview) Marshal() (dAtA []byte, err error)

func (*AccessReview) MarshalTo 

func (m *AccessReview) MarshalTo(dAtA []byte) (int, error)

func (*AccessReview) MarshalToSizedBuffer 

func (m *AccessReview) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*AccessReview) ProtoMessage 

func (*AccessReview) ProtoMessage()

func (*AccessReview) Reset 

func (m *AccessReview) Reset()

func (*AccessReview) Size 

func (m *AccessReview) Size() (n int)

func (*AccessReview) String 

func (m *AccessReview) String() string

func (*AccessReview) Unmarshal 

func (m *AccessReview) Unmarshal(dAtA []byte) error

func (*AccessReview) XXX_DiscardUnknown 

func (m *AccessReview) XXX_DiscardUnknown()

func (*AccessReview) XXX_Marshal 

func (m *AccessReview) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*AccessReview) XXX_Merge 

func (m *AccessReview) XXX_Merge(src proto.Message)

func (*AccessReview) XXX_Size 

func (m *AccessReview) XXX_Size() int

func (*AccessReview) XXX_Unmarshal 

func (m *AccessReview) XXX_Unmarshal(b []byte) error

type AccessReviewConditions 

type AccessReviewConditions struct {
	// Roles is the name of roles which may be reviewed.
	Roles []string `protobuf:"bytes,1,rep,name=Roles,proto3" json:"roles,omitempty"`
	// ClaimsToRoles specifies a mapping from claims (traits) to teleport roles.
	ClaimsToRoles []ClaimMapping `protobuf:"bytes,2,rep,name=ClaimsToRoles,proto3" json:"claims_to_roles,omitempty"`
	// Where is an optional predicate which further limits which requests are
	// reviewable.
	Where                string   `protobuf:"bytes,3,opt,name=Where,proto3" json:"where,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

AccessReviewConditions is a matcher for allow/deny restrictions on access reviews.

func (*AccessReviewConditions) Descriptor 

func (*AccessReviewConditions) Descriptor() ([]byte, []int)

func (AccessReviewConditions) IsZero 

func (c AccessReviewConditions) IsZero() bool

func (*AccessReviewConditions) Marshal 

func (m *AccessReviewConditions) Marshal() (dAtA []byte, err error)

func (*AccessReviewConditions) MarshalTo 

func (m *AccessReviewConditions) MarshalTo(dAtA []byte) (int, error)

func (*AccessReviewConditions) MarshalToSizedBuffer 

func (m *AccessReviewConditions) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*AccessReviewConditions) ProtoMessage 

func (*AccessReviewConditions) ProtoMessage()

func (*AccessReviewConditions) Reset 

func (m *AccessReviewConditions) Reset()

func (*AccessReviewConditions) Size 

func (m *AccessReviewConditions) Size() (n int)

func (*AccessReviewConditions) String 

func (m *AccessReviewConditions) String() string

func (*AccessReviewConditions) Unmarshal 

func (m *AccessReviewConditions) Unmarshal(dAtA []byte) error

func (*AccessReviewConditions) XXX_DiscardUnknown 

func (m *AccessReviewConditions) XXX_DiscardUnknown()

func (*AccessReviewConditions) XXX_Marshal 

func (m *AccessReviewConditions) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*AccessReviewConditions) XXX_Merge 

func (m *AccessReviewConditions) XXX_Merge(src proto.Message)

func (*AccessReviewConditions) XXX_Size 

func (m *AccessReviewConditions) XXX_Size() int

func (*AccessReviewConditions) XXX_Unmarshal 

func (m *AccessReviewConditions) XXX_Unmarshal(b []byte) error

type AccessReviewSubmission 

type AccessReviewSubmission struct {
	// RequestID is the unique ID of the request to be reviewed.
	RequestID string `protobuf:"bytes,1,opt,name=RequestID,proto3" json:"id,omitempty"`
	// Review is the review to be applied.
	Review               AccessReview `protobuf:"bytes,2,opt,name=Review,proto3" json:"review,omitempty"`
	XXX_NoUnkeyedLiteral struct{}     `json:"-"`
	XXX_unrecognized     []byte       `json:"-"`
	XXX_sizecache        int32        `json:"-"`
}

AccessReviewSubmission encodes the necessary parameters for submitting a new access review.

func (AccessReviewSubmission) Check 

func (s AccessReviewSubmission) Check() error

func (*AccessReviewSubmission) Descriptor 

func (*AccessReviewSubmission) Descriptor() ([]byte, []int)

func (*AccessReviewSubmission) Marshal 

func (m *AccessReviewSubmission) Marshal() (dAtA []byte, err error)

func (*AccessReviewSubmission) MarshalTo 

func (m *AccessReviewSubmission) MarshalTo(dAtA []byte) (int, error)

func (*AccessReviewSubmission) MarshalToSizedBuffer 

func (m *AccessReviewSubmission) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*AccessReviewSubmission) ProtoMessage 

func (*AccessReviewSubmission) ProtoMessage()

func (*AccessReviewSubmission) Reset 

func (m *AccessReviewSubmission) Reset()

func (*AccessReviewSubmission) Size 

func (m *AccessReviewSubmission) Size() (n int)

func (*AccessReviewSubmission) String 

func (m *AccessReviewSubmission) String() string

func (*AccessReviewSubmission) Unmarshal 

func (m *AccessReviewSubmission) Unmarshal(dAtA []byte) error

func (*AccessReviewSubmission) XXX_DiscardUnknown 

func (m *AccessReviewSubmission) XXX_DiscardUnknown()

func (*AccessReviewSubmission) XXX_Marshal 

func (m *AccessReviewSubmission) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*AccessReviewSubmission) XXX_Merge 

func (m *AccessReviewSubmission) XXX_Merge(src proto.Message)

func (*AccessReviewSubmission) XXX_Size 

func (m *AccessReviewSubmission) XXX_Size() int

func (*AccessReviewSubmission) XXX_Unmarshal 

func (m *AccessReviewSubmission) XXX_Unmarshal(b []byte) error

type AccessReviewThreshold 

type AccessReviewThreshold struct {
	// Name is the optional human-readable name of the threshold.
	Name string `protobuf:"bytes,1,opt,name=Name,proto3" json:"name,omitempty"`
	// Filter is an optional predicate used to determine which reviews
	// count toward this threshold.
	Filter string `protobuf:"bytes,2,opt,name=Filter,proto3" json:"filter,omitempty"`
	// Approve is the number of matching approvals needed for state-transition.
	Approve uint32 `protobuf:"varint,3,opt,name=Approve,proto3" json:"approve,omitempty"`
	// Deny is the number of denials needed for state-transition.
	Deny                 uint32   `protobuf:"varint,4,opt,name=Deny,proto3" json:"deny,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

AccessReviewThreshold describes a filter used to match access reviews, as well as approval/denial counts which trigger state-transitions. This type can be used to describe policies such as "can be approved by 2 admins" or "can be denied by any non-contractor".

func (*AccessReviewThreshold) Descriptor 

func (*AccessReviewThreshold) Descriptor() ([]byte, []int)

func (*AccessReviewThreshold) Marshal 

func (m *AccessReviewThreshold) Marshal() (dAtA []byte, err error)

func (*AccessReviewThreshold) MarshalTo 

func (m *AccessReviewThreshold) MarshalTo(dAtA []byte) (int, error)

func (*AccessReviewThreshold) MarshalToSizedBuffer 

func (m *AccessReviewThreshold) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*AccessReviewThreshold) ProtoMessage 

func (*AccessReviewThreshold) ProtoMessage()

func (*AccessReviewThreshold) Reset 

func (m *AccessReviewThreshold) Reset()

func (*AccessReviewThreshold) Size 

func (m *AccessReviewThreshold) Size() (n int)

func (*AccessReviewThreshold) String 

func (m *AccessReviewThreshold) String() string

func (*AccessReviewThreshold) Unmarshal 

func (m *AccessReviewThreshold) Unmarshal(dAtA []byte) error

func (*AccessReviewThreshold) XXX_DiscardUnknown 

func (m *AccessReviewThreshold) XXX_DiscardUnknown()

func (*AccessReviewThreshold) XXX_Marshal 

func (m *AccessReviewThreshold) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*AccessReviewThreshold) XXX_Merge 

func (m *AccessReviewThreshold) XXX_Merge(src proto.Message)

func (*AccessReviewThreshold) XXX_Size 

func (m *AccessReviewThreshold) XXX_Size() int

func (*AccessReviewThreshold) XXX_Unmarshal 

func (m *AccessReviewThreshold) XXX_Unmarshal(b []byte) error

type AcquireSemaphoreRequest 

type AcquireSemaphoreRequest struct {
	// SemaphoreKind is the kind of the semaphore.
	SemaphoreKind string `protobuf:"bytes,1,opt,name=SemaphoreKind,proto3" json:"kind"`
	// SemaphoreName is the name of the semaphore.
	SemaphoreName string `protobuf:"bytes,2,opt,name=SemaphoreName,proto3" json:"name"`
	// MaxLeases is the maximum number of concurrent leases.  If acquisition
	// would cause more than MaxLeases to exist, acquisition must fail.
	MaxLeases int64 `protobuf:"varint,3,opt,name=MaxLeases,proto3" json:"max_resources"`
	// Expires is the time at which this lease expires.
	Expires time.Time `protobuf:"bytes,4,opt,name=Expires,proto3,stdtime" json:"expires"`
	// Holder identifies the entitiy holding the lease.
	Holder               string   `protobuf:"bytes,5,opt,name=Holder,proto3" json:"holder"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

AcquireSemaphoreRequest holds semaphore lease acquisition parameters.

func (*AcquireSemaphoreRequest) Check 

func (s *AcquireSemaphoreRequest) Check() error

Check verifies that all required parameters have been supplied.

func (*AcquireSemaphoreRequest) ConfigureSemaphore 

func (s *AcquireSemaphoreRequest) ConfigureSemaphore() (Semaphore, error)

ConfigureSemaphore configures an empty semaphore resource matching these acquire parameters.

func (*AcquireSemaphoreRequest) Descriptor 

func (*AcquireSemaphoreRequest) Descriptor() ([]byte, []int)

func (*AcquireSemaphoreRequest) Marshal 

func (m *AcquireSemaphoreRequest) Marshal() (dAtA []byte, err error)

func (*AcquireSemaphoreRequest) MarshalTo 

func (m *AcquireSemaphoreRequest) MarshalTo(dAtA []byte) (int, error)

func (*AcquireSemaphoreRequest) MarshalToSizedBuffer 

func (m *AcquireSemaphoreRequest) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*AcquireSemaphoreRequest) ProtoMessage 

func (*AcquireSemaphoreRequest) ProtoMessage()

func (*AcquireSemaphoreRequest) Reset 

func (m *AcquireSemaphoreRequest) Reset()

func (*AcquireSemaphoreRequest) Size 

func (m *AcquireSemaphoreRequest) Size() (n int)

func (*AcquireSemaphoreRequest) String 

func (m *AcquireSemaphoreRequest) String() string

func (*AcquireSemaphoreRequest) Unmarshal 

func (m *AcquireSemaphoreRequest) Unmarshal(dAtA []byte) error

func (*AcquireSemaphoreRequest) XXX_DiscardUnknown 

func (m *AcquireSemaphoreRequest) XXX_DiscardUnknown()

func (*AcquireSemaphoreRequest) XXX_Marshal 

func (m *AcquireSemaphoreRequest) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*AcquireSemaphoreRequest) XXX_Merge 

func (m *AcquireSemaphoreRequest) XXX_Merge(src proto.Message)

func (*AcquireSemaphoreRequest) XXX_Size 

func (m *AcquireSemaphoreRequest) XXX_Size() int

func (*AcquireSemaphoreRequest) XXX_Unmarshal 

func (m *AcquireSemaphoreRequest) XXX_Unmarshal(b []byte) error

type AddressCondition 

type AddressCondition struct {
	// CIDR is IPv4 or IPv6 address. Valid value are either CIDR ranges (e.g. "10.0.1.0/24",
	// "fe::/8") or a single IP address (e.g "10.1.2.3")
	CIDR                 string   `protobuf:"bytes,1,opt,name=CIDR,proto3" json:"cidr"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

AddressCondition represents a set of addresses. Presently the addresses are specfied exclusively in terms of IPv4/IPv6 ranges.

func (*AddressCondition) Descriptor 

func (*AddressCondition) Descriptor() ([]byte, []int)

func (*AddressCondition) Marshal 

func (m *AddressCondition) Marshal() (dAtA []byte, err error)

func (*AddressCondition) MarshalTo 

func (m *AddressCondition) MarshalTo(dAtA []byte) (int, error)

func (*AddressCondition) MarshalToSizedBuffer 

func (m *AddressCondition) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*AddressCondition) ProtoMessage 

func (*AddressCondition) ProtoMessage()

func (*AddressCondition) Reset 

func (m *AddressCondition) Reset()

func (*AddressCondition) Size 

func (m *AddressCondition) Size() (n int)

func (*AddressCondition) String 

func (m *AddressCondition) String() string

func (*AddressCondition) Unmarshal 

func (m *AddressCondition) Unmarshal(dAtA []byte) error

func (*AddressCondition) XXX_DiscardUnknown 

func (m *AddressCondition) XXX_DiscardUnknown()

func (*AddressCondition) XXX_Marshal 

func (m *AddressCondition) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*AddressCondition) XXX_Merge 

func (m *AddressCondition) XXX_Merge(src proto.Message)

func (*AddressCondition) XXX_Size 

func (m *AddressCondition) XXX_Size() int

func (*AddressCondition) XXX_Unmarshal 

func (m *AddressCondition) XXX_Unmarshal(b []byte) error

type App 

type App struct {
	// Name is the name of the application.
	Name string `protobuf:"bytes,1,opt,name=Name,proto3" json:"name"`
	// URI is the internal address the application is available at.
	URI string `protobuf:"bytes,2,opt,name=URI,proto3" json:"uri"`
	// PublicAddr is the public address the application is accessible at.
	PublicAddr string `protobuf:"bytes,3,opt,name=PublicAddr,proto3" json:"public_addr,omitempty"`
	// StaticLabels is map of static labels associated with an application.
	// Used for RBAC.
	StaticLabels map[string]string `` /* 159-byte string literal not displayed */
	// DynamicLabels is map of dynamic labels associated with an application.
	// Used for RBAC.
	DynamicLabels map[string]CommandLabelV2 `` /* 162-byte string literal not displayed */
	// InsecureSkipVerify disables app's TLS certificate verification.
	InsecureSkipVerify bool `protobuf:"varint,6,opt,name=InsecureSkipVerify,proto3" json:"insecure_skip_verify"`
	// Rewrite is a list of rewriting rules to apply to requests and responses.
	Rewrite *Rewrite `protobuf:"bytes,7,opt,name=Rewrite,proto3" json:"rewrite,omitempty"`
	// Description is an optional free-form app description.
	Description          string   `protobuf:"bytes,8,opt,name=Description,proto3" json:"description,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

App is a specific application that a server proxies.

func (*App) Descriptor 

func (*App) Descriptor() ([]byte, []int)

func (*App) GetAWSAccountID 

func (a *App) GetAWSAccountID() string

GetAWSAccountID returns value of label containing AWS account ID on this app.

func (*App) IsAWSConsole 

func (a *App) IsAWSConsole() bool

IsAWSConsole returns true if this app is AWS management console.

func (*App) Marshal 

func (m *App) Marshal() (dAtA []byte, err error)

func (*App) MarshalTo 

func (m *App) MarshalTo(dAtA []byte) (int, error)

func (*App) MarshalToSizedBuffer 

func (m *App) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*App) ProtoMessage 

func (*App) ProtoMessage()

func (*App) Reset 

func (m *App) Reset()

func (*App) Size 

func (m *App) Size() (n int)

func (*App) String 

func (m *App) String() string

func (*App) Unmarshal 

func (m *App) Unmarshal(dAtA []byte) error

func (*App) XXX_DiscardUnknown 

func (m *App) XXX_DiscardUnknown()

func (*App) XXX_Marshal 

func (m *App) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*App) XXX_Merge 

func (m *App) XXX_Merge(src proto.Message)

func (*App) XXX_Size 

func (m *App) XXX_Size() int

func (*App) XXX_Unmarshal 

func (m *App) XXX_Unmarshal(b []byte) error

type AsymmetricKeyPair 

type AsymmetricKeyPair struct {
	// PrivateKey is a PEM encoded x509 private key.
	PrivateKey string `protobuf:"bytes,1,opt,name=PrivateKey,proto3" json:"private_key"`
	// Cert is a PEM-encoded x509 certificate.
	Cert                 string   `protobuf:"bytes,2,opt,name=Cert,proto3" json:"cert"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

AsymmetricKeyPair is a combination of a public certificate and private key that can be used for encryption and signing.

func (*AsymmetricKeyPair) Descriptor 

func (*AsymmetricKeyPair) Descriptor() ([]byte, []int)

func (*AsymmetricKeyPair) Marshal 

func (m *AsymmetricKeyPair) Marshal() (dAtA []byte, err error)

func (*AsymmetricKeyPair) MarshalTo 

func (m *AsymmetricKeyPair) MarshalTo(dAtA []byte) (int, error)

func (*AsymmetricKeyPair) MarshalToSizedBuffer 

func (m *AsymmetricKeyPair) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*AsymmetricKeyPair) ProtoMessage 

func (*AsymmetricKeyPair) ProtoMessage()

func (*AsymmetricKeyPair) Reset 

func (m *AsymmetricKeyPair) Reset()

func (*AsymmetricKeyPair) Size 

func (m *AsymmetricKeyPair) Size() (n int)

func (*AsymmetricKeyPair) String 

func (m *AsymmetricKeyPair) String() string

func (*AsymmetricKeyPair) Unmarshal 

func (m *AsymmetricKeyPair) Unmarshal(dAtA []byte) error

func (*AsymmetricKeyPair) XXX_DiscardUnknown 

func (m *AsymmetricKeyPair) XXX_DiscardUnknown()

func (*AsymmetricKeyPair) XXX_Marshal 

func (m *AsymmetricKeyPair) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*AsymmetricKeyPair) XXX_Merge 

func (m *AsymmetricKeyPair) XXX_Merge(src proto.Message)

func (*AsymmetricKeyPair) XXX_Size 

func (m *AsymmetricKeyPair) XXX_Size() int

func (*AsymmetricKeyPair) XXX_Unmarshal 

func (m *AsymmetricKeyPair) XXX_Unmarshal(b []byte) error

type AttributeMapping 

type AttributeMapping struct {
	// Name is an attribute statement name.
	Name string `protobuf:"bytes,1,opt,name=Name,proto3" json:"name"`
	// Value is an attribute statement value to match.
	Value string `protobuf:"bytes,2,opt,name=Value,proto3" json:"value"`
	// Roles is a list of static teleport roles to map to.
	Roles                []string `protobuf:"bytes,3,rep,name=Roles,proto3" json:"roles,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

AttributeMapping maps a SAML attribute statement to teleport roles.

func (*AttributeMapping) Descriptor 

func (*AttributeMapping) Descriptor() ([]byte, []int)

func (*AttributeMapping) Marshal 

func (m *AttributeMapping) Marshal() (dAtA []byte, err error)

func (*AttributeMapping) MarshalTo 

func (m *AttributeMapping) MarshalTo(dAtA []byte) (int, error)

func (*AttributeMapping) MarshalToSizedBuffer 

func (m *AttributeMapping) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*AttributeMapping) ProtoMessage 

func (*AttributeMapping) ProtoMessage()

func (*AttributeMapping) Reset 

func (m *AttributeMapping) Reset()

func (*AttributeMapping) Size 

func (m *AttributeMapping) Size() (n int)

func (*AttributeMapping) String 

func (m *AttributeMapping) String() string

func (*AttributeMapping) Unmarshal 

func (m *AttributeMapping) Unmarshal(dAtA []byte) error

func (*AttributeMapping) XXX_DiscardUnknown 

func (m *AttributeMapping) XXX_DiscardUnknown()

func (*AttributeMapping) XXX_Marshal 

func (m *AttributeMapping) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*AttributeMapping) XXX_Merge 

func (m *AttributeMapping) XXX_Merge(src proto.Message)

func (*AttributeMapping) XXX_Size 

func (m *AttributeMapping) XXX_Size() int

func (*AttributeMapping) XXX_Unmarshal 

func (m *AttributeMapping) XXX_Unmarshal(b []byte) error

type AuthPreference 

type AuthPreference interface {
	// Resource provides common resource properties.
	ResourceWithOrigin

	// GetType gets the type of authentication: local, saml, or oidc.
	GetType() string
	// SetType sets the type of authentication: local, saml, or oidc.
	SetType(string)

	// GetSecondFactor gets the type of second factor: off, otp or u2f.
	GetSecondFactor() constants.SecondFactorType
	// SetSecondFactor sets the type of second factor: off, otp, or u2f.
	SetSecondFactor(constants.SecondFactorType)

	// GetConnectorName gets the name of the OIDC or SAML connector to use. If
	// this value is empty, we fall back to the first connector in the backend.
	GetConnectorName() string
	// SetConnectorName sets the name of the OIDC or SAML connector to use. If
	// this value is empty, we fall back to the first connector in the backend.
	SetConnectorName(string)

	// GetU2F gets the U2F configuration settings.
	GetU2F() (*U2F, error)
	// SetU2F sets the U2F configuration settings.
	SetU2F(*U2F)

	// GetRequireSessionMFA returns true when all sessions in this cluster
	// require an MFA check.
	GetRequireSessionMFA() bool

	// GetDisconnectExpiredCert returns disconnect expired certificate setting
	GetDisconnectExpiredCert() bool
	// SetDisconnectExpiredCert sets disconnect client with expired certificate setting
	SetDisconnectExpiredCert(bool)

	// GetAllowLocalAuth gets if local authentication is allowed.
	GetAllowLocalAuth() bool
	// SetAllowLocalAuth sets if local authentication is allowed.
	SetAllowLocalAuth(bool)

	// String represents a human readable version of authentication settings.
	String() string

	// GetMessageOfTheDay fetches the MOTD
	GetMessageOfTheDay() string

	// SetMessageOfTheDay sets the MOTD
	SetMessageOfTheDay(string)
}

AuthPreference defines the authentication preferences for a specific cluster. It defines the type (local, oidc) and second factor (off, otp, oidc). AuthPreference is a configuration resource, never create more than one instance of it.

func DefaultAuthPreference 

func DefaultAuthPreference() AuthPreference

DefaultAuthPreference returns the default authentication preferences.

func NewAuthPreference 

func NewAuthPreference(spec AuthPreferenceSpecV2) (AuthPreference, error)

NewAuthPreference is a convenience method to to create AuthPreferenceV2.

func NewAuthPreferenceFromConfigFile 

func NewAuthPreferenceFromConfigFile(spec AuthPreferenceSpecV2) (AuthPreference, error)

NewAuthPreferenceFromConfigFile is a convenience method to create AuthPreferenceV2 labelled as originating from config file.

type AuthPreferenceSpecV2 

type AuthPreferenceSpecV2 struct {
	// Type is the type of authentication.
	Type string `protobuf:"bytes,1,opt,name=Type,proto3" json:"type"`
	// SecondFactor is the type of second factor.
	SecondFactor github_com_gravitational_teleport_api_constants.SecondFactorType `` /* 155-byte string literal not displayed */
	// ConnectorName is the name of the OIDC or SAML connector. If this value is
	// not set the first connector in the backend will be used.
	ConnectorName string `protobuf:"bytes,3,opt,name=ConnectorName,proto3" json:"connector_name,omitempty"`
	// U2F are the settings for the U2F device.
	U2F *U2F `protobuf:"bytes,4,opt,name=U2F,proto3" json:"u2f,omitempty"`
	// RequireSessionMFA causes all sessions in this cluster to require MFA
	// checks.
	RequireSessionMFA bool `protobuf:"varint,5,opt,name=RequireSessionMFA,proto3" json:"require_session_mfa,omitempty"`
	// DisconnectExpiredCert provides disconnect expired certificate setting -
	// if true, connections with expired client certificates will get disconnected
	DisconnectExpiredCert *BoolOption `protobuf:"bytes,6,opt,name=DisconnectExpiredCert,proto3,customtype=BoolOption" json:"disconnect_expired_cert,omitempty"`
	// AllowLocalAuth is true if local authentication is enabled.
	AllowLocalAuth       *BoolOption `protobuf:"bytes,7,opt,name=AllowLocalAuth,proto3,customtype=BoolOption" json:"allow_local_auth,omitempty"`
	MessageOfTheDay      string      `protobuf:"bytes,8,opt,name=MessageOfTheDay,proto3" json:"message_of_the_day,omitempty"`
	XXX_NoUnkeyedLiteral struct{}    `json:"-"`
	XXX_unrecognized     []byte      `json:"-"`
	XXX_sizecache        int32       `json:"-"`
}

AuthPreferenceSpecV2 is the actual data we care about for AuthPreference.

func (*AuthPreferenceSpecV2) Descriptor 

func (*AuthPreferenceSpecV2) Descriptor() ([]byte, []int)

func (*AuthPreferenceSpecV2) Marshal 

func (m *AuthPreferenceSpecV2) Marshal() (dAtA []byte, err error)

func (*AuthPreferenceSpecV2) MarshalTo 

func (m *AuthPreferenceSpecV2) MarshalTo(dAtA []byte) (int, error)

func (*AuthPreferenceSpecV2) MarshalToSizedBuffer 

func (m *AuthPreferenceSpecV2) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*AuthPreferenceSpecV2) ProtoMessage 

func (*AuthPreferenceSpecV2) ProtoMessage()

func (*AuthPreferenceSpecV2) Reset 

func (m *AuthPreferenceSpecV2) Reset()

func (*AuthPreferenceSpecV2) Size 

func (m *AuthPreferenceSpecV2) Size() (n int)

func (*AuthPreferenceSpecV2) String 

func (m *AuthPreferenceSpecV2) String() string

func (*AuthPreferenceSpecV2) Unmarshal 

func (m *AuthPreferenceSpecV2) Unmarshal(dAtA []byte) error

func (*AuthPreferenceSpecV2) XXX_DiscardUnknown 

func (m *AuthPreferenceSpecV2) XXX_DiscardUnknown()

func (*AuthPreferenceSpecV2) XXX_Marshal 

func (m *AuthPreferenceSpecV2) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*AuthPreferenceSpecV2) XXX_Merge 

func (m *AuthPreferenceSpecV2) XXX_Merge(src proto.Message)

func (*AuthPreferenceSpecV2) XXX_Size 

func (m *AuthPreferenceSpecV2) XXX_Size() int

func (*AuthPreferenceSpecV2) XXX_Unmarshal 

func (m *AuthPreferenceSpecV2) XXX_Unmarshal(b []byte) error

type AuthPreferenceV2 

type AuthPreferenceV2 struct {
	// Kind is a resource kind
	Kind string `protobuf:"bytes,1,opt,name=Kind,proto3" json:"kind"`
	// SubKind is an optional resource sub kind, used in some resources
	SubKind string `protobuf:"bytes,2,opt,name=SubKind,proto3" json:"sub_kind,omitempty"`
	// Version is a resource version
	Version string `protobuf:"bytes,3,opt,name=Version,proto3" json:"version"`
	// Metadata is resource metadata
	Metadata Metadata `protobuf:"bytes,4,opt,name=Metadata,proto3" json:"metadata"`
	// Spec is an AuthPreference specification
	Spec                 AuthPreferenceSpecV2 `protobuf:"bytes,5,opt,name=Spec,proto3" json:"spec"`
	XXX_NoUnkeyedLiteral struct{}             `json:"-"`
	XXX_unrecognized     []byte               `json:"-"`
	XXX_sizecache        int32                `json:"-"`
}

AuthPreferenceV2 implements the AuthPreference interface.

func (*AuthPreferenceV2) CheckAndSetDefaults 

func (c *AuthPreferenceV2) CheckAndSetDefaults() error

CheckAndSetDefaults verifies the constraints for AuthPreference.

func (*AuthPreferenceV2) Descriptor 

func (*AuthPreferenceV2) Descriptor() ([]byte, []int)

func (*AuthPreferenceV2) Expiry 

func (c *AuthPreferenceV2) Expiry() time.Time

Expiry returns object expiry setting.

func (*AuthPreferenceV2) GetAllowLocalAuth 

func (c *AuthPreferenceV2) GetAllowLocalAuth() bool

GetAllowLocalAuth gets if local authentication is allowed.

func (*AuthPreferenceV2) GetConnectorName 

func (c *AuthPreferenceV2) GetConnectorName() string

GetConnectorName gets the name of the OIDC or SAML connector to use. If this value is empty, we fall back to the first connector in the backend.

func (*AuthPreferenceV2) GetDisconnectExpiredCert 

func (c *AuthPreferenceV2) GetDisconnectExpiredCert() bool

GetDisconnectExpiredCert returns disconnect expired certificate setting

func (*AuthPreferenceV2) GetKind 

func (c *AuthPreferenceV2) GetKind() string

GetKind returns resource kind.

func (*AuthPreferenceV2) GetMessageOfTheDay 

func (c *AuthPreferenceV2) GetMessageOfTheDay() string

GetMessageOfTheDay gets the current Message Of The Day. May be empty.

func (*AuthPreferenceV2) GetMetadata 

func (c *AuthPreferenceV2) GetMetadata() Metadata

GetMetadata returns object metadata.

func (*AuthPreferenceV2) GetName 

func (c *AuthPreferenceV2) GetName() string

GetName returns the name of the resource.

func (*AuthPreferenceV2) GetRequireSessionMFA 

func (c *AuthPreferenceV2) GetRequireSessionMFA() bool

GetRequireSessionMFA returns true when all sessions in this cluster require an MFA check.

func (*AuthPreferenceV2) GetResourceID 

func (c *AuthPreferenceV2) GetResourceID() int64

GetResourceID returns resource ID.

func (*AuthPreferenceV2) GetSecondFactor 

func (c *AuthPreferenceV2) GetSecondFactor() constants.SecondFactorType

GetSecondFactor returns the type of second factor.

func (*AuthPreferenceV2) GetSubKind 

func (c *AuthPreferenceV2) GetSubKind() string

GetSubKind returns resource subkind.

func (*AuthPreferenceV2) GetType 

func (c *AuthPreferenceV2) GetType() string

GetType returns the type of authentication.

func (*AuthPreferenceV2) GetU2F 

func (c *AuthPreferenceV2) GetU2F() (*U2F, error)

GetU2F gets the U2F configuration settings.

func (*AuthPreferenceV2) GetVersion 

func (c *AuthPreferenceV2) GetVersion() string

GetVersion returns resource version.

func (*AuthPreferenceV2) Marshal 

func (m *AuthPreferenceV2) Marshal() (dAtA []byte, err error)

func (*AuthPreferenceV2) MarshalTo 

func (m *AuthPreferenceV2) MarshalTo(dAtA []byte) (int, error)

func (*AuthPreferenceV2) MarshalToSizedBuffer 

func (m *AuthPreferenceV2) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*AuthPreferenceV2) Origin 

func (c *AuthPreferenceV2) Origin() string

Origin returns the origin value of the resource.

func (*AuthPreferenceV2) ProtoMessage 

func (*AuthPreferenceV2) ProtoMessage()

func (*AuthPreferenceV2) Reset 

func (m *AuthPreferenceV2) Reset()

func (*AuthPreferenceV2) SetAllowLocalAuth 

func (c *AuthPreferenceV2) SetAllowLocalAuth(b bool)

SetAllowLocalAuth gets if local authentication is allowed.

func (*AuthPreferenceV2) SetConnectorName 

func (c *AuthPreferenceV2) SetConnectorName(cn string)

SetConnectorName sets the name of the OIDC or SAML connector to use. If this value is empty, we fall back to the first connector in the backend.

func (*AuthPreferenceV2) SetDisconnectExpiredCert 

func (c *AuthPreferenceV2) SetDisconnectExpiredCert(b bool)

SetDisconnectExpiredCert sets disconnect client with expired certificate setting

func (*AuthPreferenceV2) SetExpiry 

func (c *AuthPreferenceV2) SetExpiry(expires time.Time)

SetExpiry sets expiry time for the object.

func (*AuthPreferenceV2) SetMessageOfTheDay 

func (c *AuthPreferenceV2) SetMessageOfTheDay(motd string)

SetMessageOfTheDay sets the current Message Of The Day. May be empty.

func (*AuthPreferenceV2) SetName 

func (c *AuthPreferenceV2) SetName(e string)

SetName sets the name of the resource.

func (*AuthPreferenceV2) SetOrigin 

func (c *AuthPreferenceV2) SetOrigin(origin string)

SetOrigin sets the origin value of the resource.

func (*AuthPreferenceV2) SetResourceID 

func (c *AuthPreferenceV2) SetResourceID(id int64)

SetResourceID sets resource ID.

func (*AuthPreferenceV2) SetSecondFactor 

func (c *AuthPreferenceV2) SetSecondFactor(s constants.SecondFactorType)

SetSecondFactor sets the type of second factor.

func (*AuthPreferenceV2) SetSubKind 

func (c *AuthPreferenceV2) SetSubKind(sk string)

SetSubKind sets resource subkind.

func (*AuthPreferenceV2) SetType 

func (c *AuthPreferenceV2) SetType(s string)

SetType sets the type of authentication.

func (*AuthPreferenceV2) SetU2F 

func (c *AuthPreferenceV2) SetU2F(u2f *U2F)

SetU2F sets the U2F configuration settings.

func (*AuthPreferenceV2) Size 

func (m *AuthPreferenceV2) Size() (n int)

func (*AuthPreferenceV2) String 

func (c *AuthPreferenceV2) String() string

String represents a human readable version of authentication settings.

func (*AuthPreferenceV2) Unmarshal 

func (m *AuthPreferenceV2) Unmarshal(dAtA []byte) error

func (*AuthPreferenceV2) XXX_DiscardUnknown 

func (m *AuthPreferenceV2) XXX_DiscardUnknown()

func (*AuthPreferenceV2) XXX_Marshal 

func (m *AuthPreferenceV2) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*AuthPreferenceV2) XXX_Merge 

func (m *AuthPreferenceV2) XXX_Merge(src proto.Message)

func (*AuthPreferenceV2) XXX_Size 

func (m *AuthPreferenceV2) XXX_Size() int

func (*AuthPreferenceV2) XXX_Unmarshal 

func (m *AuthPreferenceV2) XXX_Unmarshal(b []byte) error

type Bool 

type Bool bool

Bool is a wrapper around boolean values

func NewBool 

func NewBool(b bool) Bool

NewBool returns Bool struct based on bool value

func NewBoolP 

func NewBoolP(b bool) *Bool

NewBoolP returns Bool pointer

func (Bool) MarshalJSON 

func (b Bool) MarshalJSON() ([]byte, error)

MarshalJSON marshals boolean value.

func (Bool) MarshalYAML 

func (b Bool) MarshalYAML() (interface{}, error)

MarshalYAML marshals bool into yaml value

func (*Bool) UnmarshalJSON 

func (b *Bool) UnmarshalJSON(data []byte) error

UnmarshalJSON unmarshals JSON from string or bool, in case if value is missing or not recognized, defaults to false

func (*Bool) UnmarshalYAML 

func (b *Bool) UnmarshalYAML(unmarshal func(interface{}) error) error

UnmarshalYAML unmarshals bool value from yaml

func (Bool) Value 

func (b Bool) Value() bool

Value returns boolean value of the wrapper

type BoolOption 

type BoolOption struct {
	// Value is a value of the option
	Value bool
}

BoolOption is a wrapper around bool that can take multiple values: * true, false and non-set (when pointer is nil) and can marshal itself to protobuf equivalent BoolValue

func NewBoolOption 

func NewBoolOption(b bool) *BoolOption

NewBoolOption returns Bool struct based on bool value

func (BoolOption) Marshal 

func (b BoolOption) Marshal() ([]byte, error)

Marshal marshals value into protobuf representation

func (BoolOption) MarshalJSON 

func (b BoolOption) MarshalJSON() ([]byte, error)

MarshalJSON marshals boolean value.

func (BoolOption) MarshalTo 

func (b BoolOption) MarshalTo(data []byte) (int, error)

MarshalTo marshals value to the slice

func (BoolOption) MarshalToSizedBuffer 

func (b BoolOption) MarshalToSizedBuffer(data []byte) (int, error)

MarshalToSizedBuffer marshals value to the slice

func (*BoolOption) MarshalYAML 

func (b *BoolOption) MarshalYAML() (interface{}, error)

MarshalYAML marshals BoolOption into yaml value

func (BoolOption) Size 

func (b BoolOption) Size() int

Size returns protobuf size

func (*BoolOption) Unmarshal 

func (b *BoolOption) Unmarshal(data []byte) error

Unmarshal unmarshals value from protobuf

func (*BoolOption) UnmarshalJSON 

func (b *BoolOption) UnmarshalJSON(data []byte) error

UnmarshalJSON unmarshals JSON from string or bool, in case if value is missing or not recognized, defaults to false

func (*BoolOption) UnmarshalYAML 

func (b *BoolOption) UnmarshalYAML(unmarshal func(interface{}) error) error

UnmarshalYAML unmarshals BoolOption to YAML

type BoolValue 

type BoolValue struct {
	Value                bool     `protobuf:"varint,1,opt,name=Value,proto3" json:"Value,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

BoolValue is a wrapper around bool, used in cases whenever bool value can have different default value when missing

func (*BoolValue) Descriptor 

func (*BoolValue) Descriptor() ([]byte, []int)

func (*BoolValue) Marshal 

func (m *BoolValue) Marshal() (dAtA []byte, err error)

func (*BoolValue) MarshalTo 

func (m *BoolValue) MarshalTo(dAtA []byte) (int, error)

func (*BoolValue) MarshalToSizedBuffer 

func (m *BoolValue) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*BoolValue) ProtoMessage 

func (*BoolValue) ProtoMessage()

func (*BoolValue) Reset 

func (m *BoolValue) Reset()

func (*BoolValue) Size 

func (m *BoolValue) Size() (n int)

func (*BoolValue) String 

func (m *BoolValue) String() string

func (*BoolValue) Unmarshal 

func (m *BoolValue) Unmarshal(dAtA []byte) error

func (*BoolValue) XXX_DiscardUnknown 

func (m *BoolValue) XXX_DiscardUnknown()

func (*BoolValue) XXX_Marshal 

func (m *BoolValue) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*BoolValue) XXX_Merge 

func (m *BoolValue) XXX_Merge(src proto.Message)

func (*BoolValue) XXX_Size 

func (m *BoolValue) XXX_Size() int

func (*BoolValue) XXX_Unmarshal 

func (m *BoolValue) XXX_Unmarshal(b []byte) error

type CAKeySet 

type CAKeySet struct {
	// SSH contains SSH CA key pairs.
	SSH []*SSHKeyPair `protobuf:"bytes,1,rep,name=SSH,proto3" json:"ssh,omitempty"`
	// TLS contains TLS CA key/cert pairs.
	TLS []*TLSKeyPair `protobuf:"bytes,2,rep,name=TLS,proto3" json:"tls,omitempty"`
	// JWT contains JWT signing key pairs.
	JWT                  []*JWTKeyPair `protobuf:"bytes,3,rep,name=JWT,proto3" json:"jwt,omitempty"`
	XXX_NoUnkeyedLiteral struct{}      `json:"-"`
	XXX_unrecognized     []byte        `json:"-"`
	XXX_sizecache        int32         `json:"-"`
}

CAKeySet is the set of CA keys.

func (CAKeySet) CheckAndSetDefaults 

func (ks CAKeySet) CheckAndSetDefaults() error

CheckAndSetDefaults validates CAKeySet and sets defaults on any empty fields as needed.

func (CAKeySet) Clone 

func (ks CAKeySet) Clone() CAKeySet

Clone returns a deep copy of CAKeySet that can be mutated without modifying the original.

func (*CAKeySet) Descriptor 

func (*CAKeySet) Descriptor() ([]byte, []int)

func (*CAKeySet) Marshal 

func (m *CAKeySet) Marshal() (dAtA []byte, err error)

func (*CAKeySet) MarshalTo 

func (m *CAKeySet) MarshalTo(dAtA []byte) (int, error)

func (*CAKeySet) MarshalToSizedBuffer 

func (m *CAKeySet) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*CAKeySet) ProtoMessage 

func (*CAKeySet) ProtoMessage()

func (*CAKeySet) Reset 

func (m *CAKeySet) Reset()

func (*CAKeySet) Size 

func (m *CAKeySet) Size() (n int)

func (*CAKeySet) String 

func (m *CAKeySet) String() string

func (*CAKeySet) Unmarshal 

func (m *CAKeySet) Unmarshal(dAtA []byte) error

func (CAKeySet) WithoutSecrets 

func (ks CAKeySet) WithoutSecrets() CAKeySet

WithoutSecrets returns a deep copy of CAKeySet with all secret fields (private keys) removed.

func (*CAKeySet) XXX_DiscardUnknown 

func (m *CAKeySet) XXX_DiscardUnknown()

func (*CAKeySet) XXX_Marshal 

func (m *CAKeySet) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*CAKeySet) XXX_Merge 

func (m *CAKeySet) XXX_Merge(src proto.Message)

func (*CAKeySet) XXX_Size 

func (m *CAKeySet) XXX_Size() int

func (*CAKeySet) XXX_Unmarshal 

func (m *CAKeySet) XXX_Unmarshal(b []byte) error

type CertAuthID 

type CertAuthID struct {
	Type       CertAuthType `json:"type"`
	DomainName string       `json:"domain_name"`
}

CertAuthID - id of certificate authority (it's type and domain name)

func (*CertAuthID) Check 

func (c *CertAuthID) Check() error

Check returns error if any of the id parameters are bad, nil otherwise

func (*CertAuthID) String 

func (c *CertAuthID) String() string

type CertAuthType 

type CertAuthType string

CertAuthType specifies certificate authority type 

const (
	// HostCA identifies the key as a host certificate authority
	HostCA CertAuthType = "host"
	// UserCA identifies the key as a user certificate authority
	UserCA CertAuthType = "user"
	// JWTSigner identifies type of certificate authority as JWT signer. In this
	// case JWT is not a certificate authority because it does not issue
	// certificates but rather is an authority that signs tokens, however it behaves
	// much like a CA in terms of rotation and storage.
	JWTSigner CertAuthType = "jwt"
)

func (CertAuthType) Check 

func (c CertAuthType) Check() error

Check checks if certificate authority type value is correct

type CertAuthority 

type CertAuthority interface {
	// ResourceWithSecrets sets common resource properties
	ResourceWithSecrets
	// SetMetadata sets CA metadata
	SetMetadata(meta Metadata)
	// GetID returns certificate authority ID -
	// combined type and name
	GetID() CertAuthID
	// GetType returns user or host certificate authority
	GetType() CertAuthType
	// GetClusterName returns cluster name this cert authority
	// is associated with
	GetClusterName() string

	GetActiveKeys() CAKeySet
	SetActiveKeys(CAKeySet) error
	GetAdditionalTrustedKeys() CAKeySet
	SetAdditionalTrustedKeys(CAKeySet) error

	GetTrustedSSHKeyPairs() []*SSHKeyPair
	GetTrustedTLSKeyPairs() []*TLSKeyPair
	GetTrustedJWTKeyPairs() []*JWTKeyPair

	// CombinedMapping is used to specify combined mapping from legacy property Roles
	// and new property RoleMap
	CombinedMapping() RoleMap
	// GetRoleMap returns role map property
	GetRoleMap() RoleMap
	// SetRoleMap sets role map
	SetRoleMap(m RoleMap)
	// GetRoles returns a list of roles assumed by users signed by this CA
	GetRoles() []string
	// SetRoles sets assigned roles for this certificate authority
	SetRoles(roles []string)
	// AddRole adds a role to ca role list
	AddRole(name string)
	// String returns human readable version of the CertAuthority
	String() string
	// GetRotation returns rotation state.
	GetRotation() Rotation
	// SetRotation sets rotation state.
	SetRotation(Rotation)
	// GetSigningAlg returns the signing algorithm used by signing keys.
	GetSigningAlg() CertAuthoritySpecV2_SigningAlgType
	// SetSigningAlg sets the signing algorithm used by signing keys.
	SetSigningAlg(CertAuthoritySpecV2_SigningAlgType)
	// Clone returns a copy of the cert authority object.
	Clone() CertAuthority
}

CertAuthority is a host or user certificate authority that can check and if it has private key stored as well, sign it too

func NewCertAuthority 

func NewCertAuthority(spec CertAuthoritySpecV2) (CertAuthority, error)

NewCertAuthority returns new cert authority

type CertAuthoritySpecV2 

type CertAuthoritySpecV2 struct {
	// Type is either user or host certificate authority
	Type CertAuthType `protobuf:"bytes,1,opt,name=Type,proto3,casttype=CertAuthType" json:"type"`
	// DELETE IN(2.7.0) this field is deprecated,
	// as resource name matches cluster name after migrations.
	// and this property is enforced by the auth server code.
	// ClusterName identifies cluster name this authority serves,
	// for host authorities that means base hostname of all servers,
	// for user authorities that means organization name
	ClusterName string `protobuf:"bytes,2,opt,name=ClusterName,proto3" json:"cluster_name"`
	// Checkers is a list of SSH public keys that can be used to check
	// certificate signatures
	//
	// DEPRECATED: use ActiveKeys and AdditionalTrustedKeys instead.
	CheckingKeys [][]byte `protobuf:"bytes,3,rep,name=CheckingKeys,proto3" json:"checking_keys,omitempty"` // Deprecated: Do not use.
	// SigningKeys is a list of private keys used for signing
	//
	// DEPRECATED: use ActiveKeys instead.
	SigningKeys [][]byte `protobuf:"bytes,4,rep,name=SigningKeys,proto3" json:"signing_keys,omitempty"` // Deprecated: Do not use.
	// Roles is a list of roles assumed by users signed by this CA
	Roles []string `protobuf:"bytes,5,rep,name=Roles,proto3" json:"roles,omitempty"`
	// RoleMap specifies role mappings to remote roles
	RoleMap []RoleMapping `protobuf:"bytes,6,rep,name=RoleMap,proto3" json:"role_map,omitempty"`
	// TLS is a list of TLS key pairs
	//
	// DEPRECATED: use ActiveKeys and AdditionalTrustedKeys instead.
	TLSKeyPairs []TLSKeyPair `protobuf:"bytes,7,rep,name=TLSKeyPairs,proto3" json:"tls_key_pairs,omitempty"` // Deprecated: Do not use.
	// Rotation is a status of the certificate authority rotation
	Rotation   *Rotation                          `protobuf:"bytes,8,opt,name=Rotation,proto3" json:"rotation,omitempty"`
	SigningAlg CertAuthoritySpecV2_SigningAlgType `protobuf:"varint,9,opt,name=SigningAlg,proto3,enum=types.CertAuthoritySpecV2_SigningAlgType" json:"signing_alg,omitempty"`
	// JWTKeyPair is a list of JWT key pairs.
	//
	// DEPRECATED: use ActiveKeys and AdditionalTrustedKeys instead.
	JWTKeyPairs []JWTKeyPair `protobuf:"bytes,10,rep,name=JWTKeyPairs,proto3" json:"jwt_key_pairs,omitempty"` // Deprecated: Do not use.
	// ActiveKeys are the CA key sets used to sign any new certificates.
	ActiveKeys CAKeySet `protobuf:"bytes,11,opt,name=ActiveKeys,proto3" json:"active_keys,omitempty"`
	// AdditionalTrustedKeys are additional CA key sets that can be used to
	// verify certificates. Certificates should be verified with
	// AdditionalTrustedKeys and ActiveKeys combined.
	AdditionalTrustedKeys CAKeySet `protobuf:"bytes,12,opt,name=AdditionalTrustedKeys,proto3" json:"additional_trusted_keys,omitempty"`
	XXX_NoUnkeyedLiteral  struct{} `json:"-"`
	XXX_unrecognized      []byte   `json:"-"`
	XXX_sizecache         int32    `json:"-"`
}

CertAuthoritySpecV2 is a host or user certificate authority that can check and if it has private key stored as well, sign it too

func (*CertAuthoritySpecV2) Descriptor 

func (*CertAuthoritySpecV2) Descriptor() ([]byte, []int)

func (*CertAuthoritySpecV2) Marshal 

func (m *CertAuthoritySpecV2) Marshal() (dAtA []byte, err error)

func (*CertAuthoritySpecV2) MarshalTo 

func (m *CertAuthoritySpecV2) MarshalTo(dAtA []byte) (int, error)

func (*CertAuthoritySpecV2) MarshalToSizedBuffer 

func (m *CertAuthoritySpecV2) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*CertAuthoritySpecV2) ProtoMessage 

func (*CertAuthoritySpecV2) ProtoMessage()

func (*CertAuthoritySpecV2) Reset 

func (m *CertAuthoritySpecV2) Reset()

func (*CertAuthoritySpecV2) Size 

func (m *CertAuthoritySpecV2) Size() (n int)

func (*CertAuthoritySpecV2) String 

func (m *CertAuthoritySpecV2) String() string

func (*CertAuthoritySpecV2) Unmarshal 

func (m *CertAuthoritySpecV2) Unmarshal(dAtA []byte) error

func (*CertAuthoritySpecV2) XXX_DiscardUnknown 

func (m *CertAuthoritySpecV2) XXX_DiscardUnknown()

func (*CertAuthoritySpecV2) XXX_Marshal 

func (m *CertAuthoritySpecV2) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*CertAuthoritySpecV2) XXX_Merge 

func (m *CertAuthoritySpecV2) XXX_Merge(src proto.Message)

func (*CertAuthoritySpecV2) XXX_Size 

func (m *CertAuthoritySpecV2) XXX_Size() int

func (*CertAuthoritySpecV2) XXX_Unmarshal 

func (m *CertAuthoritySpecV2) XXX_Unmarshal(b []byte) error

type CertAuthoritySpecV2_SigningAlgType 

type CertAuthoritySpecV2_SigningAlgType int32

SigningAlg is the algorithm used for signing new SSH certificates using SigningKeys. 

const (
	CertAuthoritySpecV2_UNKNOWN      CertAuthoritySpecV2_SigningAlgType = 0
	CertAuthoritySpecV2_RSA_SHA1     CertAuthoritySpecV2_SigningAlgType = 1
	CertAuthoritySpecV2_RSA_SHA2_256 CertAuthoritySpecV2_SigningAlgType = 2
	CertAuthoritySpecV2_RSA_SHA2_512 CertAuthoritySpecV2_SigningAlgType = 3
)

func (CertAuthoritySpecV2_SigningAlgType) EnumDescriptor 

func (CertAuthoritySpecV2_SigningAlgType) EnumDescriptor() ([]byte, []int)

func (CertAuthoritySpecV2_SigningAlgType) String 

func (x CertAuthoritySpecV2_SigningAlgType) String() string

type CertAuthorityV2 

type CertAuthorityV2 struct {
	// Kind is a resource kind
	Kind string `protobuf:"bytes,1,opt,name=Kind,proto3" json:"kind"`
	// SubKind is an optional resource sub kind, used in some resources
	SubKind string `protobuf:"bytes,2,opt,name=SubKind,proto3" json:"sub_kind,omitempty"`
	// Version is version
	Version string `protobuf:"bytes,3,opt,name=Version,proto3" json:"version"`
	// Metadata is connector metadata
	Metadata Metadata `protobuf:"bytes,4,opt,name=Metadata,proto3" json:"metadata"`
	// Spec contains cert authority specification
	Spec                 CertAuthoritySpecV2 `protobuf:"bytes,5,opt,name=Spec,proto3" json:"spec"`
	XXX_NoUnkeyedLiteral struct{}            `json:"-"`
	XXX_unrecognized     []byte              `json:"-"`
	XXX_sizecache        int32               `json:"-"`
}

CertAuthorityV2 is version 2 resource spec for Cert Authority

func (*CertAuthorityV2) AddRole 

func (ca *CertAuthorityV2) AddRole(name string)

AddRole adds a role to ca role list

func (*CertAuthorityV2) CheckAndSetDefaults 

func (ca *CertAuthorityV2) CheckAndSetDefaults() error

CheckAndSetDefaults checks and set default values for any missing fields.

func (*CertAuthorityV2) Clone 

func (ca *CertAuthorityV2) Clone() CertAuthority

Clone returns a copy of the cert authority object.

func (*CertAuthorityV2) CombinedMapping 

func (ca *CertAuthorityV2) CombinedMapping() RoleMap

CombinedMapping is used to specify combined mapping from legacy property Roles and new property RoleMap

func (*CertAuthorityV2) Descriptor 

func (*CertAuthorityV2) Descriptor() ([]byte, []int)

func (*CertAuthorityV2) Expiry 

func (ca *CertAuthorityV2) Expiry() time.Time

Expiry returns object expiry setting

func (*CertAuthorityV2) GetActiveKeys 

func (ca *CertAuthorityV2) GetActiveKeys() CAKeySet

func (*CertAuthorityV2) GetAdditionalTrustedKeys 

func (ca *CertAuthorityV2) GetAdditionalTrustedKeys() CAKeySet

func (*CertAuthorityV2) GetClusterName 

func (ca *CertAuthorityV2) GetClusterName() string

GetClusterName returns cluster name this cert authority is associated with.

func (*CertAuthorityV2) GetID 

func (ca *CertAuthorityV2) GetID() CertAuthID

GetID returns certificate authority ID - combined type and name

func (*CertAuthorityV2) GetKind 

func (ca *CertAuthorityV2) GetKind() string

GetKind returns resource kind

func (*CertAuthorityV2) GetMetadata 

func (ca *CertAuthorityV2) GetMetadata() Metadata

GetMetadata returns object metadata

func (*CertAuthorityV2) GetName 

func (ca *CertAuthorityV2) GetName() string

GetName returns cert authority name

func (*CertAuthorityV2) GetResourceID 

func (ca *CertAuthorityV2) GetResourceID() int64

GetResourceID returns resource ID

func (*CertAuthorityV2) GetRoleMap 

func (ca *CertAuthorityV2) GetRoleMap() RoleMap

GetRoleMap returns role map property

func (*CertAuthorityV2) GetRoles 

func (ca *CertAuthorityV2) GetRoles() []string

GetRoles returns a list of roles assumed by users signed by this CA

func (*CertAuthorityV2) GetRotation 

func (ca *CertAuthorityV2) GetRotation() Rotation

GetRotation returns rotation state.

func (*CertAuthorityV2) GetSigningAlg 

func (ca *CertAuthorityV2) GetSigningAlg() CertAuthoritySpecV2_SigningAlgType

GetSigningAlg returns the CA's signing algorithm type

func (*CertAuthorityV2) GetSubKind 

func (ca *CertAuthorityV2) GetSubKind() string

GetSubKind returns resource sub kind

func (*CertAuthorityV2) GetTrustedJWTKeyPairs 

func (ca *CertAuthorityV2) GetTrustedJWTKeyPairs() []*JWTKeyPair

func (*CertAuthorityV2) GetTrustedSSHKeyPairs 

func (ca *CertAuthorityV2) GetTrustedSSHKeyPairs() []*SSHKeyPair

func (*CertAuthorityV2) GetTrustedTLSKeyPairs 

func (ca *CertAuthorityV2) GetTrustedTLSKeyPairs() []*TLSKeyPair

func (*CertAuthorityV2) GetType 

func (ca *CertAuthorityV2) GetType() CertAuthType

GetType returns user or host certificate authority

func (*CertAuthorityV2) GetVersion 

func (ca *CertAuthorityV2) GetVersion() string

GetVersion returns resource version

func (*CertAuthorityV2) ID 

func (ca *CertAuthorityV2) ID() *CertAuthID

ID returns id (consisting of domain name and type) that identifies the authority this key belongs to

func (*CertAuthorityV2) Marshal 

func (m *CertAuthorityV2) Marshal() (dAtA []byte, err error)

func (*CertAuthorityV2) MarshalTo 

func (m *CertAuthorityV2) MarshalTo(dAtA []byte) (int, error)

func (*CertAuthorityV2) MarshalToSizedBuffer 

func (m *CertAuthorityV2) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*CertAuthorityV2) ProtoMessage 

func (*CertAuthorityV2) ProtoMessage()

func (*CertAuthorityV2) Reset 

func (m *CertAuthorityV2) Reset()

func (*CertAuthorityV2) SetActiveKeys 

func (ca *CertAuthorityV2) SetActiveKeys(ks CAKeySet) error

func (*CertAuthorityV2) SetAdditionalTrustedKeys 

func (ca *CertAuthorityV2) SetAdditionalTrustedKeys(ks CAKeySet) error

func (*CertAuthorityV2) SetExpiry 

func (ca *CertAuthorityV2) SetExpiry(expires time.Time)

SetExpiry sets expiry time for the object

func (*CertAuthorityV2) SetMetadata 

func (ca *CertAuthorityV2) SetMetadata(meta Metadata)

SetMetadata sets object metadata

func (*CertAuthorityV2) SetName 

func (ca *CertAuthorityV2) SetName(name string)

SetName sets cert authority name

func (*CertAuthorityV2) SetResourceID 

func (ca *CertAuthorityV2) SetResourceID(id int64)

SetResourceID sets resource ID

func (*CertAuthorityV2) SetRoleMap 

func (ca *CertAuthorityV2) SetRoleMap(m RoleMap)

SetRoleMap sets role map

func (*CertAuthorityV2) SetRoles 

func (ca *CertAuthorityV2) SetRoles(roles []string)

SetRoles sets assigned roles for this certificate authority

func (*CertAuthorityV2) SetRotation 

func (ca *CertAuthorityV2) SetRotation(r Rotation)

SetRotation sets rotation state.

func (*CertAuthorityV2) SetSigningAlg 

func (ca *CertAuthorityV2) SetSigningAlg(alg CertAuthoritySpecV2_SigningAlgType)

SetSigningAlg sets the CA's signing algorith type

func (*CertAuthorityV2) SetSubKind 

func (ca *CertAuthorityV2) SetSubKind(s string)

SetSubKind sets resource subkind

func (*CertAuthorityV2) Size 

func (m *CertAuthorityV2) Size() (n int)

func (*CertAuthorityV2) String 

func (ca *CertAuthorityV2) String() string

String returns human readable version of the CertAuthorityV2.

func (*CertAuthorityV2) Unmarshal 

func (m *CertAuthorityV2) Unmarshal(dAtA []byte) error

func (*CertAuthorityV2) WithoutSecrets 

func (ca *CertAuthorityV2) WithoutSecrets() Resource

WithoutSecrets returns an instance of resource without secrets.

func (*CertAuthorityV2) XXX_DiscardUnknown 

func (m *CertAuthorityV2) XXX_DiscardUnknown()

func (*CertAuthorityV2) XXX_Marshal 

func (m *CertAuthorityV2) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*CertAuthorityV2) XXX_Merge 

func (m *CertAuthorityV2) XXX_Merge(src proto.Message)

func (*CertAuthorityV2) XXX_Size 

func (m *CertAuthorityV2) XXX_Size() int

func (*CertAuthorityV2) XXX_Unmarshal 

func (m *CertAuthorityV2) XXX_Unmarshal(b []byte) error

type CertRoles 

type CertRoles struct {
	// Version is current version of the roles
	Version string `json:"version"`
	// Roles is a list of roles
	Roles []string `json:"roles"`
}

CertRoles defines certificate roles

type ClaimMapping 

type ClaimMapping struct {
	// Claim is a claim name.
	Claim string `protobuf:"bytes,1,opt,name=Claim,proto3" json:"claim"`
	// Value is a claim value to match.
	Value string `protobuf:"bytes,2,opt,name=Value,proto3" json:"value"`
	// Roles is a list of static teleport roles to match.
	Roles                []string `protobuf:"bytes,3,rep,name=Roles,proto3" json:"roles,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

ClaimMapping maps a claim to teleport roles.

func (*ClaimMapping) Descriptor 

func (*ClaimMapping) Descriptor() ([]byte, []int)

func (*ClaimMapping) Marshal 

func (m *ClaimMapping) Marshal() (dAtA []byte, err error)

func (*ClaimMapping) MarshalTo 

func (m *ClaimMapping) MarshalTo(dAtA []byte) (int, error)

func (*ClaimMapping) MarshalToSizedBuffer 

func (m *ClaimMapping) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*ClaimMapping) ProtoMessage 

func (*ClaimMapping) ProtoMessage()

func (*ClaimMapping) Reset 

func (m *ClaimMapping) Reset()

func (*ClaimMapping) Size 

func (m *ClaimMapping) Size() (n int)

func (*ClaimMapping) String 

func (m *ClaimMapping) String() string

func (*ClaimMapping) Unmarshal 

func (m *ClaimMapping) Unmarshal(dAtA []byte) error

func (*ClaimMapping) XXX_DiscardUnknown 

func (m *ClaimMapping) XXX_DiscardUnknown()

func (*ClaimMapping) XXX_Marshal 

func (m *ClaimMapping) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*ClaimMapping) XXX_Merge 

func (m *ClaimMapping) XXX_Merge(src proto.Message)

func (*ClaimMapping) XXX_Size 

func (m *ClaimMapping) XXX_Size() int

func (*ClaimMapping) XXX_Unmarshal 

func (m *ClaimMapping) XXX_Unmarshal(b []byte) error

type ClusterAuditConfig 

type ClusterAuditConfig interface {
	Resource

	// Type gets the audit backend type.
	Type() string
	// SetType sets the audit backend type.
	SetType(string)

	// Region gets a cloud provider region.
	Region() string
	// SetRegion sets a cloud provider region.
	SetRegion(string)

	// ShouldUploadSessions returns whether audit config
	// instructs server to upload sessions.
	ShouldUploadSessions() bool

	// AuditSessionsURI gets the audit sessions URI.
	AuditSessionsURI() string
	// SetAuditSessionsURI sets the audit sessions URI.
	SetAuditSessionsURI(string)

	// AuditEventsURIs gets the audit events URIs.
	AuditEventsURIs() []string
	// SetAuditEventsURIs sets the audit events URIs.
	SetAuditEventsURIs([]string)

	// EnableContinuousBackups is used to enable (or disable) PITR (Point-In-Time Recovery).
	EnableContinuousBackups() bool
	// EnableAutoScaling is used to enable (or disable) auto scaling policy.
	EnableAutoScaling() bool
	// ReadMaxCapacity is the maximum provisioned read capacity.
	ReadMaxCapacity() int64
	// ReadMinCapacity is the minimum provisioned read capacity.
	ReadMinCapacity() int64
	// ReadTargetValue is the ratio of consumed read to provisioned capacity.
	ReadTargetValue() float64
	// WriteMaxCapacity is the maximum provisioned write capacity.
	WriteMaxCapacity() int64
	// WriteMinCapacity is the minimum provisioned write capacity.
	WriteMinCapacity() int64
	// WriteTargetValue is the ratio of consumed write to provisioned capacity.
	WriteTargetValue() float64
}

ClusterAuditConfig defines cluster-wide audit log configuration. This is a configuration resource, never create more than one instance of it.

func DefaultClusterAuditConfig 

func DefaultClusterAuditConfig() ClusterAuditConfig

DefaultClusterAuditConfig returns the default audit log configuration.

func NewClusterAuditConfig 

func NewClusterAuditConfig(spec ClusterAuditConfigSpecV2) (ClusterAuditConfig, error)

NewClusterAuditConfig is a convenience method to to create ClusterAuditConfigV2.

type ClusterAuditConfigSpecV2 

type ClusterAuditConfigSpecV2 struct {
	// Type is audit backend type
	Type string `protobuf:"bytes,1,opt,name=Type,proto3" json:"type,omitempty"`
	// Region is a region setting for audit sessions used by cloud providers
	Region string `protobuf:"bytes,2,opt,name=Region,proto3" json:"region,omitempty"`
	// AuditSessionsURI is a parameter where to upload sessions
	AuditSessionsURI string `protobuf:"bytes,3,opt,name=AuditSessionsURI,proto3" json:"audit_sessions_uri,omitempty"`
	// AuditEventsURI is a parameter with all supported outputs
	// for audit events
	AuditEventsURI github_com_gravitational_teleport_api_types_wrappers.Strings `` /* 158-byte string literal not displayed */
	// EnableContinuousBackups is used to enable (or disable) PITR (Point-In-Time Recovery).
	EnableContinuousBackups bool `protobuf:"varint,6,opt,name=EnableContinuousBackups,proto3" json:"continuous_backups,omitempty"`
	// EnableAutoScaling is used to enable (or disable) auto scaling policy.
	EnableAutoScaling bool `protobuf:"varint,7,opt,name=EnableAutoScaling,proto3" json:"auto_scaling,omitempty"`
	// ReadMaxCapacity is the maximum provisioned read capacity.
	ReadMaxCapacity int64 `protobuf:"varint,8,opt,name=ReadMaxCapacity,proto3" json:"read_max_capacity,omitempty"`
	// ReadMinCapacity is the minimum provisioned read capacity.
	ReadMinCapacity int64 `protobuf:"varint,9,opt,name=ReadMinCapacity,proto3" json:"read_min_capacity,omitempty"`
	// ReadTargetValue is the ratio of consumed read to provisioned capacity.
	ReadTargetValue float64 `protobuf:"fixed64,10,opt,name=ReadTargetValue,proto3" json:"read_target_value,omitempty"`
	// WriteMaxCapacity is the maximum provisioned write capacity.
	WriteMaxCapacity int64 `protobuf:"varint,11,opt,name=WriteMaxCapacity,proto3" json:"write_max_capacity,omitempty"`
	// WriteMinCapacity is the minimum provisioned write capacity.
	WriteMinCapacity int64 `protobuf:"varint,12,opt,name=WriteMinCapacity,proto3" json:"write_min_capacity,omitempty"`
	// WriteTargetValue is the ratio of consumed write to provisioned capacity.
	WriteTargetValue     float64  `protobuf:"fixed64,13,opt,name=WriteTargetValue,proto3" json:"write_target_value,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

ClusterAuditConfigSpecV2 is the actual data we care about for ClusterAuditConfig.

func (*ClusterAuditConfigSpecV2) Descriptor 

func (*ClusterAuditConfigSpecV2) Descriptor() ([]byte, []int)

func (*ClusterAuditConfigSpecV2) Marshal 

func (m *ClusterAuditConfigSpecV2) Marshal() (dAtA []byte, err error)

func (*ClusterAuditConfigSpecV2) MarshalTo 

func (m *ClusterAuditConfigSpecV2) MarshalTo(dAtA []byte) (int, error)

func (*ClusterAuditConfigSpecV2) MarshalToSizedBuffer 

func (m *ClusterAuditConfigSpecV2) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*ClusterAuditConfigSpecV2) ProtoMessage 

func (*ClusterAuditConfigSpecV2) ProtoMessage()

func (*ClusterAuditConfigSpecV2) Reset 

func (m *ClusterAuditConfigSpecV2) Reset()

func (*ClusterAuditConfigSpecV2) Size 

func (m *ClusterAuditConfigSpecV2) Size() (n int)

func (*ClusterAuditConfigSpecV2) String 

func (m *ClusterAuditConfigSpecV2) String() string

func (*ClusterAuditConfigSpecV2) Unmarshal 

func (m *ClusterAuditConfigSpecV2) Unmarshal(dAtA []byte) error

func (*ClusterAuditConfigSpecV2) XXX_DiscardUnknown 

func (m *ClusterAuditConfigSpecV2) XXX_DiscardUnknown()

func (*ClusterAuditConfigSpecV2) XXX_Marshal 

func (m *ClusterAuditConfigSpecV2) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*ClusterAuditConfigSpecV2) XXX_Merge 

func (m *ClusterAuditConfigSpecV2) XXX_Merge(src proto.Message)

func (*ClusterAuditConfigSpecV2) XXX_Size 

func (m *ClusterAuditConfigSpecV2) XXX_Size() int

func (*ClusterAuditConfigSpecV2) XXX_Unmarshal 

func (m *ClusterAuditConfigSpecV2) XXX_Unmarshal(b []byte) error

type ClusterAuditConfigV2 

type ClusterAuditConfigV2 struct {
	// Kind is a resource kind
	Kind string `protobuf:"bytes,1,opt,name=Kind,proto3" json:"kind"`
	// SubKind is an optional resource sub kind, used in some resources
	SubKind string `protobuf:"bytes,2,opt,name=SubKind,proto3" json:"sub_kind,omitempty"`
	// Version is a resource version
	Version string `protobuf:"bytes,3,opt,name=Version,proto3" json:"version"`
	// Metadata is resource metadata
	Metadata Metadata `protobuf:"bytes,4,opt,name=Metadata,proto3" json:"metadata"`
	// Spec is a ClusterAuditConfig specification
	Spec                 ClusterAuditConfigSpecV2 `protobuf:"bytes,5,opt,name=Spec,proto3" json:"spec"`
	XXX_NoUnkeyedLiteral struct{}                 `json:"-"`
	XXX_unrecognized     []byte                   `json:"-"`
	XXX_sizecache        int32                    `json:"-"`
}

ClusterAuditConfigV2 represents audit log settings in the cluster.

func (*ClusterAuditConfigV2) AuditEventsURIs 

func (c *ClusterAuditConfigV2) AuditEventsURIs() []string

AuditEventsURIs gets the audit events URIs.

func (*ClusterAuditConfigV2) AuditSessionsURI 

func (c *ClusterAuditConfigV2) AuditSessionsURI() string

AuditSessionsURI gets the audit sessions URI.

func (*ClusterAuditConfigV2) CheckAndSetDefaults 

func (c *ClusterAuditConfigV2) CheckAndSetDefaults() error

CheckAndSetDefaults verifies the constraints for ClusterAuditConfig.

func (*ClusterAuditConfigV2) Descriptor 

func (*ClusterAuditConfigV2) Descriptor() ([]byte, []int)

func (*ClusterAuditConfigV2) EnableAutoScaling 

func (c *ClusterAuditConfigV2) EnableAutoScaling() bool

EnableAutoScaling is used to enable (or disable) auto scaling policy.

func (*ClusterAuditConfigV2) EnableContinuousBackups 

func (c *ClusterAuditConfigV2) EnableContinuousBackups() bool

EnableContinuousBackups is used to enable (or disable) PITR (Point-In-Time Recovery).

func (*ClusterAuditConfigV2) Expiry 

func (c *ClusterAuditConfigV2) Expiry() time.Time

Expiry returns object expiry setting.

func (*ClusterAuditConfigV2) GetKind 

func (c *ClusterAuditConfigV2) GetKind() string

GetKind returns resource kind.

func (*ClusterAuditConfigV2) GetMetadata 

func (c *ClusterAuditConfigV2) GetMetadata() Metadata

GetMetadata returns object metadata.

func (*ClusterAuditConfigV2) GetName 

func (c *ClusterAuditConfigV2) GetName() string

GetName returns the name of the resource.

func (*ClusterAuditConfigV2) GetResourceID 

func (c *ClusterAuditConfigV2) GetResourceID() int64

GetResourceID returns resource ID.

func (*ClusterAuditConfigV2) GetSubKind 

func (c *ClusterAuditConfigV2) GetSubKind() string

GetSubKind returns resource subkind.

func (*ClusterAuditConfigV2) GetVersion 

func (c *ClusterAuditConfigV2) GetVersion() string

GetVersion returns resource version.

func (*ClusterAuditConfigV2) Marshal 

func (m *ClusterAuditConfigV2) Marshal() (dAtA []byte, err error)

func (*ClusterAuditConfigV2) MarshalTo 

func (m *ClusterAuditConfigV2) MarshalTo(dAtA []byte) (int, error)

func (*ClusterAuditConfigV2) MarshalToSizedBuffer 

func (m *ClusterAuditConfigV2) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*ClusterAuditConfigV2) ProtoMessage 

func (*ClusterAuditConfigV2) ProtoMessage()

func (*ClusterAuditConfigV2) ReadMaxCapacity 

func (c *ClusterAuditConfigV2) ReadMaxCapacity() int64

ReadMaxCapacity is the maximum provisioned read capacity.

func (*ClusterAuditConfigV2) ReadMinCapacity 

func (c *ClusterAuditConfigV2) ReadMinCapacity() int64

ReadMinCapacity is the minimum provisioned read capacity.

func (*ClusterAuditConfigV2) ReadTargetValue 

func (c *ClusterAuditConfigV2) ReadTargetValue() float64

ReadTargetValue is the ratio of consumed read to provisioned capacity.

func (*ClusterAuditConfigV2) Region 

func (c *ClusterAuditConfigV2) Region() string

Region gets a cloud provider region.

func (*ClusterAuditConfigV2) Reset 

func (m *ClusterAuditConfigV2) Reset()

func (*ClusterAuditConfigV2) SetAuditEventsURIs 

func (c *ClusterAuditConfigV2) SetAuditEventsURIs(uris []string)

SetAuditEventsURIs sets the audit events URIs.

func (*ClusterAuditConfigV2) SetAuditSessionsURI 

func (c *ClusterAuditConfigV2) SetAuditSessionsURI(uri string)

SetAuditSessionsURI sets the audit sessions URI.

func (*ClusterAuditConfigV2) SetExpiry 

func (c *ClusterAuditConfigV2) SetExpiry(expires time.Time)

SetExpiry sets expiry time for the object.

func (*ClusterAuditConfigV2) SetName 

func (c *ClusterAuditConfigV2) SetName(e string)

SetName sets the name of the resource.

func (*ClusterAuditConfigV2) SetRegion 

func (c *ClusterAuditConfigV2) SetRegion(region string)

SetRegion sets a cloud provider region.

func (*ClusterAuditConfigV2) SetResourceID 

func (c *ClusterAuditConfigV2) SetResourceID(id int64)

SetResourceID sets resource ID.

func (*ClusterAuditConfigV2) SetSubKind 

func (c *ClusterAuditConfigV2) SetSubKind(sk string)

SetSubKind sets resource subkind.

func (*ClusterAuditConfigV2) SetType 

func (c *ClusterAuditConfigV2) SetType(backendType string)

SetType sets the audit backend type.

func (*ClusterAuditConfigV2) ShouldUploadSessions 

func (c *ClusterAuditConfigV2) ShouldUploadSessions() bool

ShouldUploadSessions returns whether audit config instructs server to upload sessions.

func (*ClusterAuditConfigV2) Size 

func (m *ClusterAuditConfigV2) Size() (n int)

func (*ClusterAuditConfigV2) String 

func (m *ClusterAuditConfigV2) String() string

func (*ClusterAuditConfigV2) Type 

func (c *ClusterAuditConfigV2) Type() string

Type gets the audit backend type.

func (*ClusterAuditConfigV2) Unmarshal 

func (m *ClusterAuditConfigV2) Unmarshal(dAtA []byte) error

func (*ClusterAuditConfigV2) WriteMaxCapacity 

func (c *ClusterAuditConfigV2) WriteMaxCapacity() int64

WriteMaxCapacity is the maximum provisioned write capacity.

func (*ClusterAuditConfigV2) WriteMinCapacity 

func (c *ClusterAuditConfigV2) WriteMinCapacity() int64

WriteMinCapacity is the minimum provisioned write capacity.

func (*ClusterAuditConfigV2) WriteTargetValue 

func (c *ClusterAuditConfigV2) WriteTargetValue() float64

WriteTargetValue is the ratio of consumed write to provisioned capacity.

func (*ClusterAuditConfigV2) XXX_DiscardUnknown 

func (m *ClusterAuditConfigV2) XXX_DiscardUnknown()

func (*ClusterAuditConfigV2) XXX_Marshal 

func (m *ClusterAuditConfigV2) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*ClusterAuditConfigV2) XXX_Merge 

func (m *ClusterAuditConfigV2) XXX_Merge(src proto.Message)

func (*ClusterAuditConfigV2) XXX_Size 

func (m *ClusterAuditConfigV2) XXX_Size() int

func (*ClusterAuditConfigV2) XXX_Unmarshal 

func (m *ClusterAuditConfigV2) XXX_Unmarshal(b []byte) error

type ClusterConfig 

type ClusterConfig interface {
	// Resource provides common resource properties.
	Resource

	// GetLegacyClusterID returns the legacy cluster ID.
	// DELETE IN 8.0.0
	GetLegacyClusterID() string

	// SetLegacyClusterID sets the legacy cluster ID.
	// DELETE IN 8.0.0
	SetLegacyClusterID(string)

	// HasAuditConfig returns true if audit configuration is set.
	// DELETE IN 8.0.0
	HasAuditConfig() bool

	// SetAuditConfig sets audit configuration.
	// DELETE IN 8.0.0
	SetAuditConfig(ClusterAuditConfig) error

	// HasNetworkingFields returns true if embedded networking configuration is set.
	// DELETE IN 8.0.0
	HasNetworkingFields() bool

	// SetNetworkingFields sets embedded networking configuration.
	// DELETE IN 8.0.0
	SetNetworkingFields(ClusterNetworkingConfig) error

	// HasSessionRecordingFields returns true if embedded session recording
	// configuration is set.
	// DELETE IN 8.0.0
	HasSessionRecordingFields() bool

	// SetSessionRecordingFields sets embedded session recording configuration.
	// DELETE IN 8.0.0
	SetSessionRecordingFields(SessionRecordingConfig) error

	// HasAuthFields returns true if legacy auth fields are set.
	// DELETE IN 8.0.0
	HasAuthFields() bool

	// SetAuthFields sets legacy auth fields.
	// DELETE IN 8.0.0
	SetAuthFields(AuthPreference) error

	// Copy creates a copy of the resource and returns it.
	Copy() ClusterConfig
}

ClusterConfig defines cluster level configuration. This is a configuration resource, never create more than one instance of it. DELETE IN 8.0.0

func DefaultClusterConfig 

func DefaultClusterConfig() ClusterConfig

DefaultClusterConfig is used as the default cluster configuration when one is not specified (record at node).

func NewClusterConfig 

func NewClusterConfig(spec ClusterConfigSpecV3) (ClusterConfig, error)

NewClusterConfig is a convenience wrapper to create a ClusterConfig resource.

type ClusterConfigSpecV3 

type ClusterConfigSpecV3 struct {
	// ClusterID is the unique cluster ID that is set once during the first auth
	// server startup.
	// DELETE IN 8.0.0
	ClusterID string `protobuf:"bytes,2,opt,name=ClusterID,proto3" json:"cluster_id"`
	// Audit is a section with audit config
	// DELETE IN 8.0.0
	Audit *ClusterAuditConfigSpecV2 `protobuf:"bytes,4,opt,name=Audit,proto3" json:"audit,omitempty"`
	// DELETE IN 8.0.0
	*ClusterNetworkingConfigSpecV2 `protobuf:"bytes,11,opt,name=NetworkingConfig,proto3,embedded=NetworkingConfig" json:""`
	// DELETE IN 8.0.0
	*LegacySessionRecordingConfigSpec `protobuf:"bytes,12,opt,name=SessionRecordingConfig,proto3,embedded=SessionRecordingConfig" json:""`
	// DELETE IN 8.0.0
	*LegacyClusterConfigAuthFields `protobuf:"bytes,13,opt,name=AuthFields,proto3,embedded=AuthFields" json:""`
	XXX_NoUnkeyedLiteral           struct{} `json:"-"`
	XXX_unrecognized               []byte   `json:"-"`
	XXX_sizecache                  int32    `json:"-"`
}

ClusterConfigSpecV3 is the actual data we care about for ClusterConfig.

func (*ClusterConfigSpecV3) Descriptor 

func (*ClusterConfigSpecV3) Descriptor() ([]byte, []int)

func (*ClusterConfigSpecV3) Marshal 

func (m *ClusterConfigSpecV3) Marshal() (dAtA []byte, err error)

func (*ClusterConfigSpecV3) MarshalTo 

func (m *ClusterConfigSpecV3) MarshalTo(dAtA []byte) (int, error)

func (*ClusterConfigSpecV3) MarshalToSizedBuffer 

func (m *ClusterConfigSpecV3) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*ClusterConfigSpecV3) ProtoMessage 

func (*ClusterConfigSpecV3) ProtoMessage()

func (*ClusterConfigSpecV3) Reset 

func (m *ClusterConfigSpecV3) Reset()

func (*ClusterConfigSpecV3) Size 

func (m *ClusterConfigSpecV3) Size() (n int)

func (*ClusterConfigSpecV3) String 

func (m *ClusterConfigSpecV3) String() string

func (*ClusterConfigSpecV3) Unmarshal 

func (m *ClusterConfigSpecV3) Unmarshal(dAtA []byte) error

func (*ClusterConfigSpecV3) XXX_DiscardUnknown 

func (m *ClusterConfigSpecV3) XXX_DiscardUnknown()

func (*ClusterConfigSpecV3) XXX_Marshal 

func (m *ClusterConfigSpecV3) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*ClusterConfigSpecV3) XXX_Merge 

func (m *ClusterConfigSpecV3) XXX_Merge(src proto.Message)

func (*ClusterConfigSpecV3) XXX_Size 

func (m *ClusterConfigSpecV3) XXX_Size() int

func (*ClusterConfigSpecV3) XXX_Unmarshal 

func (m *ClusterConfigSpecV3) XXX_Unmarshal(b []byte) error

type ClusterConfigV3 

type ClusterConfigV3 struct {
	// Kind is a resource kind
	Kind string `protobuf:"bytes,1,opt,name=Kind,proto3" json:"kind"`
	// SubKind is an optional resource sub kind, used in some resources
	SubKind string `protobuf:"bytes,2,opt,name=SubKind,proto3" json:"sub_kind,omitempty"`
	// Version is version
	Version string `protobuf:"bytes,3,opt,name=Version,proto3" json:"version"`
	// Metadata is resource metadata
	Metadata Metadata `protobuf:"bytes,4,opt,name=Metadata,proto3" json:"metadata"`
	// Spec is a cluster config V3 spec
	Spec                 ClusterConfigSpecV3 `protobuf:"bytes,5,opt,name=Spec,proto3" json:"spec"`
	XXX_NoUnkeyedLiteral struct{}            `json:"-"`
	XXX_unrecognized     []byte              `json:"-"`
	XXX_sizecache        int32               `json:"-"`
}

ClusterConfigV3 implements the ClusterConfig interface. DELETE IN 8.0.0

func (*ClusterConfigV3) CheckAndSetDefaults 

func (c *ClusterConfigV3) CheckAndSetDefaults() error

CheckAndSetDefaults checks validity of all parameters and sets defaults.

func (*ClusterConfigV3) Copy 

func (c *ClusterConfigV3) Copy() ClusterConfig

Copy creates a copy of the resource and returns it.

func (*ClusterConfigV3) Descriptor 

func (*ClusterConfigV3) Descriptor() ([]byte, []int)

func (*ClusterConfigV3) Expiry 

func (c *ClusterConfigV3) Expiry() time.Time

Expiry returns object expiry setting

func (*ClusterConfigV3) GetKind 

func (c *ClusterConfigV3) GetKind() string

GetKind returns resource kind

func (*ClusterConfigV3) GetLegacyClusterID 

func (c *ClusterConfigV3) GetLegacyClusterID() string

GetLegacyClusterID returns the legacy cluster ID. DELETE IN 8.0.0

func (*ClusterConfigV3) GetMetadata 

func (c *ClusterConfigV3) GetMetadata() Metadata

GetMetadata returns object metadata

func (*ClusterConfigV3) GetName 

func (c *ClusterConfigV3) GetName() string

GetName returns the name of the cluster.

func (*ClusterConfigV3) GetResourceID 

func (c *ClusterConfigV3) GetResourceID() int64

GetResourceID returns resource ID

func (*ClusterConfigV3) GetSubKind 

func (c *ClusterConfigV3) GetSubKind() string

GetSubKind returns resource subkind

func (*ClusterConfigV3) GetVersion 

func (c *ClusterConfigV3) GetVersion() string

GetVersion returns resource version

func (*ClusterConfigV3) HasAuditConfig 

func (c *ClusterConfigV3) HasAuditConfig() bool

HasAuditConfig returns true if audit configuration is set. DELETE IN 8.0.0

func (*ClusterConfigV3) HasAuthFields 

func (c *ClusterConfigV3) HasAuthFields() bool

HasAuthFields returns true if legacy auth fields are set. DELETE IN 8.0.0

func (*ClusterConfigV3) HasNetworkingFields 

func (c *ClusterConfigV3) HasNetworkingFields() bool

HasNetworkingFields returns true if embedded networking configuration is set. DELETE IN 8.0.0

func (*ClusterConfigV3) HasSessionRecordingFields 

func (c *ClusterConfigV3) HasSessionRecordingFields() bool

HasSessionRecordingFields returns true if embedded session recording configuration is set. DELETE IN 8.0.0

func (*ClusterConfigV3) Marshal 

func (m *ClusterConfigV3) Marshal() (dAtA []byte, err error)

func (*ClusterConfigV3) MarshalTo 

func (m *ClusterConfigV3) MarshalTo(dAtA []byte) (int, error)

func (*ClusterConfigV3) MarshalToSizedBuffer 

func (m *ClusterConfigV3) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*ClusterConfigV3) ProtoMessage 

func (*ClusterConfigV3) ProtoMessage()

func (*ClusterConfigV3) Reset 

func (m *ClusterConfigV3) Reset()

func (*ClusterConfigV3) SetAuditConfig 

func (c *ClusterConfigV3) SetAuditConfig(auditConfig ClusterAuditConfig) error

SetAuditConfig sets audit configuration. DELETE IN 8.0.0

func (*ClusterConfigV3) SetAuthFields 

func (c *ClusterConfigV3) SetAuthFields(authPref AuthPreference) error

SetAuthFields sets legacy auth fields. DELETE IN 8.0.0

func (*ClusterConfigV3) SetExpiry 

func (c *ClusterConfigV3) SetExpiry(expires time.Time)

SetExpiry sets expiry time for the object

func (*ClusterConfigV3) SetLegacyClusterID 

func (c *ClusterConfigV3) SetLegacyClusterID(id string)

SetLegacyClusterID sets the legacy cluster ID. DELETE IN 8.0.0

func (*ClusterConfigV3) SetName 

func (c *ClusterConfigV3) SetName(e string)

SetName sets the name of the cluster.

func (*ClusterConfigV3) SetNetworkingFields 

func (c *ClusterConfigV3) SetNetworkingFields(netConfig ClusterNetworkingConfig) error

SetNetworkingFields sets embedded networking configuration. DELETE IN 8.0.0

func (*ClusterConfigV3) SetResourceID 

func (c *ClusterConfigV3) SetResourceID(id int64)

SetResourceID sets resource ID

func (*ClusterConfigV3) SetSessionRecordingFields 

func (c *ClusterConfigV3) SetSessionRecordingFields(recConfig SessionRecordingConfig) error

SetSessionRecordingFields sets embedded session recording configuration. DELETE IN 8.0.0

func (*ClusterConfigV3) SetSubKind 

func (c *ClusterConfigV3) SetSubKind(sk string)

SetSubKind sets resource subkind

func (*ClusterConfigV3) Size 

func (m *ClusterConfigV3) Size() (n int)

func (*ClusterConfigV3) String 

func (c *ClusterConfigV3) String() string

String represents a human readable version of the cluster name.

func (*ClusterConfigV3) Unmarshal 

func (m *ClusterConfigV3) Unmarshal(dAtA []byte) error

func (*ClusterConfigV3) XXX_DiscardUnknown 

func (m *ClusterConfigV3) XXX_DiscardUnknown()

func (*ClusterConfigV3) XXX_Marshal 

func (m *ClusterConfigV3) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*ClusterConfigV3) XXX_Merge 

func (m *ClusterConfigV3) XXX_Merge(src proto.Message)

func (*ClusterConfigV3) XXX_Size 

func (m *ClusterConfigV3) XXX_Size() int

func (*ClusterConfigV3) XXX_Unmarshal 

func (m *ClusterConfigV3) XXX_Unmarshal(b []byte) error

type ClusterName 

type ClusterName interface {
	// Resource provides common resource properties.
	Resource

	// SetClusterName sets the name of the cluster.
	SetClusterName(string)
	// GetClusterName gets the name of the cluster.
	GetClusterName() string

	// SetClusterID sets the ID of the cluster.
	SetClusterID(string)
	// GetClusterID gets the ID of the cluster.
	GetClusterID() string
}

ClusterName defines the name of the cluster. This is a configuration resource, never create more than one instance of it.

func NewClusterName 

func NewClusterName(spec ClusterNameSpecV2) (ClusterName, error)

NewClusterName is a convenience wrapper to create a ClusterName resource.

type ClusterNameSpecV2 

type ClusterNameSpecV2 struct {
	// ClusterName is the name of the cluster. Changing this value once the
	// cluster is setup can and will cause catastrophic problems.
	ClusterName string `protobuf:"bytes,1,opt,name=ClusterName,proto3" json:"cluster_name"`
	// ClusterID is the unique cluster ID that is set once during the first
	// auth server startup.
	ClusterID            string   `protobuf:"bytes,2,opt,name=ClusterID,proto3" json:"cluster_id"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

ClusterNameSpecV2 is the actual data we care about for ClusterName.

func (*ClusterNameSpecV2) Descriptor 

func (*ClusterNameSpecV2) Descriptor() ([]byte, []int)

func (*ClusterNameSpecV2) Marshal 

func (m *ClusterNameSpecV2) Marshal() (dAtA []byte, err error)

func (*ClusterNameSpecV2) MarshalTo 

func (m *ClusterNameSpecV2) MarshalTo(dAtA []byte) (int, error)

func (*ClusterNameSpecV2) MarshalToSizedBuffer 

func (m *ClusterNameSpecV2) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*ClusterNameSpecV2) ProtoMessage 

func (*ClusterNameSpecV2) ProtoMessage()

func (*ClusterNameSpecV2) Reset 

func (m *ClusterNameSpecV2) Reset()

func (*ClusterNameSpecV2) Size 

func (m *ClusterNameSpecV2) Size() (n int)

func (*ClusterNameSpecV2) String 

func (m *ClusterNameSpecV2) String() string

func (*ClusterNameSpecV2) Unmarshal 

func (m *ClusterNameSpecV2) Unmarshal(dAtA []byte) error

func (*ClusterNameSpecV2) XXX_DiscardUnknown 

func (m *ClusterNameSpecV2) XXX_DiscardUnknown()

func (*ClusterNameSpecV2) XXX_Marshal 

func (m *ClusterNameSpecV2) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*ClusterNameSpecV2) XXX_Merge 

func (m *ClusterNameSpecV2) XXX_Merge(src proto.Message)

func (*ClusterNameSpecV2) XXX_Size 

func (m *ClusterNameSpecV2) XXX_Size() int

func (*ClusterNameSpecV2) XXX_Unmarshal 

func (m *ClusterNameSpecV2) XXX_Unmarshal(b []byte) error

type ClusterNameV2 

type ClusterNameV2 struct {
	// Kind is a resource kind
	Kind string `protobuf:"bytes,1,opt,name=Kind,proto3" json:"kind"`
	// SubKind is an optional resource sub kind, used in some resources
	SubKind string `protobuf:"bytes,2,opt,name=SubKind,proto3" json:"sub_kind,omitempty"`
	// Version is version
	Version string `protobuf:"bytes,3,opt,name=Version,proto3" json:"version"`
	// Metadata is resource metadata
	Metadata Metadata `protobuf:"bytes,4,opt,name=Metadata,proto3" json:"metadata"`
	// Spec is a cluster name V2 spec
	Spec                 ClusterNameSpecV2 `protobuf:"bytes,5,opt,name=Spec,proto3" json:"spec"`
	XXX_NoUnkeyedLiteral struct{}          `json:"-"`
	XXX_unrecognized     []byte            `json:"-"`
	XXX_sizecache        int32             `json:"-"`
}

ClusterNameV2 implements the ClusterName interface.

func (*ClusterNameV2) CheckAndSetDefaults 

func (c *ClusterNameV2) CheckAndSetDefaults() error

CheckAndSetDefaults checks validity of all parameters and sets defaults.

func (*ClusterNameV2) Descriptor 

func (*ClusterNameV2) Descriptor() ([]byte, []int)

func (*ClusterNameV2) Expiry 

func (c *ClusterNameV2) Expiry() time.Time

Expiry returns object expiry setting

func (*ClusterNameV2) GetClusterID 

func (c *ClusterNameV2) GetClusterID() string

GetClusterID gets the ID of the cluster.

func (*ClusterNameV2) GetClusterName 

func (c *ClusterNameV2) GetClusterName() string

GetClusterName gets the name of the cluster.

func (*ClusterNameV2) GetKind 

func (c *ClusterNameV2) GetKind() string

GetKind returns resource kind

func (*ClusterNameV2) GetMetadata 

func (c *ClusterNameV2) GetMetadata() Metadata

GetMetadata returns object metadata

func (*ClusterNameV2) GetName 

func (c *ClusterNameV2) GetName() string

GetName returns the name of the cluster.

func (*ClusterNameV2) GetResourceID 

func (c *ClusterNameV2) GetResourceID() int64

GetResourceID returns resource ID

func (*ClusterNameV2) GetSubKind 

func (c *ClusterNameV2) GetSubKind() string

GetSubKind returns resource sub kind

func (*ClusterNameV2) GetVersion 

func (c *ClusterNameV2) GetVersion() string

GetVersion returns resource version

func (*ClusterNameV2) Marshal 

func (m *ClusterNameV2) Marshal() (dAtA []byte, err error)

func (*ClusterNameV2) MarshalTo 

func (m *ClusterNameV2) MarshalTo(dAtA []byte) (int, error)

func (*ClusterNameV2) MarshalToSizedBuffer 

func (m *ClusterNameV2) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*ClusterNameV2) ProtoMessage 

func (*ClusterNameV2) ProtoMessage()

func (*ClusterNameV2) Reset 

func (m *ClusterNameV2) Reset()

func (*ClusterNameV2) SetClusterID 

func (c *ClusterNameV2) SetClusterID(id string)

SetClusterID sets the ID of the cluster.

func (*ClusterNameV2) SetClusterName 

func (c *ClusterNameV2) SetClusterName(n string)

SetClusterName sets the name of the cluster.

func (*ClusterNameV2) SetExpiry 

func (c *ClusterNameV2) SetExpiry(expires time.Time)

SetExpiry sets expiry time for the object

func (*ClusterNameV2) SetName 

func (c *ClusterNameV2) SetName(e string)

SetName sets the name of the cluster.

func (*ClusterNameV2) SetResourceID 

func (c *ClusterNameV2) SetResourceID(id int64)

SetResourceID sets resource ID

func (*ClusterNameV2) SetSubKind 

func (c *ClusterNameV2) SetSubKind(sk string)

SetSubKind sets resource subkind

func (*ClusterNameV2) Size 

func (m *ClusterNameV2) Size() (n int)

func (*ClusterNameV2) String 

func (c *ClusterNameV2) String() string

String represents a human readable version of the cluster name.

func (*ClusterNameV2) Unmarshal 

func (m *ClusterNameV2) Unmarshal(dAtA []byte) error

func (*ClusterNameV2) XXX_DiscardUnknown 

func (m *ClusterNameV2) XXX_DiscardUnknown()

func (*ClusterNameV2) XXX_Marshal 

func (m *ClusterNameV2) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*ClusterNameV2) XXX_Merge 

func (m *ClusterNameV2) XXX_Merge(src proto.Message)

func (*ClusterNameV2) XXX_Size 

func (m *ClusterNameV2) XXX_Size() int

func (*ClusterNameV2) XXX_Unmarshal 

func (m *ClusterNameV2) XXX_Unmarshal(b []byte) error

type ClusterNetworkingConfig 

type ClusterNetworkingConfig interface {
	ResourceWithOrigin

	// GetClientIdleTimeout returns client idle timeout setting
	GetClientIdleTimeout() time.Duration

	// SetClientIdleTimeout sets client idle timeout setting
	SetClientIdleTimeout(t time.Duration)

	// GetKeepAliveInterval gets the keep-alive interval for server to client
	// connections.
	GetKeepAliveInterval() time.Duration

	// SetKeepAliveInterval sets the keep-alive interval for server to client
	// connections.
	SetKeepAliveInterval(t time.Duration)

	// GetKeepAliveCountMax gets the number of missed keep-alive messages before
	// the server disconnects the client.
	GetKeepAliveCountMax() int64

	// SetKeepAliveCountMax sets the number of missed keep-alive messages before
	// the server disconnects the client.
	SetKeepAliveCountMax(c int64)

	// GetSessionControlTimeout gets the session control timeout.
	GetSessionControlTimeout() time.Duration

	// SetSessionControlTimeout sets the session control timeout.
	SetSessionControlTimeout(t time.Duration)

	// GetClientIdleTimeoutMessage fetches the message to be sent to the client in
	// the event of an idle timeout. An empty string implies no message should
	// be sent.
	GetClientIdleTimeoutMessage() string

	// SetClientIdleTimeoutMessage sets the inactivity timeout disconnection message
	// to be sent to the user.
	SetClientIdleTimeoutMessage(string)
}

ClusterNetworkingConfig defines cluster networking configuration. This is a configuration resource, never create more than one instance of it.

func DefaultClusterNetworkingConfig 

func DefaultClusterNetworkingConfig() ClusterNetworkingConfig

DefaultClusterNetworkingConfig returns the default cluster networking config.

func NewClusterNetworkingConfigFromConfigFile 

func NewClusterNetworkingConfigFromConfigFile(spec ClusterNetworkingConfigSpecV2) (ClusterNetworkingConfig, error)

NewClusterNetworkingConfigFromConfigFile is a convenience method to create ClusterNetworkingConfigV2 labelled as originating from config file.

type ClusterNetworkingConfigSpecV2 

type ClusterNetworkingConfigSpecV2 struct {
	// ClientIdleTimeout sets global cluster default setting for client idle
	// timeouts.
	ClientIdleTimeout Duration `protobuf:"varint,1,opt,name=ClientIdleTimeout,proto3,casttype=Duration" json:"client_idle_timeout"`
	// KeepAliveInterval is the interval at which the server sends keep-alive messsages
	// to the client.
	KeepAliveInterval Duration `protobuf:"varint,2,opt,name=KeepAliveInterval,proto3,casttype=Duration" json:"keep_alive_interval"`
	// KeepAliveCountMax is the number of keep-alive messages that can be
	// missed before the server disconnects the connection to the client.
	KeepAliveCountMax int64 `protobuf:"varint,3,opt,name=KeepAliveCountMax,proto3" json:"keep_alive_count_max"`
	// SessionControlTimeout is the session control lease expiry and defines
	// the upper limit of how long a node may be out of contact with the auth
	// server before it begins terminating controlled sessions.
	SessionControlTimeout Duration `protobuf:"varint,4,opt,name=SessionControlTimeout,proto3,casttype=Duration" json:"session_control_timeout"`
	// ClientIdleTimeoutMessage is the message sent to the user when a connection times out.
	ClientIdleTimeoutMessage string `protobuf:"bytes,5,opt,name=ClientIdleTimeoutMessage,proto3" json:"idle_timeout_message"`
	// WebIdleTimeout sets global cluster default setting for the web UI idle
	// timeouts.
	WebIdleTimeout       Duration `protobuf:"varint,6,opt,name=WebIdleTimeout,proto3,casttype=Duration" json:"web_idle_timeout"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

ClusterNetworkingConfigSpecV2 is the actual data we care about for ClusterNetworkingConfig.

func (*ClusterNetworkingConfigSpecV2) Descriptor 

func (*ClusterNetworkingConfigSpecV2) Descriptor() ([]byte, []int)

func (*ClusterNetworkingConfigSpecV2) Marshal 

func (m *ClusterNetworkingConfigSpecV2) Marshal() (dAtA []byte, err error)

func (*ClusterNetworkingConfigSpecV2) MarshalTo 

func (m *ClusterNetworkingConfigSpecV2) MarshalTo(dAtA []byte) (int, error)

func (*ClusterNetworkingConfigSpecV2) MarshalToSizedBuffer 

func (m *ClusterNetworkingConfigSpecV2) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*ClusterNetworkingConfigSpecV2) ProtoMessage 

func (*ClusterNetworkingConfigSpecV2) ProtoMessage()

func (*ClusterNetworkingConfigSpecV2) Reset 

func (m *ClusterNetworkingConfigSpecV2) Reset()

func (*ClusterNetworkingConfigSpecV2) Size 

func (m *ClusterNetworkingConfigSpecV2) Size() (n int)

func (*ClusterNetworkingConfigSpecV2) String 

func (m *ClusterNetworkingConfigSpecV2) String() string

func (*ClusterNetworkingConfigSpecV2) Unmarshal 

func (m *ClusterNetworkingConfigSpecV2) Unmarshal(dAtA []byte) error

func (*ClusterNetworkingConfigSpecV2) XXX_DiscardUnknown 

func (m *ClusterNetworkingConfigSpecV2) XXX_DiscardUnknown()

func (*ClusterNetworkingConfigSpecV2) XXX_Marshal 

func (m *ClusterNetworkingConfigSpecV2) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*ClusterNetworkingConfigSpecV2) XXX_Merge 

func (m *ClusterNetworkingConfigSpecV2) XXX_Merge(src proto.Message)

func (*ClusterNetworkingConfigSpecV2) XXX_Size 

func (m *ClusterNetworkingConfigSpecV2) XXX_Size() int

func (*ClusterNetworkingConfigSpecV2) XXX_Unmarshal 

func (m *ClusterNetworkingConfigSpecV2) XXX_Unmarshal(b []byte) error

type ClusterNetworkingConfigV2 

type ClusterNetworkingConfigV2 struct {
	// Kind is a resource kind
	Kind string `protobuf:"bytes,1,opt,name=Kind,proto3" json:"kind"`
	// SubKind is an optional resource sub kind, used in some resources
	SubKind string `protobuf:"bytes,2,opt,name=SubKind,proto3" json:"sub_kind,omitempty"`
	// Version is a resource version
	Version string `protobuf:"bytes,3,opt,name=Version,proto3" json:"version"`
	// Metadata is resource metadata
	Metadata Metadata `protobuf:"bytes,4,opt,name=Metadata,proto3" json:"metadata"`
	// Spec is a ClusterNetworkingConfig specification
	Spec                 ClusterNetworkingConfigSpecV2 `protobuf:"bytes,5,opt,name=Spec,proto3" json:"spec"`
	XXX_NoUnkeyedLiteral struct{}                      `json:"-"`
	XXX_unrecognized     []byte                        `json:"-"`
	XXX_sizecache        int32                         `json:"-"`
}

ClusterNetworkingConfigV2 contains cluster-wide networking configuration.

func (*ClusterNetworkingConfigV2) CheckAndSetDefaults 

func (c *ClusterNetworkingConfigV2) CheckAndSetDefaults() error

CheckAndSetDefaults verifies the constraints for ClusterNetworkingConfig.

func (*ClusterNetworkingConfigV2) Descriptor 

func (*ClusterNetworkingConfigV2) Descriptor() ([]byte, []int)

func (*ClusterNetworkingConfigV2) Expiry 

func (c *ClusterNetworkingConfigV2) Expiry() time.Time

Expiry returns object expiry setting.

func (*ClusterNetworkingConfigV2) GetClientIdleTimeout 

func (c *ClusterNetworkingConfigV2) GetClientIdleTimeout() time.Duration

GetClientIdleTimeout returns client idle timeout setting.

func (*ClusterNetworkingConfigV2) GetClientIdleTimeoutMessage 

func (c *ClusterNetworkingConfigV2) GetClientIdleTimeoutMessage() string

func (*ClusterNetworkingConfigV2) GetKeepAliveCountMax 

func (c *ClusterNetworkingConfigV2) GetKeepAliveCountMax() int64

GetKeepAliveCountMax gets the number of missed keep-alive messages before the server disconnects the client.

func (*ClusterNetworkingConfigV2) GetKeepAliveInterval 

func (c *ClusterNetworkingConfigV2) GetKeepAliveInterval() time.Duration

GetKeepAliveInterval gets the keep-alive interval.

func (*ClusterNetworkingConfigV2) GetKind 

func (c *ClusterNetworkingConfigV2) GetKind() string

GetKind returns resource kind.

func (*ClusterNetworkingConfigV2) GetMetadata 

func (c *ClusterNetworkingConfigV2) GetMetadata() Metadata

GetMetadata returns object metadata.

func (*ClusterNetworkingConfigV2) GetName 

func (c *ClusterNetworkingConfigV2) GetName() string

GetName returns the name of the resource.

func (*ClusterNetworkingConfigV2) GetResourceID 

func (c *ClusterNetworkingConfigV2) GetResourceID() int64

GetResourceID returns resource ID.

func (*ClusterNetworkingConfigV2) GetSessionControlTimeout 

func (c *ClusterNetworkingConfigV2) GetSessionControlTimeout() time.Duration

GetSessionControlTimeout gets the session control timeout.

func (*ClusterNetworkingConfigV2) GetSubKind 

func (c *ClusterNetworkingConfigV2) GetSubKind() string

GetSubKind returns resource subkind.

func (*ClusterNetworkingConfigV2) GetVersion 

func (c *ClusterNetworkingConfigV2) GetVersion() string

GetVersion returns resource version.

func (*ClusterNetworkingConfigV2) Marshal 

func (m *ClusterNetworkingConfigV2) Marshal() (dAtA []byte, err error)

func (*ClusterNetworkingConfigV2) MarshalTo 

func (m *ClusterNetworkingConfigV2) MarshalTo(dAtA []byte) (int, error)

func (*ClusterNetworkingConfigV2) MarshalToSizedBuffer 

func (m *ClusterNetworkingConfigV2) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*ClusterNetworkingConfigV2) Origin 

func (c *ClusterNetworkingConfigV2) Origin() string

Origin returns the origin value of the resource.

func (*ClusterNetworkingConfigV2) ProtoMessage 

func (*ClusterNetworkingConfigV2) ProtoMessage()

func (*ClusterNetworkingConfigV2) Reset 

func (m *ClusterNetworkingConfigV2) Reset()

func (*ClusterNetworkingConfigV2) SetClientIdleTimeout 

func (c *ClusterNetworkingConfigV2) SetClientIdleTimeout(d time.Duration)

SetClientIdleTimeout sets client idle timeout setting.

func (*ClusterNetworkingConfigV2) SetClientIdleTimeoutMessage 

func (c *ClusterNetworkingConfigV2) SetClientIdleTimeoutMessage(msg string)

func (*ClusterNetworkingConfigV2) SetExpiry 

func (c *ClusterNetworkingConfigV2) SetExpiry(expires time.Time)

SetExpiry sets expiry time for the object.

func (*ClusterNetworkingConfigV2) SetKeepAliveCountMax 

func (c *ClusterNetworkingConfigV2) SetKeepAliveCountMax(m int64)

SetKeepAliveCountMax sets the number of missed keep-alive messages before the server disconnects the client.

func (*ClusterNetworkingConfigV2) SetKeepAliveInterval 

func (c *ClusterNetworkingConfigV2) SetKeepAliveInterval(t time.Duration)

SetKeepAliveInterval sets the keep-alive interval.

func (*ClusterNetworkingConfigV2) SetName 

func (c *ClusterNetworkingConfigV2) SetName(name string)

SetName sets the name of the resource.

func (*ClusterNetworkingConfigV2) SetOrigin 

func (c *ClusterNetworkingConfigV2) SetOrigin(origin string)

SetOrigin sets the origin value of the resource.

func (*ClusterNetworkingConfigV2) SetResourceID 

func (c *ClusterNetworkingConfigV2) SetResourceID(id int64)

SetResourceID sets resource ID.

func (*ClusterNetworkingConfigV2) SetSessionControlTimeout 

func (c *ClusterNetworkingConfigV2) SetSessionControlTimeout(d time.Duration)

SetSessionControlTimeout sets the session control timeout.

func (*ClusterNetworkingConfigV2) SetSubKind 

func (c *ClusterNetworkingConfigV2) SetSubKind(sk string)

SetSubKind sets resource subkind.

func (*ClusterNetworkingConfigV2) Size 

func (m *ClusterNetworkingConfigV2) Size() (n int)

func (*ClusterNetworkingConfigV2) String 

func (m *ClusterNetworkingConfigV2) String() string

func (*ClusterNetworkingConfigV2) Unmarshal 

func (m *ClusterNetworkingConfigV2) Unmarshal(dAtA []byte) error

func (*ClusterNetworkingConfigV2) XXX_DiscardUnknown 

func (m *ClusterNetworkingConfigV2) XXX_DiscardUnknown()

func (*ClusterNetworkingConfigV2) XXX_Marshal 

func (m *ClusterNetworkingConfigV2) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*ClusterNetworkingConfigV2) XXX_Merge 

func (m *ClusterNetworkingConfigV2) XXX_Merge(src proto.Message)

func (*ClusterNetworkingConfigV2) XXX_Size 

func (m *ClusterNetworkingConfigV2) XXX_Size() int

func (*ClusterNetworkingConfigV2) XXX_Unmarshal 

func (m *ClusterNetworkingConfigV2) XXX_Unmarshal(b []byte) error

type CommandLabel 

type CommandLabel interface {
	// GetPeriod returns label period
	GetPeriod() time.Duration
	// SetPeriod sets label period
	SetPeriod(time.Duration)
	// GetResult returns label result
	GetResult() string
	// SetResult sets label result
	SetResult(string)
	// GetCommand returns to execute and set as a label result
	GetCommand() []string
	// Clone returns label copy
	Clone() CommandLabel
}

CommandLabel is a label that has a value as a result of the output generated by running command, e.g. hostname

type CommandLabelV2 

type CommandLabelV2 struct {
	// Period is a time between command runs
	Period Duration `protobuf:"varint,1,opt,name=Period,proto3,casttype=Duration" json:"period"`
	// Command is a command to run
	Command []string `protobuf:"bytes,2,rep,name=Command,proto3" json:"command"`
	// Result captures standard output
	Result               string   `protobuf:"bytes,3,opt,name=Result,proto3" json:"result"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

CommandLabelV2 is a label that has a value as a result of the output generated by running command, e.g. hostname

func (*CommandLabelV2) Clone 

func (c *CommandLabelV2) Clone() CommandLabel

Clone returns non-shallow copy of the label

func (*CommandLabelV2) Descriptor 

func (*CommandLabelV2) Descriptor() ([]byte, []int)

func (*CommandLabelV2) GetCommand 

func (c *CommandLabelV2) GetCommand() []string

GetCommand returns to execute and set as a label result

func (*CommandLabelV2) GetPeriod 

func (c *CommandLabelV2) GetPeriod() time.Duration

GetPeriod returns label period

func (*CommandLabelV2) GetResult 

func (c *CommandLabelV2) GetResult() string

GetResult returns label result

func (*CommandLabelV2) Marshal 

func (m *CommandLabelV2) Marshal() (dAtA []byte, err error)

func (*CommandLabelV2) MarshalTo 

func (m *CommandLabelV2) MarshalTo(dAtA []byte) (int, error)

func (*CommandLabelV2) MarshalToSizedBuffer 

func (m *CommandLabelV2) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*CommandLabelV2) ProtoMessage 

func (*CommandLabelV2) ProtoMessage()

func (*CommandLabelV2) Reset 

func (m *CommandLabelV2) Reset()

func (*CommandLabelV2) SetPeriod 

func (c *CommandLabelV2) SetPeriod(p time.Duration)

SetPeriod sets label period

func (*CommandLabelV2) SetResult 

func (c *CommandLabelV2) SetResult(r string)

SetResult sets label result

func (*CommandLabelV2) Size 

func (m *CommandLabelV2) Size() (n int)

func (*CommandLabelV2) String 

func (m *CommandLabelV2) String() string

func (*CommandLabelV2) Unmarshal 

func (m *CommandLabelV2) Unmarshal(dAtA []byte) error

func (*CommandLabelV2) XXX_DiscardUnknown 

func (m *CommandLabelV2) XXX_DiscardUnknown()

func (*CommandLabelV2) XXX_Marshal 

func (m *CommandLabelV2) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*CommandLabelV2) XXX_Merge 

func (m *CommandLabelV2) XXX_Merge(src proto.Message)

func (*CommandLabelV2) XXX_Size 

func (m *CommandLabelV2) XXX_Size() int

func (*CommandLabelV2) XXX_Unmarshal 

func (m *CommandLabelV2) XXX_Unmarshal(b []byte) error

type ConnectorRef 

type ConnectorRef struct {
	// Type is connector type
	Type string `protobuf:"bytes,1,opt,name=Type,proto3" json:"type"`
	// ID is connector ID
	ID string `protobuf:"bytes,2,opt,name=ID,proto3" json:"id"`
	// Identity is external identity of the user
	Identity             string   `protobuf:"bytes,3,opt,name=Identity,proto3" json:"identity"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

ConnectorRef holds information about OIDC connector

func (*ConnectorRef) Descriptor 

func (*ConnectorRef) Descriptor() ([]byte, []int)

func (*ConnectorRef) IsSameProvider 

func (r *ConnectorRef) IsSameProvider(other *ConnectorRef) bool

IsSameProvider returns true if the provided connector has the same ID/type as this one

func (*ConnectorRef) Marshal 

func (m *ConnectorRef) Marshal() (dAtA []byte, err error)

func (*ConnectorRef) MarshalTo 

func (m *ConnectorRef) MarshalTo(dAtA []byte) (int, error)

func (*ConnectorRef) MarshalToSizedBuffer 

func (m *ConnectorRef) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*ConnectorRef) ProtoMessage 

func (*ConnectorRef) ProtoMessage()

func (*ConnectorRef) Reset 

func (m *ConnectorRef) Reset()

func (*ConnectorRef) Size 

func (m *ConnectorRef) Size() (n int)

func (*ConnectorRef) String 

func (m *ConnectorRef) String() string

func (*ConnectorRef) Unmarshal 

func (m *ConnectorRef) Unmarshal(dAtA []byte) error

func (*ConnectorRef) XXX_DiscardUnknown 

func (m *ConnectorRef) XXX_DiscardUnknown()

func (*ConnectorRef) XXX_Marshal 

func (m *ConnectorRef) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*ConnectorRef) XXX_Merge 

func (m *ConnectorRef) XXX_Merge(src proto.Message)

func (*ConnectorRef) XXX_Size 

func (m *ConnectorRef) XXX_Size() int

func (*ConnectorRef) XXX_Unmarshal 

func (m *ConnectorRef) XXX_Unmarshal(b []byte) error

type CreateAppSessionRequest 

type CreateAppSessionRequest struct {
	// Username is the identity of the user requesting the session.
	Username string `json:"username"`
	// PublicAddr is the public address of the application.
	PublicAddr string `json:"public_addr"`
	// ClusterName is the name of the cluster within which the application is running.
	ClusterName string `json:"cluster_name"`
	// AWSRoleARN is AWS role this the user wants to assume.
	AWSRoleARN string `json:"aws_role_arn"`
}

CreateAppSessionRequest contains the parameters needed to request creating an application web session.

func (CreateAppSessionRequest) Check 

func (r CreateAppSessionRequest) Check() error

Check validates the request.

type CreatedBy 

type CreatedBy struct {
	// Identity if present means that user was automatically created by identity
	Connector *ConnectorRef `protobuf:"bytes,1,opt,name=Connector,proto3" json:"connector,omitempty"`
	// Time specifies when user was created
	Time time.Time `protobuf:"bytes,2,opt,name=Time,proto3,stdtime" json:"time"`
	// User holds information about user
	User                 UserRef  `protobuf:"bytes,3,opt,name=User,proto3" json:"user"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

CreatedBy holds information about the person or agent who created the user

func (*CreatedBy) Descriptor 

func (*CreatedBy) Descriptor() ([]byte, []int)

func (CreatedBy) IsEmpty 

func (c CreatedBy) IsEmpty() bool

IsEmpty returns true if there's no info about who created this user

func (*CreatedBy) Marshal 

func (m *CreatedBy) Marshal() (dAtA []byte, err error)

func (*CreatedBy) MarshalTo 

func (m *CreatedBy) MarshalTo(dAtA []byte) (int, error)

func (*CreatedBy) MarshalToSizedBuffer 

func (m *CreatedBy) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*CreatedBy) ProtoMessage 

func (*CreatedBy) ProtoMessage()

func (*CreatedBy) Reset 

func (m *CreatedBy) Reset()

func (*CreatedBy) Size 

func (m *CreatedBy) Size() (n int)

func (CreatedBy) String 

func (c CreatedBy) String() string

String returns human readable information about the user

func (*CreatedBy) Unmarshal 

func (m *CreatedBy) Unmarshal(dAtA []byte) error

func (*CreatedBy) XXX_DiscardUnknown 

func (m *CreatedBy) XXX_DiscardUnknown()

func (*CreatedBy) XXX_Marshal 

func (m *CreatedBy) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*CreatedBy) XXX_Merge 

func (m *CreatedBy) XXX_Merge(src proto.Message)

func (*CreatedBy) XXX_Size 

func (m *CreatedBy) XXX_Size() int

func (*CreatedBy) XXX_Unmarshal 

func (m *CreatedBy) XXX_Unmarshal(b []byte) error

type DatabaseServer 

type DatabaseServer interface {
	// Resource provides common resource methods.
	Resource
	// GetNamespace returns server namespace.
	GetNamespace() string
	// GetTeleportVersion returns the teleport version the server is running on.
	GetTeleportVersion() string
	// GetHostname returns the server hostname.
	GetHostname() string
	// GetHostID returns ID of the host the server is running on.
	GetHostID() string
	// GetStaticLabels returns server static labels.
	GetStaticLabels() map[string]string
	// SetStaticLabels sets server static labels.
	SetStaticLabels(map[string]string)
	// GetDynamicLabels returns server dynamic labels.
	GetDynamicLabels() map[string]CommandLabel
	// SetDynamicLabels sets server dynamic labels.
	SetDynamicLabels(map[string]CommandLabel)
	// GetAllLabels returns combined static and dynamic labels.
	GetAllLabels() map[string]string
	// LabelsString returns all labels as a string.
	LabelsString() string
	// GetRotation gets the state of certificate authority rotation.
	GetRotation() Rotation
	// SetRotation sets the state of certificate authority rotation.
	SetRotation(Rotation)
	// String returns string representation of the server.
	String() string
	// GetDescription returns the database server description.
	GetDescription() string
	// GetProtocol returns the database server protocol.
	GetProtocol() string
	// GetURI returns the database connection address.
	GetURI() string
	// GetCA returns the database CA certificate bytes.
	GetCA() []byte
	// SetCA sets the database CA certificate bytes.
	SetCA([]byte)
	// GetAWS returns AWS information for RDS/Aurora databases.
	GetAWS() AWS
	// GetGCP returns GCP information for Cloud SQL databases.
	GetGCP() GCPCloudSQL
	// GetType returns the database authentication type: self-hosted, RDS, Redshift or Cloud SQL.
	GetType() string
	// IsRDS returns true if this is an RDS/Aurora database.
	IsRDS() bool
	// IsRedshift returns true if this is a Redshift database.
	IsRedshift() bool
	// IsCloudSQL returns true if this is a Cloud SQL database.
	IsCloudSQL() bool
	// Copy returns a copy of this database server object.
	Copy() DatabaseServer
}

DatabaseServer represents a database access server.

func DeduplicateDatabaseServers 

func DeduplicateDatabaseServers(servers []DatabaseServer) (result []DatabaseServer)

DeduplicateDatabaseServers deduplicates database servers by name.

type DatabaseServerSpecV3 

type DatabaseServerSpecV3 struct {
	// Description is a free-form text describing this database server.
	Description string `protobuf:"bytes,1,opt,name=Description,proto3" json:"description,omitempty"`
	// Protocol is the database type e.g. postgres, mysql, etc.
	Protocol string `protobuf:"bytes,2,opt,name=Protocol,proto3" json:"protocol"`
	// URI is the database connection address.
	URI string `protobuf:"bytes,3,opt,name=URI,proto3" json:"uri"`
	// CACert is an optional base64-encoded database CA certificate.
	CACert []byte `protobuf:"bytes,4,opt,name=CACert,proto3" json:"ca_cert,omitempty"`
	// AWS contains AWS specific settings for RDS/Aurora databases.
	AWS AWS `protobuf:"bytes,5,opt,name=AWS,proto3" json:"aws"`
	// Version is the Teleport version that the server is running.
	Version string `protobuf:"bytes,6,opt,name=Version,proto3" json:"version"`
	// Hostname is the database server hostname.
	Hostname string `protobuf:"bytes,7,opt,name=Hostname,proto3" json:"hostname"`
	// HostID is the ID of the host the database server is running on.
	HostID string `protobuf:"bytes,8,opt,name=HostID,proto3" json:"host_id"`
	// DynamicLabels is the database server dynamic labels.
	DynamicLabels map[string]CommandLabelV2 `` /* 168-byte string literal not displayed */
	// Rotation contains the server CA rotation information.
	Rotation Rotation `protobuf:"bytes,10,opt,name=Rotation,proto3" json:"rotation,omitempty"`
	// GCP contains parameters specific to GCP Cloud SQL databases.
	GCP                  GCPCloudSQL `protobuf:"bytes,11,opt,name=GCP,proto3" json:"gcp,omitempty"`
	XXX_NoUnkeyedLiteral struct{}    `json:"-"`
	XXX_unrecognized     []byte      `json:"-"`
	XXX_sizecache        int32       `json:"-"`
}

DatabaseServerSpecV3 is the database server spec.

func (*DatabaseServerSpecV3) Descriptor 

func (*DatabaseServerSpecV3) Descriptor() ([]byte, []int)

func (*DatabaseServerSpecV3) Marshal 

func (m *DatabaseServerSpecV3) Marshal() (dAtA []byte, err error)

func (*DatabaseServerSpecV3) MarshalTo 

func (m *DatabaseServerSpecV3) MarshalTo(dAtA []byte) (int, error)

func (*DatabaseServerSpecV3) MarshalToSizedBuffer 

func (m *DatabaseServerSpecV3) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*DatabaseServerSpecV3) ProtoMessage 

func (*DatabaseServerSpecV3) ProtoMessage()

func (*DatabaseServerSpecV3) Reset 

func (m *DatabaseServerSpecV3) Reset()

func (*DatabaseServerSpecV3) Size 

func (m *DatabaseServerSpecV3) Size() (n int)

func (*DatabaseServerSpecV3) String 

func (m *DatabaseServerSpecV3) String() string

func (*DatabaseServerSpecV3) Unmarshal 

func (m *DatabaseServerSpecV3) Unmarshal(dAtA []byte) error

func (*DatabaseServerSpecV3) XXX_DiscardUnknown 

func (m *DatabaseServerSpecV3) XXX_DiscardUnknown()

func (*DatabaseServerSpecV3) XXX_Marshal 

func (m *DatabaseServerSpecV3) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*DatabaseServerSpecV3) XXX_Merge 

func (m *DatabaseServerSpecV3) XXX_Merge(src proto.Message)

func (*DatabaseServerSpecV3) XXX_Size 

func (m *DatabaseServerSpecV3) XXX_Size() int

func (*DatabaseServerSpecV3) XXX_Unmarshal 

func (m *DatabaseServerSpecV3) XXX_Unmarshal(b []byte) error

type DatabaseServerV3 

type DatabaseServerV3 struct {
	// Kind is the database server resource kind.
	Kind string `protobuf:"bytes,1,opt,name=Kind,proto3" json:"kind"`
	// SubKind is an optional resource subkind.
	SubKind string `protobuf:"bytes,2,opt,name=SubKind,proto3" json:"sub_kind,omitempty"`
	// Version is the resource version.
	Version string `protobuf:"bytes,3,opt,name=Version,proto3" json:"version"`
	// Metadata is the database server metadata.
	Metadata Metadata `protobuf:"bytes,4,opt,name=Metadata,proto3" json:"metadata"`
	// Spec is the database server spec.
	Spec                 DatabaseServerSpecV3 `protobuf:"bytes,5,opt,name=Spec,proto3" json:"spec"`
	XXX_NoUnkeyedLiteral struct{}             `json:"-"`
	XXX_unrecognized     []byte               `json:"-"`
	XXX_sizecache        int32                `json:"-"`
}

DatabaseServerV2 represents a database access server.

func NewDatabaseServerV3 

func NewDatabaseServerV3(name string, labels map[string]string, spec DatabaseServerSpecV3) (*DatabaseServerV3, error)

NewDatabaseServerV3 creates a new database server instance.

func (*DatabaseServerV3) CheckAndSetDefaults 

func (s *DatabaseServerV3) CheckAndSetDefaults() error

CheckAndSetDefaults checks and sets default values for any missing fields.

func (*DatabaseServerV3) Copy 

func (s *DatabaseServerV3) Copy() DatabaseServer

Copy returns a copy of this database server object.

func (*DatabaseServerV3) Descriptor 

func (*DatabaseServerV3) Descriptor() ([]byte, []int)

func (*DatabaseServerV3) Expiry 

func (s *DatabaseServerV3) Expiry() time.Time

Expiry returns the resource expiry time.

func (*DatabaseServerV3) GetAWS 

func (s *DatabaseServerV3) GetAWS() AWS

GetAWS returns AWS information for RDS/Aurora databases.

func (*DatabaseServerV3) GetAllLabels 

func (s *DatabaseServerV3) GetAllLabels() map[string]string

GetAllLabels returns combines static and dynamic labels.

func (*DatabaseServerV3) GetCA 

func (s *DatabaseServerV3) GetCA() []byte

GetCA returns the database CA certificate bytes.

func (*DatabaseServerV3) GetDescription 

func (s *DatabaseServerV3) GetDescription() string

GetDescription returns the database server description.

func (*DatabaseServerV3) GetDynamicLabels 

func (s *DatabaseServerV3) GetDynamicLabels() map[string]CommandLabel

GetDynamicLabels returns the server dynamic labels.

func (*DatabaseServerV3) GetGCP 

func (s *DatabaseServerV3) GetGCP() GCPCloudSQL

GetGCP returns GCP information for Cloud SQL databases.

func (*DatabaseServerV3) GetHostID 

func (s *DatabaseServerV3) GetHostID() string

GetHostID returns ID of the host the server is running on.

func (*DatabaseServerV3) GetHostname 

func (s *DatabaseServerV3) GetHostname() string

GetHostname returns the database server hostname.

func (*DatabaseServerV3) GetKind 

func (s *DatabaseServerV3) GetKind() string

GetKind returns the resource kind.

func (*DatabaseServerV3) GetMetadata 

func (s *DatabaseServerV3) GetMetadata() Metadata

GetMetadata returns the resource metadata.

func (*DatabaseServerV3) GetName 

func (s *DatabaseServerV3) GetName() string

GetName returns the resource name.

func (*DatabaseServerV3) GetNamespace 

func (s *DatabaseServerV3) GetNamespace() string

GetNamespace returns the resource namespace.

func (*DatabaseServerV3) GetProtocol 

func (s *DatabaseServerV3) GetProtocol() string

GetProtocol returns the database server protocol.

func (*DatabaseServerV3) GetResourceID 

func (s *DatabaseServerV3) GetResourceID() int64

GetResourceID returns the resource ID.

func (*DatabaseServerV3) GetRotation 

func (s *DatabaseServerV3) GetRotation() Rotation

GetRotation returns the server CA rotation state.

func (*DatabaseServerV3) GetStaticLabels 

func (s *DatabaseServerV3) GetStaticLabels() map[string]string

GetStaticLabels returns the server static labels.

func (*DatabaseServerV3) GetSubKind 

func (s *DatabaseServerV3) GetSubKind() string

GetSubKind returns the resource subkind.

func (*DatabaseServerV3) GetTeleportVersion 

func (s *DatabaseServerV3) GetTeleportVersion() string

GetTeleportVersion returns the Teleport version the server is running.

func (*DatabaseServerV3) GetType 

func (s *DatabaseServerV3) GetType() string

GetType returns the database type, self-hosted or AWS RDS.

func (*DatabaseServerV3) GetURI 

func (s *DatabaseServerV3) GetURI() string

GetURI returns the database connection address.

func (*DatabaseServerV3) GetVersion 

func (s *DatabaseServerV3) GetVersion() string

GetVersion returns the database server resource version.

func (*DatabaseServerV3) IsCloudSQL 

func (s *DatabaseServerV3) IsCloudSQL() bool

IsCloudSQL returns true if this database is a Cloud SQL instance.

func (*DatabaseServerV3) IsRDS 

func (s *DatabaseServerV3) IsRDS() bool

IsRDS returns true if this database represents AWS RDS/Aurora instance.

func (*DatabaseServerV3) IsRedshift 

func (s *DatabaseServerV3) IsRedshift() bool

IsRedshift returns true if this is a Redshift database instance.

func (*DatabaseServerV3) LabelsString 

func (s *DatabaseServerV3) LabelsString() string

LabelsString returns all labels as a string.

func (*DatabaseServerV3) Marshal 

func (m *DatabaseServerV3) Marshal() (dAtA []byte, err error)

func (*DatabaseServerV3) MarshalTo 

func (m *DatabaseServerV3) MarshalTo(dAtA []byte) (int, error)

func (*DatabaseServerV3) MarshalToSizedBuffer 

func (m *DatabaseServerV3) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*DatabaseServerV3) ProtoMessage 

func (*DatabaseServerV3) ProtoMessage()

func (*DatabaseServerV3) Reset 

func (m *DatabaseServerV3) Reset()

func (*DatabaseServerV3) SetCA 

func (s *DatabaseServerV3) SetCA(bytes []byte)

SetCA sets the database CA certificate bytes.

func (*DatabaseServerV3) SetDynamicLabels 

func (s *DatabaseServerV3) SetDynamicLabels(dl map[string]CommandLabel)

SetDynamicLabels sets the server dynamic labels

func (*DatabaseServerV3) SetExpiry 

func (s *DatabaseServerV3) SetExpiry(expiry time.Time)

SetExpiry sets the resource expiry time.

func (*DatabaseServerV3) SetName 

func (s *DatabaseServerV3) SetName(name string)

SetName sets the resource name.

func (*DatabaseServerV3) SetResourceID 

func (s *DatabaseServerV3) SetResourceID(id int64)

SetResourceID sets the resource ID.

func (*DatabaseServerV3) SetRotation 

func (s *DatabaseServerV3) SetRotation(r Rotation)

SetRotation sets the server CA rotation state.

func (*DatabaseServerV3) SetStaticLabels 

func (s *DatabaseServerV3) SetStaticLabels(sl map[string]string)

SetStaticLabels sets the server static labels.

func (*DatabaseServerV3) SetSubKind 

func (s *DatabaseServerV3) SetSubKind(sk string)

SetSubKind sets the resource subkind.

func (*DatabaseServerV3) Size 

func (m *DatabaseServerV3) Size() (n int)

func (*DatabaseServerV3) String 

func (s *DatabaseServerV3) String() string

String returns the server string representation.

func (*DatabaseServerV3) Unmarshal 

func (m *DatabaseServerV3) Unmarshal(dAtA []byte) error

func (*DatabaseServerV3) XXX_DiscardUnknown 

func (m *DatabaseServerV3) XXX_DiscardUnknown()

func (*DatabaseServerV3) XXX_Marshal 

func (m *DatabaseServerV3) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*DatabaseServerV3) XXX_Merge 

func (m *DatabaseServerV3) XXX_Merge(src proto.Message)

func (*DatabaseServerV3) XXX_Size 

func (m *DatabaseServerV3) XXX_Size() int

func (*DatabaseServerV3) XXX_Unmarshal 

func (m *DatabaseServerV3) XXX_Unmarshal(b []byte) error

type DatabaseServers 

type DatabaseServers []DatabaseServer

DatabaseServers is a list of database servers.

type DeleteAppSessionRequest 

type DeleteAppSessionRequest struct {
	SessionID string `json:"session_id"`
}

DeleteAppSessionRequest are the parameters used to request removal of an application web session.

type DeleteWebSessionRequest 

type DeleteWebSessionRequest struct {
	// User specifies the user the session is bound to
	User string `protobuf:"bytes,1,opt,name=User,proto3" json:"user"`
	// SessionID specifies the web session ID to delete.
	SessionID            string   `protobuf:"bytes,2,opt,name=SessionID,proto3" json:"session_id"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

DeleteWebSessionRequest describes a request to delete a web session

func (*DeleteWebSessionRequest) Check 

func (r *DeleteWebSessionRequest) Check() error

Check validates the request.

func (*DeleteWebSessionRequest) Descriptor 

func (*DeleteWebSessionRequest) Descriptor() ([]byte, []int)

func (*DeleteWebSessionRequest) Marshal 

func (m *DeleteWebSessionRequest) Marshal() (dAtA []byte, err error)

func (*DeleteWebSessionRequest) MarshalTo 

func (m *DeleteWebSessionRequest) MarshalTo(dAtA []byte) (int, error)

func (*DeleteWebSessionRequest) MarshalToSizedBuffer 

func (m *DeleteWebSessionRequest) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*DeleteWebSessionRequest) ProtoMessage 

func (*DeleteWebSessionRequest) ProtoMessage()

func (*DeleteWebSessionRequest) Reset 

func (m *DeleteWebSessionRequest) Reset()

func (*DeleteWebSessionRequest) Size 

func (m *DeleteWebSessionRequest) Size() (n int)

func (*DeleteWebSessionRequest) String 

func (m *DeleteWebSessionRequest) String() string

func (*DeleteWebSessionRequest) Unmarshal 

func (m *DeleteWebSessionRequest) Unmarshal(dAtA []byte) error

func (*DeleteWebSessionRequest) XXX_DiscardUnknown 

func (m *DeleteWebSessionRequest) XXX_DiscardUnknown()

func (*DeleteWebSessionRequest) XXX_Marshal 

func (m *DeleteWebSessionRequest) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*DeleteWebSessionRequest) XXX_Merge 

func (m *DeleteWebSessionRequest) XXX_Merge(src proto.Message)

func (*DeleteWebSessionRequest) XXX_Size 

func (m *DeleteWebSessionRequest) XXX_Size() int

func (*DeleteWebSessionRequest) XXX_Unmarshal 

func (m *DeleteWebSessionRequest) XXX_Unmarshal(b []byte) error

type DeleteWebTokenRequest 

type DeleteWebTokenRequest struct {
	// User specifies the user the token is for.
	User string `protobuf:"bytes,1,opt,name=User,proto3" json:"user"`
	// Token specifies the token to delete.
	Token                string   `protobuf:"bytes,2,opt,name=Token,proto3" json:"token"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

DeleteWebTokenRequest describes a request to delete a web token

func (*DeleteWebTokenRequest) Check 

func (r *DeleteWebTokenRequest) Check() error

Check validates the request.

func (*DeleteWebTokenRequest) Descriptor 

func (*DeleteWebTokenRequest) Descriptor() ([]byte, []int)

func (*DeleteWebTokenRequest) Marshal 

func (m *DeleteWebTokenRequest) Marshal() (dAtA []byte, err error)

func (*DeleteWebTokenRequest) MarshalTo 

func (m *DeleteWebTokenRequest) MarshalTo(dAtA []byte) (int, error)

func (*DeleteWebTokenRequest) MarshalToSizedBuffer 

func (m *DeleteWebTokenRequest) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*DeleteWebTokenRequest) ProtoMessage 

func (*DeleteWebTokenRequest) ProtoMessage()

func (*DeleteWebTokenRequest) Reset 

func (m *DeleteWebTokenRequest) Reset()

func (*DeleteWebTokenRequest) Size 

func (m *DeleteWebTokenRequest) Size() (n int)

func (*DeleteWebTokenRequest) String 

func (m *DeleteWebTokenRequest) String() string

func (*DeleteWebTokenRequest) Unmarshal 

func (m *DeleteWebTokenRequest) Unmarshal(dAtA []byte) error

func (*DeleteWebTokenRequest) XXX_DiscardUnknown 

func (m *DeleteWebTokenRequest) XXX_DiscardUnknown()

func (*DeleteWebTokenRequest) XXX_Marshal 

func (m *DeleteWebTokenRequest) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*DeleteWebTokenRequest) XXX_Merge 

func (m *DeleteWebTokenRequest) XXX_Merge(src proto.Message)

func (*DeleteWebTokenRequest) XXX_Size 

func (m *DeleteWebTokenRequest) XXX_Size() int

func (*DeleteWebTokenRequest) XXX_Unmarshal 

func (m *DeleteWebTokenRequest) XXX_Unmarshal(b []byte) error

type Duration 

type Duration time.Duration

Duration is a wrapper around duration to set up custom marshal/unmarshal

func MaxDuration 

func MaxDuration() Duration

MaxDuration returns the maximum duration value

func NewDuration 

func NewDuration(d time.Duration) Duration

NewDuration converts the given time.Duration value to a duration

func (Duration) Duration 

func (d Duration) Duration() time.Duration

Duration returns time.Duration from Duration typex

func (Duration) MarshalJSON 

func (d Duration) MarshalJSON() ([]byte, error)

MarshalJSON marshals Duration to string

func (Duration) MarshalYAML 

func (d Duration) MarshalYAML() (interface{}, error)

MarshalYAML marshals duration into YAML value, encodes it as a string in format "1m"

func (*Duration) UnmarshalJSON 

func (d *Duration) UnmarshalJSON(data []byte) error

UnmarshalJSON interprets the given bytes as a Duration value

func (*Duration) UnmarshalYAML 

func (d *Duration) UnmarshalYAML(unmarshal func(interface{}) error) error

UnmarshalYAML unmarshals duration from YAML value.

func (Duration) Value 

func (d Duration) Value() time.Duration

Value returns time.Duration value of this wrapper

type Event 

type Event struct {
	// Type is the event type
	Type OpType
	// Resource is a modified or deleted resource
	// in case of deleted resources, only resource header
	// will be provided
	Resource Resource
}

Event represents an event that happened in the backend

func (Event) String 

func (r Event) String() string

String returns text description of this event

type EventOrder 

type EventOrder int

EventOrder is an ordering of events, either ascending or descending.

type Events 

type Events interface {
	// NewWatcher returns a new event watcher
	NewWatcher(ctx context.Context, watch Watch) (Watcher, error)
}

Events returns new events interface

type ExternalIdentity 

type ExternalIdentity struct {
	// ConnectorID is id of registered OIDC connector, e.g. 'google-example.com'
	ConnectorID string `protobuf:"bytes,1,opt,name=ConnectorID,proto3" json:"connector_id,omitempty"`
	// Username is username supplied by external identity provider
	Username             string   `protobuf:"bytes,2,opt,name=Username,proto3" json:"username,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

ExternalIdentity is OpenID Connect/SAML or Github identity that is linked to particular user and connector and lets user to log in using external credentials, e.g. google

func (*ExternalIdentity) Check 

func (i *ExternalIdentity) Check() error

Check returns nil if all parameters are great, err otherwise

func (*ExternalIdentity) Descriptor 

func (*ExternalIdentity) Descriptor() ([]byte, []int)

func (*ExternalIdentity) Marshal 

func (m *ExternalIdentity) Marshal() (dAtA []byte, err error)

func (*ExternalIdentity) MarshalTo 

func (m *ExternalIdentity) MarshalTo(dAtA []byte) (int, error)

func (*ExternalIdentity) MarshalToSizedBuffer 

func (m *ExternalIdentity) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*ExternalIdentity) ProtoMessage 

func (*ExternalIdentity) ProtoMessage()

func (*ExternalIdentity) Reset 

func (m *ExternalIdentity) Reset()

func (*ExternalIdentity) Size 

func (m *ExternalIdentity) Size() (n int)

func (*ExternalIdentity) String 

func (i *ExternalIdentity) String() string

String returns debug friendly representation of this identity

func (*ExternalIdentity) Unmarshal 

func (m *ExternalIdentity) Unmarshal(dAtA []byte) error

func (*ExternalIdentity) XXX_DiscardUnknown 

func (m *ExternalIdentity) XXX_DiscardUnknown()

func (*ExternalIdentity) XXX_Marshal 

func (m *ExternalIdentity) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*ExternalIdentity) XXX_Merge 

func (m *ExternalIdentity) XXX_Merge(src proto.Message)

func (*ExternalIdentity) XXX_Size 

func (m *ExternalIdentity) XXX_Size() int

func (*ExternalIdentity) XXX_Unmarshal 

func (m *ExternalIdentity) XXX_Unmarshal(b []byte) error

type GCPCloudSQL 

type GCPCloudSQL struct {
	// ProjectID is the GCP project ID the Cloud SQL instance resides in.
	ProjectID string `protobuf:"bytes,1,opt,name=ProjectID,proto3" json:"project_id,omitempty"`
	// InstanceID is the Cloud SQL instance ID.
	InstanceID           string   `protobuf:"bytes,2,opt,name=InstanceID,proto3" json:"instance_id,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

GCPCloudSQL contains parameters specific to GCP Cloud SQL databases.

func (*GCPCloudSQL) Descriptor 

func (*GCPCloudSQL) Descriptor() ([]byte, []int)

func (*GCPCloudSQL) Marshal 

func (m *GCPCloudSQL) Marshal() (dAtA []byte, err error)

func (*GCPCloudSQL) MarshalTo 

func (m *GCPCloudSQL) MarshalTo(dAtA []byte) (int, error)

func (*GCPCloudSQL) MarshalToSizedBuffer 

func (m *GCPCloudSQL) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*GCPCloudSQL) ProtoMessage 

func (*GCPCloudSQL) ProtoMessage()

func (*GCPCloudSQL) Reset 

func (m *GCPCloudSQL) Reset()

func (*GCPCloudSQL) Size 

func (m *GCPCloudSQL) Size() (n int)

func (*GCPCloudSQL) String 

func (m *GCPCloudSQL) String() string

func (*GCPCloudSQL) Unmarshal 

func (m *GCPCloudSQL) Unmarshal(dAtA []byte) error

func (*GCPCloudSQL) XXX_DiscardUnknown 

func (m *GCPCloudSQL) XXX_DiscardUnknown()

func (*GCPCloudSQL) XXX_Marshal 

func (m *GCPCloudSQL) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*GCPCloudSQL) XXX_Merge 

func (m *GCPCloudSQL) XXX_Merge(src proto.Message)

func (*GCPCloudSQL) XXX_Size 

func (m *GCPCloudSQL) XXX_Size() int

func (*GCPCloudSQL) XXX_Unmarshal 

func (m *GCPCloudSQL) XXX_Unmarshal(b []byte) error

type GenerateAppTokenRequest 

type GenerateAppTokenRequest struct {
	// Username is the Teleport identity.
	Username string

	// Roles are the roles assigned to the user within Teleport.
	Roles []string

	// Expiry is time to live for the token.
	Expires time.Time

	// URI is the URI of the recipient application.
	URI string
}

GenerateAppTokenRequest are the parameters used to generate an application token.

func (*GenerateAppTokenRequest) Check 

func (p *GenerateAppTokenRequest) Check() error

Check validates the request.

type GetAppSessionRequest 

type GetAppSessionRequest struct {
	// SessionID is the session ID of the application session itself.
	SessionID string
}

GetAppSessionRequest contains the parameters to request an application web session.

func (*GetAppSessionRequest) Check 

func (r *GetAppSessionRequest) Check() error

Check validates the request.

type GetWebSessionRequest 

type GetWebSessionRequest struct {
	// User specifies the user the web session is for.
	User string `protobuf:"bytes,1,opt,name=User,proto3" json:"user"`
	// SessionID specifies the web session ID.
	SessionID            string   `protobuf:"bytes,2,opt,name=SessionID,proto3" json:"session_id"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

GetWebSessionRequest describes a request to query a web session

func (*GetWebSessionRequest) Check 

func (r *GetWebSessionRequest) Check() error

Check validates the request.

func (*GetWebSessionRequest) Descriptor 

func (*GetWebSessionRequest) Descriptor() ([]byte, []int)

func (*GetWebSessionRequest) Marshal 

func (m *GetWebSessionRequest) Marshal() (dAtA []byte, err error)

func (*GetWebSessionRequest) MarshalTo 

func (m *GetWebSessionRequest) MarshalTo(dAtA []byte) (int, error)

func (*GetWebSessionRequest) MarshalToSizedBuffer 

func (m *GetWebSessionRequest) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*GetWebSessionRequest) ProtoMessage 

func (*GetWebSessionRequest) ProtoMessage()

func (*GetWebSessionRequest) Reset 

func (m *GetWebSessionRequest) Reset()

func (*GetWebSessionRequest) Size 

func (m *GetWebSessionRequest) Size() (n int)

func (*GetWebSessionRequest) String 

func (m *GetWebSessionRequest) String() string

func (*GetWebSessionRequest) Unmarshal 

func (m *GetWebSessionRequest) Unmarshal(dAtA []byte) error

func (*GetWebSessionRequest) XXX_DiscardUnknown 

func (m *GetWebSessionRequest) XXX_DiscardUnknown()

func (*GetWebSessionRequest) XXX_Marshal 

func (m *GetWebSessionRequest) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*GetWebSessionRequest) XXX_Merge 

func (m *GetWebSessionRequest) XXX_Merge(src proto.Message)

func (*GetWebSessionRequest) XXX_Size 

func (m *GetWebSessionRequest) XXX_Size() int

func (*GetWebSessionRequest) XXX_Unmarshal 

func (m *GetWebSessionRequest) XXX_Unmarshal(b []byte) error

type GetWebTokenRequest 

type GetWebTokenRequest struct {
	// User specifies the user the token is for.
	User string `protobuf:"bytes,1,opt,name=User,proto3" json:"user"`
	// Token specifies the token to get.
	Token                string   `protobuf:"bytes,2,opt,name=Token,proto3" json:"token"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

GetWebTokenRequest describes a request to query a web token

func (*GetWebTokenRequest) Check 

func (r *GetWebTokenRequest) Check() error

Check validates the request.

func (*GetWebTokenRequest) Descriptor 

func (*GetWebTokenRequest) Descriptor() ([]byte, []int)

func (*GetWebTokenRequest) Marshal 

func (m *GetWebTokenRequest) Marshal() (dAtA []byte, err error)

func (*GetWebTokenRequest) MarshalTo 

func (m *GetWebTokenRequest) MarshalTo(dAtA []byte) (int, error)

func (*GetWebTokenRequest) MarshalToSizedBuffer 

func (m *GetWebTokenRequest) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*GetWebTokenRequest) ProtoMessage 

func (*GetWebTokenRequest) ProtoMessage()

func (*GetWebTokenRequest) Reset 

func (m *GetWebTokenRequest) Reset()

func (*GetWebTokenRequest) Size 

func (m *GetWebTokenRequest) Size() (n int)

func (*GetWebTokenRequest) String 

func (m *GetWebTokenRequest) String() string

func (*GetWebTokenRequest) Unmarshal 

func (m *GetWebTokenRequest) Unmarshal(dAtA []byte) error

func (*GetWebTokenRequest) XXX_DiscardUnknown 

func (m *GetWebTokenRequest) XXX_DiscardUnknown()

func (*GetWebTokenRequest) XXX_Marshal 

func (m *GetWebTokenRequest) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*GetWebTokenRequest) XXX_Merge 

func (m *GetWebTokenRequest) XXX_Merge(src proto.Message)

func (*GetWebTokenRequest) XXX_Size 

func (m *GetWebTokenRequest) XXX_Size() int

func (*GetWebTokenRequest) XXX_Unmarshal 

func (m *GetWebTokenRequest) XXX_Unmarshal(b []byte) error

type GithubClaims 

type GithubClaims struct {
	// Username is the user's username
	Username string
	// OrganizationToTeams is the user's organization and team membership
	OrganizationToTeams map[string][]string
}

GithubClaims represents Github user information obtained during OAuth2 flow

type GithubConnector 

type GithubConnector interface {
	// ResourceWithSecrets is a common interface for all resources
	ResourceWithSecrets
	// SetMetadata sets object metadata
	SetMetadata(meta Metadata)
	// GetClientID returns the connector client ID
	GetClientID() string
	// SetClientID sets the connector client ID
	SetClientID(string)
	// GetClientSecret returns the connector client secret
	GetClientSecret() string
	// SetClientSecret sets the connector client secret
	SetClientSecret(string)
	// GetRedirectURL returns the connector redirect URL
	GetRedirectURL() string
	// SetRedirectURL sets the connector redirect URL
	SetRedirectURL(string)
	// GetTeamsToLogins returns the mapping of Github teams to allowed logins
	GetTeamsToLogins() []TeamMapping
	// SetTeamsToLogins sets the mapping of Github teams to allowed logins
	SetTeamsToLogins([]TeamMapping)
	// MapClaims returns the list of allows logins based on the retrieved claims
	// returns list of logins and kubernetes groups
	MapClaims(GithubClaims) (logins []string, kubeGroups []string, kubeUsers []string)
	// GetDisplay returns the connector display name
	GetDisplay() string
	// SetDisplay sets the connector display name
	SetDisplay(string)
}

GithubConnector defines an interface for a Github OAuth2 connector

func NewGithubConnector 

func NewGithubConnector(name string, spec GithubConnectorSpecV3) (GithubConnector, error)

NewGithubConnector creates a new Github connector from name and spec

type GithubConnectorSpecV3 

type GithubConnectorSpecV3 struct {
	// ClientID is the Github OAuth app client ID.
	ClientID string `protobuf:"bytes,1,opt,name=ClientID,proto3" json:"client_id"`
	// ClientSecret is the Github OAuth app client secret.
	ClientSecret string `protobuf:"bytes,2,opt,name=ClientSecret,proto3" json:"client_secret"`
	// RedirectURL is the authorization callback URL.
	RedirectURL string `protobuf:"bytes,3,opt,name=RedirectURL,proto3" json:"redirect_url"`
	// TeamsToLogins maps Github team memberships onto allowed logins/roles.
	TeamsToLogins []TeamMapping `protobuf:"bytes,4,rep,name=TeamsToLogins,proto3" json:"teams_to_logins"`
	// Display is the connector display name.
	Display              string   `protobuf:"bytes,5,opt,name=Display,proto3" json:"display"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

GithubConnectorSpecV3 is a Github connector specification.

func (*GithubConnectorSpecV3) Descriptor 

func (*GithubConnectorSpecV3) Descriptor() ([]byte, []int)

func (*GithubConnectorSpecV3) Marshal 

func (m *GithubConnectorSpecV3) Marshal() (dAtA []byte, err error)

func (*GithubConnectorSpecV3) MarshalTo 

func (m *GithubConnectorSpecV3) MarshalTo(dAtA []byte) (int, error)

func (*GithubConnectorSpecV3) MarshalToSizedBuffer 

func (m *GithubConnectorSpecV3) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*GithubConnectorSpecV3) ProtoMessage 

func (*GithubConnectorSpecV3) ProtoMessage()

func (*GithubConnectorSpecV3) Reset 

func (m *GithubConnectorSpecV3) Reset()

func (*GithubConnectorSpecV3) Size 

func (m *GithubConnectorSpecV3) Size() (n int)

func (*GithubConnectorSpecV3) String 

func (m *GithubConnectorSpecV3) String() string

func (*GithubConnectorSpecV3) Unmarshal 

func (m *GithubConnectorSpecV3) Unmarshal(dAtA []byte) error

func (*GithubConnectorSpecV3) XXX_DiscardUnknown 

func (m *GithubConnectorSpecV3) XXX_DiscardUnknown()

func (*GithubConnectorSpecV3) XXX_Marshal 

func (m *GithubConnectorSpecV3) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*GithubConnectorSpecV3) XXX_Merge 

func (m *GithubConnectorSpecV3) XXX_Merge(src proto.Message)

func (*GithubConnectorSpecV3) XXX_Size 

func (m *GithubConnectorSpecV3) XXX_Size() int

func (*GithubConnectorSpecV3) XXX_Unmarshal 

func (m *GithubConnectorSpecV3) XXX_Unmarshal(b []byte) error

type GithubConnectorV3 

type GithubConnectorV3 struct {
	// Kind is a resource kind.
	Kind string `protobuf:"bytes,1,opt,name=Kind,proto3" json:"kind"`
	// SubKind is an optional resource sub kind, used in some resources.
	SubKind string `protobuf:"bytes,2,opt,name=SubKind,proto3" json:"sub_kind,omitempty"`
	// Version is a resource version.
	Version string `protobuf:"bytes,3,opt,name=Version,proto3" json:"version"`
	// Metadata holds resource metadata.
	Metadata Metadata `protobuf:"bytes,4,opt,name=Metadata,proto3" json:"metadata"`
	// Spec is an Github connector specification.
	Spec                 GithubConnectorSpecV3 `protobuf:"bytes,5,opt,name=Spec,proto3" json:"spec"`
	XXX_NoUnkeyedLiteral struct{}              `json:"-"`
	XXX_unrecognized     []byte                `json:"-"`
	XXX_sizecache        int32                 `json:"-"`
}

GithubConnectorV3 represents a Github connector.

func (*GithubConnectorV3) CheckAndSetDefaults 

func (c *GithubConnectorV3) CheckAndSetDefaults() error

CheckAndSetDefaults verifies the connector is valid and sets some defaults

func (*GithubConnectorV3) Descriptor 

func (*GithubConnectorV3) Descriptor() ([]byte, []int)

func (*GithubConnectorV3) Expiry 

func (c *GithubConnectorV3) Expiry() time.Time

Expiry returns the connector expiration time

func (*GithubConnectorV3) GetClientID 

func (c *GithubConnectorV3) GetClientID() string

GetClientID returns the connector client ID

func (*GithubConnectorV3) GetClientSecret 

func (c *GithubConnectorV3) GetClientSecret() string

GetClientSecret returns the connector client secret

func (*GithubConnectorV3) GetDisplay 

func (c *GithubConnectorV3) GetDisplay() string

GetDisplay returns the connector display name

func (*GithubConnectorV3) GetKind 

func (c *GithubConnectorV3) GetKind() string

GetKind returns resource kind

func (*GithubConnectorV3) GetMetadata 

func (c *GithubConnectorV3) GetMetadata() Metadata

GetMetadata returns the connector metadata

func (*GithubConnectorV3) GetName 

func (c *GithubConnectorV3) GetName() string

GetName returns the name of the connector

func (*GithubConnectorV3) GetRedirectURL 

func (c *GithubConnectorV3) GetRedirectURL() string

GetRedirectURL returns the connector redirect URL

func (*GithubConnectorV3) GetResourceID 

func (c *GithubConnectorV3) GetResourceID() int64

GetResourceID returns resource ID

func (*GithubConnectorV3) GetSubKind 

func (c *GithubConnectorV3) GetSubKind() string

GetSubKind returns resource sub kind

func (*GithubConnectorV3) GetTeamsToLogins 

func (c *GithubConnectorV3) GetTeamsToLogins() []TeamMapping

GetTeamsToLogins returns the connector team membership mappings

func (*GithubConnectorV3) GetVersion 

func (c *GithubConnectorV3) GetVersion() string

GetVersion returns resource version

func (*GithubConnectorV3) MapClaims 

func (c *GithubConnectorV3) MapClaims(claims GithubClaims) ([]string, []string, []string)

MapClaims returns a list of logins based on the provided claims, returns a list of logins and list of kubernetes groups

func (*GithubConnectorV3) Marshal 

func (m *GithubConnectorV3) Marshal() (dAtA []byte, err error)

func (*GithubConnectorV3) MarshalTo 

func (m *GithubConnectorV3) MarshalTo(dAtA []byte) (int, error)

func (*GithubConnectorV3) MarshalToSizedBuffer 

func (m *GithubConnectorV3) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*GithubConnectorV3) ProtoMessage 

func (*GithubConnectorV3) ProtoMessage()

func (*GithubConnectorV3) Reset 

func (m *GithubConnectorV3) Reset()

func (*GithubConnectorV3) SetClientID 

func (c *GithubConnectorV3) SetClientID(id string)

SetClientID sets the connector client ID

func (*GithubConnectorV3) SetClientSecret 

func (c *GithubConnectorV3) SetClientSecret(secret string)

SetClientSecret sets the connector client secret

func (*GithubConnectorV3) SetDisplay 

func (c *GithubConnectorV3) SetDisplay(display string)

SetDisplay sets the connector display name

func (*GithubConnectorV3) SetExpiry 

func (c *GithubConnectorV3) SetExpiry(expires time.Time)

SetExpiry sets the connector expiration time

func (*GithubConnectorV3) SetMetadata 

func (c *GithubConnectorV3) SetMetadata(meta Metadata)

SetMetadata sets connector metadata

func (*GithubConnectorV3) SetName 

func (c *GithubConnectorV3) SetName(name string)

SetName sets the connector name

func (*GithubConnectorV3) SetRedirectURL 

func (c *GithubConnectorV3) SetRedirectURL(redirectURL string)

SetRedirectURL sets the connector redirect URL

func (*GithubConnectorV3) SetResourceID 

func (c *GithubConnectorV3) SetResourceID(id int64)

SetResourceID sets resource ID

func (*GithubConnectorV3) SetSubKind 

func (c *GithubConnectorV3) SetSubKind(s string)

SetSubKind sets resource subkind

func (*GithubConnectorV3) SetTeamsToLogins 

func (c *GithubConnectorV3) SetTeamsToLogins(teamsToLogins []TeamMapping)

SetTeamsToLogins sets the connector team membership mappings

func (*GithubConnectorV3) Size 

func (m *GithubConnectorV3) Size() (n int)

func (*GithubConnectorV3) String 

func (m *GithubConnectorV3) String() string

func (*GithubConnectorV3) Unmarshal 

func (m *GithubConnectorV3) Unmarshal(dAtA []byte) error

func (*GithubConnectorV3) WithoutSecrets 

func (c *GithubConnectorV3) WithoutSecrets() Resource

WithoutSecrets returns an instance of resource without secrets.

func (*GithubConnectorV3) XXX_DiscardUnknown 

func (m *GithubConnectorV3) XXX_DiscardUnknown()

func (*GithubConnectorV3) XXX_Marshal 

func (m *GithubConnectorV3) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*GithubConnectorV3) XXX_Merge 

func (m *GithubConnectorV3) XXX_Merge(src proto.Message)

func (*GithubConnectorV3) XXX_Size 

func (m *GithubConnectorV3) XXX_Size() int

func (*GithubConnectorV3) XXX_Unmarshal 

func (m *GithubConnectorV3) XXX_Unmarshal(b []byte) error

type GithubConnectorV3List 

type GithubConnectorV3List struct {
	// GithubConnectors is a list of Github connectors.
	GithubConnectors     []*GithubConnectorV3 `protobuf:"bytes,1,rep,name=GithubConnectors,proto3" json:"GithubConnectors,omitempty"`
	XXX_NoUnkeyedLiteral struct{}             `json:"-"`
	XXX_unrecognized     []byte               `json:"-"`
	XXX_sizecache        int32                `json:"-"`
}

GithubConnectorV3List is a list of Github connectors.

func (*GithubConnectorV3List) Descriptor 

func (*GithubConnectorV3List) Descriptor() ([]byte, []int)

func (*GithubConnectorV3List) Marshal 

func (m *GithubConnectorV3List) Marshal() (dAtA []byte, err error)

func (*GithubConnectorV3List) MarshalTo 

func (m *GithubConnectorV3List) MarshalTo(dAtA []byte) (int, error)

func (*GithubConnectorV3List) MarshalToSizedBuffer 

func (m *GithubConnectorV3List) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*GithubConnectorV3List) ProtoMessage 

func (*GithubConnectorV3List) ProtoMessage()

func (*GithubConnectorV3List) Reset 

func (m *GithubConnectorV3List) Reset()

func (*GithubConnectorV3List) Size 

func (m *GithubConnectorV3List) Size() (n int)

func (*GithubConnectorV3List) String 

func (m *GithubConnectorV3List) String() string

func (*GithubConnectorV3List) Unmarshal 

func (m *GithubConnectorV3List) Unmarshal(dAtA []byte) error

func (*GithubConnectorV3List) XXX_DiscardUnknown 

func (m *GithubConnectorV3List) XXX_DiscardUnknown()

func (*GithubConnectorV3List) XXX_Marshal 

func (m *GithubConnectorV3List) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*GithubConnectorV3List) XXX_Merge 

func (m *GithubConnectorV3List) XXX_Merge(src proto.Message)

func (*GithubConnectorV3List) XXX_Size 

func (m *GithubConnectorV3List) XXX_Size() int

func (*GithubConnectorV3List) XXX_Unmarshal 

func (m *GithubConnectorV3List) XXX_Unmarshal(b []byte) error
type Header struct {
	// Name is the http header name.
	Name string `protobuf:"bytes,1,opt,name=Name,proto3" json:"name"`
	// Value is the http header value.
	Value                string   `protobuf:"bytes,2,opt,name=Value,proto3" json:"value"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

Header represents a single http header passed over to the proxied application.

func (*Header) Descriptor 

func (*Header) Descriptor() ([]byte, []int)

func (*Header) Marshal 

func (m *Header) Marshal() (dAtA []byte, err error)

func (*Header) MarshalTo 

func (m *Header) MarshalTo(dAtA []byte) (int, error)

func (*Header) MarshalToSizedBuffer 

func (m *Header) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*Header) ProtoMessage 

func (*Header) ProtoMessage()

func (*Header) Reset 

func (m *Header) Reset()

func (*Header) Size 

func (m *Header) Size() (n int)

func (*Header) String 

func (m *Header) String() string

func (*Header) Unmarshal 

func (m *Header) Unmarshal(dAtA []byte) error

func (*Header) XXX_DiscardUnknown 

func (m *Header) XXX_DiscardUnknown()

func (*Header) XXX_Marshal 

func (m *Header) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*Header) XXX_Merge 

func (m *Header) XXX_Merge(src proto.Message)

func (*Header) XXX_Size 

func (m *Header) XXX_Size() int

func (*Header) XXX_Unmarshal 

func (m *Header) XXX_Unmarshal(b []byte) error

type ImpersonateConditions 

type ImpersonateConditions struct {
	// Users is a list of resources this role is allowed to impersonate,
	// could be an empty list or a Wildcard pattern
	Users []string `protobuf:"bytes,1,rep,name=Users,proto3" json:"users,omitempty"`
	// Roles is a list of resources this role is allowed to impersonate
	Roles []string `protobuf:"bytes,2,rep,name=Roles,proto3" json:"roles,omitempty"`
	// Where specifies optional advanced matcher
	Where                string   `protobuf:"bytes,3,opt,name=Where,proto3" json:"where,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

ImpersonateConditions specifies whether users are allowed to issue certificates for other users or groups.

func (ImpersonateConditions) CheckAndSetDefaults 

func (i ImpersonateConditions) CheckAndSetDefaults() error

CheckAndSetDefaults checks and sets default values

func (*ImpersonateConditions) Descriptor 

func (*ImpersonateConditions) Descriptor() ([]byte, []int)

func (ImpersonateConditions) IsEmpty 

func (i ImpersonateConditions) IsEmpty() bool

IsEmpty returns true if conditions are unspecified

func (*ImpersonateConditions) Marshal 

func (m *ImpersonateConditions) Marshal() (dAtA []byte, err error)

func (*ImpersonateConditions) MarshalTo 

func (m *ImpersonateConditions) MarshalTo(dAtA []byte) (int, error)

func (*ImpersonateConditions) MarshalToSizedBuffer 

func (m *ImpersonateConditions) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*ImpersonateConditions) ProtoMessage 

func (*ImpersonateConditions) ProtoMessage()

func (*ImpersonateConditions) Reset 

func (m *ImpersonateConditions) Reset()

func (*ImpersonateConditions) Size 

func (m *ImpersonateConditions) Size() (n int)

func (*ImpersonateConditions) String 

func (m *ImpersonateConditions) String() string

func (*ImpersonateConditions) Unmarshal 

func (m *ImpersonateConditions) Unmarshal(dAtA []byte) error

func (*ImpersonateConditions) XXX_DiscardUnknown 

func (m *ImpersonateConditions) XXX_DiscardUnknown()

func (*ImpersonateConditions) XXX_Marshal 

func (m *ImpersonateConditions) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*ImpersonateConditions) XXX_Merge 

func (m *ImpersonateConditions) XXX_Merge(src proto.Message)

func (*ImpersonateConditions) XXX_Size 

func (m *ImpersonateConditions) XXX_Size() int

func (*ImpersonateConditions) XXX_Unmarshal 

func (m *ImpersonateConditions) XXX_Unmarshal(b []byte) error

type JWTKeyPair 

type JWTKeyPair struct {
	// PublicKey is a PEM encoded public key.
	PublicKey []byte `protobuf:"bytes,1,opt,name=PublicKey,proto3" json:"public_key,omitempty"`
	// PrivateKey is a PEM encoded private key.
	PrivateKey []byte `protobuf:"bytes,2,opt,name=PrivateKey,proto3" json:"private_key,omitempty"`
	// PrivateKeyType is the type of the PrivateKey.
	PrivateKeyType       PrivateKeyType `protobuf:"varint,3,opt,name=PrivateKeyType,proto3,enum=types.PrivateKeyType" json:"private_key_type,omitempty"`
	XXX_NoUnkeyedLiteral struct{}       `json:"-"`
	XXX_unrecognized     []byte         `json:"-"`
	XXX_sizecache        int32          `json:"-"`
}

JWTKeyPair is a PEM encoded keypair used for signing JWT tokens.

func (*JWTKeyPair) CheckAndSetDefaults 

func (k *JWTKeyPair) CheckAndSetDefaults() error

CheckAndSetDefaults validates JWTKeyPair and sets defaults on any empty fields as needed.

func (*JWTKeyPair) Clone 

func (k *JWTKeyPair) Clone() *JWTKeyPair

Clone returns a deep copy of JWTKeyPair that can be mutated without modifying the original.

func (*JWTKeyPair) Descriptor 

func (*JWTKeyPair) Descriptor() ([]byte, []int)

func (*JWTKeyPair) Marshal 

func (m *JWTKeyPair) Marshal() (dAtA []byte, err error)

func (*JWTKeyPair) MarshalTo 

func (m *JWTKeyPair) MarshalTo(dAtA []byte) (int, error)

func (*JWTKeyPair) MarshalToSizedBuffer 

func (m *JWTKeyPair) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*JWTKeyPair) ProtoMessage 

func (*JWTKeyPair) ProtoMessage()

func (*JWTKeyPair) Reset 

func (m *JWTKeyPair) Reset()

func (*JWTKeyPair) Size 

func (m *JWTKeyPair) Size() (n int)

func (*JWTKeyPair) String 

func (m *JWTKeyPair) String() string

func (*JWTKeyPair) Unmarshal 

func (m *JWTKeyPair) Unmarshal(dAtA []byte) error

func (*JWTKeyPair) XXX_DiscardUnknown 

func (m *JWTKeyPair) XXX_DiscardUnknown()

func (*JWTKeyPair) XXX_Marshal 

func (m *JWTKeyPair) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*JWTKeyPair) XXX_Merge 

func (m *JWTKeyPair) XXX_Merge(src proto.Message)

func (*JWTKeyPair) XXX_Size 

func (m *JWTKeyPair) XXX_Size() int

func (*JWTKeyPair) XXX_Unmarshal 

func (m *JWTKeyPair) XXX_Unmarshal(b []byte) error

type KeepAlive 

type KeepAlive struct {
	// Name of the resource to keep alive.
	Name string `protobuf:"bytes,1,opt,name=Name,proto3" json:"server_name"`
	// Namespace is the namespace of the resource.
	Namespace string `protobuf:"bytes,2,opt,name=Namespace,proto3" json:"namespace"`
	// LeaseID is ID of the lease.
	LeaseID int64 `protobuf:"varint,3,opt,name=LeaseID,proto3" json:"lease_id"`
	// Expires is set to update expiry time of the resource.
	Expires time.Time               `protobuf:"bytes,4,opt,name=Expires,proto3,stdtime" json:"expires"`
	Type    KeepAlive_KeepAliveType `protobuf:"varint,9,opt,name=Type,proto3,enum=types.KeepAlive_KeepAliveType" json:"type"`
	// HostID is an optional UUID of the host the resource belongs to.
	HostID               string   `protobuf:"bytes,10,opt,name=HostID,proto3" json:"host_id,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

func (*KeepAlive) CheckAndSetDefaults 

func (s *KeepAlive) CheckAndSetDefaults() error

CheckAndSetDefaults validates this KeepAlive value and sets default values

func (*KeepAlive) Descriptor 

func (*KeepAlive) Descriptor() ([]byte, []int)

func (*KeepAlive) GetType 

func (s *KeepAlive) GetType() string

GetType return the type of keep alive: either application or server.

func (*KeepAlive) IsEmpty 

func (s *KeepAlive) IsEmpty() bool

IsEmpty returns true if keepalive is empty, used to indicate that keepalive is not supported

func (*KeepAlive) Marshal 

func (m *KeepAlive) Marshal() (dAtA []byte, err error)

func (*KeepAlive) MarshalTo 

func (m *KeepAlive) MarshalTo(dAtA []byte) (int, error)

func (*KeepAlive) MarshalToSizedBuffer 

func (m *KeepAlive) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*KeepAlive) ProtoMessage 

func (*KeepAlive) ProtoMessage()

func (*KeepAlive) Reset 

func (m *KeepAlive) Reset()

func (*KeepAlive) Size 

func (m *KeepAlive) Size() (n int)

func (*KeepAlive) String 

func (m *KeepAlive) String() string

func (*KeepAlive) Unmarshal 

func (m *KeepAlive) Unmarshal(dAtA []byte) error

func (*KeepAlive) XXX_DiscardUnknown 

func (m *KeepAlive) XXX_DiscardUnknown()

func (*KeepAlive) XXX_Marshal 

func (m *KeepAlive) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*KeepAlive) XXX_Merge 

func (m *KeepAlive) XXX_Merge(src proto.Message)

func (*KeepAlive) XXX_Size 

func (m *KeepAlive) XXX_Size() int

func (*KeepAlive) XXX_Unmarshal 

func (m *KeepAlive) XXX_Unmarshal(b []byte) error

type KeepAlive_KeepAliveType 

type KeepAlive_KeepAliveType int32

Type is the type of keep alive, used by servers. At the moment only "node", "app" and "database" are supported. 

const (
	KeepAlive_UNKNOWN  KeepAlive_KeepAliveType = 0
	KeepAlive_NODE     KeepAlive_KeepAliveType = 1
	KeepAlive_APP      KeepAlive_KeepAliveType = 2
	KeepAlive_DATABASE KeepAlive_KeepAliveType = 3
)

func (KeepAlive_KeepAliveType) EnumDescriptor 

func (KeepAlive_KeepAliveType) EnumDescriptor() ([]byte, []int)

func (KeepAlive_KeepAliveType) String 

func (x KeepAlive_KeepAliveType) String() string

type KeepAliver 

type KeepAliver interface {
	// KeepAlives allows to receive keep alives
	KeepAlives() chan<- KeepAlive

	// Done returns the channel signalling the closure
	Done() <-chan struct{}

	// Close closes the watcher and releases
	// all associated resources
	Close() error

	// Error returns error associated with keep aliver if any
	Error() error
}

KeepAliver keeps object alive

type KubernetesCluster 

type KubernetesCluster struct {
	// Name is the name of this kubernetes cluster.
	Name string `protobuf:"bytes,1,opt,name=Name,proto3" json:"name"`
	// StaticLabels is map of static labels associated with this cluster.
	// Used for RBAC.
	StaticLabels map[string]string `` /* 166-byte string literal not displayed */
	// DynamicLabels is map of dynamic labels associated with this cluster.
	// Used for RBAC.
	DynamicLabels        map[string]CommandLabelV2 `` /* 168-byte string literal not displayed */
	XXX_NoUnkeyedLiteral struct{}                  `json:"-"`
	XXX_unrecognized     []byte                    `json:"-"`
	XXX_sizecache        int32                     `json:"-"`
}

KubernetesCluster is a named kubernetes API endpoint handled by a Server.

func (*KubernetesCluster) Descriptor 

func (*KubernetesCluster) Descriptor() ([]byte, []int)

func (*KubernetesCluster) Marshal 

func (m *KubernetesCluster) Marshal() (dAtA []byte, err error)

func (*KubernetesCluster) MarshalTo 

func (m *KubernetesCluster) MarshalTo(dAtA []byte) (int, error)

func (*KubernetesCluster) MarshalToSizedBuffer 

func (m *KubernetesCluster) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*KubernetesCluster) ProtoMessage 

func (*KubernetesCluster) ProtoMessage()

func (*KubernetesCluster) Reset 

func (m *KubernetesCluster) Reset()

func (*KubernetesCluster) Size 

func (m *KubernetesCluster) Size() (n int)

func (*KubernetesCluster) String 

func (m *KubernetesCluster) String() string

func (*KubernetesCluster) Unmarshal 

func (m *KubernetesCluster) Unmarshal(dAtA []byte) error

func (*KubernetesCluster) XXX_DiscardUnknown 

func (m *KubernetesCluster) XXX_DiscardUnknown()

func (*KubernetesCluster) XXX_Marshal 

func (m *KubernetesCluster) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*KubernetesCluster) XXX_Merge 

func (m *KubernetesCluster) XXX_Merge(src proto.Message)

func (*KubernetesCluster) XXX_Size 

func (m *KubernetesCluster) XXX_Size() int

func (*KubernetesCluster) XXX_Unmarshal 

func (m *KubernetesCluster) XXX_Unmarshal(b []byte) error

type Labels 

type Labels map[string]utils.Strings

Labels is a wrapper around map that can marshal and unmarshal itself from scalar and list values

func (Labels) Clone 

func (l Labels) Clone() Labels

Clone returns non-shallow copy of the labels set

func (Labels) Marshal 

func (l Labels) Marshal() ([]byte, error)

Marshal marshals value into protobuf representation

func (Labels) MarshalTo 

func (l Labels) MarshalTo(data []byte) (int, error)

MarshalTo marshals value to the array

func (Labels) Size 

func (l Labels) Size() int

Size returns protobuf size

func (*Labels) Unmarshal 

func (l *Labels) Unmarshal(data []byte) error

Unmarshal unmarshals value from protobuf

type LegacyClusterConfigAuthFields 

type LegacyClusterConfigAuthFields struct {
	DisconnectExpiredCert Bool     `protobuf:"varint,1,opt,name=DisconnectExpiredCert,proto3,casttype=Bool" json:"disconnect_expired_cert"`
	AllowLocalAuth        Bool     `protobuf:"varint,2,opt,name=AllowLocalAuth,proto3,casttype=Bool" json:"local_auth"`
	XXX_NoUnkeyedLiteral  struct{} `json:"-"`
	XXX_unrecognized      []byte   `json:"-"`
	XXX_sizecache         int32    `json:"-"`
}

LegacyClusterConfigAuthFields facilitates a backward compatible transition for the auth related fields moved from ClusterConfig into ClusterAuthPreference. DELETE IN 8.0.0

func (*LegacyClusterConfigAuthFields) Descriptor 

func (*LegacyClusterConfigAuthFields) Descriptor() ([]byte, []int)

func (*LegacyClusterConfigAuthFields) Marshal 

func (m *LegacyClusterConfigAuthFields) Marshal() (dAtA []byte, err error)

func (*LegacyClusterConfigAuthFields) MarshalTo 

func (m *LegacyClusterConfigAuthFields) MarshalTo(dAtA []byte) (int, error)

func (*LegacyClusterConfigAuthFields) MarshalToSizedBuffer 

func (m *LegacyClusterConfigAuthFields) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*LegacyClusterConfigAuthFields) ProtoMessage 

func (*LegacyClusterConfigAuthFields) ProtoMessage()

func (*LegacyClusterConfigAuthFields) Reset 

func (m *LegacyClusterConfigAuthFields) Reset()

func (*LegacyClusterConfigAuthFields) Size 

func (m *LegacyClusterConfigAuthFields) Size() (n int)

func (*LegacyClusterConfigAuthFields) String 

func (m *LegacyClusterConfigAuthFields) String() string

func (*LegacyClusterConfigAuthFields) Unmarshal 

func (m *LegacyClusterConfigAuthFields) Unmarshal(dAtA []byte) error

func (*LegacyClusterConfigAuthFields) XXX_DiscardUnknown 

func (m *LegacyClusterConfigAuthFields) XXX_DiscardUnknown()

func (*LegacyClusterConfigAuthFields) XXX_Marshal 

func (m *LegacyClusterConfigAuthFields) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*LegacyClusterConfigAuthFields) XXX_Merge 

func (m *LegacyClusterConfigAuthFields) XXX_Merge(src proto.Message)

func (*LegacyClusterConfigAuthFields) XXX_Size 

func (m *LegacyClusterConfigAuthFields) XXX_Size() int

func (*LegacyClusterConfigAuthFields) XXX_Unmarshal 

func (m *LegacyClusterConfigAuthFields) XXX_Unmarshal(b []byte) error

type LegacySessionRecordingConfigSpec 

type LegacySessionRecordingConfigSpec struct {
	Mode                 string   `protobuf:"bytes,1,opt,name=Mode,proto3" json:"session_recording"`
	ProxyChecksHostKeys  string   `protobuf:"bytes,2,opt,name=ProxyChecksHostKeys,proto3" json:"proxy_checks_host_keys"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

LegacySessionRecordingConfigSpec facilitates a backward compatible transition from ClusterConfig to standalone SessionRecordingConfig. SessionRecordingConfigSpecV2 itself is not usable for this purpose because of different jsontags. DELETE IN 8.0.0

func (*LegacySessionRecordingConfigSpec) Descriptor 

func (*LegacySessionRecordingConfigSpec) Descriptor() ([]byte, []int)

func (*LegacySessionRecordingConfigSpec) Marshal 

func (m *LegacySessionRecordingConfigSpec) Marshal() (dAtA []byte, err error)

func (*LegacySessionRecordingConfigSpec) MarshalTo 

func (m *LegacySessionRecordingConfigSpec) MarshalTo(dAtA []byte) (int, error)

func (*LegacySessionRecordingConfigSpec) MarshalToSizedBuffer 

func (m *LegacySessionRecordingConfigSpec) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*LegacySessionRecordingConfigSpec) ProtoMessage 

func (*LegacySessionRecordingConfigSpec) ProtoMessage()

func (*LegacySessionRecordingConfigSpec) Reset 

func (m *LegacySessionRecordingConfigSpec) Reset()

func (*LegacySessionRecordingConfigSpec) Size 

func (m *LegacySessionRecordingConfigSpec) Size() (n int)

func (*LegacySessionRecordingConfigSpec) String 

func (m *LegacySessionRecordingConfigSpec) String() string

func (*LegacySessionRecordingConfigSpec) Unmarshal 

func (m *LegacySessionRecordingConfigSpec) Unmarshal(dAtA []byte) error

func (*LegacySessionRecordingConfigSpec) XXX_DiscardUnknown 

func (m *LegacySessionRecordingConfigSpec) XXX_DiscardUnknown()

func (*LegacySessionRecordingConfigSpec) XXX_Marshal 

func (m *LegacySessionRecordingConfigSpec) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*LegacySessionRecordingConfigSpec) XXX_Merge 

func (m *LegacySessionRecordingConfigSpec) XXX_Merge(src proto.Message)

func (*LegacySessionRecordingConfigSpec) XXX_Size 

func (m *LegacySessionRecordingConfigSpec) XXX_Size() int

func (*LegacySessionRecordingConfigSpec) XXX_Unmarshal 

func (m *LegacySessionRecordingConfigSpec) XXX_Unmarshal(b []byte) error

type License 

type License interface {
	Resource

	// GetReportsUsage returns true if teleport cluster reports usage
	// to control plane
	GetReportsUsage() Bool
	// SetReportsUsage sets usage report
	SetReportsUsage(Bool)

	// GetCloud returns true if teleport cluster is hosted by Gravitational
	GetCloud() Bool
	// SetCloud sets cloud flag
	SetCloud(Bool)

	// GetAWSProductID returns product id that limits usage to AWS instance
	// with a similar product ID
	GetAWSProductID() string
	// SetAWSProductID sets AWS product ID
	SetAWSProductID(string)

	// GetAWSAccountID limits usage to AWS instance within account ID
	GetAWSAccountID() string
	// SetAWSAccountID sets AWS account ID that will be limiting
	// usage to AWS instance
	SetAWSAccountID(accountID string)

	// GetSupportsKubernetes returns kubernetes support flag
	GetSupportsKubernetes() Bool
	// SetSupportsKubernetes sets kubernetes support flag
	SetSupportsKubernetes(Bool)

	// GetSupportsApplicationAccess returns application access support flag
	GetSupportsApplicationAccess() Bool
	// SetSupportsApplicationAccess sets application access support flag
	SetSupportsApplicationAccess(Bool)

	// GetSupportsDatabaseAccess returns database access support flag
	GetSupportsDatabaseAccess() Bool
	// SetSupportsDatabaseAccess sets database access support flag
	SetSupportsDatabaseAccess(Bool)

	// SetLabels sets metadata labels
	SetLabels(labels map[string]string)

	// GetAccountID returns Account ID
	GetAccountID() string
}

License defines teleport License Information

func NewLicense 

func NewLicense(name string, spec LicenseSpecV3) (License, error)

NewLicense is a convenience method to to create LicenseV3.

type LicenseSpecV3 

type LicenseSpecV3 struct {
	// AccountID is a customer account ID
	AccountID string `json:"account_id,omitempty"`
	// AWSProductID limits usage to AWS instance with a product ID
	AWSProductID string `json:"aws_pid,omitempty"`
	// AWSAccountID limits usage to AWS instance within account ID
	AWSAccountID string `json:"aws_account,omitempty"`
	// SupportsKubernetes turns kubernetes support on or off
	SupportsKubernetes Bool `json:"k8s"`
	// SupportsApplicationAccess turns application access on or off
	// Note it's a pointer for backward compatibility
	SupportsApplicationAccess *Bool `json:"app,omitempty"`
	// SupportsDatabaseAccess turns database access on or off
	SupportsDatabaseAccess Bool `json:"db,omitempty"`
	// ReportsUsage turns usage reporting on or off
	ReportsUsage Bool `json:"usage,omitempty"`
	// Cloud is turned on when teleport is hosted by Gravitational
	Cloud Bool `json:"cloud,omitempty"`
}

LicenseSpecV3 is the actual data we care about for LicenseV3.

type LicenseV3 

type LicenseV3 struct {
	// Kind is a resource kind - always resource.
	Kind string `json:"kind"`

	// SubKind is a resource sub kind
	SubKind string `json:"sub_kind,omitempty"`

	// Version is a resource version.
	Version string `json:"version"`

	// Metadata is metadata about the resource.
	Metadata Metadata `json:"metadata"`

	// Spec is the specification of the resource.
	Spec LicenseSpecV3 `json:"spec"`
}

LicenseV3 represents License resource version V3

func (*LicenseV3) CheckAndSetDefaults 

func (c *LicenseV3) CheckAndSetDefaults() error

CheckAndSetDefaults verifies the constraints for License.

func (*LicenseV3) Expiry 

func (c *LicenseV3) Expiry() time.Time

Expiry returns object expiry setting

func (*LicenseV3) GetAWSAccountID 

func (c *LicenseV3) GetAWSAccountID() string

GetAWSAccountID limits usage to AWS instance within account ID

func (*LicenseV3) GetAWSProductID 

func (c *LicenseV3) GetAWSProductID() string

GetAWSProductID returns product ID that limits usage to AWS instance with a similar product ID

func (*LicenseV3) GetAccountID 

func (c *LicenseV3) GetAccountID() string

GetAccountID sets AWS product ID

func (*LicenseV3) GetCloud 

func (c *LicenseV3) GetCloud() Bool

GetCloud returns true if teleport cluster is hosted by Gravitational

func (*LicenseV3) GetKind 

func (c *LicenseV3) GetKind() string

GetKind returns resource kind

func (*LicenseV3) GetLabels 

func (c *LicenseV3) GetLabels() map[string]string

GetLabels returns metadata labels

func (*LicenseV3) GetMetadata 

func (c *LicenseV3) GetMetadata() Metadata

GetMetadata returns object metadata

func (*LicenseV3) GetName 

func (c *LicenseV3) GetName() string

GetName returns the name of the resource

func (*LicenseV3) GetReportsUsage 

func (c *LicenseV3) GetReportsUsage() Bool

GetReportsUsage returns true if teleport cluster reports usage to control plane

func (*LicenseV3) GetResourceID 

func (c *LicenseV3) GetResourceID() int64

GetResourceID returns resource ID

func (*LicenseV3) GetSubKind 

func (c *LicenseV3) GetSubKind() string

GetSubKind returns resource sub kind

func (*LicenseV3) GetSupportsApplicationAccess 

func (c *LicenseV3) GetSupportsApplicationAccess() Bool

GetSupportsApplicationAccess returns application access support flag

func (*LicenseV3) GetSupportsDatabaseAccess 

func (c *LicenseV3) GetSupportsDatabaseAccess() Bool

GetSupportsDatabaseAccess returns database access support flag

func (*LicenseV3) GetSupportsKubernetes 

func (c *LicenseV3) GetSupportsKubernetes() Bool

GetSupportsKubernetes returns kubernetes support flag

func (*LicenseV3) GetVersion 

func (c *LicenseV3) GetVersion() string

GetVersion returns resource version

func (*LicenseV3) SetAWSAccountID 

func (c *LicenseV3) SetAWSAccountID(accountID string)

SetAWSAccountID sets AWS account ID that will be limiting usage to AWS instance

func (*LicenseV3) SetAWSProductID 

func (c *LicenseV3) SetAWSProductID(pid string)

SetAWSProductID sets AWS product ID

func (*LicenseV3) SetCloud 

func (c *LicenseV3) SetCloud(cloud Bool)

SetCloud sets cloud flag

func (*LicenseV3) SetExpiry 

func (c *LicenseV3) SetExpiry(t time.Time)

SetExpiry sets object expiry

func (*LicenseV3) SetLabels 

func (c *LicenseV3) SetLabels(labels map[string]string)

SetLabels sets metadata labels

func (*LicenseV3) SetName 

func (c *LicenseV3) SetName(name string)

SetName sets the name of the resource

func (*LicenseV3) SetReportsUsage 

func (c *LicenseV3) SetReportsUsage(reports Bool)

SetReportsUsage sets usage report

func (*LicenseV3) SetResourceID 

func (c *LicenseV3) SetResourceID(id int64)

SetResourceID sets resource ID

func (*LicenseV3) SetSubKind 

func (c *LicenseV3) SetSubKind(s string)

SetSubKind sets resource subkind

func (*LicenseV3) SetSupportsApplicationAccess 

func (c *LicenseV3) SetSupportsApplicationAccess(value Bool)

SetSupportsApplicationAccess sets application access support flag

func (*LicenseV3) SetSupportsDatabaseAccess 

func (c *LicenseV3) SetSupportsDatabaseAccess(value Bool)

SetSupportsDatabaseAccess sets database access support flag

func (*LicenseV3) SetSupportsKubernetes 

func (c *LicenseV3) SetSupportsKubernetes(supportsK8s Bool)

SetSupportsKubernetes sets kubernetes support flag

func (*LicenseV3) String 

func (c *LicenseV3) String() string

String represents a human readable version of license enabled features

type LocalAuthSecrets 

type LocalAuthSecrets struct {
	// PasswordHash encodes a combined salt & hash for password verification.
	PasswordHash []byte `protobuf:"bytes,1,opt,name=PasswordHash,proto3" json:"password_hash,omitempty"`
	// Deprecated 2nd factor fields, use MFA below instead.
	TOTPKey              string               `protobuf:"bytes,2,opt,name=TOTPKey,proto3" json:"totp_key,omitempty"`
	U2FRegistration      *U2FRegistrationData `protobuf:"bytes,3,opt,name=U2FRegistration,proto3" json:"u2f_registration,omitempty"`
	U2FCounter           uint32               `protobuf:"varint,4,opt,name=U2FCounter,proto3" json:"u2f_counter,omitempty"`
	MFA                  []*MFADevice         `protobuf:"bytes,5,rep,name=MFA,proto3" json:"mfa,omitempty"`
	XXX_NoUnkeyedLiteral struct{}             `json:"-"`
	XXX_unrecognized     []byte               `json:"-"`
	XXX_sizecache        int32                `json:"-"`
}

LocalAuthSecrets holds sensitive data used to authenticate a local user.

func (*LocalAuthSecrets) Descriptor 

func (*LocalAuthSecrets) Descriptor() ([]byte, []int)

func (*LocalAuthSecrets) Marshal 

func (m *LocalAuthSecrets) Marshal() (dAtA []byte, err error)

func (*LocalAuthSecrets) MarshalTo 

func (m *LocalAuthSecrets) MarshalTo(dAtA []byte) (int, error)

func (*LocalAuthSecrets) MarshalToSizedBuffer 

func (m *LocalAuthSecrets) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*LocalAuthSecrets) ProtoMessage 

func (*LocalAuthSecrets) ProtoMessage()

func (*LocalAuthSecrets) Reset 

func (m *LocalAuthSecrets) Reset()

func (*LocalAuthSecrets) Size 

func (m *LocalAuthSecrets) Size() (n int)

func (*LocalAuthSecrets) String 

func (m *LocalAuthSecrets) String() string

func (*LocalAuthSecrets) Unmarshal 

func (m *LocalAuthSecrets) Unmarshal(dAtA []byte) error

func (*LocalAuthSecrets) XXX_DiscardUnknown 

func (m *LocalAuthSecrets) XXX_DiscardUnknown()

func (*LocalAuthSecrets) XXX_Marshal 

func (m *LocalAuthSecrets) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*LocalAuthSecrets) XXX_Merge 

func (m *LocalAuthSecrets) XXX_Merge(src proto.Message)

func (*LocalAuthSecrets) XXX_Size 

func (m *LocalAuthSecrets) XXX_Size() int

func (*LocalAuthSecrets) XXX_Unmarshal 

func (m *LocalAuthSecrets) XXX_Unmarshal(b []byte) error

type Lock 

type Lock interface {
	Resource

	// Target returns the lock's target.
	Target() LockTarget
	// SetTarget sets the lock's target.
	SetTarget(LockTarget)

	// Message returns the message displayed to locked-out users.
	Message() string
	// SetMessage sets the lock's user message.
	SetMessage(string)

	// LockExpiry returns when the lock ceases to be in force.
	LockExpiry() *time.Time
	// SetLockExpiry sets the lock's expiry.
	SetLockExpiry(*time.Time)

	// IsInForce returns whether the lock is in force at a particular time.
	IsInForce(time.Time) bool
}

Lock configures locking out of a particular access vector.

func NewLock 

func NewLock(name string, spec LockSpecV2) (Lock, error)

NewLock is a convenience method to create a Lock resource.

type LockSpecV2 

type LockSpecV2 struct {
	// Target describes the set of interactions that the lock applies to.
	Target LockTarget `protobuf:"bytes,1,opt,name=Target,proto3" json:"target"`
	// Message is the message displayed to locked-out users.
	Message string `protobuf:"bytes,2,opt,name=Message,proto3" json:"message,omitempty"`
	// Expires if set specifies when the lock ceases to be in force.
	Expires              *time.Time `protobuf:"bytes,3,opt,name=Expires,proto3,stdtime" json:"expires,omitempty"`
	XXX_NoUnkeyedLiteral struct{}   `json:"-"`
	XXX_unrecognized     []byte     `json:"-"`
	XXX_sizecache        int32      `json:"-"`
}

LockSpecV2 is a Lock specification.

func (*LockSpecV2) Descriptor 

func (*LockSpecV2) Descriptor() ([]byte, []int)

func (*LockSpecV2) Marshal 

func (m *LockSpecV2) Marshal() (dAtA []byte, err error)

func (*LockSpecV2) MarshalTo 

func (m *LockSpecV2) MarshalTo(dAtA []byte) (int, error)

func (*LockSpecV2) MarshalToSizedBuffer 

func (m *LockSpecV2) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*LockSpecV2) ProtoMessage 

func (*LockSpecV2) ProtoMessage()

func (*LockSpecV2) Reset 

func (m *LockSpecV2) Reset()

func (*LockSpecV2) Size 

func (m *LockSpecV2) Size() (n int)

func (*LockSpecV2) String 

func (m *LockSpecV2) String() string

func (*LockSpecV2) Unmarshal 

func (m *LockSpecV2) Unmarshal(dAtA []byte) error

func (*LockSpecV2) XXX_DiscardUnknown 

func (m *LockSpecV2) XXX_DiscardUnknown()

func (*LockSpecV2) XXX_Marshal 

func (m *LockSpecV2) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*LockSpecV2) XXX_Merge 

func (m *LockSpecV2) XXX_Merge(src proto.Message)

func (*LockSpecV2) XXX_Size 

func (m *LockSpecV2) XXX_Size() int

func (*LockSpecV2) XXX_Unmarshal 

func (m *LockSpecV2) XXX_Unmarshal(b []byte) error

type LockTarget 

type LockTarget struct {
	// User specifies the name of a Teleport user.
	User string `protobuf:"bytes,1,opt,name=User,proto3" json:"user,omitempty"`
	// Role specifies the name of an RBAC role known to the root cluster.
	// In remote clusters, this constraint is evaluated before translating to local roles.
	Role string `protobuf:"bytes,2,opt,name=Role,proto3" json:"role,omitempty"`
	// Login specifies the name of a local UNIX user.
	Login string `protobuf:"bytes,3,opt,name=Login,proto3" json:"login,omitempty"`
	// Node specifies the UUID of a Teleport node.
	// A matching node is also prevented from heartbeating to the auth server.
	Node string `protobuf:"bytes,4,opt,name=Node,proto3" json:"node,omitempty"`
	// MFADevice specifies the UUID of a user MFA device.
	MFADevice            string   `protobuf:"bytes,5,opt,name=MFADevice,proto3" json:"mfa_device,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

LockTarget lists the attributes of interactions to be disabled.

func (*LockTarget) Descriptor 

func (*LockTarget) Descriptor() ([]byte, []int)

func (LockTarget) Equals 

func (t LockTarget) Equals(t2 LockTarget) bool

Equals returns true when the two lock targets are equal.

func (*LockTarget) FromMap 

func (t *LockTarget) FromMap(m map[string]string) error

FromMap copies values from a map into this LockTarget.

func (LockTarget) IntoMap 

func (t LockTarget) IntoMap() (map[string]string, error)

IntoMap returns the target attributes in the form of a map.

func (LockTarget) IsEmpty 

func (t LockTarget) IsEmpty() bool

IsEmpty returns true if none of the target's fields is set.

func (*LockTarget) Marshal 

func (m *LockTarget) Marshal() (dAtA []byte, err error)

func (*LockTarget) MarshalTo 

func (m *LockTarget) MarshalTo(dAtA []byte) (int, error)

func (*LockTarget) MarshalToSizedBuffer 

func (m *LockTarget) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (LockTarget) Match 

func (t LockTarget) Match(lock Lock) bool

Match returns true if the lock's target is matched by this target.

func (*LockTarget) ProtoMessage 

func (*LockTarget) ProtoMessage()

func (*LockTarget) Reset 

func (m *LockTarget) Reset()

func (*LockTarget) Size 

func (m *LockTarget) Size() (n int)

func (LockTarget) String 

func (t LockTarget) String() string

String returns string representation of the LockTarget.

func (*LockTarget) Unmarshal 

func (m *LockTarget) Unmarshal(dAtA []byte) error

func (*LockTarget) XXX_DiscardUnknown 

func (m *LockTarget) XXX_DiscardUnknown()

func (*LockTarget) XXX_Marshal 

func (m *LockTarget) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*LockTarget) XXX_Merge 

func (m *LockTarget) XXX_Merge(src proto.Message)

func (*LockTarget) XXX_Size 

func (m *LockTarget) XXX_Size() int

func (*LockTarget) XXX_Unmarshal 

func (m *LockTarget) XXX_Unmarshal(b []byte) error

type LockV2 

type LockV2 struct {
	// Kind is a resource kind.
	Kind string `protobuf:"bytes,1,opt,name=Kind,proto3" json:"kind"`
	// SubKind is an optional resource sub kind, used in some resources.
	SubKind string `protobuf:"bytes,2,opt,name=SubKind,proto3" json:"sub_kind,omitempty"`
	// Version is a resource version.
	Version string `protobuf:"bytes,3,opt,name=Version,proto3" json:"version"`
	// Metadata holds resource metadata.
	Metadata Metadata `protobuf:"bytes,4,opt,name=Metadata,proto3" json:"metadata"`
	// Spec is a Lock specification.
	Spec                 LockSpecV2 `protobuf:"bytes,5,opt,name=Spec,proto3" json:"spec"`
	XXX_NoUnkeyedLiteral struct{}   `json:"-"`
	XXX_unrecognized     []byte     `json:"-"`
	XXX_sizecache        int32      `json:"-"`
}

LockV2 represents a lock.

func (*LockV2) CheckAndSetDefaults 

func (c *LockV2) CheckAndSetDefaults() error

CheckAndSetDefaults verifies the constraints for Lock.

func (*LockV2) Descriptor 

func (*LockV2) Descriptor() ([]byte, []int)

func (*LockV2) Expiry 

func (c *LockV2) Expiry() time.Time

Expiry returns object expiry setting.

func (*LockV2) GetKind 

func (c *LockV2) GetKind() string

GetKind returns resource kind.

func (*LockV2) GetMetadata 

func (c *LockV2) GetMetadata() Metadata

GetMetadata returns object metadata.

func (*LockV2) GetName 

func (c *LockV2) GetName() string

GetName returns the name of the resource.

func (*LockV2) GetResourceID 

func (c *LockV2) GetResourceID() int64

GetResourceID returns resource ID.

func (*LockV2) GetSubKind 

func (c *LockV2) GetSubKind() string

GetSubKind returns resource subkind.

func (*LockV2) GetVersion 

func (c *LockV2) GetVersion() string

GetVersion returns resource version.

func (*LockV2) IsInForce 

func (c *LockV2) IsInForce(t time.Time) bool

IsInForce returns whether the lock is in force at a particular time.

func (*LockV2) LockExpiry 

func (c *LockV2) LockExpiry() *time.Time

LockExpiry returns when the lock ceases to be in force.

func (*LockV2) Marshal 

func (m *LockV2) Marshal() (dAtA []byte, err error)

func (*LockV2) MarshalTo 

func (m *LockV2) MarshalTo(dAtA []byte) (int, error)

func (*LockV2) MarshalToSizedBuffer 

func (m *LockV2) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*LockV2) Message 

func (c *LockV2) Message() string

Message returns the message displayed to locked-out users.

func (*LockV2) ProtoMessage 

func (*LockV2) ProtoMessage()

func (*LockV2) Reset 

func (m *LockV2) Reset()

func (*LockV2) SetExpiry 

func (c *LockV2) SetExpiry(expires time.Time)

SetExpiry sets expiry time for the object.

func (*LockV2) SetLockExpiry 

func (c *LockV2) SetLockExpiry(expiry *time.Time)

SetLockExpiry sets the lock's expiry.

func (*LockV2) SetMessage 

func (c *LockV2) SetMessage(message string)

SetMessage sets the lock's user message.

func (*LockV2) SetName 

func (c *LockV2) SetName(e string)

SetName sets the name of the resource.

func (*LockV2) SetResourceID 

func (c *LockV2) SetResourceID(id int64)

SetResourceID sets resource ID.

func (*LockV2) SetSubKind 

func (c *LockV2) SetSubKind(sk string)

SetSubKind sets resource subkind.

func (*LockV2) SetTarget 

func (c *LockV2) SetTarget(target LockTarget)

SetTarget sets the lock's target.

func (*LockV2) Size 

func (m *LockV2) Size() (n int)

func (*LockV2) String 

func (m *LockV2) String() string

func (*LockV2) Target 

func (c *LockV2) Target() LockTarget

Target returns the lock's target.

func (*LockV2) Unmarshal 

func (m *LockV2) Unmarshal(dAtA []byte) error

func (*LockV2) XXX_DiscardUnknown 

func (m *LockV2) XXX_DiscardUnknown()

func (*LockV2) XXX_Marshal 

func (m *LockV2) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*LockV2) XXX_Merge 

func (m *LockV2) XXX_Merge(src proto.Message)

func (*LockV2) XXX_Size 

func (m *LockV2) XXX_Size() int

func (*LockV2) XXX_Unmarshal 

func (m *LockV2) XXX_Unmarshal(b []byte) error

type LoginStatus 

type LoginStatus struct {
	// IsLocked tells us if user is locked
	IsLocked bool `protobuf:"varint,1,opt,name=IsLocked,proto3" json:"is_locked"`
	// LockedMessage contains the message in case if user is locked
	LockedMessage string `protobuf:"bytes,2,opt,name=LockedMessage,proto3" json:"locked_message,omitempty"`
	// LockedTime contains time when user was locked
	LockedTime time.Time `protobuf:"bytes,3,opt,name=LockedTime,proto3,stdtime" json:"locked_time,omitempty"`
	// LockExpires contains time when this lock will expire
	LockExpires          time.Time `protobuf:"bytes,4,opt,name=LockExpires,proto3,stdtime" json:"lock_expires,omitempty"`
	XXX_NoUnkeyedLiteral struct{}  `json:"-"`
	XXX_unrecognized     []byte    `json:"-"`
	XXX_sizecache        int32     `json:"-"`
}

LoginStatus is a login status of the user

func (*LoginStatus) Descriptor 

func (*LoginStatus) Descriptor() ([]byte, []int)

func (*LoginStatus) Marshal 

func (m *LoginStatus) Marshal() (dAtA []byte, err error)

func (*LoginStatus) MarshalTo 

func (m *LoginStatus) MarshalTo(dAtA []byte) (int, error)

func (*LoginStatus) MarshalToSizedBuffer 

func (m *LoginStatus) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*LoginStatus) ProtoMessage 

func (*LoginStatus) ProtoMessage()

func (*LoginStatus) Reset 

func (m *LoginStatus) Reset()

func (*LoginStatus) Size 

func (m *LoginStatus) Size() (n int)

func (*LoginStatus) String 

func (m *LoginStatus) String() string

func (*LoginStatus) Unmarshal 

func (m *LoginStatus) Unmarshal(dAtA []byte) error

func (*LoginStatus) XXX_DiscardUnknown 

func (m *LoginStatus) XXX_DiscardUnknown()

func (*LoginStatus) XXX_Marshal 

func (m *LoginStatus) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*LoginStatus) XXX_Merge 

func (m *LoginStatus) XXX_Merge(src proto.Message)

func (*LoginStatus) XXX_Size 

func (m *LoginStatus) XXX_Size() int

func (*LoginStatus) XXX_Unmarshal 

func (m *LoginStatus) XXX_Unmarshal(b []byte) error

type MFADevice 

type MFADevice struct {
	// Boilerplate for implementing the Resource interface.
	Kind     string   `protobuf:"bytes,1,opt,name=kind,proto3" json:"kind,omitempty"`
	SubKind  string   `protobuf:"bytes,2,opt,name=sub_kind,json=subKind,proto3" json:"sub_kind,omitempty"`
	Version  string   `protobuf:"bytes,3,opt,name=version,proto3" json:"version,omitempty"`
	Metadata Metadata `protobuf:"bytes,4,opt,name=metadata,proto3" json:"metadata"`
	// ID is a UUID of this device.
	Id       string    `protobuf:"bytes,5,opt,name=id,proto3" json:"id,omitempty"`
	AddedAt  time.Time `protobuf:"bytes,6,opt,name=added_at,json=addedAt,proto3,stdtime" json:"added_at"`
	LastUsed time.Time `protobuf:"bytes,7,opt,name=last_used,json=lastUsed,proto3,stdtime" json:"last_used"`
	// Types that are valid to be assigned to Device:
	//	*MFADevice_Totp
	//	*MFADevice_U2F
	Device               isMFADevice_Device `protobuf_oneof:"device"`
	XXX_NoUnkeyedLiteral struct{}           `json:"-"`
	XXX_unrecognized     []byte             `json:"-"`
	XXX_sizecache        int32              `json:"-"`
}

MFADevice is a multi-factor authentication device, such as a security key or an OTP app.

func NewMFADevice 

func NewMFADevice(name, id string, addedAt time.Time) *MFADevice

NewMFADevice creates a new MFADevice with the given name. Caller must set the Device field in the returned MFADevice.

func (*MFADevice) CheckAndSetDefaults 

func (d *MFADevice) CheckAndSetDefaults() error

CheckAndSetDefaults validates MFADevice fields and populates empty fields with default values.

func (*MFADevice) Descriptor 

func (*MFADevice) Descriptor() ([]byte, []int)

func (*MFADevice) Expiry 

func (d *MFADevice) Expiry() time.Time

func (*MFADevice) GetDevice 

func (m *MFADevice) GetDevice() isMFADevice_Device

func (*MFADevice) GetKind 

func (d *MFADevice) GetKind() string

func (*MFADevice) GetMetadata 

func (d *MFADevice) GetMetadata() Metadata

func (*MFADevice) GetName 

func (d *MFADevice) GetName() string

func (*MFADevice) GetResourceID 

func (d *MFADevice) GetResourceID() int64

func (*MFADevice) GetSubKind 

func (d *MFADevice) GetSubKind() string

func (*MFADevice) GetTotp 

func (m *MFADevice) GetTotp() *TOTPDevice

func (*MFADevice) GetU2F 

func (m *MFADevice) GetU2F() *U2FDevice

func (*MFADevice) GetVersion 

func (d *MFADevice) GetVersion() string

func (*MFADevice) MFAType 

func (d *MFADevice) MFAType() string

MFAType returns the human-readable name of the MFA protocol of this device.

func (*MFADevice) Marshal 

func (m *MFADevice) Marshal() (dAtA []byte, err error)

func (*MFADevice) MarshalJSON 

func (d *MFADevice) MarshalJSON() ([]byte, error)

func (*MFADevice) MarshalTo 

func (m *MFADevice) MarshalTo(dAtA []byte) (int, error)

func (*MFADevice) MarshalToSizedBuffer 

func (m *MFADevice) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*MFADevice) ProtoMessage 

func (*MFADevice) ProtoMessage()

func (*MFADevice) Reset 

func (m *MFADevice) Reset()

func (*MFADevice) SetExpiry 

func (d *MFADevice) SetExpiry(exp time.Time)

func (*MFADevice) SetName 

func (d *MFADevice) SetName(n string)

func (*MFADevice) SetResourceID 

func (d *MFADevice) SetResourceID(id int64)

func (*MFADevice) SetSubKind 

func (d *MFADevice) SetSubKind(sk string)

func (*MFADevice) Size 

func (m *MFADevice) Size() (n int)

func (*MFADevice) String 

func (m *MFADevice) String() string

func (*MFADevice) Unmarshal 

func (m *MFADevice) Unmarshal(dAtA []byte) error

func (*MFADevice) UnmarshalJSON 

func (d *MFADevice) UnmarshalJSON(buf []byte) error

func (*MFADevice) XXX_DiscardUnknown 

func (m *MFADevice) XXX_DiscardUnknown()

func (*MFADevice) XXX_Marshal 

func (m *MFADevice) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*MFADevice) XXX_Merge 

func (m *MFADevice) XXX_Merge(src proto.Message)

func (*MFADevice) XXX_OneofWrappers 

func (*MFADevice) XXX_OneofWrappers() []interface{}

XXX_OneofWrappers is for the internal use of the proto package.

func (*MFADevice) XXX_Size 

func (m *MFADevice) XXX_Size() int

func (*MFADevice) XXX_Unmarshal 

func (m *MFADevice) XXX_Unmarshal(b []byte) error

type MFADevice_Totp 

type MFADevice_Totp struct {
	Totp *TOTPDevice `protobuf:"bytes,8,opt,name=totp,proto3,oneof" json:"totp,omitempty"`
}

func (*MFADevice_Totp) MarshalTo 

func (m *MFADevice_Totp) MarshalTo(dAtA []byte) (int, error)

func (*MFADevice_Totp) MarshalToSizedBuffer 

func (m *MFADevice_Totp) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*MFADevice_Totp) Size 

func (m *MFADevice_Totp) Size() (n int)

type MFADevice_U2F 

type MFADevice_U2F struct {
	U2F *U2FDevice `protobuf:"bytes,9,opt,name=u2f,proto3,oneof" json:"u2f,omitempty"`
}

func (*MFADevice_U2F) MarshalTo 

func (m *MFADevice_U2F) MarshalTo(dAtA []byte) (int, error)

func (*MFADevice_U2F) MarshalToSizedBuffer 

func (m *MFADevice_U2F) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*MFADevice_U2F) Size 

func (m *MFADevice_U2F) Size() (n int)

type Metadata 

type Metadata struct {
	// Name is an object name
	Name string `protobuf:"bytes,1,opt,name=Name,proto3" json:"name"`
	// Namespace is object namespace. The field should be called "namespace"
	// when it returns in Teleport 2.4.
	Namespace string `protobuf:"bytes,2,opt,name=Namespace,proto3" json:"-"`
	// Description is object description
	Description string `protobuf:"bytes,3,opt,name=Description,proto3" json:"description,omitempty"`
	// Labels is a set of labels
	Labels map[string]string `` /* 153-byte string literal not displayed */
	// Expires is a global expiry time header can be set on any resource in the
	// system.
	Expires *time.Time `protobuf:"bytes,6,opt,name=Expires,proto3,stdtime" json:"expires,omitempty"`
	// ID is a record ID
	ID                   int64    `protobuf:"varint,7,opt,name=ID,proto3" json:"id,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

Metadata is resource metadata

func (*Metadata) CheckAndSetDefaults 

func (m *Metadata) CheckAndSetDefaults() error

CheckAndSetDefaults checks validity of all parameters and sets defaults

func (*Metadata) Descriptor 

func (*Metadata) Descriptor() ([]byte, []int)

func (*Metadata) Expiry 

func (m *Metadata) Expiry() time.Time

Expiry returns object expiry setting.

func (*Metadata) GetID 

func (m *Metadata) GetID() int64

GetID returns resource ID

func (*Metadata) GetMetadata 

func (m *Metadata) GetMetadata() Metadata

GetMetadata returns object metadata

func (*Metadata) GetName 

func (m *Metadata) GetName() string

GetName returns the name of the resource

func (*Metadata) Marshal 

func (m *Metadata) Marshal() (dAtA []byte, err error)

func (*Metadata) MarshalTo 

func (m *Metadata) MarshalTo(dAtA []byte) (int, error)

func (*Metadata) MarshalToSizedBuffer 

func (m *Metadata) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*Metadata) Origin 

func (m *Metadata) Origin() string

Origin returns the origin value of the resource.

func (*Metadata) ProtoMessage 

func (*Metadata) ProtoMessage()

func (*Metadata) Reset 

func (m *Metadata) Reset()

func (*Metadata) SetExpiry 

func (m *Metadata) SetExpiry(expires time.Time)

SetExpiry sets expiry time for the object

func (*Metadata) SetID 

func (m *Metadata) SetID(id int64)

SetID sets resource ID

func (*Metadata) SetName 

func (m *Metadata) SetName(name string)

SetName sets the name of the resource

func (*Metadata) SetOrigin 

func (m *Metadata) SetOrigin(origin string)

SetOrigin sets the origin value of the resource.

func (*Metadata) Size 

func (m *Metadata) Size() (n int)

func (*Metadata) String 

func (m *Metadata) String() string

func (*Metadata) Unmarshal 

func (m *Metadata) Unmarshal(dAtA []byte) error

func (*Metadata) XXX_DiscardUnknown 

func (m *Metadata) XXX_DiscardUnknown()

func (*Metadata) XXX_Marshal 

func (m *Metadata) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*Metadata) XXX_Merge 

func (m *Metadata) XXX_Merge(src proto.Message)

func (*Metadata) XXX_Size 

func (m *Metadata) XXX_Size() int

func (*Metadata) XXX_Unmarshal 

func (m *Metadata) XXX_Unmarshal(b []byte) error

type Namespace 

type Namespace struct {
	// Kind is a resource kind
	Kind string `protobuf:"bytes,1,opt,name=Kind,proto3" json:"kind"`
	// SubKind is an optional resource sub kind, used in some resources
	SubKind string `protobuf:"bytes,2,opt,name=SubKind,proto3" json:"sub_kind,omitempty"`
	// Version is version
	Version string `protobuf:"bytes,3,opt,name=Version,proto3" json:"version"`
	// Metadata is resource metadata
	Metadata Metadata `protobuf:"bytes,4,opt,name=Metadata,proto3" json:"metadata"`
	// Spec is a namespace spec
	Spec                 NamespaceSpec `protobuf:"bytes,5,opt,name=Spec,proto3" json:"spec"`
	XXX_NoUnkeyedLiteral struct{}      `json:"-"`
	XXX_unrecognized     []byte        `json:"-"`
	XXX_sizecache        int32         `json:"-"`
}

Namespace represents namespace resource specification

func DefaultNamespace 

func DefaultNamespace() Namespace

DefaultNamespace returns the default namespace.

func NewNamespace 

func NewNamespace(name string) (Namespace, error)

NewNamespace returns new namespace

func (*Namespace) CheckAndSetDefaults 

func (n *Namespace) CheckAndSetDefaults() error

CheckAndSetDefaults checks validity of all parameters and sets defaults

func (*Namespace) Descriptor 

func (*Namespace) Descriptor() ([]byte, []int)

func (*Namespace) Expiry 

func (n *Namespace) Expiry() time.Time

Expiry returns object expiry setting

func (*Namespace) GetKind 

func (n *Namespace) GetKind() string

GetKind returns resource kind

func (*Namespace) GetMetadata 

func (n *Namespace) GetMetadata() Metadata

GetMetadata returns object metadata

func (*Namespace) GetName 

func (n *Namespace) GetName() string

GetName returns the name of the cluster.

func (*Namespace) GetResourceID 

func (n *Namespace) GetResourceID() int64

GetResourceID returns resource ID

func (*Namespace) GetSubKind 

func (n *Namespace) GetSubKind() string

GetSubKind returns resource sub kind

func (*Namespace) GetVersion 

func (n *Namespace) GetVersion() string

GetVersion returns resource version

func (*Namespace) Marshal 

func (m *Namespace) Marshal() (dAtA []byte, err error)

func (*Namespace) MarshalTo 

func (m *Namespace) MarshalTo(dAtA []byte) (int, error)

func (*Namespace) MarshalToSizedBuffer 

func (m *Namespace) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*Namespace) ProtoMessage 

func (*Namespace) ProtoMessage()

func (*Namespace) Reset 

func (m *Namespace) Reset()

func (*Namespace) SetExpiry 

func (n *Namespace) SetExpiry(expires time.Time)

SetExpiry sets expiry time for the object

func (*Namespace) SetName 

func (n *Namespace) SetName(e string)

SetName sets the name of the cluster.

func (*Namespace) SetResourceID 

func (n *Namespace) SetResourceID(id int64)

SetResourceID sets resource ID

func (*Namespace) SetSubKind 

func (n *Namespace) SetSubKind(sk string)

SetSubKind sets resource subkind

func (*Namespace) Size 

func (m *Namespace) Size() (n int)

func (*Namespace) String 

func (m *Namespace) String() string

func (*Namespace) Unmarshal 

func (m *Namespace) Unmarshal(dAtA []byte) error

func (*Namespace) XXX_DiscardUnknown 

func (m *Namespace) XXX_DiscardUnknown()

func (*Namespace) XXX_Marshal 

func (m *Namespace) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*Namespace) XXX_Merge 

func (m *Namespace) XXX_Merge(src proto.Message)

func (*Namespace) XXX_Size 

func (m *Namespace) XXX_Size() int

func (*Namespace) XXX_Unmarshal 

func (m *Namespace) XXX_Unmarshal(b []byte) error

type NamespaceSpec 

type NamespaceSpec struct {
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

NamespaceSpec is a namespace specificateion

func (*NamespaceSpec) Descriptor 

func (*NamespaceSpec) Descriptor() ([]byte, []int)

func (*NamespaceSpec) Marshal 

func (m *NamespaceSpec) Marshal() (dAtA []byte, err error)

func (*NamespaceSpec) MarshalTo 

func (m *NamespaceSpec) MarshalTo(dAtA []byte) (int, error)

func (*NamespaceSpec) MarshalToSizedBuffer 

func (m *NamespaceSpec) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*NamespaceSpec) ProtoMessage 

func (*NamespaceSpec) ProtoMessage()

func (*NamespaceSpec) Reset 

func (m *NamespaceSpec) Reset()

func (*NamespaceSpec) Size 

func (m *NamespaceSpec) Size() (n int)

func (*NamespaceSpec) String 

func (m *NamespaceSpec) String() string

func (*NamespaceSpec) Unmarshal 

func (m *NamespaceSpec) Unmarshal(dAtA []byte) error

func (*NamespaceSpec) XXX_DiscardUnknown 

func (m *NamespaceSpec) XXX_DiscardUnknown()

func (*NamespaceSpec) XXX_Marshal 

func (m *NamespaceSpec) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*NamespaceSpec) XXX_Merge 

func (m *NamespaceSpec) XXX_Merge(src proto.Message)

func (*NamespaceSpec) XXX_Size 

func (m *NamespaceSpec) XXX_Size() int

func (*NamespaceSpec) XXX_Unmarshal 

func (m *NamespaceSpec) XXX_Unmarshal(b []byte) error

type NetworkRestrictions 

type NetworkRestrictions interface {
	Resource
	// GetAllow returns a list of allowed network addresses
	GetAllow() []AddressCondition
	// SetAllow sets a list of allowed network addresses
	SetAllow(allow []AddressCondition)
	// GetDeny returns a list of denied network addresses (overrides Allow list)
	GetDeny() []AddressCondition
	// SetDeny sets a list of denied network addresses (overrides Allow list)
	SetDeny(deny []AddressCondition)
}

NetworkRestrictions defines network restrictions applied to SSH session.

func NewNetworkRestrictions 

func NewNetworkRestrictions() NetworkRestrictions

NewNetworkRestrictions creates a new NetworkRestrictions with the given name.

type NetworkRestrictionsSpecV4 

type NetworkRestrictionsSpecV4 struct {
	// Allow lists the addresses that should be allowed.
	Allow []AddressCondition `protobuf:"bytes,1,rep,name=Allow,proto3" json:"allow"`
	// Deny lists the addresses that should be denied even if they're allowed by Allow condition.
	Deny                 []AddressCondition `protobuf:"bytes,2,rep,name=Deny,proto3" json:"deny"`
	XXX_NoUnkeyedLiteral struct{}           `json:"-"`
	XXX_unrecognized     []byte             `json:"-"`
	XXX_sizecache        int32              `json:"-"`
}

func (*NetworkRestrictionsSpecV4) Descriptor 

func (*NetworkRestrictionsSpecV4) Descriptor() ([]byte, []int)

func (*NetworkRestrictionsSpecV4) Marshal 

func (m *NetworkRestrictionsSpecV4) Marshal() (dAtA []byte, err error)

func (*NetworkRestrictionsSpecV4) MarshalTo 

func (m *NetworkRestrictionsSpecV4) MarshalTo(dAtA []byte) (int, error)

func (*NetworkRestrictionsSpecV4) MarshalToSizedBuffer 

func (m *NetworkRestrictionsSpecV4) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*NetworkRestrictionsSpecV4) ProtoMessage 

func (*NetworkRestrictionsSpecV4) ProtoMessage()

func (*NetworkRestrictionsSpecV4) Reset 

func (m *NetworkRestrictionsSpecV4) Reset()

func (*NetworkRestrictionsSpecV4) Size 

func (m *NetworkRestrictionsSpecV4) Size() (n int)

func (*NetworkRestrictionsSpecV4) String 

func (m *NetworkRestrictionsSpecV4) String() string

func (*NetworkRestrictionsSpecV4) Unmarshal 

func (m *NetworkRestrictionsSpecV4) Unmarshal(dAtA []byte) error

func (*NetworkRestrictionsSpecV4) XXX_DiscardUnknown 

func (m *NetworkRestrictionsSpecV4) XXX_DiscardUnknown()

func (*NetworkRestrictionsSpecV4) XXX_Marshal 

func (m *NetworkRestrictionsSpecV4) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*NetworkRestrictionsSpecV4) XXX_Merge 

func (m *NetworkRestrictionsSpecV4) XXX_Merge(src proto.Message)

func (*NetworkRestrictionsSpecV4) XXX_Size 

func (m *NetworkRestrictionsSpecV4) XXX_Size() int

func (*NetworkRestrictionsSpecV4) XXX_Unmarshal 

func (m *NetworkRestrictionsSpecV4) XXX_Unmarshal(b []byte) error

type NetworkRestrictionsV4 

type NetworkRestrictionsV4 struct {
	// Kind is the network restrictions resource kind.
	Kind string `protobuf:"bytes,1,opt,name=Kind,proto3" json:"kind"`
	// SubKind is an optional resource subkind.
	SubKind string `protobuf:"bytes,2,opt,name=SubKind,proto3" json:"sub_kind,omitempty"`
	// Version is the resource version.
	Version string `protobuf:"bytes,3,opt,name=Version,proto3" json:"version"`
	// Metadata is the network restrictions metadata.
	Metadata Metadata `protobuf:"bytes,4,opt,name=Metadata,proto3" json:"metadata"`
	// Spec contains the network restrictions data
	Spec                 NetworkRestrictionsSpecV4 `protobuf:"bytes,5,opt,name=Spec,proto3" json:"spec"`
	XXX_NoUnkeyedLiteral struct{}                  `json:"-"`
	XXX_unrecognized     []byte                    `json:"-"`
	XXX_sizecache        int32                     `json:"-"`
}

NetworkRestrictions specifies a list of addresses to restrict (block). The deny list is checked first and the allow lists overrides it. Thus an empty allow list does not mean that no addresses will be allowed, that will only be the case if the deny list covers the whole address range.

func (*NetworkRestrictionsV4) CheckAndSetDefaults 

func (r *NetworkRestrictionsV4) CheckAndSetDefaults() error

CheckAndSetDefaults validates NetworkRestrictions fields and populates empty fields with default values.

func (*NetworkRestrictionsV4) Descriptor 

func (*NetworkRestrictionsV4) Descriptor() ([]byte, []int)

func (*NetworkRestrictionsV4) Expiry 

func (r *NetworkRestrictionsV4) Expiry() time.Time

func (*NetworkRestrictionsV4) GetAllow 

func (r *NetworkRestrictionsV4) GetAllow() []AddressCondition

func (*NetworkRestrictionsV4) GetDeny 

func (r *NetworkRestrictionsV4) GetDeny() []AddressCondition

func (*NetworkRestrictionsV4) GetKind 

func (r *NetworkRestrictionsV4) GetKind() string

func (*NetworkRestrictionsV4) GetMetadata 

func (r *NetworkRestrictionsV4) GetMetadata() Metadata

func (*NetworkRestrictionsV4) GetName 

func (r *NetworkRestrictionsV4) GetName() string

func (*NetworkRestrictionsV4) GetResourceID 

func (r *NetworkRestrictionsV4) GetResourceID() int64

func (*NetworkRestrictionsV4) GetSubKind 

func (r *NetworkRestrictionsV4) GetSubKind() string

func (*NetworkRestrictionsV4) GetVersion 

func (r *NetworkRestrictionsV4) GetVersion() string

func (*NetworkRestrictionsV4) Marshal 

func (m *NetworkRestrictionsV4) Marshal() (dAtA []byte, err error)

func (*NetworkRestrictionsV4) MarshalTo 

func (m *NetworkRestrictionsV4) MarshalTo(dAtA []byte) (int, error)

func (*NetworkRestrictionsV4) MarshalToSizedBuffer 

func (m *NetworkRestrictionsV4) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*NetworkRestrictionsV4) ProtoMessage 

func (*NetworkRestrictionsV4) ProtoMessage()

func (*NetworkRestrictionsV4) Reset 

func (m *NetworkRestrictionsV4) Reset()

func (*NetworkRestrictionsV4) SetAllow 

func (r *NetworkRestrictionsV4) SetAllow(allow []AddressCondition)

func (*NetworkRestrictionsV4) SetDeny 

func (r *NetworkRestrictionsV4) SetDeny(deny []AddressCondition)

func (*NetworkRestrictionsV4) SetExpiry 

func (r *NetworkRestrictionsV4) SetExpiry(exp time.Time)

func (*NetworkRestrictionsV4) SetName 

func (r *NetworkRestrictionsV4) SetName(n string)

func (*NetworkRestrictionsV4) SetResourceID 

func (r *NetworkRestrictionsV4) SetResourceID(id int64)

func (*NetworkRestrictionsV4) SetSubKind 

func (r *NetworkRestrictionsV4) SetSubKind(sk string)

func (*NetworkRestrictionsV4) Size 

func (m *NetworkRestrictionsV4) Size() (n int)

func (*NetworkRestrictionsV4) String 

func (m *NetworkRestrictionsV4) String() string

func (*NetworkRestrictionsV4) Unmarshal 

func (m *NetworkRestrictionsV4) Unmarshal(dAtA []byte) error

func (*NetworkRestrictionsV4) XXX_DiscardUnknown 

func (m *NetworkRestrictionsV4) XXX_DiscardUnknown()

func (*NetworkRestrictionsV4) XXX_Marshal 

func (m *NetworkRestrictionsV4) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*NetworkRestrictionsV4) XXX_Merge 

func (m *NetworkRestrictionsV4) XXX_Merge(src proto.Message)

func (*NetworkRestrictionsV4) XXX_Size 

func (m *NetworkRestrictionsV4) XXX_Size() int

func (*NetworkRestrictionsV4) XXX_Unmarshal 

func (m *NetworkRestrictionsV4) XXX_Unmarshal(b []byte) error

type NewWebSessionRequest 

type NewWebSessionRequest struct {
	// User specifies the user this session is bound to
	User string
	// Roles optionally lists additional user roles
	Roles []string
	// Traits optionally lists role traits
	Traits map[string][]string
	// SessionTTL optionally specifies the session time-to-live.
	// If left unspecified, the default certificate duration is used.
	SessionTTL time.Duration
	// LoginTime is the time that this user recently logged in.
	LoginTime time.Time
}

NewWebSessionRequest defines a request to create a new user web session

func (*NewWebSessionRequest) CheckAndSetDefaults 

func (r *NewWebSessionRequest) CheckAndSetDefaults() error

CheckAndSetDefaults validates the request and sets defaults.

type OIDCConnector 

type OIDCConnector interface {
	// ResourceWithSecrets provides common methods for objects
	ResourceWithSecrets
	// Issuer URL is the endpoint of the provider, e.g. https://accounts.google.com
	GetIssuerURL() string
	// ClientID is id for authentication client (in our case it's our Auth server)
	GetClientID() string
	// ClientSecret is used to authenticate our client and should not
	// be visible to end user
	GetClientSecret() string
	// RedirectURL - Identity provider will use this URL to redirect
	// client's browser back to it after successful authentication
	// Should match the URL on Provider's side
	GetRedirectURL() string
	// GetACR returns the Authentication Context Class Reference (ACR) value.
	GetACR() string
	// GetProvider returns the identity provider.
	GetProvider() string
	// Display - Friendly name for this provider.
	GetDisplay() string
	// Scope is additional scopes set by provider
	GetScope() []string
	// ClaimsToRoles specifies dynamic mapping from claims to roles
	GetClaimsToRoles() []ClaimMapping
	// GetClaims returns list of claims expected by mappings
	GetClaims() []string
	// GetTraitMappings converts gets all claim mappings in the
	// generic trait mapping format.
	GetTraitMappings() TraitMappingSet
	// SetClientSecret sets client secret to some value
	SetClientSecret(secret string)
	// SetClientID sets id for authentication client (in our case it's our Auth server)
	SetClientID(string)
	// SetIssuerURL sets the endpoint of the provider
	SetIssuerURL(string)
	// SetRedirectURL sets RedirectURL
	SetRedirectURL(string)
	// SetPrompt sets OIDC prompt value
	SetPrompt(string)
	// GetPrompt returns OIDC prompt value,
	GetPrompt() string
	// SetACR sets the Authentication Context Class Reference (ACR) value.
	SetACR(string)
	// SetProvider sets the identity provider.
	SetProvider(string)
	// SetScope sets additional scopes set by provider
	SetScope([]string)
	// SetClaimsToRoles sets dynamic mapping from claims to roles
	SetClaimsToRoles([]ClaimMapping)
	// SetDisplay sets friendly name for this provider.
	SetDisplay(string)
	// GetGoogleServiceAccountURI returns path to google service account URI
	GetGoogleServiceAccountURI() string
	// GetGoogleServiceAccount returns google service account json for Google
	GetGoogleServiceAccount() string
	// SetGoogleServiceAccount sets the google service account json contents
	SetGoogleServiceAccount(string)
	// GetGoogleAdminEmail returns a google admin user email
	// https://developers.google.com/identity/protocols/OAuth2ServiceAccount#delegatingauthority
	// "Note: Although you can use service accounts in applications that run from a Google Workspace (formerly G Suite) domain, service accounts are not members of your Google Workspace account and aren’t subject to domain policies set by  administrators. For example, a policy set in the Google Workspace admin console to restrict the ability of end users to share documents outside of the domain would not apply to service accounts."
	GetGoogleAdminEmail() string
}

OIDCConnector specifies configuration for Open ID Connect compatible external identity provider, e.g. google in some organisation

func NewOIDCConnector 

func NewOIDCConnector(name string, spec OIDCConnectorSpecV2) (OIDCConnector, error)

NewOIDCConnector returns a new OIDCConnector based off a name and OIDCConnectorSpecV2.

type OIDCConnectorSpecV2 

type OIDCConnectorSpecV2 struct {
	// IssuerURL is the endpoint of the provider, e.g. https://accounts.google.com.
	IssuerURL string `protobuf:"bytes,1,opt,name=IssuerURL,proto3" json:"issuer_url"`
	// ClientID is the id of the authentication client (Teleport Auth server).
	ClientID string `protobuf:"bytes,2,opt,name=ClientID,proto3" json:"client_id"`
	// ClientSecret is used to authenticate the client.
	ClientSecret string `protobuf:"bytes,3,opt,name=ClientSecret,proto3" json:"client_secret"`
	// RedirectURL is a URL that will redirect the client's browser
	// back to the identity provider after successful authentication.
	// This should match the URL on the Provider's side.
	RedirectURL string `protobuf:"bytes,4,opt,name=RedirectURL,proto3" json:"redirect_url"`
	// ACR is an Authentication Context Class Reference value. The meaning of the ACR
	// value is context-specific and varies for identity providers.
	ACR string `protobuf:"bytes,5,opt,name=ACR,proto3" json:"acr_values,omitempty"`
	// Provider is the external identity provider.
	Provider string `protobuf:"bytes,6,opt,name=Provider,proto3" json:"provider,omitempty"`
	// Display is the friendly name for this provider.
	Display string `protobuf:"bytes,7,opt,name=Display,proto3" json:"display,omitempty"`
	// Scope specifies additional scopes set by provider.
	Scope []string `protobuf:"bytes,8,rep,name=Scope,proto3" json:"scope,omitempty"`
	// Prompt is an optional OIDC prompt. An empty string omits prompt.
	// If not specified, it defaults to select_account for backwards compatibility.
	Prompt string `protobuf:"bytes,9,opt,name=Prompt,proto3" json:"prompt,omitempty"`
	// ClaimsToRoles specifies a dynamic mapping from claims to roles.
	ClaimsToRoles []ClaimMapping `protobuf:"bytes,10,rep,name=ClaimsToRoles,proto3" json:"claims_to_roles,omitempty"`
	// GoogleServiceAccountURI is a path to a google service account uri.
	GoogleServiceAccountURI string `protobuf:"bytes,11,opt,name=GoogleServiceAccountURI,proto3" json:"google_service_account_uri,omitempty"`
	// GoogleServiceAccount is a string containing google service account credentials.
	GoogleServiceAccount string `protobuf:"bytes,12,opt,name=GoogleServiceAccount,proto3" json:"google_service_account,omitempty"`
	// GoogleAdminEmail is the email of a google admin to impersonate.
	GoogleAdminEmail     string   `protobuf:"bytes,13,opt,name=GoogleAdminEmail,proto3" json:"google_admin_email,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

OIDCConnectorSpecV2 is an OIDC connector specification.

It specifies configuration for Open ID Connect compatible external identity provider: https://openid.net/specs/openid-connect-core-1_0.html

func (*OIDCConnectorSpecV2) Descriptor 

func (*OIDCConnectorSpecV2) Descriptor() ([]byte, []int)

func (*OIDCConnectorSpecV2) Marshal 

func (m *OIDCConnectorSpecV2) Marshal() (dAtA []byte, err error)

func (*OIDCConnectorSpecV2) MarshalTo 

func (m *OIDCConnectorSpecV2) MarshalTo(dAtA []byte) (int, error)

func (*OIDCConnectorSpecV2) MarshalToSizedBuffer 

func (m *OIDCConnectorSpecV2) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*OIDCConnectorSpecV2) ProtoMessage 

func (*OIDCConnectorSpecV2) ProtoMessage()

func (*OIDCConnectorSpecV2) Reset 

func (m *OIDCConnectorSpecV2) Reset()

func (*OIDCConnectorSpecV2) Size 

func (m *OIDCConnectorSpecV2) Size() (n int)

func (*OIDCConnectorSpecV2) String 

func (m *OIDCConnectorSpecV2) String() string

func (*OIDCConnectorSpecV2) Unmarshal 

func (m *OIDCConnectorSpecV2) Unmarshal(dAtA []byte) error

func (*OIDCConnectorSpecV2) XXX_DiscardUnknown 

func (m *OIDCConnectorSpecV2) XXX_DiscardUnknown()

func (*OIDCConnectorSpecV2) XXX_Marshal 

func (m *OIDCConnectorSpecV2) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*OIDCConnectorSpecV2) XXX_Merge 

func (m *OIDCConnectorSpecV2) XXX_Merge(src proto.Message)

func (*OIDCConnectorSpecV2) XXX_Size 

func (m *OIDCConnectorSpecV2) XXX_Size() int

func (*OIDCConnectorSpecV2) XXX_Unmarshal 

func (m *OIDCConnectorSpecV2) XXX_Unmarshal(b []byte) error

type OIDCConnectorV2 

type OIDCConnectorV2 struct {
	// Kind is a resource kind.
	Kind string `protobuf:"bytes,1,opt,name=Kind,proto3" json:"kind"`
	// SubKind is an optional resource sub kind, used in some resources.
	SubKind string `protobuf:"bytes,2,opt,name=SubKind,proto3" json:"sub_kind,omitempty"`
	// Version is a resource version.
	Version string `protobuf:"bytes,3,opt,name=Version,proto3" json:"version"`
	// Metadata holds resource metadata.
	Metadata Metadata `protobuf:"bytes,4,opt,name=Metadata,proto3" json:"metadata"`
	// Spec is an OIDC connector specification.
	Spec                 OIDCConnectorSpecV2 `protobuf:"bytes,5,opt,name=Spec,proto3" json:"spec"`
	XXX_NoUnkeyedLiteral struct{}            `json:"-"`
	XXX_unrecognized     []byte              `json:"-"`
	XXX_sizecache        int32               `json:"-"`
}

OIDCConnectorV2 represents an OIDC connector.

func (*OIDCConnectorV2) CheckAndSetDefaults 

func (o *OIDCConnectorV2) CheckAndSetDefaults() error

CheckAndSetDefaults checks and set default values for any missing fields.

func (*OIDCConnectorV2) Descriptor 

func (*OIDCConnectorV2) Descriptor() ([]byte, []int)

func (*OIDCConnectorV2) Expiry 

func (o *OIDCConnectorV2) Expiry() time.Time

Expiry returns object expiry setting

func (*OIDCConnectorV2) GetACR 

func (o *OIDCConnectorV2) GetACR() string

GetACR returns the Authentication Context Class Reference (ACR) value.

func (*OIDCConnectorV2) GetClaims 

func (o *OIDCConnectorV2) GetClaims() []string

GetClaims returns list of claims expected by mappings

func (*OIDCConnectorV2) GetClaimsToRoles 

func (o *OIDCConnectorV2) GetClaimsToRoles() []ClaimMapping

GetClaimsToRoles specifies dynamic mapping from claims to roles

func (*OIDCConnectorV2) GetClientID 

func (o *OIDCConnectorV2) GetClientID() string

GetClientID is id for authentication client (in our case it's our Auth server)

func (*OIDCConnectorV2) GetClientSecret 

func (o *OIDCConnectorV2) GetClientSecret() string

GetClientSecret is used to authenticate our client and should not be visible to end user

func (*OIDCConnectorV2) GetDisplay 

func (o *OIDCConnectorV2) GetDisplay() string

GetDisplay - Friendly name for this provider.

func (*OIDCConnectorV2) GetGoogleAdminEmail 

func (o *OIDCConnectorV2) GetGoogleAdminEmail() string

GetGoogleAdminEmail returns a google admin user email

func (*OIDCConnectorV2) GetGoogleServiceAccount 

func (o *OIDCConnectorV2) GetGoogleServiceAccount() string

GetGoogleServiceAccount returns a string representing a Google service account

func (*OIDCConnectorV2) GetGoogleServiceAccountURI 

func (o *OIDCConnectorV2) GetGoogleServiceAccountURI() string

GetGoogleServiceAccountURI returns an optional path to google service account file

func (*OIDCConnectorV2) GetIssuerURL 

func (o *OIDCConnectorV2) GetIssuerURL() string

GetIssuerURL is the endpoint of the provider, e.g. https://accounts.google.com

func (*OIDCConnectorV2) GetKind 

func (o *OIDCConnectorV2) GetKind() string

GetKind returns resource kind

func (*OIDCConnectorV2) GetMetadata 

func (o *OIDCConnectorV2) GetMetadata() Metadata

GetMetadata returns object metadata

func (*OIDCConnectorV2) GetName 

func (o *OIDCConnectorV2) GetName() string

GetName returns the name of the connector

func (*OIDCConnectorV2) GetPrompt 

func (o *OIDCConnectorV2) GetPrompt() string

GetPrompt returns OIDC prompt value, * if not set, default to select_account for backwards compatibility * if set to none, it will be omitted * and any other non empty value, pass it as is

func (*OIDCConnectorV2) GetProvider 

func (o *OIDCConnectorV2) GetProvider() string

GetProvider returns the identity provider.

func (*OIDCConnectorV2) GetRedirectURL 

func (o *OIDCConnectorV2) GetRedirectURL() string

GetRedirectURL - Identity provider will use this URL to redirect client's browser back to it after successful authentication Should match the URL on Provider's side

func (*OIDCConnectorV2) GetResourceID 

func (o *OIDCConnectorV2) GetResourceID() int64

GetResourceID returns resource ID

func (*OIDCConnectorV2) GetScope 

func (o *OIDCConnectorV2) GetScope() []string

GetScope is additional scopes set by provider

func (*OIDCConnectorV2) GetSubKind 

func (o *OIDCConnectorV2) GetSubKind() string

GetSubKind returns resource sub kind

func (*OIDCConnectorV2) GetTraitMappings 

func (o *OIDCConnectorV2) GetTraitMappings() TraitMappingSet

GetTraitMappings returns the OIDCConnector's TraitMappingSet

func (*OIDCConnectorV2) GetVersion 

func (o *OIDCConnectorV2) GetVersion() string

GetVersion returns resource version

func (*OIDCConnectorV2) Marshal 

func (m *OIDCConnectorV2) Marshal() (dAtA []byte, err error)

func (*OIDCConnectorV2) MarshalTo 

func (m *OIDCConnectorV2) MarshalTo(dAtA []byte) (int, error)

func (*OIDCConnectorV2) MarshalToSizedBuffer 

func (m *OIDCConnectorV2) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*OIDCConnectorV2) ProtoMessage 

func (*OIDCConnectorV2) ProtoMessage()

func (*OIDCConnectorV2) Reset 

func (m *OIDCConnectorV2) Reset()

func (*OIDCConnectorV2) SetACR 

func (o *OIDCConnectorV2) SetACR(acrValue string)

SetACR sets the Authentication Context Class Reference (ACR) value.

func (*OIDCConnectorV2) SetClaimsToRoles 

func (o *OIDCConnectorV2) SetClaimsToRoles(claims []ClaimMapping)

SetClaimsToRoles sets dynamic mapping from claims to roles

func (*OIDCConnectorV2) SetClientID 

func (o *OIDCConnectorV2) SetClientID(clintID string)

SetClientID sets id for authentication client (in our case it's our Auth server)

func (*OIDCConnectorV2) SetClientSecret 

func (o *OIDCConnectorV2) SetClientSecret(secret string)

SetClientSecret sets client secret to some value

func (*OIDCConnectorV2) SetDisplay 

func (o *OIDCConnectorV2) SetDisplay(display string)

SetDisplay sets friendly name for this provider.

func (*OIDCConnectorV2) SetExpiry 

func (o *OIDCConnectorV2) SetExpiry(expires time.Time)

SetExpiry sets expiry time for the object

func (*OIDCConnectorV2) SetGoogleServiceAccount 

func (o *OIDCConnectorV2) SetGoogleServiceAccount(s string)

SetGoogleServiceAccount sets a string representing a Google service account

func (*OIDCConnectorV2) SetIssuerURL 

func (o *OIDCConnectorV2) SetIssuerURL(issuerURL string)

SetIssuerURL sets client secret to some value

func (*OIDCConnectorV2) SetName 

func (o *OIDCConnectorV2) SetName(name string)

SetName sets client secret to some value

func (*OIDCConnectorV2) SetPrompt 

func (o *OIDCConnectorV2) SetPrompt(p string)

SetPrompt sets OIDC prompt value

func (*OIDCConnectorV2) SetProvider 

func (o *OIDCConnectorV2) SetProvider(identityProvider string)

SetProvider sets the identity provider.

func (*OIDCConnectorV2) SetRedirectURL 

func (o *OIDCConnectorV2) SetRedirectURL(redirectURL string)

SetRedirectURL sets client secret to some value

func (*OIDCConnectorV2) SetResourceID 

func (o *OIDCConnectorV2) SetResourceID(id int64)

SetResourceID sets resource ID

func (*OIDCConnectorV2) SetScope 

func (o *OIDCConnectorV2) SetScope(scope []string)

SetScope sets additional scopes set by provider

func (*OIDCConnectorV2) SetSubKind 

func (o *OIDCConnectorV2) SetSubKind(s string)

SetSubKind sets resource subkind

func (*OIDCConnectorV2) Size 

func (m *OIDCConnectorV2) Size() (n int)

func (*OIDCConnectorV2) String 

func (m *OIDCConnectorV2) String() string

func (*OIDCConnectorV2) Unmarshal 

func (m *OIDCConnectorV2) Unmarshal(dAtA []byte) error

func (*OIDCConnectorV2) V2 

func (o *OIDCConnectorV2) V2() *OIDCConnectorV2

V2 returns V2 version of the resource

func (*OIDCConnectorV2) WithoutSecrets 

func (o *OIDCConnectorV2) WithoutSecrets() Resource

WithoutSecrets returns an instance of resource without secrets.

func (*OIDCConnectorV2) XXX_DiscardUnknown 

func (m *OIDCConnectorV2) XXX_DiscardUnknown()

func (*OIDCConnectorV2) XXX_Marshal 

func (m *OIDCConnectorV2) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*OIDCConnectorV2) XXX_Merge 

func (m *OIDCConnectorV2) XXX_Merge(src proto.Message)

func (*OIDCConnectorV2) XXX_Size 

func (m *OIDCConnectorV2) XXX_Size() int

func (*OIDCConnectorV2) XXX_Unmarshal 

func (m *OIDCConnectorV2) XXX_Unmarshal(b []byte) error

type OIDCConnectorV2List 

type OIDCConnectorV2List struct {
	// OIDCConnectors is a list of OIDC connectors.
	OIDCConnectors       []*OIDCConnectorV2 `protobuf:"bytes,1,rep,name=OIDCConnectors,proto3" json:"OIDCConnectors,omitempty"`
	XXX_NoUnkeyedLiteral struct{}           `json:"-"`
	XXX_unrecognized     []byte             `json:"-"`
	XXX_sizecache        int32              `json:"-"`
}

OIDCConnectorV2List is a list of OIDC connectors.

func (*OIDCConnectorV2List) Descriptor 

func (*OIDCConnectorV2List) Descriptor() ([]byte, []int)

func (*OIDCConnectorV2List) Marshal 

func (m *OIDCConnectorV2List) Marshal() (dAtA []byte, err error)

func (*OIDCConnectorV2List) MarshalTo 

func (m *OIDCConnectorV2List) MarshalTo(dAtA []byte) (int, error)

func (*OIDCConnectorV2List) MarshalToSizedBuffer 

func (m *OIDCConnectorV2List) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*OIDCConnectorV2List) ProtoMessage 

func (*OIDCConnectorV2List) ProtoMessage()

func (*OIDCConnectorV2List) Reset 

func (m *OIDCConnectorV2List) Reset()

func (*OIDCConnectorV2List) Size 

func (m *OIDCConnectorV2List) Size() (n int)

func (*OIDCConnectorV2List) String 

func (m *OIDCConnectorV2List) String() string

func (*OIDCConnectorV2List) Unmarshal 

func (m *OIDCConnectorV2List) Unmarshal(dAtA []byte) error

func (*OIDCConnectorV2List) XXX_DiscardUnknown 

func (m *OIDCConnectorV2List) XXX_DiscardUnknown()

func (*OIDCConnectorV2List) XXX_Marshal 

func (m *OIDCConnectorV2List) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*OIDCConnectorV2List) XXX_Merge 

func (m *OIDCConnectorV2List) XXX_Merge(src proto.Message)

func (*OIDCConnectorV2List) XXX_Size 

func (m *OIDCConnectorV2List) XXX_Size() int

func (*OIDCConnectorV2List) XXX_Unmarshal 

func (m *OIDCConnectorV2List) XXX_Unmarshal(b []byte) error

type OpType 

type OpType int

OpType specifies operation type 

const (
	// OpInvalid is returned for invalid operations
	OpInvalid OpType = iota - 1
	// OpInit is returned by the system whenever the system
	// is initialized, init operation is always sent
	// as a first event over the channel, so the client
	// can verify that watch has been established.
	OpInit
	// OpPut is returned for Put events
	OpPut
	// OpDelete is returned for Delete events
	OpDelete
	// OpGet is used for tracking, not present in the event stream
	OpGet
)

func (OpType) String 

func (o OpType) String() string

String returns user-friendly description of the operation

type PluginData 

type PluginData interface {
	Resource
	// Entries gets all entries.
	Entries() map[string]*PluginDataEntry
	// Update attempts to apply an update.
	Update(params PluginDataUpdateParams) error
}

PluginData is used by plugins to store per-resource state. An instance of PluginData corresponds to a resource which may be managed by one or more plugins. Data is stored as a mapping of the form `plugin -> key -> val`, effectively giving each plugin its own key-value store. Importantly, an instance of PluginData can only be created for a resource which currently exist, and automatically expires shortly after the corresponding resource. Currently, only the AccessRequest resource is supported.

func NewPluginData 

func NewPluginData(resourceName string, resourceKind string) (PluginData, error)

NewPluginData configures a new PluginData instance associated with the supplied resource name (currently, this must be the name of an access request).

type PluginDataEntry 

type PluginDataEntry struct {
	// Data is a mapping of arbitrary string values.
	Data                 map[string]string `` /* 149-byte string literal not displayed */
	XXX_NoUnkeyedLiteral struct{}          `json:"-"`
	XXX_unrecognized     []byte            `json:"-"`
	XXX_sizecache        int32             `json:"-"`
}

PluginDataEntry wraps a mapping of arbitrary string values used by plugins to store per-resource information.

func (*PluginDataEntry) Descriptor 

func (*PluginDataEntry) Descriptor() ([]byte, []int)

func (*PluginDataEntry) Marshal 

func (m *PluginDataEntry) Marshal() (dAtA []byte, err error)

func (*PluginDataEntry) MarshalTo 

func (m *PluginDataEntry) MarshalTo(dAtA []byte) (int, error)

func (*PluginDataEntry) MarshalToSizedBuffer 

func (m *PluginDataEntry) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*PluginDataEntry) ProtoMessage 

func (*PluginDataEntry) ProtoMessage()

func (*PluginDataEntry) Reset 

func (m *PluginDataEntry) Reset()

func (*PluginDataEntry) Size 

func (m *PluginDataEntry) Size() (n int)

func (*PluginDataEntry) String 

func (m *PluginDataEntry) String() string

func (*PluginDataEntry) Unmarshal 

func (m *PluginDataEntry) Unmarshal(dAtA []byte) error

func (*PluginDataEntry) XXX_DiscardUnknown 

func (m *PluginDataEntry) XXX_DiscardUnknown()

func (*PluginDataEntry) XXX_Marshal 

func (m *PluginDataEntry) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*PluginDataEntry) XXX_Merge 

func (m *PluginDataEntry) XXX_Merge(src proto.Message)

func (*PluginDataEntry) XXX_Size 

func (m *PluginDataEntry) XXX_Size() int

func (*PluginDataEntry) XXX_Unmarshal 

func (m *PluginDataEntry) XXX_Unmarshal(b []byte) error

type PluginDataFilter 

type PluginDataFilter struct {
	// Kind is the kind of resource that the target plugin data
	// is associated with.
	Kind string `protobuf:"bytes,1,opt,name=Kind,proto3" json:"kind,omitempty"`
	// Resource matches a specific resource name if set.
	Resource string `protobuf:"bytes,2,opt,name=Resource,proto3" json:"resource,omitempty"`
	// Plugin matches a specific plugin name if set.
	Plugin               string   `protobuf:"bytes,3,opt,name=Plugin,proto3" json:"plugin,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

PluginDataFilter encodes filter params for plugin data.

func (*PluginDataFilter) Descriptor 

func (*PluginDataFilter) Descriptor() ([]byte, []int)

func (*PluginDataFilter) Marshal 

func (m *PluginDataFilter) Marshal() (dAtA []byte, err error)

func (*PluginDataFilter) MarshalTo 

func (m *PluginDataFilter) MarshalTo(dAtA []byte) (int, error)

func (*PluginDataFilter) MarshalToSizedBuffer 

func (m *PluginDataFilter) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*PluginDataFilter) Match 

func (f *PluginDataFilter) Match(data PluginData) bool

Match returns true if the PluginData given matches the filter

func (*PluginDataFilter) ProtoMessage 

func (*PluginDataFilter) ProtoMessage()

func (*PluginDataFilter) Reset 

func (m *PluginDataFilter) Reset()

func (*PluginDataFilter) Size 

func (m *PluginDataFilter) Size() (n int)

func (*PluginDataFilter) String 

func (m *PluginDataFilter) String() string

func (*PluginDataFilter) Unmarshal 

func (m *PluginDataFilter) Unmarshal(dAtA []byte) error

func (*PluginDataFilter) XXX_DiscardUnknown 

func (m *PluginDataFilter) XXX_DiscardUnknown()

func (*PluginDataFilter) XXX_Marshal 

func (m *PluginDataFilter) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*PluginDataFilter) XXX_Merge 

func (m *PluginDataFilter) XXX_Merge(src proto.Message)

func (*PluginDataFilter) XXX_Size 

func (m *PluginDataFilter) XXX_Size() int

func (*PluginDataFilter) XXX_Unmarshal 

func (m *PluginDataFilter) XXX_Unmarshal(b []byte) error

type PluginDataSpecV3 

type PluginDataSpecV3 struct {
	// Entries is a collection of PluginData values organized by plugin name.
	Entries              map[string]*PluginDataEntry `` /* 145-byte string literal not displayed */
	XXX_NoUnkeyedLiteral struct{}                    `json:"-"`
	XXX_unrecognized     []byte                      `json:"-"`
	XXX_sizecache        int32                       `json:"-"`
}

PluginData stores a collection of values associated with a specific resource.

func (*PluginDataSpecV3) Descriptor 

func (*PluginDataSpecV3) Descriptor() ([]byte, []int)

func (*PluginDataSpecV3) Marshal 

func (m *PluginDataSpecV3) Marshal() (dAtA []byte, err error)

func (*PluginDataSpecV3) MarshalTo 

func (m *PluginDataSpecV3) MarshalTo(dAtA []byte) (int, error)

func (*PluginDataSpecV3) MarshalToSizedBuffer 

func (m *PluginDataSpecV3) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*PluginDataSpecV3) ProtoMessage 

func (*PluginDataSpecV3) ProtoMessage()

func (*PluginDataSpecV3) Reset 

func (m *PluginDataSpecV3) Reset()

func (*PluginDataSpecV3) Size 

func (m *PluginDataSpecV3) Size() (n int)

func (*PluginDataSpecV3) String 

func (m *PluginDataSpecV3) String() string

func (*PluginDataSpecV3) Unmarshal 

func (m *PluginDataSpecV3) Unmarshal(dAtA []byte) error

func (*PluginDataSpecV3) XXX_DiscardUnknown 

func (m *PluginDataSpecV3) XXX_DiscardUnknown()

func (*PluginDataSpecV3) XXX_Marshal 

func (m *PluginDataSpecV3) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*PluginDataSpecV3) XXX_Merge 

func (m *PluginDataSpecV3) XXX_Merge(src proto.Message)

func (*PluginDataSpecV3) XXX_Size 

func (m *PluginDataSpecV3) XXX_Size() int

func (*PluginDataSpecV3) XXX_Unmarshal 

func (m *PluginDataSpecV3) XXX_Unmarshal(b []byte) error

type PluginDataUpdateParams 

type PluginDataUpdateParams struct {
	// Kind is the kind of resource that the target plugin data
	// is associated with.
	Kind string `protobuf:"bytes,1,opt,name=Kind,proto3" json:"kind"`
	// Resource indicates the name of the target resource.
	Resource string `protobuf:"bytes,2,opt,name=Resource,proto3" json:"resource"`
	// Plugin is the name of the plugin that owns the data.
	Plugin string `protobuf:"bytes,3,opt,name=Plugin,proto3" json:"plugin"`
	// Set indicates the fields which should be set by this operation.
	Set map[string]string `` /* 147-byte string literal not displayed */
	// Expect optionally indicates the expected state of fields prior to this update.
	Expect               map[string]string `` /* 153-byte string literal not displayed */
	XXX_NoUnkeyedLiteral struct{}          `json:"-"`
	XXX_unrecognized     []byte            `json:"-"`
	XXX_sizecache        int32             `json:"-"`
}

PluginDataUpdateParams encodes paramers for updating a PluginData field.

func (*PluginDataUpdateParams) Descriptor 

func (*PluginDataUpdateParams) Descriptor() ([]byte, []int)

func (*PluginDataUpdateParams) Marshal 

func (m *PluginDataUpdateParams) Marshal() (dAtA []byte, err error)

func (*PluginDataUpdateParams) MarshalTo 

func (m *PluginDataUpdateParams) MarshalTo(dAtA []byte) (int, error)

func (*PluginDataUpdateParams) MarshalToSizedBuffer 

func (m *PluginDataUpdateParams) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*PluginDataUpdateParams) ProtoMessage 

func (*PluginDataUpdateParams) ProtoMessage()

func (*PluginDataUpdateParams) Reset 

func (m *PluginDataUpdateParams) Reset()

func (*PluginDataUpdateParams) Size 

func (m *PluginDataUpdateParams) Size() (n int)

func (*PluginDataUpdateParams) String 

func (m *PluginDataUpdateParams) String() string

func (*PluginDataUpdateParams) Unmarshal 

func (m *PluginDataUpdateParams) Unmarshal(dAtA []byte) error

func (*PluginDataUpdateParams) XXX_DiscardUnknown 

func (m *PluginDataUpdateParams) XXX_DiscardUnknown()

func (*PluginDataUpdateParams) XXX_Marshal 

func (m *PluginDataUpdateParams) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*PluginDataUpdateParams) XXX_Merge 

func (m *PluginDataUpdateParams) XXX_Merge(src proto.Message)

func (*PluginDataUpdateParams) XXX_Size 

func (m *PluginDataUpdateParams) XXX_Size() int

func (*PluginDataUpdateParams) XXX_Unmarshal 

func (m *PluginDataUpdateParams) XXX_Unmarshal(b []byte) error

type PluginDataV3 

type PluginDataV3 struct {
	// Kind is a resource kind
	Kind string `protobuf:"bytes,1,opt,name=Kind,proto3" json:"kind"`
	// SubKind is an optional resource sub kind, used in some resources
	SubKind string `protobuf:"bytes,2,opt,name=SubKind,proto3" json:"sub_kind,omitempty"`
	// Version is version
	Version string `protobuf:"bytes,3,opt,name=Version,proto3" json:"version"`
	// Metadata is PluginData metadata
	Metadata Metadata `protobuf:"bytes,4,opt,name=Metadata,proto3" json:"metadata"`
	// Spec is a PluginData specification
	Spec                 PluginDataSpecV3 `protobuf:"bytes,5,opt,name=Spec,proto3" json:"spec"`
	XXX_NoUnkeyedLiteral struct{}         `json:"-"`
	XXX_unrecognized     []byte           `json:"-"`
	XXX_sizecache        int32            `json:"-"`
}

PluginData stores a collection of values associated with a specific resource.

func (*PluginDataV3) CheckAndSetDefaults 

func (r *PluginDataV3) CheckAndSetDefaults() error

CheckAndSetDefaults checks and sets default values for PluginData.

func (*PluginDataV3) Descriptor 

func (*PluginDataV3) Descriptor() ([]byte, []int)

func (*PluginDataV3) Entries 

func (r *PluginDataV3) Entries() map[string]*PluginDataEntry

Entries returns the PluginData entires

func (*PluginDataV3) Expiry 

func (r *PluginDataV3) Expiry() time.Time

Expiry returns object expiry setting

func (*PluginDataV3) GetKind 

func (r *PluginDataV3) GetKind() string

GetKind returns resource kind

func (*PluginDataV3) GetMetadata 

func (r *PluginDataV3) GetMetadata() Metadata

GetMetadata gets the resource metadata

func (*PluginDataV3) GetName 

func (r *PluginDataV3) GetName() string

GetName gets resource name

func (*PluginDataV3) GetResourceID 

func (r *PluginDataV3) GetResourceID() int64

GetResourceID returns resource ID

func (*PluginDataV3) GetSubKind 

func (r *PluginDataV3) GetSubKind() string

GetSubKind returns resource subkind

func (*PluginDataV3) GetVersion 

func (r *PluginDataV3) GetVersion() string

GetVersion gets resource version

func (*PluginDataV3) Marshal 

func (m *PluginDataV3) Marshal() (dAtA []byte, err error)

func (*PluginDataV3) MarshalTo 

func (m *PluginDataV3) MarshalTo(dAtA []byte) (int, error)

func (*PluginDataV3) MarshalToSizedBuffer 

func (m *PluginDataV3) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*PluginDataV3) ProtoMessage 

func (*PluginDataV3) ProtoMessage()

func (*PluginDataV3) Reset 

func (m *PluginDataV3) Reset()

func (*PluginDataV3) SetExpiry 

func (r *PluginDataV3) SetExpiry(expiry time.Time)

SetExpiry sets expiry time for the object

func (*PluginDataV3) SetName 

func (r *PluginDataV3) SetName(name string)

SetName sets resource name

func (*PluginDataV3) SetResourceID 

func (r *PluginDataV3) SetResourceID(id int64)

SetResourceID sets resource ID

func (*PluginDataV3) SetSubKind 

func (r *PluginDataV3) SetSubKind(subKind string)

SetSubKind sets resource subkind

func (*PluginDataV3) Size 

func (m *PluginDataV3) Size() (n int)

func (*PluginDataV3) String 

func (r *PluginDataV3) String() string

func (*PluginDataV3) Unmarshal 

func (m *PluginDataV3) Unmarshal(dAtA []byte) error

func (*PluginDataV3) Update 

func (r *PluginDataV3) Update(params PluginDataUpdateParams) error

Update updates the PluginData

func (*PluginDataV3) XXX_DiscardUnknown 

func (m *PluginDataV3) XXX_DiscardUnknown()

func (*PluginDataV3) XXX_Marshal 

func (m *PluginDataV3) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*PluginDataV3) XXX_Merge 

func (m *PluginDataV3) XXX_Merge(src proto.Message)

func (*PluginDataV3) XXX_Size 

func (m *PluginDataV3) XXX_Size() int

func (*PluginDataV3) XXX_Unmarshal 

func (m *PluginDataV3) XXX_Unmarshal(b []byte) error

type PrivateKeyType 

type PrivateKeyType int32

PrivateKeyType is the storage type of a private key. 

const (
	// RAW is a plaintext private key.
	PrivateKeyType_RAW PrivateKeyType = 0
	// PKCS11 is a private key backed by a PKCS11 device such as HSM.
	PrivateKeyType_PKCS11 PrivateKeyType = 1
)

func (PrivateKeyType) EnumDescriptor 

func (PrivateKeyType) EnumDescriptor() ([]byte, []int)

func (PrivateKeyType) String 

func (x PrivateKeyType) String() string

type ProvisionToken 

type ProvisionToken interface {
	Resource
	// SetMetadata sets resource metatada
	SetMetadata(meta Metadata)
	// GetRoles returns a list of teleport roles
	// that will be granted to the user of the token
	// in the crendentials
	GetRoles() SystemRoles
	// SetRoles sets teleport roles
	SetRoles(SystemRoles)
	// V1 returns V1 version of the resource
	V1() *ProvisionTokenV1
	// String returns user friendly representation of the resource
	String() string
}

ProvisionToken is a provisioning token

func MustCreateProvisionToken 

func MustCreateProvisionToken(token string, roles SystemRoles, expires time.Time) ProvisionToken

MustCreateProvisionToken returns a new valid provision token or panics, used in testes

func NewProvisionToken 

func NewProvisionToken(token string, roles SystemRoles, expires time.Time) (ProvisionToken, error)

NewProvisionToken returns a new instance of provision token resource

func ProvisionTokensFromV1 

func ProvisionTokensFromV1(in []ProvisionTokenV1) []ProvisionToken

ProvisionTokensFromV1 converts V1 provision tokens to resource list

type ProvisionTokenSpecV2 

type ProvisionTokenSpecV2 struct {
	// Roles is a list of roles associated with the token,
	// that will be converted to metadata in the SSH and X509
	// certificates issued to the user of the token
	Roles                []SystemRole `protobuf:"bytes,1,rep,name=Roles,proto3,casttype=SystemRole" json:"roles"`
	XXX_NoUnkeyedLiteral struct{}     `json:"-"`
	XXX_unrecognized     []byte       `json:"-"`
	XXX_sizecache        int32        `json:"-"`
}

ProvisionTokenSpecV2 is a specification for V2 token

func (*ProvisionTokenSpecV2) Descriptor 

func (*ProvisionTokenSpecV2) Descriptor() ([]byte, []int)

func (*ProvisionTokenSpecV2) Marshal 

func (m *ProvisionTokenSpecV2) Marshal() (dAtA []byte, err error)

func (*ProvisionTokenSpecV2) MarshalTo 

func (m *ProvisionTokenSpecV2) MarshalTo(dAtA []byte) (int, error)

func (*ProvisionTokenSpecV2) MarshalToSizedBuffer 

func (m *ProvisionTokenSpecV2) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*ProvisionTokenSpecV2) ProtoMessage 

func (*ProvisionTokenSpecV2) ProtoMessage()

func (*ProvisionTokenSpecV2) Reset 

func (m *ProvisionTokenSpecV2) Reset()

func (*ProvisionTokenSpecV2) Size 

func (m *ProvisionTokenSpecV2) Size() (n int)

func (*ProvisionTokenSpecV2) String 

func (m *ProvisionTokenSpecV2) String() string

func (*ProvisionTokenSpecV2) Unmarshal 

func (m *ProvisionTokenSpecV2) Unmarshal(dAtA []byte) error

func (*ProvisionTokenSpecV2) XXX_DiscardUnknown 

func (m *ProvisionTokenSpecV2) XXX_DiscardUnknown()

func (*ProvisionTokenSpecV2) XXX_Marshal 

func (m *ProvisionTokenSpecV2) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*ProvisionTokenSpecV2) XXX_Merge 

func (m *ProvisionTokenSpecV2) XXX_Merge(src proto.Message)

func (*ProvisionTokenSpecV2) XXX_Size 

func (m *ProvisionTokenSpecV2) XXX_Size() int

func (*ProvisionTokenSpecV2) XXX_Unmarshal 

func (m *ProvisionTokenSpecV2) XXX_Unmarshal(b []byte) error

type ProvisionTokenV1 

type ProvisionTokenV1 struct {
	// Roles is a list of roles associated with the token,
	// that will be converted to metadata in the SSH and X509
	// certificates issued to the user of the token
	Roles []SystemRole `protobuf:"bytes,1,rep,name=Roles,proto3,casttype=SystemRole" json:"roles"`
	// Expires is a global expiry time header can be set on any resource in the
	// system.
	Expires time.Time `protobuf:"bytes,2,opt,name=Expires,proto3,stdtime" json:"expires,omitempty"`
	// Token is a token name
	Token                string   `protobuf:"bytes,3,opt,name=Token,proto3" json:"token"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

ProvisionTokenV1 is a provisioning token V1

func ProvisionTokensToV1 

func ProvisionTokensToV1(in []ProvisionToken) []ProvisionTokenV1

ProvisionTokensToV1 converts provision tokens to V1 list

func (*ProvisionTokenV1) Descriptor 

func (*ProvisionTokenV1) Descriptor() ([]byte, []int)

func (*ProvisionTokenV1) Marshal 

func (m *ProvisionTokenV1) Marshal() (dAtA []byte, err error)

func (*ProvisionTokenV1) MarshalTo 

func (m *ProvisionTokenV1) MarshalTo(dAtA []byte) (int, error)

func (*ProvisionTokenV1) MarshalToSizedBuffer 

func (m *ProvisionTokenV1) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*ProvisionTokenV1) ProtoMessage 

func (*ProvisionTokenV1) ProtoMessage()

func (*ProvisionTokenV1) Reset 

func (m *ProvisionTokenV1) Reset()

func (*ProvisionTokenV1) Size 

func (m *ProvisionTokenV1) Size() (n int)

func (ProvisionTokenV1) String 

func (p ProvisionTokenV1) String() string

String returns the human readable representation of a provisioning token.

func (*ProvisionTokenV1) Unmarshal 

func (m *ProvisionTokenV1) Unmarshal(dAtA []byte) error

func (*ProvisionTokenV1) V1 

func (p *ProvisionTokenV1) V1() *ProvisionTokenV1

V1 returns V1 version of the resource

func (*ProvisionTokenV1) V2 

func (p *ProvisionTokenV1) V2() *ProvisionTokenV2

V2 returns V2 version of the resource

func (*ProvisionTokenV1) XXX_DiscardUnknown 

func (m *ProvisionTokenV1) XXX_DiscardUnknown()

func (*ProvisionTokenV1) XXX_Marshal 

func (m *ProvisionTokenV1) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*ProvisionTokenV1) XXX_Merge 

func (m *ProvisionTokenV1) XXX_Merge(src proto.Message)

func (*ProvisionTokenV1) XXX_Size 

func (m *ProvisionTokenV1) XXX_Size() int

func (*ProvisionTokenV1) XXX_Unmarshal 

func (m *ProvisionTokenV1) XXX_Unmarshal(b []byte) error

type ProvisionTokenV2 

type ProvisionTokenV2 struct {
	// Kind is a resource kind
	Kind string `protobuf:"bytes,1,opt,name=Kind,proto3" json:"kind"`
	// SubKind is an optional resource sub kind, used in some resources
	SubKind string `protobuf:"bytes,2,opt,name=SubKind,proto3" json:"sub_kind,omitempty"`
	// Version is version
	Version string `protobuf:"bytes,3,opt,name=Version,proto3" json:"version"`
	// Metadata is resource metadata
	Metadata Metadata `protobuf:"bytes,4,opt,name=Metadata,proto3" json:"metadata"`
	// Spec is a provisioning token V2 spec
	Spec                 ProvisionTokenSpecV2 `protobuf:"bytes,5,opt,name=Spec,proto3" json:"spec"`
	XXX_NoUnkeyedLiteral struct{}             `json:"-"`
	XXX_unrecognized     []byte               `json:"-"`
	XXX_sizecache        int32                `json:"-"`
}

ProvisionTokenV2 specifies provisioning token

func (*ProvisionTokenV2) CheckAndSetDefaults 

func (p *ProvisionTokenV2) CheckAndSetDefaults() error

CheckAndSetDefaults checks and set default values for any missing fields.

func (*ProvisionTokenV2) Descriptor 

func (*ProvisionTokenV2) Descriptor() ([]byte, []int)

func (*ProvisionTokenV2) Expiry 

func (p *ProvisionTokenV2) Expiry() time.Time

Expiry returns object expiry setting

func (*ProvisionTokenV2) GetKind 

func (p *ProvisionTokenV2) GetKind() string

GetKind returns resource kind

func (*ProvisionTokenV2) GetMetadata 

func (p *ProvisionTokenV2) GetMetadata() Metadata

GetMetadata returns metadata

func (*ProvisionTokenV2) GetName 

func (p *ProvisionTokenV2) GetName() string

GetName returns server name

func (*ProvisionTokenV2) GetResourceID 

func (p *ProvisionTokenV2) GetResourceID() int64

GetResourceID returns resource ID

func (*ProvisionTokenV2) GetRoles 

func (p *ProvisionTokenV2) GetRoles() SystemRoles

GetRoles returns a list of teleport roles that will be granted to the user of the token in the crendentials

func (*ProvisionTokenV2) GetSubKind 

func (p *ProvisionTokenV2) GetSubKind() string

GetSubKind returns resource sub kind

func (*ProvisionTokenV2) GetVersion 

func (p *ProvisionTokenV2) GetVersion() string

GetVersion returns resource version

func (*ProvisionTokenV2) Marshal 

func (m *ProvisionTokenV2) Marshal() (dAtA []byte, err error)

func (*ProvisionTokenV2) MarshalTo 

func (m *ProvisionTokenV2) MarshalTo(dAtA []byte) (int, error)

func (*ProvisionTokenV2) MarshalToSizedBuffer 

func (m *ProvisionTokenV2) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*ProvisionTokenV2) ProtoMessage 

func (*ProvisionTokenV2) ProtoMessage()

func (*ProvisionTokenV2) Reset 

func (m *ProvisionTokenV2) Reset()

func (*ProvisionTokenV2) SetExpiry 

func (p *ProvisionTokenV2) SetExpiry(expires time.Time)

SetExpiry sets expiry time for the object

func (*ProvisionTokenV2) SetMetadata 

func (p *ProvisionTokenV2) SetMetadata(meta Metadata)

SetMetadata sets resource metatada

func (*ProvisionTokenV2) SetName 

func (p *ProvisionTokenV2) SetName(e string)

SetName sets the name of the TrustedCluster.

func (*ProvisionTokenV2) SetResourceID 

func (p *ProvisionTokenV2) SetResourceID(id int64)

SetResourceID sets resource ID

func (*ProvisionTokenV2) SetRoles 

func (p *ProvisionTokenV2) SetRoles(r SystemRoles)

SetRoles sets teleport roles

func (*ProvisionTokenV2) SetSubKind 

func (p *ProvisionTokenV2) SetSubKind(s string)

SetSubKind sets resource subkind

func (*ProvisionTokenV2) Size 

func (m *ProvisionTokenV2) Size() (n int)

func (ProvisionTokenV2) String 

func (p ProvisionTokenV2) String() string

String returns the human readable representation of a provisioning token.

func (*ProvisionTokenV2) Unmarshal 

func (m *ProvisionTokenV2) Unmarshal(dAtA []byte) error

func (*ProvisionTokenV2) V1 

func (p *ProvisionTokenV2) V1() *ProvisionTokenV1

V1 returns V1 version of the resource

func (*ProvisionTokenV2) V2 

func (p *ProvisionTokenV2) V2() *ProvisionTokenV2

V2 returns V2 version of the resource

func (*ProvisionTokenV2) XXX_DiscardUnknown 

func (m *ProvisionTokenV2) XXX_DiscardUnknown()

func (*ProvisionTokenV2) XXX_Marshal 

func (m *ProvisionTokenV2) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*ProvisionTokenV2) XXX_Merge 

func (m *ProvisionTokenV2) XXX_Merge(src proto.Message)

func (*ProvisionTokenV2) XXX_Size 

func (m *ProvisionTokenV2) XXX_Size() int

func (*ProvisionTokenV2) XXX_Unmarshal 

func (m *ProvisionTokenV2) XXX_Unmarshal(b []byte) error

type ProvisionTokenV2List 

type ProvisionTokenV2List struct {
	// ProvisionTokens is a list of provisioning tokens.
	ProvisionTokens      []*ProvisionTokenV2 `protobuf:"bytes,1,rep,name=ProvisionTokens,proto3" json:"ProvisionTokens,omitempty"`
	XXX_NoUnkeyedLiteral struct{}            `json:"-"`
	XXX_unrecognized     []byte              `json:"-"`
	XXX_sizecache        int32               `json:"-"`
}

ProvisionTokenV2List is a list of provisioning tokens.

func (*ProvisionTokenV2List) Descriptor 

func (*ProvisionTokenV2List) Descriptor() ([]byte, []int)

func (*ProvisionTokenV2List) Marshal 

func (m *ProvisionTokenV2List) Marshal() (dAtA []byte, err error)

func (*ProvisionTokenV2List) MarshalTo 

func (m *ProvisionTokenV2List) MarshalTo(dAtA []byte) (int, error)

func (*ProvisionTokenV2List) MarshalToSizedBuffer 

func (m *ProvisionTokenV2List) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*ProvisionTokenV2List) ProtoMessage 

func (*ProvisionTokenV2List) ProtoMessage()

func (*ProvisionTokenV2List) Reset 

func (m *ProvisionTokenV2List) Reset()

func (*ProvisionTokenV2List) Size 

func (m *ProvisionTokenV2List) Size() (n int)

func (*ProvisionTokenV2List) String 

func (m *ProvisionTokenV2List) String() string

func (*ProvisionTokenV2List) Unmarshal 

func (m *ProvisionTokenV2List) Unmarshal(dAtA []byte) error

func (*ProvisionTokenV2List) XXX_DiscardUnknown 

func (m *ProvisionTokenV2List) XXX_DiscardUnknown()

func (*ProvisionTokenV2List) XXX_Marshal 

func (m *ProvisionTokenV2List) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*ProvisionTokenV2List) XXX_Merge 

func (m *ProvisionTokenV2List) XXX_Merge(src proto.Message)

func (*ProvisionTokenV2List) XXX_Size 

func (m *ProvisionTokenV2List) XXX_Size() int

func (*ProvisionTokenV2List) XXX_Unmarshal 

func (m *ProvisionTokenV2List) XXX_Unmarshal(b []byte) error

type Redshift 

type Redshift struct {
	// ClusterID is the Redshift cluster identifier.
	ClusterID            string   `protobuf:"bytes,1,opt,name=ClusterID,proto3" json:"cluster_id,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

Redshift contains AWS Redshift specific settings.

func (*Redshift) Descriptor 

func (*Redshift) Descriptor() ([]byte, []int)

func (*Redshift) Marshal 

func (m *Redshift) Marshal() (dAtA []byte, err error)

func (*Redshift) MarshalTo 

func (m *Redshift) MarshalTo(dAtA []byte) (int, error)

func (*Redshift) MarshalToSizedBuffer 

func (m *Redshift) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*Redshift) ProtoMessage 

func (*Redshift) ProtoMessage()

func (*Redshift) Reset 

func (m *Redshift) Reset()

func (*Redshift) Size 

func (m *Redshift) Size() (n int)

func (*Redshift) String 

func (m *Redshift) String() string

func (*Redshift) Unmarshal 

func (m *Redshift) Unmarshal(dAtA []byte) error

func (*Redshift) XXX_DiscardUnknown 

func (m *Redshift) XXX_DiscardUnknown()

func (*Redshift) XXX_Marshal 

func (m *Redshift) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*Redshift) XXX_Merge 

func (m *Redshift) XXX_Merge(src proto.Message)

func (*Redshift) XXX_Size 

func (m *Redshift) XXX_Size() int

func (*Redshift) XXX_Unmarshal 

func (m *Redshift) XXX_Unmarshal(b []byte) error

type RemoteCluster 

type RemoteCluster interface {
	// Resource provides common resource properties
	Resource
	// GetConnectionStatus returns connection status
	GetConnectionStatus() string
	// SetConnectionStatus sets connection  status
	SetConnectionStatus(string)

	// GetLastHeartbeat returns last heartbeat of the cluster
	GetLastHeartbeat() time.Time
	// SetLastHeartbeat sets last heartbeat of the cluster
	SetLastHeartbeat(t time.Time)

	// SetMetadata sets remote cluster metatada
	SetMetadata(Metadata)
}

RemoteCluster represents a remote cluster that has connected via reverse tunnel to this cluster

func NewRemoteCluster 

func NewRemoteCluster(name string) (RemoteCluster, error)

NewRemoteCluster is a convenience way to create a RemoteCluster resource.

type RemoteClusterStatusV3 

type RemoteClusterStatusV3 struct {
	// Connection represents connection status, online or offline
	Connection string `protobuf:"bytes,1,opt,name=Connection,proto3" json:"connection"`
	// LastHeartbeat records last heartbeat of the cluster
	LastHeartbeat        time.Time `protobuf:"bytes,2,opt,name=LastHeartbeat,proto3,stdtime" json:"last_heartbeat"`
	XXX_NoUnkeyedLiteral struct{}  `json:"-"`
	XXX_unrecognized     []byte    `json:"-"`
	XXX_sizecache        int32     `json:"-"`
}

RemoteClusterStatusV3 represents status of the remote cluster

func (*RemoteClusterStatusV3) Descriptor 

func (*RemoteClusterStatusV3) Descriptor() ([]byte, []int)

func (*RemoteClusterStatusV3) Marshal 

func (m *RemoteClusterStatusV3) Marshal() (dAtA []byte, err error)

func (*RemoteClusterStatusV3) MarshalTo 

func (m *RemoteClusterStatusV3) MarshalTo(dAtA []byte) (int, error)

func (*RemoteClusterStatusV3) MarshalToSizedBuffer 

func (m *RemoteClusterStatusV3) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*RemoteClusterStatusV3) ProtoMessage 

func (*RemoteClusterStatusV3) ProtoMessage()

func (*RemoteClusterStatusV3) Reset 

func (m *RemoteClusterStatusV3) Reset()

func (*RemoteClusterStatusV3) Size 

func (m *RemoteClusterStatusV3) Size() (n int)

func (*RemoteClusterStatusV3) String 

func (m *RemoteClusterStatusV3) String() string

func (*RemoteClusterStatusV3) Unmarshal 

func (m *RemoteClusterStatusV3) Unmarshal(dAtA []byte) error

func (*RemoteClusterStatusV3) XXX_DiscardUnknown 

func (m *RemoteClusterStatusV3) XXX_DiscardUnknown()

func (*RemoteClusterStatusV3) XXX_Marshal 

func (m *RemoteClusterStatusV3) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*RemoteClusterStatusV3) XXX_Merge 

func (m *RemoteClusterStatusV3) XXX_Merge(src proto.Message)

func (*RemoteClusterStatusV3) XXX_Size 

func (m *RemoteClusterStatusV3) XXX_Size() int

func (*RemoteClusterStatusV3) XXX_Unmarshal 

func (m *RemoteClusterStatusV3) XXX_Unmarshal(b []byte) error

type RemoteClusterV3 

type RemoteClusterV3 struct {
	// Kind is a resource kind
	Kind string `protobuf:"bytes,1,opt,name=Kind,proto3" json:"kind"`
	// SubKind is an optional resource sub kind, used in some resources
	SubKind string `protobuf:"bytes,2,opt,name=SubKind,proto3" json:"sub_kind,omitempty"`
	// Version is resource API version
	Version string `protobuf:"bytes,3,opt,name=Version,proto3" json:"version"`
	// Metadata is resource metadata
	Metadata Metadata `protobuf:"bytes,4,opt,name=Metadata,proto3" json:"metadata"`
	// Status is a remote cluster status
	Status               RemoteClusterStatusV3 `protobuf:"bytes,5,opt,name=Status,proto3" json:"status"`
	XXX_NoUnkeyedLiteral struct{}              `json:"-"`
	XXX_unrecognized     []byte                `json:"-"`
	XXX_sizecache        int32                 `json:"-"`
}

RemoteClusterV3 represents remote cluster resource specification

func (*RemoteClusterV3) CheckAndSetDefaults 

func (c *RemoteClusterV3) CheckAndSetDefaults() error

CheckAndSetDefaults checks and sets default values

func (*RemoteClusterV3) Descriptor 

func (*RemoteClusterV3) Descriptor() ([]byte, []int)

func (*RemoteClusterV3) Expiry 

func (c *RemoteClusterV3) Expiry() time.Time

Expiry returns object expiry setting

func (*RemoteClusterV3) GetConnectionStatus 

func (c *RemoteClusterV3) GetConnectionStatus() string

GetConnectionStatus returns connection status

func (*RemoteClusterV3) GetKind 

func (c *RemoteClusterV3) GetKind() string

GetKind returns resource kind

func (*RemoteClusterV3) GetLastHeartbeat 

func (c *RemoteClusterV3) GetLastHeartbeat() time.Time

GetLastHeartbeat returns last heartbeat of the cluster

func (*RemoteClusterV3) GetMetadata 

func (c *RemoteClusterV3) GetMetadata() Metadata

GetMetadata returns object metadata

func (*RemoteClusterV3) GetName 

func (c *RemoteClusterV3) GetName() string

GetName returns the name of the RemoteCluster.

func (*RemoteClusterV3) GetResourceID 

func (c *RemoteClusterV3) GetResourceID() int64

GetResourceID returns resource ID

func (*RemoteClusterV3) GetSubKind 

func (c *RemoteClusterV3) GetSubKind() string

GetSubKind returns resource sub kind

func (*RemoteClusterV3) GetVersion 

func (c *RemoteClusterV3) GetVersion() string

GetVersion returns resource version

func (*RemoteClusterV3) Marshal 

func (m *RemoteClusterV3) Marshal() (dAtA []byte, err error)

func (*RemoteClusterV3) MarshalTo 

func (m *RemoteClusterV3) MarshalTo(dAtA []byte) (int, error)

func (*RemoteClusterV3) MarshalToSizedBuffer 

func (m *RemoteClusterV3) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*RemoteClusterV3) ProtoMessage 

func (*RemoteClusterV3) ProtoMessage()

func (*RemoteClusterV3) Reset 

func (m *RemoteClusterV3) Reset()

func (*RemoteClusterV3) SetConnectionStatus 

func (c *RemoteClusterV3) SetConnectionStatus(status string)

SetConnectionStatus sets connection status

func (*RemoteClusterV3) SetExpiry 

func (c *RemoteClusterV3) SetExpiry(expires time.Time)

SetExpiry sets expiry time for the object

func (*RemoteClusterV3) SetLastHeartbeat 

func (c *RemoteClusterV3) SetLastHeartbeat(t time.Time)

SetLastHeartbeat sets last heartbeat of the cluster

func (*RemoteClusterV3) SetMetadata 

func (c *RemoteClusterV3) SetMetadata(meta Metadata)

SetMetadata sets remote cluster metatada

func (*RemoteClusterV3) SetName 

func (c *RemoteClusterV3) SetName(e string)

SetName sets the name of the RemoteCluster.

func (*RemoteClusterV3) SetResourceID 

func (c *RemoteClusterV3) SetResourceID(id int64)

SetResourceID sets resource ID

func (*RemoteClusterV3) SetSubKind 

func (c *RemoteClusterV3) SetSubKind(s string)

SetSubKind sets resource subkind

func (*RemoteClusterV3) Size 

func (m *RemoteClusterV3) Size() (n int)

func (*RemoteClusterV3) String 

func (c *RemoteClusterV3) String() string

String represents a human readable version of remote cluster settings.

func (*RemoteClusterV3) Unmarshal 

func (m *RemoteClusterV3) Unmarshal(dAtA []byte) error

func (*RemoteClusterV3) XXX_DiscardUnknown 

func (m *RemoteClusterV3) XXX_DiscardUnknown()

func (*RemoteClusterV3) XXX_Marshal 

func (m *RemoteClusterV3) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*RemoteClusterV3) XXX_Merge 

func (m *RemoteClusterV3) XXX_Merge(src proto.Message)

func (*RemoteClusterV3) XXX_Size 

func (m *RemoteClusterV3) XXX_Size() int

func (*RemoteClusterV3) XXX_Unmarshal 

func (m *RemoteClusterV3) XXX_Unmarshal(b []byte) error

type RequestState 

type RequestState int32

RequestState represents the state of a request for escalated privilege. 

const (
	// NONE variant exists to allow RequestState to be explicitly omitted
	// in certain circumstances (e.g. in an AccessRequestFilter).
	RequestState_NONE RequestState = 0
	// PENDING variant is the default for newly created requests.
	RequestState_PENDING RequestState = 1
	// APPROVED variant indicates that a request has been accepted by
	// an administrating party.
	RequestState_APPROVED RequestState = 2
	// DENIED variant indicates that a request has been rejected by
	// an administrating party.
	RequestState_DENIED RequestState = 3
)

func (RequestState) EnumDescriptor 

func (RequestState) EnumDescriptor() ([]byte, []int)

func (RequestState) IsApproved 

func (s RequestState) IsApproved() bool

IsApproved request state

func (RequestState) IsDenied 

func (s RequestState) IsDenied() bool

IsDenied request state

func (RequestState) IsNone 

func (s RequestState) IsNone() bool

IsNone request state

func (RequestState) IsPending 

func (s RequestState) IsPending() bool

IsPending request state

func (RequestState) IsResolved 

func (s RequestState) IsResolved() bool

IsResolved request state

func (*RequestState) Parse 

func (s *RequestState) Parse(val string) error

Parse attempts to interpret a value as a string representation of a RequestState.

func (RequestState) String 

func (x RequestState) String() string

type RequestStrategy 

type RequestStrategy string

RequestStrategy is an indicator of how access requests should be handled for holders of a given role. 

const (
	// RequestStrategyOptional is the default request strategy,
	// indicating that no special actions/requirements exist.
	RequestStrategyOptional RequestStrategy = "optional"

	// RequestStrategyReason indicates that client implementations
	// should automatically generate wildcard requests on login, and
	// users should be prompted for a reason.
	RequestStrategyReason RequestStrategy = "reason"

	// RequestStrategyAlways indicates that client implementations
	// should automatically generate wildcard requests on login, but
	// that reasons are not required.
	RequestStrategyAlways RequestStrategy = "always"
)

func (RequestStrategy) RequireReason 

func (s RequestStrategy) RequireReason() bool

RequireReason checks if the request strategy is one that requires users to always supply reasons with their requests.

func (RequestStrategy) ShouldAutoRequest 

func (s RequestStrategy) ShouldAutoRequest() bool

ShouldAutoRequest checks if the request strategy indicates that a request should be automatically generated on login.

type ResetPasswordToken 

type ResetPasswordToken interface {
	// Resource provides common resource properties
	Resource
	// GetUser returns User
	GetUser() string
	// SetUser sets User
	SetUser(string)
	// GetCreated returns Created
	GetCreated() time.Time
	// SetCreated sets Created
	SetCreated(time.Time)
	// GetURL returns URL
	GetURL() string
	// SetURL returns URL
	SetURL(string)
}

ResetPasswordToken represents a temporary token used to reset passwords

func NewResetPasswordToken 

func NewResetPasswordToken(tokenID string) (ResetPasswordToken, error)

NewResetPasswordToken creates an instance of ResetPasswordToken.

type ResetPasswordTokenSecrets 

type ResetPasswordTokenSecrets interface {
	// Resource provides common resource properties
	Resource
	// GetCreated returns Created
	GetCreated() time.Time
	// SetCreated sets Created
	SetCreated(time.Time)
	// GetQRCode returns QRCode
	GetQRCode() []byte
	// SetQRCode sets QRCode
	SetQRCode([]byte)
	// GetOTPKey returns OTP key
	GetOTPKey() string
	// SetOTPKey sets OTP Key
	SetOTPKey(string)
}

ResetPasswordTokenSecrets contains token secrets

func NewResetPasswordTokenSecrets 

func NewResetPasswordTokenSecrets(tokenID string) (ResetPasswordTokenSecrets, error)

NewResetPasswordTokenSecrets creates an instance of ResetPasswordTokenSecrets.

type ResetPasswordTokenSecretsSpecV3 

type ResetPasswordTokenSecretsSpecV3 struct {
	// OTPKey is is a secret value of one time password secret generator
	OTPKey string `protobuf:"bytes,1,opt,name=OTPKey,proto3" json:"opt_key"`
	// OTPKey is is a secret value of one time password secret generator
	QRCode string `protobuf:"bytes,2,opt,name=QRCode,proto3" json:"qr_code,omitempty"`
	// Created holds information about when the token was created
	Created              time.Time `protobuf:"bytes,3,opt,name=Created,proto3,stdtime" json:"created,omitempty"`
	XXX_NoUnkeyedLiteral struct{}  `json:"-"`
	XXX_unrecognized     []byte    `json:"-"`
	XXX_sizecache        int32     `json:"-"`
}

func (*ResetPasswordTokenSecretsSpecV3) Descriptor 

func (*ResetPasswordTokenSecretsSpecV3) Descriptor() ([]byte, []int)

func (*ResetPasswordTokenSecretsSpecV3) Marshal 

func (m *ResetPasswordTokenSecretsSpecV3) Marshal() (dAtA []byte, err error)

func (*ResetPasswordTokenSecretsSpecV3) MarshalTo 

func (m *ResetPasswordTokenSecretsSpecV3) MarshalTo(dAtA []byte) (int, error)

func (*ResetPasswordTokenSecretsSpecV3) MarshalToSizedBuffer 

func (m *ResetPasswordTokenSecretsSpecV3) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*ResetPasswordTokenSecretsSpecV3) ProtoMessage 

func (*ResetPasswordTokenSecretsSpecV3) ProtoMessage()

func (*ResetPasswordTokenSecretsSpecV3) Reset 

func (m *ResetPasswordTokenSecretsSpecV3) Reset()

func (*ResetPasswordTokenSecretsSpecV3) Size 

func (m *ResetPasswordTokenSecretsSpecV3) Size() (n int)

func (*ResetPasswordTokenSecretsSpecV3) String 

func (m *ResetPasswordTokenSecretsSpecV3) String() string

func (*ResetPasswordTokenSecretsSpecV3) Unmarshal 

func (m *ResetPasswordTokenSecretsSpecV3) Unmarshal(dAtA []byte) error

func (*ResetPasswordTokenSecretsSpecV3) XXX_DiscardUnknown 

func (m *ResetPasswordTokenSecretsSpecV3) XXX_DiscardUnknown()

func (*ResetPasswordTokenSecretsSpecV3) XXX_Marshal 

func (m *ResetPasswordTokenSecretsSpecV3) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*ResetPasswordTokenSecretsSpecV3) XXX_Merge 

func (m *ResetPasswordTokenSecretsSpecV3) XXX_Merge(src proto.Message)

func (*ResetPasswordTokenSecretsSpecV3) XXX_Size 

func (m *ResetPasswordTokenSecretsSpecV3) XXX_Size() int

func (*ResetPasswordTokenSecretsSpecV3) XXX_Unmarshal 

func (m *ResetPasswordTokenSecretsSpecV3) XXX_Unmarshal(b []byte) error

type ResetPasswordTokenSecretsV3 

type ResetPasswordTokenSecretsV3 struct {
	// Kind is a resource kind
	Kind string `protobuf:"bytes,1,opt,name=Kind,proto3" json:"kind"`
	// SubKind is an optional resource sub kind, used in some resources
	SubKind string `protobuf:"bytes,2,opt,name=SubKind,proto3" json:"sub_kind,omitempty"`
	// Version is version
	Version string `protobuf:"bytes,3,opt,name=Version,proto3" json:"version"`
	// Metadata is ResetPasswordTokenSecrets metadata
	Metadata Metadata `protobuf:"bytes,4,opt,name=Metadata,proto3" json:"metadata"`
	// Spec is an ResetPasswordTokenSecrets specification
	Spec                 ResetPasswordTokenSecretsSpecV3 `protobuf:"bytes,5,opt,name=Spec,proto3" json:"spec"`
	XXX_NoUnkeyedLiteral struct{}                        `json:"-"`
	XXX_unrecognized     []byte                          `json:"-"`
	XXX_sizecache        int32                           `json:"-"`
}

func (ResetPasswordTokenSecretsV3) CheckAndSetDefaults 

func (u ResetPasswordTokenSecretsV3) CheckAndSetDefaults() error

CheckAndSetDefaults checks and set default values for any missing fields.

func (*ResetPasswordTokenSecretsV3) Descriptor 

func (*ResetPasswordTokenSecretsV3) Descriptor() ([]byte, []int)

func (*ResetPasswordTokenSecretsV3) Expiry 

func (u *ResetPasswordTokenSecretsV3) Expiry() time.Time

Expiry returns object expiry setting

func (*ResetPasswordTokenSecretsV3) GetCreated 

func (u *ResetPasswordTokenSecretsV3) GetCreated() time.Time

GetCreated returns Created

func (*ResetPasswordTokenSecretsV3) GetKind 

func (u *ResetPasswordTokenSecretsV3) GetKind() string

GetKind returns resource kind

func (*ResetPasswordTokenSecretsV3) GetMetadata 

func (u *ResetPasswordTokenSecretsV3) GetMetadata() Metadata

GetMetadata returns object metadata

func (*ResetPasswordTokenSecretsV3) GetName 

func (u *ResetPasswordTokenSecretsV3) GetName() string

GetName returns Name

func (*ResetPasswordTokenSecretsV3) GetOTPKey 

func (u *ResetPasswordTokenSecretsV3) GetOTPKey() string

GetOTPKey returns OTP Key

func (*ResetPasswordTokenSecretsV3) GetQRCode 

func (u *ResetPasswordTokenSecretsV3) GetQRCode() []byte

GetQRCode returns QRCode

func (*ResetPasswordTokenSecretsV3) GetResourceID 

func (u *ResetPasswordTokenSecretsV3) GetResourceID() int64

GetResourceID returns resource ID

func (*ResetPasswordTokenSecretsV3) GetSubKind 

func (u *ResetPasswordTokenSecretsV3) GetSubKind() string

GetSubKind returns resource sub kind

func (*ResetPasswordTokenSecretsV3) GetVersion 

func (u *ResetPasswordTokenSecretsV3) GetVersion() string

GetVersion returns resource version

func (*ResetPasswordTokenSecretsV3) Marshal 

func (m *ResetPasswordTokenSecretsV3) Marshal() (dAtA []byte, err error)

func (*ResetPasswordTokenSecretsV3) MarshalTo 

func (m *ResetPasswordTokenSecretsV3) MarshalTo(dAtA []byte) (int, error)

func (*ResetPasswordTokenSecretsV3) MarshalToSizedBuffer 

func (m *ResetPasswordTokenSecretsV3) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*ResetPasswordTokenSecretsV3) ProtoMessage 

func (*ResetPasswordTokenSecretsV3) ProtoMessage()

func (*ResetPasswordTokenSecretsV3) Reset 

func (m *ResetPasswordTokenSecretsV3) Reset()

func (*ResetPasswordTokenSecretsV3) SetCreated 

func (u *ResetPasswordTokenSecretsV3) SetCreated(t time.Time)

SetCreated sets Created

func (*ResetPasswordTokenSecretsV3) SetExpiry 

func (u *ResetPasswordTokenSecretsV3) SetExpiry(t time.Time)

SetExpiry sets object expiry

func (*ResetPasswordTokenSecretsV3) SetName 

func (u *ResetPasswordTokenSecretsV3) SetName(name string)

SetName sets the name of the resource

func (*ResetPasswordTokenSecretsV3) SetOTPKey 

func (u *ResetPasswordTokenSecretsV3) SetOTPKey(key string)

SetOTPKey sets OTP Key

func (*ResetPasswordTokenSecretsV3) SetQRCode 

func (u *ResetPasswordTokenSecretsV3) SetQRCode(code []byte)

SetQRCode sets QRCode

func (*ResetPasswordTokenSecretsV3) SetResourceID 

func (u *ResetPasswordTokenSecretsV3) SetResourceID(id int64)

SetResourceID sets resource ID

func (*ResetPasswordTokenSecretsV3) SetSubKind 

func (u *ResetPasswordTokenSecretsV3) SetSubKind(s string)

SetSubKind sets resource subkind

func (*ResetPasswordTokenSecretsV3) Size 

func (m *ResetPasswordTokenSecretsV3) Size() (n int)

func (*ResetPasswordTokenSecretsV3) String 

func (u *ResetPasswordTokenSecretsV3) String() string

// String represents a human readable version of the token secrets

func (*ResetPasswordTokenSecretsV3) Unmarshal 

func (m *ResetPasswordTokenSecretsV3) Unmarshal(dAtA []byte) error

func (*ResetPasswordTokenSecretsV3) XXX_DiscardUnknown 

func (m *ResetPasswordTokenSecretsV3) XXX_DiscardUnknown()

func (*ResetPasswordTokenSecretsV3) XXX_Marshal 

func (m *ResetPasswordTokenSecretsV3) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*ResetPasswordTokenSecretsV3) XXX_Merge 

func (m *ResetPasswordTokenSecretsV3) XXX_Merge(src proto.Message)

func (*ResetPasswordTokenSecretsV3) XXX_Size 

func (m *ResetPasswordTokenSecretsV3) XXX_Size() int

func (*ResetPasswordTokenSecretsV3) XXX_Unmarshal 

func (m *ResetPasswordTokenSecretsV3) XXX_Unmarshal(b []byte) error

type ResetPasswordTokenSpecV3 

type ResetPasswordTokenSpecV3 struct {
	// User is user name associated with this token
	User string `protobuf:"bytes,1,opt,name=User,proto3" json:"user"`
	// URL is this token URL
	URL string `protobuf:"bytes,2,opt,name=URL,proto3" json:"url"`
	// Created holds information about when the token was created
	Created              time.Time `protobuf:"bytes,4,opt,name=Created,proto3,stdtime" json:"created,omitempty"`
	XXX_NoUnkeyedLiteral struct{}  `json:"-"`
	XXX_unrecognized     []byte    `json:"-"`
	XXX_sizecache        int32     `json:"-"`
}

func (*ResetPasswordTokenSpecV3) Descriptor 

func (*ResetPasswordTokenSpecV3) Descriptor() ([]byte, []int)

func (*ResetPasswordTokenSpecV3) Marshal 

func (m *ResetPasswordTokenSpecV3) Marshal() (dAtA []byte, err error)

func (*ResetPasswordTokenSpecV3) MarshalTo 

func (m *ResetPasswordTokenSpecV3) MarshalTo(dAtA []byte) (int, error)

func (*ResetPasswordTokenSpecV3) MarshalToSizedBuffer 

func (m *ResetPasswordTokenSpecV3) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*ResetPasswordTokenSpecV3) ProtoMessage 

func (*ResetPasswordTokenSpecV3) ProtoMessage()

func (*ResetPasswordTokenSpecV3) Reset 

func (m *ResetPasswordTokenSpecV3) Reset()

func (*ResetPasswordTokenSpecV3) Size 

func (m *ResetPasswordTokenSpecV3) Size() (n int)

func (*ResetPasswordTokenSpecV3) String 

func (m *ResetPasswordTokenSpecV3) String() string

func (*ResetPasswordTokenSpecV3) Unmarshal 

func (m *ResetPasswordTokenSpecV3) Unmarshal(dAtA []byte) error

func (*ResetPasswordTokenSpecV3) XXX_DiscardUnknown 

func (m *ResetPasswordTokenSpecV3) XXX_DiscardUnknown()

func (*ResetPasswordTokenSpecV3) XXX_Marshal 

func (m *ResetPasswordTokenSpecV3) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*ResetPasswordTokenSpecV3) XXX_Merge 

func (m *ResetPasswordTokenSpecV3) XXX_Merge(src proto.Message)

func (*ResetPasswordTokenSpecV3) XXX_Size 

func (m *ResetPasswordTokenSpecV3) XXX_Size() int

func (*ResetPasswordTokenSpecV3) XXX_Unmarshal 

func (m *ResetPasswordTokenSpecV3) XXX_Unmarshal(b []byte) error

type ResetPasswordTokenV3 

type ResetPasswordTokenV3 struct {
	// Kind is a resource kind
	Kind string `protobuf:"bytes,1,opt,name=Kind,proto3" json:"kind"`
	// SubKind is an optional resource sub kind, used in some resources
	SubKind string `protobuf:"bytes,2,opt,name=SubKind,proto3" json:"sub_kind,omitempty"`
	// Version is version
	Version string `protobuf:"bytes,3,opt,name=Version,proto3" json:"version"`
	// Metadata is ResetPasswordToken metadata
	Metadata Metadata `protobuf:"bytes,4,opt,name=Metadata,proto3" json:"metadata"`
	// Spec is an ResetPasswordToken specification
	Spec                 ResetPasswordTokenSpecV3 `protobuf:"bytes,5,opt,name=Spec,proto3" json:"spec"`
	XXX_NoUnkeyedLiteral struct{}                 `json:"-"`
	XXX_unrecognized     []byte                   `json:"-"`
	XXX_sizecache        int32                    `json:"-"`
}

func (ResetPasswordTokenV3) CheckAndSetDefaults 

func (u ResetPasswordTokenV3) CheckAndSetDefaults() error

CheckAndSetDefaults checks and set default values for any missing fields.

func (*ResetPasswordTokenV3) Descriptor 

func (*ResetPasswordTokenV3) Descriptor() ([]byte, []int)

func (*ResetPasswordTokenV3) Expiry 

func (u *ResetPasswordTokenV3) Expiry() time.Time

Expiry returns object expiry setting

func (*ResetPasswordTokenV3) GetCreated 

func (u *ResetPasswordTokenV3) GetCreated() time.Time

GetCreated returns Created

func (*ResetPasswordTokenV3) GetKind 

func (u *ResetPasswordTokenV3) GetKind() string

GetKind returns resource kind

func (*ResetPasswordTokenV3) GetMetadata 

func (u *ResetPasswordTokenV3) GetMetadata() Metadata

GetMetadata returns object metadata

func (*ResetPasswordTokenV3) GetName 

func (u *ResetPasswordTokenV3) GetName() string

GetName returns Name

func (*ResetPasswordTokenV3) GetResourceID 

func (u *ResetPasswordTokenV3) GetResourceID() int64

GetResourceID returns resource ID

func (*ResetPasswordTokenV3) GetSubKind 

func (u *ResetPasswordTokenV3) GetSubKind() string

GetSubKind returns resource sub kind

func (*ResetPasswordTokenV3) GetURL 

func (u *ResetPasswordTokenV3) GetURL() string

GetURL returns URL

func (*ResetPasswordTokenV3) GetUser 

func (u *ResetPasswordTokenV3) GetUser() string

GetUser returns User

func (*ResetPasswordTokenV3) GetVersion 

func (u *ResetPasswordTokenV3) GetVersion() string

GetVersion returns resource version

func (*ResetPasswordTokenV3) Marshal 

func (m *ResetPasswordTokenV3) Marshal() (dAtA []byte, err error)

func (*ResetPasswordTokenV3) MarshalTo 

func (m *ResetPasswordTokenV3) MarshalTo(dAtA []byte) (int, error)

func (*ResetPasswordTokenV3) MarshalToSizedBuffer 

func (m *ResetPasswordTokenV3) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*ResetPasswordTokenV3) ProtoMessage 

func (*ResetPasswordTokenV3) ProtoMessage()

func (*ResetPasswordTokenV3) Reset 

func (m *ResetPasswordTokenV3) Reset()

func (*ResetPasswordTokenV3) SetCreated 

func (u *ResetPasswordTokenV3) SetCreated(t time.Time)

SetCreated sets the name of the resource

func (*ResetPasswordTokenV3) SetExpiry 

func (u *ResetPasswordTokenV3) SetExpiry(t time.Time)

SetExpiry sets object expiry

func (*ResetPasswordTokenV3) SetName 

func (u *ResetPasswordTokenV3) SetName(name string)

SetName sets the name of the resource

func (*ResetPasswordTokenV3) SetResourceID 

func (u *ResetPasswordTokenV3) SetResourceID(id int64)

SetResourceID sets resource ID

func (*ResetPasswordTokenV3) SetSubKind 

func (u *ResetPasswordTokenV3) SetSubKind(s string)

SetSubKind sets resource subkind

func (*ResetPasswordTokenV3) SetURL 

func (u *ResetPasswordTokenV3) SetURL(url string)

SetURL sets URL

func (*ResetPasswordTokenV3) SetUser 

func (u *ResetPasswordTokenV3) SetUser(name string)

SetUser sets the name of the resource

func (*ResetPasswordTokenV3) Size 

func (m *ResetPasswordTokenV3) Size() (n int)

func (*ResetPasswordTokenV3) String 

func (u *ResetPasswordTokenV3) String() string

// String represents a human readable version of the token

func (*ResetPasswordTokenV3) Unmarshal 

func (m *ResetPasswordTokenV3) Unmarshal(dAtA []byte) error

func (*ResetPasswordTokenV3) XXX_DiscardUnknown 

func (m *ResetPasswordTokenV3) XXX_DiscardUnknown()

func (*ResetPasswordTokenV3) XXX_Marshal 

func (m *ResetPasswordTokenV3) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*ResetPasswordTokenV3) XXX_Merge 

func (m *ResetPasswordTokenV3) XXX_Merge(src proto.Message)

func (*ResetPasswordTokenV3) XXX_Size 

func (m *ResetPasswordTokenV3) XXX_Size() int

func (*ResetPasswordTokenV3) XXX_Unmarshal 

func (m *ResetPasswordTokenV3) XXX_Unmarshal(b []byte) error

type Resource 

type Resource interface {
	// GetKind returns resource kind
	GetKind() string
	// GetSubKind returns resource subkind
	GetSubKind() string
	// SetSubKind sets resource subkind
	SetSubKind(string)
	// GetVersion returns resource version
	GetVersion() string
	// GetName returns the name of the resource
	GetName() string
	// SetName sets the name of the resource
	SetName(string)
	// Expiry returns object expiry setting
	Expiry() time.Time
	// SetExpiry sets object expiry
	SetExpiry(time.Time)
	// GetMetadata returns object metadata
	GetMetadata() Metadata
	// GetResourceID returns resource ID
	GetResourceID() int64
	// SetResourceID sets resource ID
	SetResourceID(int64)
	// CheckAndSetDefaults validates the Resource and sets any empty fields to
	// default values.
	CheckAndSetDefaults() error
}

Resource represents common properties for all resources.

type ResourceHeader 

type ResourceHeader struct {
	// Kind is a resource kind
	Kind string `protobuf:"bytes,1,opt,name=Kind,proto3" json:"kind,omitempty"`
	// SubKind is an optional resource sub kind, used in some resources
	SubKind string `protobuf:"bytes,2,opt,name=SubKind,proto3" json:"sub_kind,omitempty"`
	// Version is version
	Version string `protobuf:"bytes,3,opt,name=Version,proto3" json:"version,omitempty"`
	// Metadata is resource metadata
	Metadata             Metadata `protobuf:"bytes,4,opt,name=Metadata,proto3" json:"metadata,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

ResorceHeader is a shared resource header used in cases when only type and name is known

func (*ResourceHeader) CheckAndSetDefaults 

func (h *ResourceHeader) CheckAndSetDefaults() error

func (*ResourceHeader) Descriptor 

func (*ResourceHeader) Descriptor() ([]byte, []int)

func (*ResourceHeader) Expiry 

func (h *ResourceHeader) Expiry() time.Time

Expiry returns object expiry setting

func (*ResourceHeader) GetKind 

func (h *ResourceHeader) GetKind() string

GetKind returns resource kind

func (*ResourceHeader) GetMetadata 

func (h *ResourceHeader) GetMetadata() Metadata

GetMetadata returns object metadata

func (*ResourceHeader) GetName 

func (h *ResourceHeader) GetName() string

GetName returns the name of the resource

func (*ResourceHeader) GetResourceID 

func (h *ResourceHeader) GetResourceID() int64

GetResourceID returns resource ID

func (*ResourceHeader) GetSubKind 

func (h *ResourceHeader) GetSubKind() string

GetSubKind returns resource subkind

func (*ResourceHeader) GetVersion 

func (h *ResourceHeader) GetVersion() string

GetVersion returns resource version

func (*ResourceHeader) Marshal 

func (m *ResourceHeader) Marshal() (dAtA []byte, err error)

func (*ResourceHeader) MarshalTo 

func (m *ResourceHeader) MarshalTo(dAtA []byte) (int, error)

func (*ResourceHeader) MarshalToSizedBuffer 

func (m *ResourceHeader) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*ResourceHeader) ProtoMessage 

func (*ResourceHeader) ProtoMessage()

func (*ResourceHeader) Reset 

func (m *ResourceHeader) Reset()

func (*ResourceHeader) SetExpiry 

func (h *ResourceHeader) SetExpiry(t time.Time)

SetExpiry sets object expiry

func (*ResourceHeader) SetName 

func (h *ResourceHeader) SetName(v string)

SetName sets the name of the resource

func (*ResourceHeader) SetResourceID 

func (h *ResourceHeader) SetResourceID(id int64)

SetResourceID sets resource ID

func (*ResourceHeader) SetSubKind 

func (h *ResourceHeader) SetSubKind(s string)

SetSubKind sets resource subkind

func (*ResourceHeader) Size 

func (m *ResourceHeader) Size() (n int)

func (*ResourceHeader) String 

func (m *ResourceHeader) String() string

func (*ResourceHeader) Unmarshal 

func (m *ResourceHeader) Unmarshal(dAtA []byte) error

func (*ResourceHeader) XXX_DiscardUnknown 

func (m *ResourceHeader) XXX_DiscardUnknown()

func (*ResourceHeader) XXX_Marshal 

func (m *ResourceHeader) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*ResourceHeader) XXX_Merge 

func (m *ResourceHeader) XXX_Merge(src proto.Message)

func (*ResourceHeader) XXX_Size 

func (m *ResourceHeader) XXX_Size() int

func (*ResourceHeader) XXX_Unmarshal 

func (m *ResourceHeader) XXX_Unmarshal(b []byte) error

type ResourceInNamespaceRequest 

type ResourceInNamespaceRequest struct {
	// Name is the name of the resource.
	Name string `protobuf:"bytes,1,opt,name=Name,proto3" json:"Name,omitempty"`
	// Namespace is the namespace of resources.
	Namespace            string   `protobuf:"bytes,2,opt,name=Namespace,proto3" json:"Namespace,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

ResourcesInNamespaceRequest is a request relating to a named resource in the given namespace.

func (*ResourceInNamespaceRequest) Descriptor 

func (*ResourceInNamespaceRequest) Descriptor() ([]byte, []int)

func (*ResourceInNamespaceRequest) Marshal 

func (m *ResourceInNamespaceRequest) Marshal() (dAtA []byte, err error)

func (*ResourceInNamespaceRequest) MarshalTo 

func (m *ResourceInNamespaceRequest) MarshalTo(dAtA []byte) (int, error)

func (*ResourceInNamespaceRequest) MarshalToSizedBuffer 

func (m *ResourceInNamespaceRequest) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*ResourceInNamespaceRequest) ProtoMessage 

func (*ResourceInNamespaceRequest) ProtoMessage()

func (*ResourceInNamespaceRequest) Reset 

func (m *ResourceInNamespaceRequest) Reset()

func (*ResourceInNamespaceRequest) Size 

func (m *ResourceInNamespaceRequest) Size() (n int)

func (*ResourceInNamespaceRequest) String 

func (m *ResourceInNamespaceRequest) String() string

func (*ResourceInNamespaceRequest) Unmarshal 

func (m *ResourceInNamespaceRequest) Unmarshal(dAtA []byte) error

func (*ResourceInNamespaceRequest) XXX_DiscardUnknown 

func (m *ResourceInNamespaceRequest) XXX_DiscardUnknown()

func (*ResourceInNamespaceRequest) XXX_Marshal 

func (m *ResourceInNamespaceRequest) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*ResourceInNamespaceRequest) XXX_Merge 

func (m *ResourceInNamespaceRequest) XXX_Merge(src proto.Message)

func (*ResourceInNamespaceRequest) XXX_Size 

func (m *ResourceInNamespaceRequest) XXX_Size() int

func (*ResourceInNamespaceRequest) XXX_Unmarshal 

func (m *ResourceInNamespaceRequest) XXX_Unmarshal(b []byte) error

type ResourceRequest 

type ResourceRequest struct {
	// Name is the name of the resource.
	Name                 string   `protobuf:"bytes,1,opt,name=Name,proto3" json:"name"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

ResourceRequest is a request relating to a named resource.

func (*ResourceRequest) Descriptor 

func (*ResourceRequest) Descriptor() ([]byte, []int)

func (*ResourceRequest) Marshal 

func (m *ResourceRequest) Marshal() (dAtA []byte, err error)

func (*ResourceRequest) MarshalTo 

func (m *ResourceRequest) MarshalTo(dAtA []byte) (int, error)

func (*ResourceRequest) MarshalToSizedBuffer 

func (m *ResourceRequest) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*ResourceRequest) ProtoMessage 

func (*ResourceRequest) ProtoMessage()

func (*ResourceRequest) Reset 

func (m *ResourceRequest) Reset()

func (*ResourceRequest) Size 

func (m *ResourceRequest) Size() (n int)

func (*ResourceRequest) String 

func (m *ResourceRequest) String() string

func (*ResourceRequest) Unmarshal 

func (m *ResourceRequest) Unmarshal(dAtA []byte) error

func (*ResourceRequest) XXX_DiscardUnknown 

func (m *ResourceRequest) XXX_DiscardUnknown()

func (*ResourceRequest) XXX_Marshal 

func (m *ResourceRequest) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*ResourceRequest) XXX_Merge 

func (m *ResourceRequest) XXX_Merge(src proto.Message)

func (*ResourceRequest) XXX_Size 

func (m *ResourceRequest) XXX_Size() int

func (*ResourceRequest) XXX_Unmarshal 

func (m *ResourceRequest) XXX_Unmarshal(b []byte) error

type ResourceWithOrigin 

type ResourceWithOrigin interface {
	Resource
	// Origin returns the origin value of the resource.
	Origin() string
	// SetOrigin sets the origin value of the resource.
	SetOrigin(string)
}

ResourceWithOrigin provides information on the origin of the resource (defaults, config-file, dynamic).

type ResourceWithSecrets 

type ResourceWithSecrets interface {
	Resource
	// WithoutSecrets returns an instance of the resource which
	// has had all secrets removed.  If the current resource has
	// already had its secrets removed, this may be a no-op.
	WithoutSecrets() Resource
}

ResourceWithSecrets includes additional properties which must be provided by resources which *may* contain secrets.

type ResourceWithSecretsRequest 

type ResourceWithSecretsRequest struct {
	// Name is the name of the resource.
	Name string `protobuf:"bytes,1,opt,name=Name,proto3" json:"name"`
	// WithSecrets specifies whether to load associated secrets.
	WithSecrets          bool     `protobuf:"varint,2,opt,name=WithSecrets,proto3" json:"with_secrets,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

ResourceWithSecretsRequest is a request relating to a named resource with secrets.

func (*ResourceWithSecretsRequest) Descriptor 

func (*ResourceWithSecretsRequest) Descriptor() ([]byte, []int)

func (*ResourceWithSecretsRequest) Marshal 

func (m *ResourceWithSecretsRequest) Marshal() (dAtA []byte, err error)

func (*ResourceWithSecretsRequest) MarshalTo 

func (m *ResourceWithSecretsRequest) MarshalTo(dAtA []byte) (int, error)

func (*ResourceWithSecretsRequest) MarshalToSizedBuffer 

func (m *ResourceWithSecretsRequest) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*ResourceWithSecretsRequest) ProtoMessage 

func (*ResourceWithSecretsRequest) ProtoMessage()

func (*ResourceWithSecretsRequest) Reset 

func (m *ResourceWithSecretsRequest) Reset()

func (*ResourceWithSecretsRequest) Size 

func (m *ResourceWithSecretsRequest) Size() (n int)

func (*ResourceWithSecretsRequest) String 

func (m *ResourceWithSecretsRequest) String() string

func (*ResourceWithSecretsRequest) Unmarshal 

func (m *ResourceWithSecretsRequest) Unmarshal(dAtA []byte) error

func (*ResourceWithSecretsRequest) XXX_DiscardUnknown 

func (m *ResourceWithSecretsRequest) XXX_DiscardUnknown()

func (*ResourceWithSecretsRequest) XXX_Marshal 

func (m *ResourceWithSecretsRequest) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*ResourceWithSecretsRequest) XXX_Merge 

func (m *ResourceWithSecretsRequest) XXX_Merge(src proto.Message)

func (*ResourceWithSecretsRequest) XXX_Size 

func (m *ResourceWithSecretsRequest) XXX_Size() int

func (*ResourceWithSecretsRequest) XXX_Unmarshal 

func (m *ResourceWithSecretsRequest) XXX_Unmarshal(b []byte) error

type ResourcesInNamespaceRequest 

type ResourcesInNamespaceRequest struct {
	// Namespace is the namespace of resources.
	Namespace            string   `protobuf:"bytes,1,opt,name=Namespace,proto3" json:"Namespace,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

ResourcesInNamespaceRequest is a request relating to resources in the given namespace.

func (*ResourcesInNamespaceRequest) Descriptor 

func (*ResourcesInNamespaceRequest) Descriptor() ([]byte, []int)

func (*ResourcesInNamespaceRequest) Marshal 

func (m *ResourcesInNamespaceRequest) Marshal() (dAtA []byte, err error)

func (*ResourcesInNamespaceRequest) MarshalTo 

func (m *ResourcesInNamespaceRequest) MarshalTo(dAtA []byte) (int, error)

func (*ResourcesInNamespaceRequest) MarshalToSizedBuffer 

func (m *ResourcesInNamespaceRequest) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*ResourcesInNamespaceRequest) ProtoMessage 

func (*ResourcesInNamespaceRequest) ProtoMessage()

func (*ResourcesInNamespaceRequest) Reset 

func (m *ResourcesInNamespaceRequest) Reset()

func (*ResourcesInNamespaceRequest) Size 

func (m *ResourcesInNamespaceRequest) Size() (n int)

func (*ResourcesInNamespaceRequest) String 

func (m *ResourcesInNamespaceRequest) String() string

func (*ResourcesInNamespaceRequest) Unmarshal 

func (m *ResourcesInNamespaceRequest) Unmarshal(dAtA []byte) error

func (*ResourcesInNamespaceRequest) XXX_DiscardUnknown 

func (m *ResourcesInNamespaceRequest) XXX_DiscardUnknown()

func (*ResourcesInNamespaceRequest) XXX_Marshal 

func (m *ResourcesInNamespaceRequest) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*ResourcesInNamespaceRequest) XXX_Merge 

func (m *ResourcesInNamespaceRequest) XXX_Merge(src proto.Message)

func (*ResourcesInNamespaceRequest) XXX_Size 

func (m *ResourcesInNamespaceRequest) XXX_Size() int

func (*ResourcesInNamespaceRequest) XXX_Unmarshal 

func (m *ResourcesInNamespaceRequest) XXX_Unmarshal(b []byte) error

type ResourcesWithSecretsRequest 

type ResourcesWithSecretsRequest struct {
	// WithSecrets specifies whether to load associated secrets.
	WithSecrets          bool     `protobuf:"varint,1,opt,name=WithSecrets,proto3" json:"with_secrets,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

ResourcesWithSecretsRequest is a request relating to resources with secrets.

func (*ResourcesWithSecretsRequest) Descriptor 

func (*ResourcesWithSecretsRequest) Descriptor() ([]byte, []int)

func (*ResourcesWithSecretsRequest) Marshal 

func (m *ResourcesWithSecretsRequest) Marshal() (dAtA []byte, err error)

func (*ResourcesWithSecretsRequest) MarshalTo 

func (m *ResourcesWithSecretsRequest) MarshalTo(dAtA []byte) (int, error)

func (*ResourcesWithSecretsRequest) MarshalToSizedBuffer 

func (m *ResourcesWithSecretsRequest) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*ResourcesWithSecretsRequest) ProtoMessage 

func (*ResourcesWithSecretsRequest) ProtoMessage()

func (*ResourcesWithSecretsRequest) Reset 

func (m *ResourcesWithSecretsRequest) Reset()

func (*ResourcesWithSecretsRequest) Size 

func (m *ResourcesWithSecretsRequest) Size() (n int)

func (*ResourcesWithSecretsRequest) String 

func (m *ResourcesWithSecretsRequest) String() string

func (*ResourcesWithSecretsRequest) Unmarshal 

func (m *ResourcesWithSecretsRequest) Unmarshal(dAtA []byte) error

func (*ResourcesWithSecretsRequest) XXX_DiscardUnknown 

func (m *ResourcesWithSecretsRequest) XXX_DiscardUnknown()

func (*ResourcesWithSecretsRequest) XXX_Marshal 

func (m *ResourcesWithSecretsRequest) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*ResourcesWithSecretsRequest) XXX_Merge 

func (m *ResourcesWithSecretsRequest) XXX_Merge(src proto.Message)

func (*ResourcesWithSecretsRequest) XXX_Size 

func (m *ResourcesWithSecretsRequest) XXX_Size() int

func (*ResourcesWithSecretsRequest) XXX_Unmarshal 

func (m *ResourcesWithSecretsRequest) XXX_Unmarshal(b []byte) error

type ReverseTunnel 

type ReverseTunnel interface {
	// Resource provides common methods for resource objects
	Resource
	// GetClusterName returns name of the cluster
	GetClusterName() string
	// SetClusterName sets cluster name
	SetClusterName(name string)
	// GetType gets the type of ReverseTunnel.
	GetType() TunnelType
	// SetType sets the type of ReverseTunnel.
	SetType(TunnelType)
	// GetDialAddrs returns list of dial addresses for this cluster
	GetDialAddrs() []string
}

ReverseTunnel is SSH reverse tunnel established between a local Proxy and a remote Proxy. It helps to bypass firewall restrictions, so local clusters don't need to have the cluster involved

func NewReverseTunnel 

func NewReverseTunnel(clusterName string, dialAddrs []string) (ReverseTunnel, error)

NewReverseTunnel returns new version of reverse tunnel

type ReverseTunnelSpecV2 

type ReverseTunnelSpecV2 struct {
	// ClusterName is a domain name of remote cluster we are connecting to
	ClusterName string `protobuf:"bytes,1,opt,name=ClusterName,proto3" json:"cluster_name"`
	// DialAddrs is a list of remote address to establish a connection to
	// it's always SSH over TCP
	DialAddrs []string `protobuf:"bytes,2,rep,name=DialAddrs,proto3" json:"dial_addrs,omitempty"`
	// Type is the type of reverse tunnel, either proxy or node.
	Type                 TunnelType `protobuf:"bytes,3,opt,name=Type,proto3,casttype=TunnelType" json:"type"`
	XXX_NoUnkeyedLiteral struct{}   `json:"-"`
	XXX_unrecognized     []byte     `json:"-"`
	XXX_sizecache        int32      `json:"-"`
}

ReverseTunnelSpecV2 is a specification for V2 reverse tunnel

func (*ReverseTunnelSpecV2) Descriptor 

func (*ReverseTunnelSpecV2) Descriptor() ([]byte, []int)

func (*ReverseTunnelSpecV2) Marshal 

func (m *ReverseTunnelSpecV2) Marshal() (dAtA []byte, err error)

func (*ReverseTunnelSpecV2) MarshalTo 

func (m *ReverseTunnelSpecV2) MarshalTo(dAtA []byte) (int, error)

func (*ReverseTunnelSpecV2) MarshalToSizedBuffer 

func (m *ReverseTunnelSpecV2) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*ReverseTunnelSpecV2) ProtoMessage 

func (*ReverseTunnelSpecV2) ProtoMessage()

func (*ReverseTunnelSpecV2) Reset 

func (m *ReverseTunnelSpecV2) Reset()

func (*ReverseTunnelSpecV2) Size 

func (m *ReverseTunnelSpecV2) Size() (n int)

func (*ReverseTunnelSpecV2) String 

func (m *ReverseTunnelSpecV2) String() string

func (*ReverseTunnelSpecV2) Unmarshal 

func (m *ReverseTunnelSpecV2) Unmarshal(dAtA []byte) error

func (*ReverseTunnelSpecV2) XXX_DiscardUnknown 

func (m *ReverseTunnelSpecV2) XXX_DiscardUnknown()

func (*ReverseTunnelSpecV2) XXX_Marshal 

func (m *ReverseTunnelSpecV2) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*ReverseTunnelSpecV2) XXX_Merge 

func (m *ReverseTunnelSpecV2) XXX_Merge(src proto.Message)

func (*ReverseTunnelSpecV2) XXX_Size 

func (m *ReverseTunnelSpecV2) XXX_Size() int

func (*ReverseTunnelSpecV2) XXX_Unmarshal 

func (m *ReverseTunnelSpecV2) XXX_Unmarshal(b []byte) error

type ReverseTunnelV2 

type ReverseTunnelV2 struct {
	// Kind is a resource kind
	Kind string `protobuf:"bytes,1,opt,name=Kind,proto3" json:"kind"`
	// SubKind is an optional resource sub kind, used in some resources
	SubKind string `protobuf:"bytes,2,opt,name=SubKind,proto3" json:"sub_kind,omitempty"`
	// Version is version
	Version string `protobuf:"bytes,3,opt,name=Version,proto3" json:"version"`
	// Metadata is a resource metadata
	Metadata Metadata `protobuf:"bytes,4,opt,name=Metadata,proto3" json:"metadata"`
	// Spec is a reverse tunnel specification
	Spec                 ReverseTunnelSpecV2 `protobuf:"bytes,5,opt,name=Spec,proto3" json:"spec"`
	XXX_NoUnkeyedLiteral struct{}            `json:"-"`
	XXX_unrecognized     []byte              `json:"-"`
	XXX_sizecache        int32               `json:"-"`
}

ReverseTunnelV2 is version 2 of the resource spec of the reverse tunnel

func (*ReverseTunnelV2) CheckAndSetDefaults 

func (r *ReverseTunnelV2) CheckAndSetDefaults() error

CheckAndSetDefaults checks and sets defaults

func (*ReverseTunnelV2) Descriptor 

func (*ReverseTunnelV2) Descriptor() ([]byte, []int)

func (*ReverseTunnelV2) Expiry 

func (r *ReverseTunnelV2) Expiry() time.Time

Expiry returns object expiry setting

func (*ReverseTunnelV2) GetClusterName 

func (r *ReverseTunnelV2) GetClusterName() string

GetClusterName returns name of the cluster

func (*ReverseTunnelV2) GetDialAddrs 

func (r *ReverseTunnelV2) GetDialAddrs() []string

GetDialAddrs returns list of dial addresses for this cluster

func (*ReverseTunnelV2) GetKind 

func (r *ReverseTunnelV2) GetKind() string

GetKind returns resource kind

func (*ReverseTunnelV2) GetMetadata 

func (r *ReverseTunnelV2) GetMetadata() Metadata

GetMetadata returns object metadata

func (*ReverseTunnelV2) GetName 

func (r *ReverseTunnelV2) GetName() string

GetName returns the name of the User

func (*ReverseTunnelV2) GetResourceID 

func (r *ReverseTunnelV2) GetResourceID() int64

GetResourceID returns resource ID

func (*ReverseTunnelV2) GetSubKind 

func (r *ReverseTunnelV2) GetSubKind() string

GetSubKind returns resource sub kind

func (*ReverseTunnelV2) GetType 

func (r *ReverseTunnelV2) GetType() TunnelType

GetType gets the type of ReverseTunnel.

func (*ReverseTunnelV2) GetVersion 

func (r *ReverseTunnelV2) GetVersion() string

GetVersion returns resource version

func (*ReverseTunnelV2) Marshal 

func (m *ReverseTunnelV2) Marshal() (dAtA []byte, err error)

func (*ReverseTunnelV2) MarshalTo 

func (m *ReverseTunnelV2) MarshalTo(dAtA []byte) (int, error)

func (*ReverseTunnelV2) MarshalToSizedBuffer 

func (m *ReverseTunnelV2) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*ReverseTunnelV2) ProtoMessage 

func (*ReverseTunnelV2) ProtoMessage()

func (*ReverseTunnelV2) Reset 

func (m *ReverseTunnelV2) Reset()

func (*ReverseTunnelV2) SetClusterName 

func (r *ReverseTunnelV2) SetClusterName(name string)

SetClusterName sets name of a cluster

func (*ReverseTunnelV2) SetExpiry 

func (r *ReverseTunnelV2) SetExpiry(expires time.Time)

SetExpiry sets expiry time for the object

func (*ReverseTunnelV2) SetName 

func (r *ReverseTunnelV2) SetName(e string)

SetName sets the name of the User

func (*ReverseTunnelV2) SetResourceID 

func (r *ReverseTunnelV2) SetResourceID(id int64)

SetResourceID sets resource ID

func (*ReverseTunnelV2) SetSubKind 

func (r *ReverseTunnelV2) SetSubKind(s string)

SetSubKind sets resource subkind

func (*ReverseTunnelV2) SetType 

func (r *ReverseTunnelV2) SetType(tt TunnelType)

SetType sets the type of ReverseTunnel.

func (*ReverseTunnelV2) Size 

func (m *ReverseTunnelV2) Size() (n int)

func (*ReverseTunnelV2) String 

func (m *ReverseTunnelV2) String() string

func (*ReverseTunnelV2) Unmarshal 

func (m *ReverseTunnelV2) Unmarshal(dAtA []byte) error

func (*ReverseTunnelV2) XXX_DiscardUnknown 

func (m *ReverseTunnelV2) XXX_DiscardUnknown()

func (*ReverseTunnelV2) XXX_Marshal 

func (m *ReverseTunnelV2) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*ReverseTunnelV2) XXX_Merge 

func (m *ReverseTunnelV2) XXX_Merge(src proto.Message)

func (*ReverseTunnelV2) XXX_Size 

func (m *ReverseTunnelV2) XXX_Size() int

func (*ReverseTunnelV2) XXX_Unmarshal 

func (m *ReverseTunnelV2) XXX_Unmarshal(b []byte) error

type Rewrite 

type Rewrite struct {
	// Redirect defines a list of hosts which will be rewritten to the public
	// address of the application if they occur in the "Location" header.
	Redirect []string `protobuf:"bytes,1,rep,name=Redirect,proto3" json:"redirect,omitempty"`
	// Headers is a list of headers to inject when passing the request over
	// to the application.
	Headers              []*Header `protobuf:"bytes,2,rep,name=Headers,proto3" json:"headers,omitempty"`
	XXX_NoUnkeyedLiteral struct{}  `json:"-"`
	XXX_unrecognized     []byte    `json:"-"`
	XXX_sizecache        int32     `json:"-"`
}

Rewrite is a list of rewriting rules to apply to requests and responses.

func (*Rewrite) Descriptor 

func (*Rewrite) Descriptor() ([]byte, []int)

func (*Rewrite) Marshal 

func (m *Rewrite) Marshal() (dAtA []byte, err error)

func (*Rewrite) MarshalTo 

func (m *Rewrite) MarshalTo(dAtA []byte) (int, error)

func (*Rewrite) MarshalToSizedBuffer 

func (m *Rewrite) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*Rewrite) ProtoMessage 

func (*Rewrite) ProtoMessage()

func (*Rewrite) Reset 

func (m *Rewrite) Reset()

func (*Rewrite) Size 

func (m *Rewrite) Size() (n int)

func (*Rewrite) String 

func (m *Rewrite) String() string

func (*Rewrite) Unmarshal 

func (m *Rewrite) Unmarshal(dAtA []byte) error

func (*Rewrite) XXX_DiscardUnknown 

func (m *Rewrite) XXX_DiscardUnknown()

func (*Rewrite) XXX_Marshal 

func (m *Rewrite) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*Rewrite) XXX_Merge 

func (m *Rewrite) XXX_Merge(src proto.Message)

func (*Rewrite) XXX_Size 

func (m *Rewrite) XXX_Size() int

func (*Rewrite) XXX_Unmarshal 

func (m *Rewrite) XXX_Unmarshal(b []byte) error

type Role 

type Role interface {
	// Resource provides common resource methods.
	Resource

	// GetOptions gets role options.
	GetOptions() RoleOptions
	// SetOptions sets role options
	SetOptions(opt RoleOptions)

	// GetLogins gets *nix system logins for allow or deny condition.
	GetLogins(RoleConditionType) []string
	// SetLogins sets *nix system logins for allow or deny condition.
	SetLogins(RoleConditionType, []string)

	// GetNamespaces gets a list of namespaces this role is allowed or denied access to.
	GetNamespaces(RoleConditionType) []string
	// GetNamespaces sets a list of namespaces this role is allowed or denied access to.
	SetNamespaces(RoleConditionType, []string)

	// GetNodeLabels gets the map of node labels this role is allowed or denied access to.
	GetNodeLabels(RoleConditionType) Labels
	// SetNodeLabels sets the map of node labels this role is allowed or denied access to.
	SetNodeLabels(RoleConditionType, Labels)

	// GetAppLabels gets the map of app labels this role is allowed or denied access to.
	GetAppLabels(RoleConditionType) Labels
	// SetAppLabels sets the map of app labels this role is allowed or denied access to.
	SetAppLabels(RoleConditionType, Labels)

	// GetClusterLabels gets the map of cluster labels this role is allowed or denied access to.
	GetClusterLabels(RoleConditionType) Labels
	// SetClusterLabels sets the map of cluster labels this role is allowed or denied access to.
	SetClusterLabels(RoleConditionType, Labels)

	// GetKubernetesLabels gets the map of kubernetes labels this role is
	// allowed or denied access to.
	GetKubernetesLabels(RoleConditionType) Labels
	// SetKubernetesLabels sets the map of kubernetes labels this role is
	// allowed or denied access to.
	SetKubernetesLabels(RoleConditionType, Labels)

	// GetRules gets all allow or deny rules.
	GetRules(rct RoleConditionType) []Rule
	// SetRules sets an allow or deny rule.
	SetRules(rct RoleConditionType, rules []Rule)

	// GetKubeGroups returns kubernetes groups
	GetKubeGroups(RoleConditionType) []string
	// SetKubeGroups sets kubernetes groups for allow or deny condition.
	SetKubeGroups(RoleConditionType, []string)

	// GetKubeUsers returns kubernetes users to impersonate
	GetKubeUsers(RoleConditionType) []string
	// SetKubeUsers sets kubernetes users to impersonate for allow or deny condition.
	SetKubeUsers(RoleConditionType, []string)

	// GetAccessRequestConditions gets allow/deny conditions for access requests.
	GetAccessRequestConditions(RoleConditionType) AccessRequestConditions
	// SetAccessRequestConditions sets allow/deny conditions for access requests.
	SetAccessRequestConditions(RoleConditionType, AccessRequestConditions)

	// GetAccessReviewConditions gets allow/deny conditions for access review.
	GetAccessReviewConditions(RoleConditionType) AccessReviewConditions
	// SetAccessReviewConditions sets allow/deny conditions for access review.
	SetAccessReviewConditions(RoleConditionType, AccessReviewConditions)

	// GetDatabaseLabels gets the map of db labels this role is allowed or denied access to.
	GetDatabaseLabels(RoleConditionType) Labels
	// SetDatabaseLabels sets the map of db labels this role is allowed or denied access to.
	SetDatabaseLabels(RoleConditionType, Labels)

	// GetDatabaseNames gets a list of database names this role is allowed or denied access to.
	GetDatabaseNames(RoleConditionType) []string
	// SetDatabasenames sets a list of database names this role is allowed or denied access to.
	SetDatabaseNames(RoleConditionType, []string)

	// GetDatabaseUsers gets a list of database users this role is allowed or denied access to.
	GetDatabaseUsers(RoleConditionType) []string
	// SetDatabaseUsers sets a list of database users this role is allowed or denied access to.
	SetDatabaseUsers(RoleConditionType, []string)

	// GetImpersonateConditions returns conditions this role is allowed or denied to impersonate.
	GetImpersonateConditions(rct RoleConditionType) ImpersonateConditions
	// SetImpersonateConditions returns conditions this role is allowed or denied to impersonate.
	SetImpersonateConditions(rct RoleConditionType, cond ImpersonateConditions)

	// GetAWSRoleARNs returns a list of AWS role ARNs this role is allowed to assume.
	GetAWSRoleARNs(RoleConditionType) []string
	// SetAWSRoleARNs returns a list of AWS role ARNs this role is allowed to assume.
	SetAWSRoleARNs(RoleConditionType, []string)
}

Role contains a set of permissions or settings

func NewRole 

func NewRole(name string, spec RoleSpecV4) (Role, error)

NewRole constructs new standard role

type RoleConditionType 

type RoleConditionType bool

RoleConditionType specifies if it's an allow rule (true) or deny rule (false). 

const (
	// Allow is the set of conditions that allow access.
	Allow RoleConditionType = true
	// Deny is the set of conditions that prevent access.
	Deny RoleConditionType = false
)

type RoleConditions 

type RoleConditions struct {
	// Logins is a list of *nix system logins.
	Logins []string `protobuf:"bytes,1,rep,name=Logins,proto3" json:"logins,omitempty"`
	// Namespaces is a list of namespaces (used to partition a cluster). The
	// field should be called "namespaces" when it returns in Teleport 2.4.
	Namespaces []string `protobuf:"bytes,2,rep,name=Namespaces,proto3" json:"-"`
	// NodeLabels is a map of node labels (used to dynamically grant access to
	// nodes).
	NodeLabels Labels `protobuf:"bytes,3,opt,name=NodeLabels,proto3,customtype=Labels" json:"node_labels,omitempty"`
	// Rules is a list of rules and their access levels. Rules are a high level
	// construct used for access control.
	Rules []Rule `protobuf:"bytes,4,rep,name=Rules,proto3" json:"rules,omitempty"`
	// KubeGroups is a list of kubernetes groups
	KubeGroups []string                 `protobuf:"bytes,5,rep,name=KubeGroups,proto3" json:"kubernetes_groups,omitempty"`
	Request    *AccessRequestConditions `protobuf:"bytes,6,opt,name=Request,proto3" json:"request,omitempty"`
	// KubeUsers is an optional kubernetes users to impersonate
	KubeUsers []string `protobuf:"bytes,7,rep,name=KubeUsers,proto3" json:"kubernetes_users,omitempty"`
	// AppLabels is a map of labels used as part of the RBAC system.
	AppLabels Labels `protobuf:"bytes,8,opt,name=AppLabels,proto3,customtype=Labels" json:"app_labels,omitempty"`
	// ClusterLabels is a map of node labels (used to dynamically grant access to
	// clusters).
	ClusterLabels Labels `protobuf:"bytes,9,opt,name=ClusterLabels,proto3,customtype=Labels" json:"cluster_labels,omitempty"`
	// KubernetesLabels is a map of kubernetes cluster labels used for RBAC.
	KubernetesLabels Labels `protobuf:"bytes,10,opt,name=KubernetesLabels,proto3,customtype=Labels" json:"kubernetes_labels,omitempty"`
	// DatabaseLabels are used in RBAC system to allow/deny access to databases.
	DatabaseLabels Labels `protobuf:"bytes,11,opt,name=DatabaseLabels,proto3,customtype=Labels" json:"db_labels,omitempty"`
	// DatabaseNames is a list of database names this role is allowed to connect to.
	DatabaseNames []string `protobuf:"bytes,12,rep,name=DatabaseNames,proto3" json:"db_names,omitempty"`
	// DatabaseUsers is a list of databaes users this role is allowed to connect as.
	DatabaseUsers []string `protobuf:"bytes,13,rep,name=DatabaseUsers,proto3" json:"db_users,omitempty"`
	// Impersonate specifies what users and roles this role is allowed to impersonate
	// by issuing certificates or other possible means.
	Impersonate *ImpersonateConditions `protobuf:"bytes,14,opt,name=Impersonate,proto3" json:"impersonate,omitempty"`
	// ReviewRequests defines conditions for submitting access reviews.
	ReviewRequests *AccessReviewConditions `protobuf:"bytes,15,opt,name=ReviewRequests,proto3" json:"review_requests,omitempty"`
	// AWSRoleARNs is a list of AWS role ARNs this role is allowed to assume.
	AWSRoleARNs          []string `protobuf:"bytes,16,rep,name=AWSRoleARNs,proto3" json:"aws_role_arns,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

RoleConditions is a set of conditions that must all match to be allowed or denied access.

func (*RoleConditions) Descriptor 

func (*RoleConditions) Descriptor() ([]byte, []int)

func (*RoleConditions) Marshal 

func (m *RoleConditions) Marshal() (dAtA []byte, err error)

func (*RoleConditions) MarshalTo 

func (m *RoleConditions) MarshalTo(dAtA []byte) (int, error)

func (*RoleConditions) MarshalToSizedBuffer 

func (m *RoleConditions) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*RoleConditions) ProtoMessage 

func (*RoleConditions) ProtoMessage()

func (*RoleConditions) Reset 

func (m *RoleConditions) Reset()

func (*RoleConditions) Size 

func (m *RoleConditions) Size() (n int)

func (*RoleConditions) String 

func (m *RoleConditions) String() string

func (*RoleConditions) Unmarshal 

func (m *RoleConditions) Unmarshal(dAtA []byte) error

func (*RoleConditions) XXX_DiscardUnknown 

func (m *RoleConditions) XXX_DiscardUnknown()

func (*RoleConditions) XXX_Marshal 

func (m *RoleConditions) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*RoleConditions) XXX_Merge 

func (m *RoleConditions) XXX_Merge(src proto.Message)

func (*RoleConditions) XXX_Size 

func (m *RoleConditions) XXX_Size() int

func (*RoleConditions) XXX_Unmarshal 

func (m *RoleConditions) XXX_Unmarshal(b []byte) error

type RoleMap 

type RoleMap []RoleMapping

RoleMap is a list of mappings

type RoleMapping 

type RoleMapping struct {
	// Remote specifies remote role name to map from
	Remote string `protobuf:"bytes,1,opt,name=Remote,proto3" json:"remote"`
	// Local specifies local roles to map to
	Local                []string `protobuf:"bytes,2,rep,name=Local,proto3" json:"local"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

RoleMappping provides mapping of remote roles to local roles for trusted clusters

func (*RoleMapping) Descriptor 

func (*RoleMapping) Descriptor() ([]byte, []int)

func (*RoleMapping) Marshal 

func (m *RoleMapping) Marshal() (dAtA []byte, err error)

func (*RoleMapping) MarshalTo 

func (m *RoleMapping) MarshalTo(dAtA []byte) (int, error)

func (*RoleMapping) MarshalToSizedBuffer 

func (m *RoleMapping) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*RoleMapping) ProtoMessage 

func (*RoleMapping) ProtoMessage()

func (*RoleMapping) Reset 

func (m *RoleMapping) Reset()

func (*RoleMapping) Size 

func (m *RoleMapping) Size() (n int)

func (*RoleMapping) String 

func (m *RoleMapping) String() string

func (*RoleMapping) Unmarshal 

func (m *RoleMapping) Unmarshal(dAtA []byte) error

func (*RoleMapping) XXX_DiscardUnknown 

func (m *RoleMapping) XXX_DiscardUnknown()

func (*RoleMapping) XXX_Marshal 

func (m *RoleMapping) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*RoleMapping) XXX_Merge 

func (m *RoleMapping) XXX_Merge(src proto.Message)

func (*RoleMapping) XXX_Size 

func (m *RoleMapping) XXX_Size() int

func (*RoleMapping) XXX_Unmarshal 

func (m *RoleMapping) XXX_Unmarshal(b []byte) error

type RoleOptions 

type RoleOptions struct {
	// ForwardAgent is SSH agent forwarding.
	ForwardAgent Bool `protobuf:"varint,1,opt,name=ForwardAgent,proto3,casttype=Bool" json:"forward_agent"`
	// MaxSessionTTL defines how long a SSH session can last for.
	MaxSessionTTL Duration `protobuf:"varint,2,opt,name=MaxSessionTTL,proto3,casttype=Duration" json:"max_session_ttl,omitempty"`
	// PortForwarding defines if the certificate will have
	// "permit-port-forwarding"
	// in the certificate. PortForwarding is "yes" if not set,
	// that's why this is a pointer
	PortForwarding *BoolOption `protobuf:"bytes,3,opt,name=PortForwarding,proto3,customtype=BoolOption" json:"port_forwarding,omitempty"`
	// CertificateFormat defines the format of the user certificate to allow
	// compatibility with older versions of OpenSSH.
	CertificateFormat string `protobuf:"bytes,4,opt,name=CertificateFormat,proto3" json:"cert_format"`
	// ClientIdleTimeout sets disconnect clients on idle timeout behavior,
	// if set to 0 means do not disconnect, otherwise is set to the idle
	// duration.
	ClientIdleTimeout Duration `protobuf:"varint,5,opt,name=ClientIdleTimeout,proto3,casttype=Duration" json:"client_idle_timeout,omitempty"`
	// DisconnectExpiredCert sets disconnect clients on expired certificates.
	DisconnectExpiredCert Bool `protobuf:"varint,6,opt,name=DisconnectExpiredCert,proto3,casttype=Bool" json:"disconnect_expired_cert,omitempty"`
	// BPF defines what events to record for the BPF-based session recorder.
	BPF []string `protobuf:"bytes,7,rep,name=BPF,proto3" json:"enhanced_recording,omitempty"`
	// PermitX11Forwarding authorizes use of X11 forwarding.
	PermitX11Forwarding Bool `protobuf:"varint,8,opt,name=PermitX11Forwarding,proto3,casttype=Bool" json:"permit_x11_forwarding,omitempty"`
	// MaxConnections defines the maximum number of
	// concurrent connections a user may hold.
	MaxConnections int64 `protobuf:"varint,9,opt,name=MaxConnections,proto3" json:"max_connections,omitempty"`
	// MaxSessions defines the maximum number of
	// concurrent sessions per connection.
	MaxSessions int64 `protobuf:"varint,10,opt,name=MaxSessions,proto3" json:"max_sessions,omitempty"`
	// RequestAccess defines the access request stategy (optional|note|always)
	// where optional is the default.
	RequestAccess RequestStrategy `protobuf:"bytes,11,opt,name=RequestAccess,proto3,casttype=RequestStrategy" json:"request_access,omitempty"`
	// RequestPrompt is an optional message which tells users what they aught to
	RequestPrompt string `protobuf:"bytes,12,opt,name=RequestPrompt,proto3" json:"request_prompt,omitempty"`
	// RequireSessionMFA specifies whether a user is required to do an MFA
	// check for every session.
	RequireSessionMFA    bool     `protobuf:"varint,13,opt,name=RequireSessionMFA,proto3" json:"require_session_mfa,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

RoleOptions is a set of role options

func (*RoleOptions) Descriptor 

func (*RoleOptions) Descriptor() ([]byte, []int)

func (*RoleOptions) Marshal 

func (m *RoleOptions) Marshal() (dAtA []byte, err error)

func (*RoleOptions) MarshalTo 

func (m *RoleOptions) MarshalTo(dAtA []byte) (int, error)

func (*RoleOptions) MarshalToSizedBuffer 

func (m *RoleOptions) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*RoleOptions) ProtoMessage 

func (*RoleOptions) ProtoMessage()

func (*RoleOptions) Reset 

func (m *RoleOptions) Reset()

func (*RoleOptions) Size 

func (m *RoleOptions) Size() (n int)

func (*RoleOptions) String 

func (m *RoleOptions) String() string

func (*RoleOptions) Unmarshal 

func (m *RoleOptions) Unmarshal(dAtA []byte) error

func (*RoleOptions) XXX_DiscardUnknown 

func (m *RoleOptions) XXX_DiscardUnknown()

func (*RoleOptions) XXX_Marshal 

func (m *RoleOptions) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*RoleOptions) XXX_Merge 

func (m *RoleOptions) XXX_Merge(src proto.Message)

func (*RoleOptions) XXX_Size 

func (m *RoleOptions) XXX_Size() int

func (*RoleOptions) XXX_Unmarshal 

func (m *RoleOptions) XXX_Unmarshal(b []byte) error

type RoleSpecV4 

type RoleSpecV4 struct {
	// Options is for OpenSSH options like agent forwarding.
	Options RoleOptions `protobuf:"bytes,1,opt,name=Options,proto3" json:"options,omitempty"`
	// Allow is the set of conditions evaluated to grant access.
	Allow RoleConditions `protobuf:"bytes,2,opt,name=Allow,proto3" json:"allow,omitempty"`
	// Deny is the set of conditions evaluated to deny access. Deny takes priority
	// over allow.
	Deny                 RoleConditions `protobuf:"bytes,3,opt,name=Deny,proto3" json:"deny,omitempty"`
	XXX_NoUnkeyedLiteral struct{}       `json:"-"`
	XXX_unrecognized     []byte         `json:"-"`
	XXX_sizecache        int32          `json:"-"`
}

RoleSpecV4 is role specification for RoleV4.

func (*RoleSpecV4) Descriptor 

func (*RoleSpecV4) Descriptor() ([]byte, []int)

func (*RoleSpecV4) Marshal 

func (m *RoleSpecV4) Marshal() (dAtA []byte, err error)

func (*RoleSpecV4) MarshalTo 

func (m *RoleSpecV4) MarshalTo(dAtA []byte) (int, error)

func (*RoleSpecV4) MarshalToSizedBuffer 

func (m *RoleSpecV4) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*RoleSpecV4) ProtoMessage 

func (*RoleSpecV4) ProtoMessage()

func (*RoleSpecV4) Reset 

func (m *RoleSpecV4) Reset()

func (*RoleSpecV4) Size 

func (m *RoleSpecV4) Size() (n int)

func (*RoleSpecV4) String 

func (m *RoleSpecV4) String() string

func (*RoleSpecV4) Unmarshal 

func (m *RoleSpecV4) Unmarshal(dAtA []byte) error

func (*RoleSpecV4) XXX_DiscardUnknown 

func (m *RoleSpecV4) XXX_DiscardUnknown()

func (*RoleSpecV4) XXX_Marshal 

func (m *RoleSpecV4) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*RoleSpecV4) XXX_Merge 

func (m *RoleSpecV4) XXX_Merge(src proto.Message)

func (*RoleSpecV4) XXX_Size 

func (m *RoleSpecV4) XXX_Size() int

func (*RoleSpecV4) XXX_Unmarshal 

func (m *RoleSpecV4) XXX_Unmarshal(b []byte) error

type RoleV4 

type RoleV4 struct {
	// Kind is a resource kind
	Kind string `protobuf:"bytes,1,opt,name=Kind,proto3" json:"kind"`
	// SubKind is an optional resource sub kind, used in some resources
	SubKind string `protobuf:"bytes,2,opt,name=SubKind,proto3" json:"sub_kind,omitempty"`
	// Version is version
	Version string `protobuf:"bytes,3,opt,name=Version,proto3" json:"version"`
	// Metadata is resource metadata
	Metadata Metadata `protobuf:"bytes,4,opt,name=Metadata,proto3" json:"metadata"`
	// Spec is a role specification
	Spec                 RoleSpecV4 `protobuf:"bytes,5,opt,name=Spec,proto3" json:"spec"`
	XXX_NoUnkeyedLiteral struct{}   `json:"-"`
	XXX_unrecognized     []byte     `json:"-"`
	XXX_sizecache        int32      `json:"-"`
}

RoleV4 represents role resource specification

func (*RoleV4) CheckAndSetDefaults 

func (r *RoleV4) CheckAndSetDefaults() error

CheckAndSetDefaults checks validity of all parameters and sets defaults

func (*RoleV4) Descriptor 

func (*RoleV4) Descriptor() ([]byte, []int)

func (*RoleV4) Expiry 

func (r *RoleV4) Expiry() time.Time

Expiry returns the expiry time for the object.

func (*RoleV4) GetAWSRoleARNs 

func (r *RoleV4) GetAWSRoleARNs(rct RoleConditionType) []string

GetAWSRoleARNs returns a list of AWS role ARNs this role is allowed to impersonate.

func (*RoleV4) GetAccessRequestConditions 

func (r *RoleV4) GetAccessRequestConditions(rct RoleConditionType) AccessRequestConditions

GetAccessRequestConditions gets conditions for access requests.

func (*RoleV4) GetAccessReviewConditions 

func (r *RoleV4) GetAccessReviewConditions(rct RoleConditionType) AccessReviewConditions

GetAccessReviewConditions gets conditions for access reviews.

func (*RoleV4) GetAppLabels 

func (r *RoleV4) GetAppLabels(rct RoleConditionType) Labels

GetAppLabels gets the map of app labels this role is allowed or denied access to.

func (*RoleV4) GetClusterLabels 

func (r *RoleV4) GetClusterLabels(rct RoleConditionType) Labels

GetClusterLabels gets the map of cluster labels this role is allowed or denied access to.

func (*RoleV4) GetDatabaseLabels 

func (r *RoleV4) GetDatabaseLabels(rct RoleConditionType) Labels

GetDatabaseLabels gets the map of db labels this role is allowed or denied access to.

func (*RoleV4) GetDatabaseNames 

func (r *RoleV4) GetDatabaseNames(rct RoleConditionType) []string

GetDatabaseNames gets a list of database names this role is allowed or denied access to.

func (*RoleV4) GetDatabaseUsers 

func (r *RoleV4) GetDatabaseUsers(rct RoleConditionType) []string

GetDatabaseUsers gets a list of database users this role is allowed or denied access to.

func (*RoleV4) GetImpersonateConditions 

func (r *RoleV4) GetImpersonateConditions(rct RoleConditionType) ImpersonateConditions

GetImpersonateConditions returns conditions this role is allowed or denied to impersonate.

func (*RoleV4) GetKind 

func (r *RoleV4) GetKind() string

GetKind returns resource kind

func (*RoleV4) GetKubeGroups 

func (r *RoleV4) GetKubeGroups(rct RoleConditionType) []string

GetKubeGroups returns kubernetes groups

func (*RoleV4) GetKubeUsers 

func (r *RoleV4) GetKubeUsers(rct RoleConditionType) []string

GetKubeUsers returns kubernetes users

func (*RoleV4) GetKubernetesLabels 

func (r *RoleV4) GetKubernetesLabels(rct RoleConditionType) Labels

GetKubernetesLabels gets the map of app labels this role is allowed or denied access to.

func (*RoleV4) GetLogins 

func (r *RoleV4) GetLogins(rct RoleConditionType) []string

GetLogins gets system logins for allow or deny condition.

func (*RoleV4) GetMetadata 

func (r *RoleV4) GetMetadata() Metadata

GetMetadata returns role metadata.

func (*RoleV4) GetName 

func (r *RoleV4) GetName() string

GetName gets the role name and is a shortcut for GetMetadata().Name.

func (*RoleV4) GetNamespaces 

func (r *RoleV4) GetNamespaces(rct RoleConditionType) []string

GetNamespaces gets a list of namespaces this role is allowed or denied access to.

func (*RoleV4) GetNodeLabels 

func (r *RoleV4) GetNodeLabels(rct RoleConditionType) Labels

GetNodeLabels gets the map of node labels this role is allowed or denied access to.

func (*RoleV4) GetOptions 

func (r *RoleV4) GetOptions() RoleOptions

GetOptions gets role options.

func (*RoleV4) GetResourceID 

func (r *RoleV4) GetResourceID() int64

GetResourceID returns resource ID

func (*RoleV4) GetRules 

func (r *RoleV4) GetRules(rct RoleConditionType) []Rule

GetRules gets all allow or deny rules.

func (*RoleV4) GetSubKind 

func (r *RoleV4) GetSubKind() string

GetSubKind returns resource sub kind

func (*RoleV4) GetVersion 

func (r *RoleV4) GetVersion() string

GetVersion returns resource version

func (*RoleV4) Marshal 

func (m *RoleV4) Marshal() (dAtA []byte, err error)

func (*RoleV4) MarshalTo 

func (m *RoleV4) MarshalTo(dAtA []byte) (int, error)

func (*RoleV4) MarshalToSizedBuffer 

func (m *RoleV4) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*RoleV4) ProtoMessage 

func (*RoleV4) ProtoMessage()

func (*RoleV4) Reset 

func (m *RoleV4) Reset()

func (*RoleV4) SetAWSRoleARNs 

func (r *RoleV4) SetAWSRoleARNs(rct RoleConditionType, arns []string)

SetAWSRoleARNs sets a list of AWS role ARNs this role is allowed to impersonate.

func (*RoleV4) SetAccessRequestConditions 

func (r *RoleV4) SetAccessRequestConditions(rct RoleConditionType, cond AccessRequestConditions)

SetAccessRequestConditions sets allow/deny conditions for access requests.

func (*RoleV4) SetAccessReviewConditions 

func (r *RoleV4) SetAccessReviewConditions(rct RoleConditionType, cond AccessReviewConditions)

SetAccessReviewConditions sets allow/deny conditions for access reviews.

func (*RoleV4) SetAppLabels 

func (r *RoleV4) SetAppLabels(rct RoleConditionType, labels Labels)

SetAppLabels sets the map of node labels this role is allowed or denied access to.

func (*RoleV4) SetClusterLabels 

func (r *RoleV4) SetClusterLabels(rct RoleConditionType, labels Labels)

SetClusterLabels sets the map of cluster labels this role is allowed or denied access to.

func (*RoleV4) SetDatabaseLabels 

func (r *RoleV4) SetDatabaseLabels(rct RoleConditionType, labels Labels)

SetDatabaseLabels sets the map of db labels this role is allowed or denied access to.

func (*RoleV4) SetDatabaseNames 

func (r *RoleV4) SetDatabaseNames(rct RoleConditionType, values []string)

SetDatabaseNames sets a list of database names this role is allowed or denied access to.

func (*RoleV4) SetDatabaseUsers 

func (r *RoleV4) SetDatabaseUsers(rct RoleConditionType, values []string)

SetDatabaseUsers sets a list of database users this role is allowed or denied access to.

func (*RoleV4) SetExpiry 

func (r *RoleV4) SetExpiry(expires time.Time)

SetExpiry sets expiry time for the object.

func (*RoleV4) SetImpersonateConditions 

func (r *RoleV4) SetImpersonateConditions(rct RoleConditionType, cond ImpersonateConditions)

SetImpersonateConditions returns conditions this role is allowed or denied to impersonate.

func (*RoleV4) SetKubeGroups 

func (r *RoleV4) SetKubeGroups(rct RoleConditionType, groups []string)

SetKubeGroups sets kubernetes groups for allow or deny condition.

func (*RoleV4) SetKubeUsers 

func (r *RoleV4) SetKubeUsers(rct RoleConditionType, users []string)

SetKubeUsers sets kubernetes user for allow or deny condition.

func (*RoleV4) SetKubernetesLabels 

func (r *RoleV4) SetKubernetesLabels(rct RoleConditionType, labels Labels)

SetKubernetesLabels sets the map of node labels this role is allowed or denied access to.

func (*RoleV4) SetLogins 

func (r *RoleV4) SetLogins(rct RoleConditionType, logins []string)

SetLogins sets system logins for allow or deny condition.

func (*RoleV4) SetName 

func (r *RoleV4) SetName(s string)

SetName sets the role name and is a shortcut for SetMetadata().Name.

func (*RoleV4) SetNamespaces 

func (r *RoleV4) SetNamespaces(rct RoleConditionType, namespaces []string)

SetNamespaces sets a list of namespaces this role is allowed or denied access to.

func (*RoleV4) SetNodeLabels 

func (r *RoleV4) SetNodeLabels(rct RoleConditionType, labels Labels)

SetNodeLabels sets the map of node labels this role is allowed or denied access to.

func (*RoleV4) SetOptions 

func (r *RoleV4) SetOptions(options RoleOptions)

SetOptions sets role options.

func (*RoleV4) SetResourceID 

func (r *RoleV4) SetResourceID(id int64)

SetResourceID sets resource ID

func (*RoleV4) SetRules 

func (r *RoleV4) SetRules(rct RoleConditionType, in []Rule)

SetRules sets an allow or deny rule.

func (*RoleV4) SetSubKind 

func (r *RoleV4) SetSubKind(s string)

SetSubKind sets resource subkind

func (*RoleV4) Size 

func (m *RoleV4) Size() (n int)

func (*RoleV4) String 

func (r *RoleV4) String() string

String returns the human readable representation of a role.

func (*RoleV4) Unmarshal 

func (m *RoleV4) Unmarshal(dAtA []byte) error

func (*RoleV4) XXX_DiscardUnknown 

func (m *RoleV4) XXX_DiscardUnknown()

func (*RoleV4) XXX_Marshal 

func (m *RoleV4) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*RoleV4) XXX_Merge 

func (m *RoleV4) XXX_Merge(src proto.Message)

func (*RoleV4) XXX_Size 

func (m *RoleV4) XXX_Size() int

func (*RoleV4) XXX_Unmarshal 

func (m *RoleV4) XXX_Unmarshal(b []byte) error

type Rotation 

type Rotation struct {
	// State could be one of "init" or "in_progress".
	State string `protobuf:"bytes,1,opt,name=State,proto3" json:"state,omitempty"`
	// Phase is the current rotation phase.
	Phase string `protobuf:"bytes,2,opt,name=Phase,proto3" json:"phase,omitempty"`
	// Mode sets manual or automatic rotation mode.
	Mode string `protobuf:"bytes,3,opt,name=Mode,proto3" json:"mode,omitempty"`
	// CurrentID is the ID of the rotation operation
	// to differentiate between rotation attempts.
	CurrentID string `protobuf:"bytes,4,opt,name=CurrentID,proto3" json:"current_id"`
	// Started is set to the time when rotation has been started
	// in case if the state of the rotation is "in_progress".
	Started time.Time `protobuf:"bytes,5,opt,name=Started,proto3,stdtime" json:"started,omitempty"`
	// GracePeriod is a period during which old and new CA
	// are valid for checking purposes, but only new CA is issuing certificates.
	GracePeriod Duration `protobuf:"varint,6,opt,name=GracePeriod,proto3,casttype=Duration" json:"grace_period,omitempty"`
	// LastRotated specifies the last time of the completed rotation.
	LastRotated time.Time `protobuf:"bytes,7,opt,name=LastRotated,proto3,stdtime" json:"last_rotated,omitempty"`
	// Schedule is a rotation schedule - used in
	// automatic mode to switch beetween phases.
	Schedule             RotationSchedule `protobuf:"bytes,8,opt,name=Schedule,proto3" json:"schedule,omitempty"`
	XXX_NoUnkeyedLiteral struct{}         `json:"-"`
	XXX_unrecognized     []byte           `json:"-"`
	XXX_sizecache        int32            `json:"-"`
}

Rotation is a status of the rotation of the certificate authority

func (*Rotation) CheckAndSetDefaults 

func (r *Rotation) CheckAndSetDefaults() error

CheckAndSetDefaults checks and sets default rotation parameters.

func (*Rotation) Descriptor 

func (*Rotation) Descriptor() ([]byte, []int)

func (*Rotation) LastRotatedDescription 

func (r *Rotation) LastRotatedDescription() string

LastRotatedDescription returns human friendly description.

func (*Rotation) Marshal 

func (m *Rotation) Marshal() (dAtA []byte, err error)

func (*Rotation) MarshalTo 

func (m *Rotation) MarshalTo(dAtA []byte) (int, error)

func (*Rotation) MarshalToSizedBuffer 

func (m *Rotation) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*Rotation) Matches 

func (r *Rotation) Matches(rotation Rotation) bool

Matches returns true if this state rotation matches external rotation state, phase and rotation ID should match, notice that matches does not behave like Equals because it does not require all fields to be the same.

func (*Rotation) PhaseDescription 

func (r *Rotation) PhaseDescription() string

PhaseDescription returns human friendly description of a current rotation phase.

func (*Rotation) ProtoMessage 

func (*Rotation) ProtoMessage()

func (*Rotation) Reset 

func (m *Rotation) Reset()

func (*Rotation) Size 

func (m *Rotation) Size() (n int)

func (*Rotation) String 

func (r *Rotation) String() string

String returns user friendly information about certificate authority.

func (*Rotation) Unmarshal 

func (m *Rotation) Unmarshal(dAtA []byte) error

func (*Rotation) XXX_DiscardUnknown 

func (m *Rotation) XXX_DiscardUnknown()

func (*Rotation) XXX_Marshal 

func (m *Rotation) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*Rotation) XXX_Merge 

func (m *Rotation) XXX_Merge(src proto.Message)

func (*Rotation) XXX_Size 

func (m *Rotation) XXX_Size() int

func (*Rotation) XXX_Unmarshal 

func (m *Rotation) XXX_Unmarshal(b []byte) error

type RotationSchedule 

type RotationSchedule struct {
	// UpdateClients specifies time to switch to the "Update clients" phase
	UpdateClients time.Time `protobuf:"bytes,1,opt,name=UpdateClients,proto3,stdtime" json:"update_clients,omitempty"`
	// UpdateServers specifies time to switch to the "Update servers" phase.
	UpdateServers time.Time `protobuf:"bytes,2,opt,name=UpdateServers,proto3,stdtime" json:"update_servers,omitempty"`
	// Standby specifies time to switch to the "Standby" phase.
	Standby              time.Time `protobuf:"bytes,3,opt,name=Standby,proto3,stdtime" json:"standby,omitempty"`
	XXX_NoUnkeyedLiteral struct{}  `json:"-"`
	XXX_unrecognized     []byte    `json:"-"`
	XXX_sizecache        int32     `json:"-"`
}

RotationSchedule is a rotation schedule setting time switches for different phases.

func GenerateSchedule 

func GenerateSchedule(now time.Time, gracePeriod time.Duration) (*RotationSchedule, error)

GenerateSchedule generates schedule based on the time period, using even time periods between rotation phases.

func (*RotationSchedule) CheckAndSetDefaults 

func (s *RotationSchedule) CheckAndSetDefaults(now time.Time) error

CheckAndSetDefaults checks and sets default values of the rotation schedule.

func (*RotationSchedule) Descriptor 

func (*RotationSchedule) Descriptor() ([]byte, []int)

func (*RotationSchedule) Marshal 

func (m *RotationSchedule) Marshal() (dAtA []byte, err error)

func (*RotationSchedule) MarshalTo 

func (m *RotationSchedule) MarshalTo(dAtA []byte) (int, error)

func (*RotationSchedule) MarshalToSizedBuffer 

func (m *RotationSchedule) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*RotationSchedule) ProtoMessage 

func (*RotationSchedule) ProtoMessage()

func (*RotationSchedule) Reset 

func (m *RotationSchedule) Reset()

func (*RotationSchedule) Size 

func (m *RotationSchedule) Size() (n int)

func (*RotationSchedule) String 

func (m *RotationSchedule) String() string

func (*RotationSchedule) Unmarshal 

func (m *RotationSchedule) Unmarshal(dAtA []byte) error

func (*RotationSchedule) XXX_DiscardUnknown 

func (m *RotationSchedule) XXX_DiscardUnknown()

func (*RotationSchedule) XXX_Marshal 

func (m *RotationSchedule) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*RotationSchedule) XXX_Merge 

func (m *RotationSchedule) XXX_Merge(src proto.Message)

func (*RotationSchedule) XXX_Size 

func (m *RotationSchedule) XXX_Size() int

func (*RotationSchedule) XXX_Unmarshal 

func (m *RotationSchedule) XXX_Unmarshal(b []byte) error

type Rule 

type Rule struct {
	// Resources is a list of resources
	Resources []string `protobuf:"bytes,1,rep,name=Resources,proto3" json:"resources,omitempty"`
	// Verbs is a list of verbs
	Verbs []string `protobuf:"bytes,2,rep,name=Verbs,proto3" json:"verbs,omitempty"`
	// Where specifies optional advanced matcher
	Where string `protobuf:"bytes,3,opt,name=Where,proto3" json:"where,omitempty"`
	// Actions specifies optional actions taken when this rule matches
	Actions              []string `protobuf:"bytes,4,rep,name=Actions,proto3" json:"actions,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

Rule represents allow or deny rule that is executed to check if user or service have access to resource

func CopyRulesSlice 

func CopyRulesSlice(in []Rule) []Rule

CopyRulesSlice copies input slice of Rules and returns the copy

func NewRule 

func NewRule(resource string, verbs []string) Rule

NewRule creates a rule based on a resource name and a list of verbs

func (*Rule) CheckAndSetDefaults 

func (r *Rule) CheckAndSetDefaults() error

CheckAndSetDefaults checks and sets defaults for this rule

func (*Rule) Descriptor 

func (*Rule) Descriptor() ([]byte, []int)

func (*Rule) HasResource 

func (r *Rule) HasResource(resource string) bool

HasResource returns true if the rule has the specified resource.

func (*Rule) HasVerb 

func (r *Rule) HasVerb(verb string) bool

HasVerb returns true if the rule has the specified verb.

func (*Rule) Marshal 

func (m *Rule) Marshal() (dAtA []byte, err error)

func (*Rule) MarshalTo 

func (m *Rule) MarshalTo(dAtA []byte) (int, error)

func (*Rule) MarshalToSizedBuffer 

func (m *Rule) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*Rule) ProtoMessage 

func (*Rule) ProtoMessage()

func (*Rule) Reset 

func (m *Rule) Reset()

func (*Rule) Size 

func (m *Rule) Size() (n int)

func (*Rule) String 

func (m *Rule) String() string

func (*Rule) Unmarshal 

func (m *Rule) Unmarshal(dAtA []byte) error

func (*Rule) XXX_DiscardUnknown 

func (m *Rule) XXX_DiscardUnknown()

func (*Rule) XXX_Marshal 

func (m *Rule) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*Rule) XXX_Merge 

func (m *Rule) XXX_Merge(src proto.Message)

func (*Rule) XXX_Size 

func (m *Rule) XXX_Size() int

func (*Rule) XXX_Unmarshal 

func (m *Rule) XXX_Unmarshal(b []byte) error

type SAMLConnector 

type SAMLConnector interface {
	// ResourceWithSecrets provides common methods for objects
	ResourceWithSecrets
	// GetDisplay returns display - friendly name for this provider.
	GetDisplay() string
	// SetDisplay sets friendly name for this provider.
	SetDisplay(string)
	// GetAttributesToRoles returns attributes to roles mapping
	GetAttributesToRoles() []AttributeMapping
	// SetAttributesToRoles sets attributes to roles mapping
	SetAttributesToRoles(mapping []AttributeMapping)
	// GetAttributes returns list of attributes expected by mappings
	GetAttributes() []string
	// GetTraitMappings converts gets all attribute mappings in the
	// generic trait mapping format.
	GetTraitMappings() TraitMappingSet
	// SetIssuer sets issuer
	SetIssuer(issuer string)
	// GetIssuer returns issuer
	GetIssuer() string
	// GetSigningKeyPair returns signing key pair
	GetSigningKeyPair() *AsymmetricKeyPair
	// GetSigningKeyPair sets signing key pair
	SetSigningKeyPair(k *AsymmetricKeyPair)
	// GetSSO returns SSO service
	GetSSO() string
	// SetSSO sets SSO service
	SetSSO(string)
	// GetEntityDescriptor returns XML entity descriptor of the service
	GetEntityDescriptor() string
	// SetEntityDescriptor sets entity descriptor of the service
	SetEntityDescriptor(v string)
	// GetEntityDescriptorURL returns the URL to obtain the entity descriptor.
	GetEntityDescriptorURL() string
	// SetEntityDescriptorURL sets the entity descriptor url.
	SetEntityDescriptorURL(string)
	// GetCert returns identity provider checking x509 certificate
	GetCert() string
	// SetCert sets identity provider checking certificate
	SetCert(string)
	// GetServiceProviderIssuer returns service provider issuer
	GetServiceProviderIssuer() string
	// SetServiceProviderIssuer sets service provider issuer
	SetServiceProviderIssuer(v string)
	// GetAudience returns audience
	GetAudience() string
	// SetAudience sets audience
	SetAudience(v string)
	// GetAssertionConsumerService returns assertion consumer service URL
	GetAssertionConsumerService() string
	// SetAssertionConsumerService sets assertion consumer service URL
	SetAssertionConsumerService(v string)
	// GetProvider returns the identity provider.
	GetProvider() string
	// SetProvider sets the identity provider.
	SetProvider(string)
	// GetEncryptionKeyPair returns the key pair for SAML assertions.
	GetEncryptionKeyPair() *AsymmetricKeyPair
	// SetEncryptionKeyPair sets the key pair for SAML assertions.
	SetEncryptionKeyPair(k *AsymmetricKeyPair)
}

SAMLConnector specifies configuration for SAML 2.0 identity providers

func NewSAMLConnector 

func NewSAMLConnector(name string, spec SAMLConnectorSpecV2) (SAMLConnector, error)

NewSAMLConnector returns a new SAMLConnector based off a name and SAMLConnectorSpecV2.

type SAMLConnectorSpecV2 

type SAMLConnectorSpecV2 struct {
	// Issuer is the identity provider issuer.
	Issuer string `protobuf:"bytes,1,opt,name=Issuer,proto3" json:"issuer"`
	// SSO is the URL of the identity provider's SSO service.
	SSO string `protobuf:"bytes,2,opt,name=SSO,proto3" json:"sso"`
	// Cert is the identity provider certificate PEM.
	// IDP signs <Response> responses using this certificate.
	Cert string `protobuf:"bytes,3,opt,name=Cert,proto3" json:"cert"`
	// Display controls how this connector is displayed.
	Display string `protobuf:"bytes,4,opt,name=Display,proto3" json:"display"`
	// AssertionConsumerService is a URL for assertion consumer service
	// on the service provider (Teleport's side).
	AssertionConsumerService string `protobuf:"bytes,5,opt,name=AssertionConsumerService,proto3" json:"acs"`
	// Audience uniquely identifies our service provider.
	Audience string `protobuf:"bytes,6,opt,name=Audience,proto3" json:"audience"`
	// ServiceProviderIssuer is the issuer of the service provider (Teleport).
	ServiceProviderIssuer string `protobuf:"bytes,7,opt,name=ServiceProviderIssuer,proto3" json:"service_provider_issuer"`
	// EntityDescriptor is XML with descriptor. It can be used to supply configuration
	// parameters in one XML file rather than supplying them in the individual elements.
	EntityDescriptor string `protobuf:"bytes,8,opt,name=EntityDescriptor,proto3" json:"entity_descriptor"`
	// EntityDescriptorURL is a URL that supplies a configuration XML.
	EntityDescriptorURL string `protobuf:"bytes,9,opt,name=EntityDescriptorURL,proto3" json:"entity_descriptor_url"`
	// AttributesToRoles is a list of mappings of attribute statements to roles.
	AttributesToRoles []AttributeMapping `protobuf:"bytes,10,rep,name=AttributesToRoles,proto3" json:"attributes_to_roles"`
	// SigningKeyPair is an x509 key pair used to sign AuthnRequest.
	SigningKeyPair *AsymmetricKeyPair `protobuf:"bytes,11,opt,name=SigningKeyPair,proto3" json:"signing_key_pair,omitempty"`
	// Provider is the external identity provider.
	Provider string `protobuf:"bytes,12,opt,name=Provider,proto3" json:"provider,omitempty"`
	// EncryptionKeyPair is a key pair used for decrypting SAML assertions.
	EncryptionKeyPair    *AsymmetricKeyPair `protobuf:"bytes,13,opt,name=EncryptionKeyPair,proto3" json:"assertion_key_pair,omitempty"`
	XXX_NoUnkeyedLiteral struct{}           `json:"-"`
	XXX_unrecognized     []byte             `json:"-"`
	XXX_sizecache        int32              `json:"-"`
}

SAMLConnectorSpecV2 is a SAML connector specification.

func (*SAMLConnectorSpecV2) Descriptor 

func (*SAMLConnectorSpecV2) Descriptor() ([]byte, []int)

func (*SAMLConnectorSpecV2) Marshal 

func (m *SAMLConnectorSpecV2) Marshal() (dAtA []byte, err error)

func (*SAMLConnectorSpecV2) MarshalTo 

func (m *SAMLConnectorSpecV2) MarshalTo(dAtA []byte) (int, error)

func (*SAMLConnectorSpecV2) MarshalToSizedBuffer 

func (m *SAMLConnectorSpecV2) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*SAMLConnectorSpecV2) ProtoMessage 

func (*SAMLConnectorSpecV2) ProtoMessage()

func (*SAMLConnectorSpecV2) Reset 

func (m *SAMLConnectorSpecV2) Reset()

func (*SAMLConnectorSpecV2) Size 

func (m *SAMLConnectorSpecV2) Size() (n int)

func (*SAMLConnectorSpecV2) String 

func (m *SAMLConnectorSpecV2) String() string

func (*SAMLConnectorSpecV2) Unmarshal 

func (m *SAMLConnectorSpecV2) Unmarshal(dAtA []byte) error

func (*SAMLConnectorSpecV2) XXX_DiscardUnknown 

func (m *SAMLConnectorSpecV2) XXX_DiscardUnknown()

func (*SAMLConnectorSpecV2) XXX_Marshal 

func (m *SAMLConnectorSpecV2) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*SAMLConnectorSpecV2) XXX_Merge 

func (m *SAMLConnectorSpecV2) XXX_Merge(src proto.Message)

func (*SAMLConnectorSpecV2) XXX_Size 

func (m *SAMLConnectorSpecV2) XXX_Size() int

func (*SAMLConnectorSpecV2) XXX_Unmarshal 

func (m *SAMLConnectorSpecV2) XXX_Unmarshal(b []byte) error

type SAMLConnectorV2 

type SAMLConnectorV2 struct {
	// Kind is a resource kind.
	Kind string `protobuf:"bytes,1,opt,name=Kind,proto3" json:"kind"`
	// SubKind is an optional resource sub kind, used in some resources.
	SubKind string `protobuf:"bytes,2,opt,name=SubKind,proto3" json:"sub_kind,omitempty"`
	// Version is a resource version.
	Version string `protobuf:"bytes,3,opt,name=Version,proto3" json:"version"`
	// Metadata holds resource metadata.
	Metadata Metadata `protobuf:"bytes,4,opt,name=Metadata,proto3" json:"metadata"`
	// Spec is an SAML connector specification.
	Spec                 SAMLConnectorSpecV2 `protobuf:"bytes,5,opt,name=Spec,proto3" json:"spec"`
	XXX_NoUnkeyedLiteral struct{}            `json:"-"`
	XXX_unrecognized     []byte              `json:"-"`
	XXX_sizecache        int32               `json:"-"`
}

SAMLConnectorV2 represents a SAML connector.

func (*SAMLConnectorV2) CheckAndSetDefaults 

func (o *SAMLConnectorV2) CheckAndSetDefaults() error

CheckAndSetDefaults checks and sets default values

func (*SAMLConnectorV2) Descriptor 

func (*SAMLConnectorV2) Descriptor() ([]byte, []int)

func (*SAMLConnectorV2) Expiry 

func (o *SAMLConnectorV2) Expiry() time.Time

Expiry returns object expiry setting

func (*SAMLConnectorV2) GetAssertionConsumerService 

func (o *SAMLConnectorV2) GetAssertionConsumerService() string

GetAssertionConsumerService returns assertion consumer service URL

func (*SAMLConnectorV2) GetAttributes 

func (o *SAMLConnectorV2) GetAttributes() []string

GetAttributes returns list of attributes expected by mappings

func (*SAMLConnectorV2) GetAttributesToRoles 

func (o *SAMLConnectorV2) GetAttributesToRoles() []AttributeMapping

GetAttributesToRoles returns attributes to roles mapping

func (*SAMLConnectorV2) GetAudience 

func (o *SAMLConnectorV2) GetAudience() string

GetAudience returns audience

func (*SAMLConnectorV2) GetCert 

func (o *SAMLConnectorV2) GetCert() string

GetCert returns identity provider checking x509 certificate

func (*SAMLConnectorV2) GetDisplay 

func (o *SAMLConnectorV2) GetDisplay() string

GetDisplay returns the friendly name for this provider.

func (*SAMLConnectorV2) GetEncryptionKeyPair 

func (o *SAMLConnectorV2) GetEncryptionKeyPair() *AsymmetricKeyPair

GetEncryptionKeyPair returns the key pair for SAML assertions.

func (*SAMLConnectorV2) GetEntityDescriptor 

func (o *SAMLConnectorV2) GetEntityDescriptor() string

GetEntityDescriptor returns XML entity descriptor of the service

func (*SAMLConnectorV2) GetEntityDescriptorURL 

func (o *SAMLConnectorV2) GetEntityDescriptorURL() string

GetEntityDescriptorURL returns the URL to obtain the entity descriptor.

func (*SAMLConnectorV2) GetIssuer 

func (o *SAMLConnectorV2) GetIssuer() string

GetIssuer returns issuer

func (*SAMLConnectorV2) GetKind 

func (o *SAMLConnectorV2) GetKind() string

GetKind returns resource kind

func (*SAMLConnectorV2) GetMetadata 

func (o *SAMLConnectorV2) GetMetadata() Metadata

GetMetadata returns object metadata

func (*SAMLConnectorV2) GetName 

func (o *SAMLConnectorV2) GetName() string

GetName returns the name of the connector

func (*SAMLConnectorV2) GetProvider 

func (o *SAMLConnectorV2) GetProvider() string

GetProvider returns the identity provider.

func (*SAMLConnectorV2) GetResourceID 

func (o *SAMLConnectorV2) GetResourceID() int64

GetResourceID returns resource ID

func (*SAMLConnectorV2) GetSSO 

func (o *SAMLConnectorV2) GetSSO() string

GetSSO returns SSO service

func (*SAMLConnectorV2) GetServiceProviderIssuer 

func (o *SAMLConnectorV2) GetServiceProviderIssuer() string

GetServiceProviderIssuer returns service provider issuer

func (*SAMLConnectorV2) GetSigningKeyPair 

func (o *SAMLConnectorV2) GetSigningKeyPair() *AsymmetricKeyPair

GetSigningKeyPair returns signing key pair

func (*SAMLConnectorV2) GetSubKind 

func (o *SAMLConnectorV2) GetSubKind() string

GetSubKind returns resource sub kind

func (*SAMLConnectorV2) GetTraitMappings 

func (o *SAMLConnectorV2) GetTraitMappings() TraitMappingSet

GetTraitMappings returns the SAMLConnector's TraitMappingSet

func (*SAMLConnectorV2) GetVersion 

func (o *SAMLConnectorV2) GetVersion() string

GetVersion returns resource version

func (*SAMLConnectorV2) Marshal 

func (m *SAMLConnectorV2) Marshal() (dAtA []byte, err error)

func (*SAMLConnectorV2) MarshalTo 

func (m *SAMLConnectorV2) MarshalTo(dAtA []byte) (int, error)

func (*SAMLConnectorV2) MarshalToSizedBuffer 

func (m *SAMLConnectorV2) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*SAMLConnectorV2) ProtoMessage 

func (*SAMLConnectorV2) ProtoMessage()

func (*SAMLConnectorV2) Reset 

func (m *SAMLConnectorV2) Reset()

func (*SAMLConnectorV2) SetAssertionConsumerService 

func (o *SAMLConnectorV2) SetAssertionConsumerService(v string)

SetAssertionConsumerService sets assertion consumer service URL

func (*SAMLConnectorV2) SetAttributesToRoles 

func (o *SAMLConnectorV2) SetAttributesToRoles(mapping []AttributeMapping)

SetAttributesToRoles sets attributes to roles mapping

func (*SAMLConnectorV2) SetAudience 

func (o *SAMLConnectorV2) SetAudience(v string)

SetAudience sets audience

func (*SAMLConnectorV2) SetCert 

func (o *SAMLConnectorV2) SetCert(cert string)

SetCert sets identity provider checking certificate

func (*SAMLConnectorV2) SetDisplay 

func (o *SAMLConnectorV2) SetDisplay(display string)

SetDisplay sets friendly name for this provider.

func (*SAMLConnectorV2) SetEncryptionKeyPair 

func (o *SAMLConnectorV2) SetEncryptionKeyPair(k *AsymmetricKeyPair)

SetEncryptionKeyPair sets the key pair for SAML assertions.

func (*SAMLConnectorV2) SetEntityDescriptor 

func (o *SAMLConnectorV2) SetEntityDescriptor(v string)

SetEntityDescriptor sets entity descriptor of the service

func (*SAMLConnectorV2) SetEntityDescriptorURL 

func (o *SAMLConnectorV2) SetEntityDescriptorURL(v string)

SetEntityDescriptorURL sets the entity descriptor url.

func (*SAMLConnectorV2) SetExpiry 

func (o *SAMLConnectorV2) SetExpiry(expires time.Time)

SetExpiry sets expiry time for the object

func (*SAMLConnectorV2) SetIssuer 

func (o *SAMLConnectorV2) SetIssuer(issuer string)

SetIssuer sets issuer

func (*SAMLConnectorV2) SetName 

func (o *SAMLConnectorV2) SetName(name string)

SetName sets client secret to some value

func (*SAMLConnectorV2) SetProvider 

func (o *SAMLConnectorV2) SetProvider(identityProvider string)

SetProvider sets the identity provider.

func (*SAMLConnectorV2) SetResourceID 

func (o *SAMLConnectorV2) SetResourceID(id int64)

SetResourceID sets resource ID

func (*SAMLConnectorV2) SetSSO 

func (o *SAMLConnectorV2) SetSSO(sso string)

SetSSO sets SSO service

func (*SAMLConnectorV2) SetServiceProviderIssuer 

func (o *SAMLConnectorV2) SetServiceProviderIssuer(v string)

SetServiceProviderIssuer sets service provider issuer

func (*SAMLConnectorV2) SetSigningKeyPair 

func (o *SAMLConnectorV2) SetSigningKeyPair(k *AsymmetricKeyPair)

SetSigningKeyPair sets signing key pair

func (*SAMLConnectorV2) SetSubKind 

func (o *SAMLConnectorV2) SetSubKind(sk string)

SetSubKind sets resource subkind

func (*SAMLConnectorV2) Size 

func (m *SAMLConnectorV2) Size() (n int)

func (*SAMLConnectorV2) String 

func (m *SAMLConnectorV2) String() string

func (*SAMLConnectorV2) Unmarshal 

func (m *SAMLConnectorV2) Unmarshal(dAtA []byte) error

func (*SAMLConnectorV2) WithoutSecrets 

func (o *SAMLConnectorV2) WithoutSecrets() Resource

WithoutSecrets returns an instance of resource without secrets.

func (*SAMLConnectorV2) XXX_DiscardUnknown 

func (m *SAMLConnectorV2) XXX_DiscardUnknown()

func (*SAMLConnectorV2) XXX_Marshal 

func (m *SAMLConnectorV2) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*SAMLConnectorV2) XXX_Merge 

func (m *SAMLConnectorV2) XXX_Merge(src proto.Message)

func (*SAMLConnectorV2) XXX_Size 

func (m *SAMLConnectorV2) XXX_Size() int

func (*SAMLConnectorV2) XXX_Unmarshal 

func (m *SAMLConnectorV2) XXX_Unmarshal(b []byte) error

type SAMLConnectorV2List 

type SAMLConnectorV2List struct {
	// SAMLConnectors is a list of SAML connectors.
	SAMLConnectors       []*SAMLConnectorV2 `protobuf:"bytes,1,rep,name=SAMLConnectors,proto3" json:"SAMLConnectors,omitempty"`
	XXX_NoUnkeyedLiteral struct{}           `json:"-"`
	XXX_unrecognized     []byte             `json:"-"`
	XXX_sizecache        int32              `json:"-"`
}

SAMLConnectorV2List is a list of SAML connectors.

func (*SAMLConnectorV2List) Descriptor 

func (*SAMLConnectorV2List) Descriptor() ([]byte, []int)

func (*SAMLConnectorV2List) Marshal 

func (m *SAMLConnectorV2List) Marshal() (dAtA []byte, err error)

func (*SAMLConnectorV2List) MarshalTo 

func (m *SAMLConnectorV2List) MarshalTo(dAtA []byte) (int, error)

func (*SAMLConnectorV2List) MarshalToSizedBuffer 

func (m *SAMLConnectorV2List) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*SAMLConnectorV2List) ProtoMessage 

func (*SAMLConnectorV2List) ProtoMessage()

func (*SAMLConnectorV2List) Reset 

func (m *SAMLConnectorV2List) Reset()

func (*SAMLConnectorV2List) Size 

func (m *SAMLConnectorV2List) Size() (n int)

func (*SAMLConnectorV2List) String 

func (m *SAMLConnectorV2List) String() string

func (*SAMLConnectorV2List) Unmarshal 

func (m *SAMLConnectorV2List) Unmarshal(dAtA []byte) error

func (*SAMLConnectorV2List) XXX_DiscardUnknown 

func (m *SAMLConnectorV2List) XXX_DiscardUnknown()

func (*SAMLConnectorV2List) XXX_Marshal 

func (m *SAMLConnectorV2List) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*SAMLConnectorV2List) XXX_Merge 

func (m *SAMLConnectorV2List) XXX_Merge(src proto.Message)

func (*SAMLConnectorV2List) XXX_Size 

func (m *SAMLConnectorV2List) XXX_Size() int

func (*SAMLConnectorV2List) XXX_Unmarshal 

func (m *SAMLConnectorV2List) XXX_Unmarshal(b []byte) error

type SSHKeyPair 

type SSHKeyPair struct {
	// PublicKey is the SSH public key.
	PublicKey []byte `protobuf:"bytes,1,opt,name=PublicKey,proto3" json:"public_key,omitempty"`
	// PrivateKey is the SSH private key.
	PrivateKey []byte `protobuf:"bytes,2,opt,name=PrivateKey,proto3" json:"private_key,omitempty"`
	// PrivateKeyType is the type of the PrivateKey.
	PrivateKeyType       PrivateKeyType `protobuf:"varint,3,opt,name=PrivateKeyType,proto3,enum=types.PrivateKeyType" json:"private_key_type,omitempty"`
	XXX_NoUnkeyedLiteral struct{}       `json:"-"`
	XXX_unrecognized     []byte         `json:"-"`
	XXX_sizecache        int32          `json:"-"`
}

SSHKeyPair is an SSH CA key pair.

func (*SSHKeyPair) CheckAndSetDefaults 

func (k *SSHKeyPair) CheckAndSetDefaults() error

CheckAndSetDefaults validates SSHKeyPair and sets defaults on any empty fields as needed.

func (*SSHKeyPair) Clone 

func (k *SSHKeyPair) Clone() *SSHKeyPair

Clone returns a deep copy of SSHKeyPair that can be mutated without modifying the original.

func (*SSHKeyPair) Descriptor 

func (*SSHKeyPair) Descriptor() ([]byte, []int)

func (*SSHKeyPair) Marshal 

func (m *SSHKeyPair) Marshal() (dAtA []byte, err error)

func (*SSHKeyPair) MarshalTo 

func (m *SSHKeyPair) MarshalTo(dAtA []byte) (int, error)

func (*SSHKeyPair) MarshalToSizedBuffer 

func (m *SSHKeyPair) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*SSHKeyPair) ProtoMessage 

func (*SSHKeyPair) ProtoMessage()

func (*SSHKeyPair) Reset 

func (m *SSHKeyPair) Reset()

func (*SSHKeyPair) Size 

func (m *SSHKeyPair) Size() (n int)

func (*SSHKeyPair) String 

func (m *SSHKeyPair) String() string

func (*SSHKeyPair) Unmarshal 

func (m *SSHKeyPair) Unmarshal(dAtA []byte) error

func (*SSHKeyPair) XXX_DiscardUnknown 

func (m *SSHKeyPair) XXX_DiscardUnknown()

func (*SSHKeyPair) XXX_Marshal 

func (m *SSHKeyPair) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*SSHKeyPair) XXX_Merge 

func (m *SSHKeyPair) XXX_Merge(src proto.Message)

func (*SSHKeyPair) XXX_Size 

func (m *SSHKeyPair) XXX_Size() int

func (*SSHKeyPair) XXX_Unmarshal 

func (m *SSHKeyPair) XXX_Unmarshal(b []byte) error

type Semaphore 

type Semaphore interface {
	// Resource contains common resource values
	Resource
	// Contains checks if lease is member of this semaphore.
	Contains(lease SemaphoreLease) bool
	// Acquire attempts to acquire a lease with this semaphore.
	Acquire(leaseID string, params AcquireSemaphoreRequest) (*SemaphoreLease, error)
	// KeepAlive attempts to update the expiry of an existent lease.
	KeepAlive(lease SemaphoreLease) error
	// Cancel attempts to cancel an existent lease.
	Cancel(lease SemaphoreLease) error
	// LeaseRefs grants access to the underlying list
	// of lease references.
	LeaseRefs() []SemaphoreLeaseRef
	// RemoveExpiredLeases removes expired leases
	RemoveExpiredLeases(now time.Time)
}

Semaphore represents distributed semaphore concept

type SemaphoreFilter 

type SemaphoreFilter struct {
	// SemaphoreKind is the kind of the semaphore.
	SemaphoreKind string `protobuf:"bytes,1,opt,name=SemaphoreKind,proto3" json:"kind"`
	// SemaphoreName is the name of the semaphore.
	SemaphoreName        string   `protobuf:"bytes,2,opt,name=SemaphoreName,proto3" json:"name"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

SemaphoreFilter encodes semaphore filtering params. A semaphore filter matches a semaphore if all nonzero fields match the corresponding semaphore fileds (e.g. a filter which specifies only `kind=foo` would match all semaphores of kind `foo`).

func (*SemaphoreFilter) Descriptor 

func (*SemaphoreFilter) Descriptor() ([]byte, []int)

func (*SemaphoreFilter) Marshal 

func (m *SemaphoreFilter) Marshal() (dAtA []byte, err error)

func (*SemaphoreFilter) MarshalTo 

func (m *SemaphoreFilter) MarshalTo(dAtA []byte) (int, error)

func (*SemaphoreFilter) MarshalToSizedBuffer 

func (m *SemaphoreFilter) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*SemaphoreFilter) Match 

func (f *SemaphoreFilter) Match(sem Semaphore) bool

Match checks if the supplied semaphore matches this filter.

func (*SemaphoreFilter) ProtoMessage 

func (*SemaphoreFilter) ProtoMessage()

func (*SemaphoreFilter) Reset 

func (m *SemaphoreFilter) Reset()

func (*SemaphoreFilter) Size 

func (m *SemaphoreFilter) Size() (n int)

func (*SemaphoreFilter) String 

func (m *SemaphoreFilter) String() string

func (*SemaphoreFilter) Unmarshal 

func (m *SemaphoreFilter) Unmarshal(dAtA []byte) error

func (*SemaphoreFilter) XXX_DiscardUnknown 

func (m *SemaphoreFilter) XXX_DiscardUnknown()

func (*SemaphoreFilter) XXX_Marshal 

func (m *SemaphoreFilter) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*SemaphoreFilter) XXX_Merge 

func (m *SemaphoreFilter) XXX_Merge(src proto.Message)

func (*SemaphoreFilter) XXX_Size 

func (m *SemaphoreFilter) XXX_Size() int

func (*SemaphoreFilter) XXX_Unmarshal 

func (m *SemaphoreFilter) XXX_Unmarshal(b []byte) error

type SemaphoreLease 

type SemaphoreLease struct {
	// SemaphoreKind is the kind of the semaphore.
	SemaphoreKind string `protobuf:"bytes,1,opt,name=SemaphoreKind,proto3" json:"kind"`
	// SemaphoreName is the name of the semaphore.
	SemaphoreName string `protobuf:"bytes,2,opt,name=SemaphoreName,proto3" json:"name"`
	// LeaseID uniquely identifies this lease.
	LeaseID string `protobuf:"bytes,3,opt,name=LeaseID,proto3" json:"lease_id"`
	// Expires is the time at which this lease expires.
	Expires              time.Time `protobuf:"bytes,5,opt,name=Expires,proto3,stdtime" json:"expires"`
	XXX_NoUnkeyedLiteral struct{}  `json:"-"`
	XXX_unrecognized     []byte    `json:"-"`
	XXX_sizecache        int32     `json:"-"`
}

SemaphoreLease represents lease acquired for semaphore

func (*SemaphoreLease) CheckAndSetDefaults 

func (l *SemaphoreLease) CheckAndSetDefaults() error

CheckAndSetDefaults checks and sets default values

func (*SemaphoreLease) Descriptor 

func (*SemaphoreLease) Descriptor() ([]byte, []int)

func (*SemaphoreLease) Marshal 

func (m *SemaphoreLease) Marshal() (dAtA []byte, err error)

func (*SemaphoreLease) MarshalTo 

func (m *SemaphoreLease) MarshalTo(dAtA []byte) (int, error)

func (*SemaphoreLease) MarshalToSizedBuffer 

func (m *SemaphoreLease) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*SemaphoreLease) ProtoMessage 

func (*SemaphoreLease) ProtoMessage()

func (*SemaphoreLease) Reset 

func (m *SemaphoreLease) Reset()

func (*SemaphoreLease) Size 

func (m *SemaphoreLease) Size() (n int)

func (*SemaphoreLease) String 

func (m *SemaphoreLease) String() string

func (*SemaphoreLease) Unmarshal 

func (m *SemaphoreLease) Unmarshal(dAtA []byte) error

func (*SemaphoreLease) XXX_DiscardUnknown 

func (m *SemaphoreLease) XXX_DiscardUnknown()

func (*SemaphoreLease) XXX_Marshal 

func (m *SemaphoreLease) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*SemaphoreLease) XXX_Merge 

func (m *SemaphoreLease) XXX_Merge(src proto.Message)

func (*SemaphoreLease) XXX_Size 

func (m *SemaphoreLease) XXX_Size() int

func (*SemaphoreLease) XXX_Unmarshal 

func (m *SemaphoreLease) XXX_Unmarshal(b []byte) error

type SemaphoreLeaseRef 

type SemaphoreLeaseRef struct {
	// LeaseID is the unique ID of the lease.
	LeaseID string `protobuf:"bytes,1,opt,name=LeaseID,proto3" json:"lease_id"`
	// Expires is the time at which the lease expires.
	Expires time.Time `protobuf:"bytes,2,opt,name=Expires,proto3,stdtime" json:"expires"`
	// Holder identifies the lease holder.
	Holder               string   `protobuf:"bytes,3,opt,name=Holder,proto3" json:"holder"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

SemaphoreLeaseRef identifies an existent lease.

func (*SemaphoreLeaseRef) Descriptor 

func (*SemaphoreLeaseRef) Descriptor() ([]byte, []int)

func (*SemaphoreLeaseRef) Marshal 

func (m *SemaphoreLeaseRef) Marshal() (dAtA []byte, err error)

func (*SemaphoreLeaseRef) MarshalTo 

func (m *SemaphoreLeaseRef) MarshalTo(dAtA []byte) (int, error)

func (*SemaphoreLeaseRef) MarshalToSizedBuffer 

func (m *SemaphoreLeaseRef) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*SemaphoreLeaseRef) ProtoMessage 

func (*SemaphoreLeaseRef) ProtoMessage()

func (*SemaphoreLeaseRef) Reset 

func (m *SemaphoreLeaseRef) Reset()

func (*SemaphoreLeaseRef) Size 

func (m *SemaphoreLeaseRef) Size() (n int)

func (*SemaphoreLeaseRef) String 

func (m *SemaphoreLeaseRef) String() string

func (*SemaphoreLeaseRef) Unmarshal 

func (m *SemaphoreLeaseRef) Unmarshal(dAtA []byte) error

func (*SemaphoreLeaseRef) XXX_DiscardUnknown 

func (m *SemaphoreLeaseRef) XXX_DiscardUnknown()

func (*SemaphoreLeaseRef) XXX_Marshal 

func (m *SemaphoreLeaseRef) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*SemaphoreLeaseRef) XXX_Merge 

func (m *SemaphoreLeaseRef) XXX_Merge(src proto.Message)

func (*SemaphoreLeaseRef) XXX_Size 

func (m *SemaphoreLeaseRef) XXX_Size() int

func (*SemaphoreLeaseRef) XXX_Unmarshal 

func (m *SemaphoreLeaseRef) XXX_Unmarshal(b []byte) error

type SemaphoreSpecV3 

type SemaphoreSpecV3 struct {
	// Leases is a list of all currently acquired leases.
	Leases               []SemaphoreLeaseRef `protobuf:"bytes,1,rep,name=Leases,proto3" json:"leases"`
	XXX_NoUnkeyedLiteral struct{}            `json:"-"`
	XXX_unrecognized     []byte              `json:"-"`
	XXX_sizecache        int32               `json:"-"`
}

SemaphoreSpecV3 contains the data about lease

func (*SemaphoreSpecV3) Descriptor 

func (*SemaphoreSpecV3) Descriptor() ([]byte, []int)

func (*SemaphoreSpecV3) Marshal 

func (m *SemaphoreSpecV3) Marshal() (dAtA []byte, err error)

func (*SemaphoreSpecV3) MarshalTo 

func (m *SemaphoreSpecV3) MarshalTo(dAtA []byte) (int, error)

func (*SemaphoreSpecV3) MarshalToSizedBuffer 

func (m *SemaphoreSpecV3) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*SemaphoreSpecV3) ProtoMessage 

func (*SemaphoreSpecV3) ProtoMessage()

func (*SemaphoreSpecV3) Reset 

func (m *SemaphoreSpecV3) Reset()

func (*SemaphoreSpecV3) Size 

func (m *SemaphoreSpecV3) Size() (n int)

func (*SemaphoreSpecV3) String 

func (m *SemaphoreSpecV3) String() string

func (*SemaphoreSpecV3) Unmarshal 

func (m *SemaphoreSpecV3) Unmarshal(dAtA []byte) error

func (*SemaphoreSpecV3) XXX_DiscardUnknown 

func (m *SemaphoreSpecV3) XXX_DiscardUnknown()

func (*SemaphoreSpecV3) XXX_Marshal 

func (m *SemaphoreSpecV3) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*SemaphoreSpecV3) XXX_Merge 

func (m *SemaphoreSpecV3) XXX_Merge(src proto.Message)

func (*SemaphoreSpecV3) XXX_Size 

func (m *SemaphoreSpecV3) XXX_Size() int

func (*SemaphoreSpecV3) XXX_Unmarshal 

func (m *SemaphoreSpecV3) XXX_Unmarshal(b []byte) error

type SemaphoreV3 

type SemaphoreV3 struct {
	// Kind is a resource kind
	Kind string `protobuf:"bytes,1,opt,name=Kind,proto3" json:"kind"`
	// SubKind is an optional resource sub kind, used in some resources
	SubKind string `protobuf:"bytes,2,opt,name=SubKind,proto3" json:"sub_kind,omitempty"`
	// Version is version
	Version string `protobuf:"bytes,3,opt,name=Version,proto3" json:"version"`
	// Metadata is Semaphore metadata
	Metadata Metadata `protobuf:"bytes,4,opt,name=Metadata,proto3" json:"metadata"`
	// Spec is a lease V3 spec
	Spec                 SemaphoreSpecV3 `protobuf:"bytes,5,opt,name=Spec,proto3" json:"spec"`
	XXX_NoUnkeyedLiteral struct{}        `json:"-"`
	XXX_unrecognized     []byte          `json:"-"`
	XXX_sizecache        int32           `json:"-"`
}

SemaphoreV3 implements Semaphore interface

func (*SemaphoreV3) Acquire 

func (c *SemaphoreV3) Acquire(leaseID string, params AcquireSemaphoreRequest) (*SemaphoreLease, error)

Acquire attempts to acquire a lease with this semaphore.

func (*SemaphoreV3) Cancel 

func (c *SemaphoreV3) Cancel(lease SemaphoreLease) error

Cancel attempts to cancel an existent lease.

func (*SemaphoreV3) CheckAndSetDefaults 

func (c *SemaphoreV3) CheckAndSetDefaults() error

CheckAndSetDefaults checks validity of all parameters and sets defaults.

func (*SemaphoreV3) Contains 

func (c *SemaphoreV3) Contains(lease SemaphoreLease) bool

Contains checks if lease is member of this semaphore.

func (*SemaphoreV3) Descriptor 

func (*SemaphoreV3) Descriptor() ([]byte, []int)

func (*SemaphoreV3) Expiry 

func (c *SemaphoreV3) Expiry() time.Time

Expiry returns object expiry setting

func (*SemaphoreV3) GetKind 

func (c *SemaphoreV3) GetKind() string

GetKind returns resource kind

func (*SemaphoreV3) GetMetadata 

func (c *SemaphoreV3) GetMetadata() Metadata

GetMetadata returns object metadata

func (*SemaphoreV3) GetName 

func (c *SemaphoreV3) GetName() string

GetName returns the name of the cluster.

func (*SemaphoreV3) GetResourceID 

func (c *SemaphoreV3) GetResourceID() int64

GetResourceID returns resource ID

func (*SemaphoreV3) GetSubKind 

func (c *SemaphoreV3) GetSubKind() string

GetSubKind returns resource subkind

func (*SemaphoreV3) GetVersion 

func (c *SemaphoreV3) GetVersion() string

GetVersion returns resource version

func (*SemaphoreV3) KeepAlive 

func (c *SemaphoreV3) KeepAlive(lease SemaphoreLease) error

KeepAlive attempts to update the expiry of an existent lease.

func (*SemaphoreV3) LeaseRefs 

func (c *SemaphoreV3) LeaseRefs() []SemaphoreLeaseRef

LeaseRefs grants access to the underlying list of lease references

func (*SemaphoreV3) Marshal 

func (m *SemaphoreV3) Marshal() (dAtA []byte, err error)

func (*SemaphoreV3) MarshalTo 

func (m *SemaphoreV3) MarshalTo(dAtA []byte) (int, error)

func (*SemaphoreV3) MarshalToSizedBuffer 

func (m *SemaphoreV3) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*SemaphoreV3) ProtoMessage 

func (*SemaphoreV3) ProtoMessage()

func (*SemaphoreV3) RemoveExpiredLeases 

func (c *SemaphoreV3) RemoveExpiredLeases(now time.Time)

RemoveExpiredLeases removes expired leases

func (*SemaphoreV3) Reset 

func (m *SemaphoreV3) Reset()

func (*SemaphoreV3) SetExpiry 

func (c *SemaphoreV3) SetExpiry(expires time.Time)

SetExpiry sets expiry time for the object

func (*SemaphoreV3) SetName 

func (c *SemaphoreV3) SetName(e string)

SetName sets the name of the cluster.

func (*SemaphoreV3) SetResourceID 

func (c *SemaphoreV3) SetResourceID(id int64)

SetResourceID sets resource ID

func (*SemaphoreV3) SetSubKind 

func (c *SemaphoreV3) SetSubKind(sk string)

SetSubKind sets resource subkind

func (*SemaphoreV3) Size 

func (m *SemaphoreV3) Size() (n int)

func (*SemaphoreV3) String 

func (c *SemaphoreV3) String() string

String represents a human readable version of the semaphore.

func (*SemaphoreV3) Unmarshal 

func (m *SemaphoreV3) Unmarshal(dAtA []byte) error

func (*SemaphoreV3) XXX_DiscardUnknown 

func (m *SemaphoreV3) XXX_DiscardUnknown()

func (*SemaphoreV3) XXX_Marshal 

func (m *SemaphoreV3) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*SemaphoreV3) XXX_Merge 

func (m *SemaphoreV3) XXX_Merge(src proto.Message)

func (*SemaphoreV3) XXX_Size 

func (m *SemaphoreV3) XXX_Size() int

func (*SemaphoreV3) XXX_Unmarshal 

func (m *SemaphoreV3) XXX_Unmarshal(b []byte) error

type Semaphores 

type Semaphores interface {
	// AcquireSemaphore acquires lease with requested resources from semaphore
	AcquireSemaphore(ctx context.Context, params AcquireSemaphoreRequest) (*SemaphoreLease, error)
	// KeepAliveSemaphoreLease updates semaphore lease
	KeepAliveSemaphoreLease(ctx context.Context, lease SemaphoreLease) error
	// CancelSemaphoreLease cancels semaphore lease early
	CancelSemaphoreLease(ctx context.Context, lease SemaphoreLease) error
	// GetSemaphores returns a list of semaphores matching supplied filter.
	GetSemaphores(ctx context.Context, filter SemaphoreFilter) ([]Semaphore, error)
	// DeleteSemaphore deletes a semaphore matching supplied filter.
	DeleteSemaphore(ctx context.Context, filter SemaphoreFilter) error
}

Semaphores provides ability to control how many shared resources of some kind are acquired at the same time, used to implement concurrent sessions control in a distributed environment

type Server 

type Server interface {
	// Resource provides common resource headers
	Resource
	// GetTeleportVersion returns the teleport version the server is running on
	GetTeleportVersion() string
	// GetAddr return server address
	GetAddr() string
	// GetHostname returns server hostname
	GetHostname() string
	// GetNamespace returns server namespace
	GetNamespace() string
	// GetAllLabels returns server's static and dynamic label values merged together
	GetAllLabels() map[string]string
	// GetLabels returns server's static label key pairs
	GetLabels() map[string]string
	// GetCmdLabels gets command labels
	GetCmdLabels() map[string]CommandLabel
	// SetCmdLabels sets command labels.
	SetCmdLabels(cmdLabels map[string]CommandLabel)
	// GetPublicAddr is an optional field that returns the public address this cluster can be reached at.
	GetPublicAddr() string
	// GetRotation gets the state of certificate authority rotation.
	GetRotation() Rotation
	// SetRotation sets the state of certificate authority rotation.
	SetRotation(Rotation)
	// GetUseTunnel gets if a reverse tunnel should be used to connect to this node.
	GetUseTunnel() bool
	// SetUseTunnel sets if a reverse tunnel should be used to connect to this node.
	SetUseTunnel(bool)
	// String returns string representation of the server
	String() string
	// SetAddr sets server address
	SetAddr(addr string)
	// SetPublicAddr sets the public address this cluster can be reached at.
	SetPublicAddr(string)
	// SetNamespace sets server namespace
	SetNamespace(namespace string)
	// GetApps gets the list of applications this server is proxying.
	GetApps() []*App
	// GetApps gets the list of applications this server is proxying.
	SetApps([]*App)
	// GetKubeClusters returns the kubernetes clusters directly handled by this
	// server.
	GetKubernetesClusters() []*KubernetesCluster
	// SetKubeClusters sets the kubernetes clusters handled by this server.
	SetKubernetesClusters([]*KubernetesCluster)
	// MatchAgainst takes a map of labels and returns True if this server
	// has ALL of them
	//
	// Any server matches against an empty label set
	MatchAgainst(labels map[string]string) bool
	// LabelsString returns a comma separated string with all node's labels
	LabelsString() string

	// DeepCopy creates a clone of this server value
	DeepCopy() Server
}

Server represents a Node, Proxy or Auth server in a Teleport cluster

func NewServer 

func NewServer(name, kind string, spec ServerSpecV2) (Server, error)

NewServer creates an instance of Server.

func NewServerWithLabels 

func NewServerWithLabels(name, kind string, spec ServerSpecV2, labels map[string]string) (Server, error)

NewServerWithLabels is a convenience method to create ServerV2 with a specific map of labels.

type ServerSpecV2 

type ServerSpecV2 struct {
	// Addr is server host:port address
	Addr string `protobuf:"bytes,1,opt,name=Addr,proto3" json:"addr"`
	// PublicAddr is the public address this cluster can be reached at.
	PublicAddr string `protobuf:"bytes,2,opt,name=PublicAddr,proto3" json:"public_addr,omitempty"`
	// Hostname is server hostname
	Hostname string `protobuf:"bytes,3,opt,name=Hostname,proto3" json:"hostname"`
	// CmdLabels is server dynamic labels
	CmdLabels map[string]CommandLabelV2 `` /* 160-byte string literal not displayed */
	// Rotation specifies server rotation
	Rotation Rotation `protobuf:"bytes,5,opt,name=Rotation,proto3" json:"rotation,omitempty"`
	// UseTunnel indicates that connections to this server should occur over a
	// reverse tunnel.
	UseTunnel bool `protobuf:"varint,6,opt,name=UseTunnel,proto3" json:"use_tunnel,omitempty"`
	// TeleportVersion is the teleport version that the server is running on
	Version string `protobuf:"bytes,7,opt,name=Version,proto3" json:"version"`
	// Apps is a list of applications this server is proxying.
	Apps []*App `protobuf:"bytes,9,rep,name=Apps,proto3" json:"apps,omitempty"`
	// KubernetesClusters is a list of kubernetes clusters provided by this
	// Proxy or KubeService server.
	//
	// Important: jsontag must not be "kubernetes_clusters", because a
	// different field with that jsontag existed in 4.4:
	// https://github.com/gravitational/teleport/issues/4862
	KubernetesClusters   []*KubernetesCluster `protobuf:"bytes,10,rep,name=KubernetesClusters,proto3" json:"kube_clusters,omitempty"`
	XXX_NoUnkeyedLiteral struct{}             `json:"-"`
	XXX_unrecognized     []byte               `json:"-"`
	XXX_sizecache        int32                `json:"-"`
}

ServerSpecV2 is a specification for V2 Server

func (*ServerSpecV2) Descriptor 

func (*ServerSpecV2) Descriptor() ([]byte, []int)

func (*ServerSpecV2) Marshal 

func (m *ServerSpecV2) Marshal() (dAtA []byte, err error)

func (*ServerSpecV2) MarshalTo 

func (m *ServerSpecV2) MarshalTo(dAtA []byte) (int, error)

func (*ServerSpecV2) MarshalToSizedBuffer 

func (m *ServerSpecV2) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*ServerSpecV2) ProtoMessage 

func (*ServerSpecV2) ProtoMessage()

func (*ServerSpecV2) Reset 

func (m *ServerSpecV2) Reset()

func (*ServerSpecV2) Size 

func (m *ServerSpecV2) Size() (n int)

func (*ServerSpecV2) String 

func (m *ServerSpecV2) String() string

func (*ServerSpecV2) Unmarshal 

func (m *ServerSpecV2) Unmarshal(dAtA []byte) error

func (*ServerSpecV2) XXX_DiscardUnknown 

func (m *ServerSpecV2) XXX_DiscardUnknown()

func (*ServerSpecV2) XXX_Marshal 

func (m *ServerSpecV2) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*ServerSpecV2) XXX_Merge 

func (m *ServerSpecV2) XXX_Merge(src proto.Message)

func (*ServerSpecV2) XXX_Size 

func (m *ServerSpecV2) XXX_Size() int

func (*ServerSpecV2) XXX_Unmarshal 

func (m *ServerSpecV2) XXX_Unmarshal(b []byte) error

type ServerV2 

type ServerV2 struct {
	// Kind is a resource kind
	Kind string `protobuf:"bytes,1,opt,name=Kind,proto3" json:"kind"`
	// SubKind is an optional resource sub kind, used in some resources
	SubKind string `protobuf:"bytes,2,opt,name=SubKind,proto3" json:"sub_kind,omitempty"`
	// Version is version
	Version string `protobuf:"bytes,3,opt,name=Version,proto3" json:"version"`
	// Metadata is resource metadata
	Metadata Metadata `protobuf:"bytes,4,opt,name=Metadata,proto3" json:"metadata"`
	// Spec is a server spec
	Spec                 ServerSpecV2 `protobuf:"bytes,5,opt,name=Spec,proto3" json:"spec"`
	XXX_NoUnkeyedLiteral struct{}     `json:"-"`
	XXX_unrecognized     []byte       `json:"-"`
	XXX_sizecache        int32        `json:"-"`
}

ServerV2 represents a Node, App, Database, Proxy or Auth server in a Teleport cluster.

func (*ServerV2) CheckAndSetDefaults 

func (s *ServerV2) CheckAndSetDefaults() error

CheckAndSetDefaults checks and set default values for any missing fields.

func (*ServerV2) DeepCopy 

func (s *ServerV2) DeepCopy() Server

DeepCopy creates a clone of this server value

func (*ServerV2) Descriptor 

func (*ServerV2) Descriptor() ([]byte, []int)

func (*ServerV2) Expiry 

func (s *ServerV2) Expiry() time.Time

Expiry returns object expiry setting

func (*ServerV2) GetAddr 

func (s *ServerV2) GetAddr() string

GetAddr return server address

func (*ServerV2) GetAllLabels 

func (s *ServerV2) GetAllLabels() map[string]string

GetAllLabels returns the full key:value map of both static labels and "command labels"

func (*ServerV2) GetApps 

func (s *ServerV2) GetApps() []*App

GetApps gets the list of applications this server is proxying.

func (*ServerV2) GetCmdLabels 

func (s *ServerV2) GetCmdLabels() map[string]CommandLabel

GetCmdLabels returns command labels

func (*ServerV2) GetHostname 

func (s *ServerV2) GetHostname() string

GetHostname returns server hostname

func (*ServerV2) GetKind 

func (s *ServerV2) GetKind() string

GetKind returns resource kind

func (*ServerV2) GetKubernetesClusters 

func (s *ServerV2) GetKubernetesClusters() []*KubernetesCluster

GetKubernetesClusters returns the kubernetes clusters directly handled by this server.

func (*ServerV2) GetLabels 

func (s *ServerV2) GetLabels() map[string]string

GetLabels returns server's static label key pairs

func (*ServerV2) GetMetadata 

func (s *ServerV2) GetMetadata() Metadata

GetMetadata returns metadata

func (*ServerV2) GetName 

func (s *ServerV2) GetName() string

GetName returns server name

func (*ServerV2) GetNamespace 

func (s *ServerV2) GetNamespace() string

GetNamespace returns server namespace

func (*ServerV2) GetPublicAddr 

func (s *ServerV2) GetPublicAddr() string

GetPublicAddr is an optional field that returns the public address this cluster can be reached at.

func (*ServerV2) GetResourceID 

func (s *ServerV2) GetResourceID() int64

GetResourceID returns resource ID

func (*ServerV2) GetRotation 

func (s *ServerV2) GetRotation() Rotation

GetRotation gets the state of certificate authority rotation.

func (*ServerV2) GetSubKind 

func (s *ServerV2) GetSubKind() string

GetSubKind returns resource sub kind

func (*ServerV2) GetTeleportVersion 

func (s *ServerV2) GetTeleportVersion() string

GetTeleportVersion returns the teleport version the server is running on

func (*ServerV2) GetUseTunnel 

func (s *ServerV2) GetUseTunnel() bool

GetUseTunnel gets if a reverse tunnel should be used to connect to this node.

func (*ServerV2) GetVersion 

func (s *ServerV2) GetVersion() string

GetVersion returns resource version

func (*ServerV2) LabelsString 

func (s *ServerV2) LabelsString() string

LabelsString returns a comma separated string of all labels.

func (*ServerV2) Marshal 

func (m *ServerV2) Marshal() (dAtA []byte, err error)

func (*ServerV2) MarshalTo 

func (m *ServerV2) MarshalTo(dAtA []byte) (int, error)

func (*ServerV2) MarshalToSizedBuffer 

func (m *ServerV2) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*ServerV2) MatchAgainst 

func (s *ServerV2) MatchAgainst(labels map[string]string) bool

MatchAgainst takes a map of labels and returns True if this server has ALL of them

Any server matches against an empty label set

func (*ServerV2) ProtoMessage 

func (*ServerV2) ProtoMessage()

func (*ServerV2) Reset 

func (m *ServerV2) Reset()

func (*ServerV2) SetAddr 

func (s *ServerV2) SetAddr(addr string)

SetAddr sets server address

func (*ServerV2) SetApps 

func (s *ServerV2) SetApps(apps []*App)

SetApps sets the list of applications this server is proxying.

func (*ServerV2) SetCmdLabels 

func (s *ServerV2) SetCmdLabels(cmdLabels map[string]CommandLabel)

SetCmdLabels sets dynamic labels.

func (*ServerV2) SetExpiry 

func (s *ServerV2) SetExpiry(expires time.Time)

SetExpiry sets expiry time for the object

func (*ServerV2) SetKubernetesClusters 

func (s *ServerV2) SetKubernetesClusters(clusters []*KubernetesCluster)

SetKubernetesClusters sets the kubernetes clusters handled by this server.

func (*ServerV2) SetName 

func (s *ServerV2) SetName(e string)

SetName sets the name of the TrustedCluster.

func (*ServerV2) SetNamespace 

func (s *ServerV2) SetNamespace(namespace string)

SetNamespace sets server namespace

func (*ServerV2) SetPublicAddr 

func (s *ServerV2) SetPublicAddr(addr string)

SetPublicAddr sets the public address this cluster can be reached at.

func (*ServerV2) SetResourceID 

func (s *ServerV2) SetResourceID(id int64)

SetResourceID sets resource ID

func (*ServerV2) SetRotation 

func (s *ServerV2) SetRotation(r Rotation)

SetRotation sets the state of certificate authority rotation.

func (*ServerV2) SetSubKind 

func (s *ServerV2) SetSubKind(sk string)

SetSubKind sets resource subkind

func (*ServerV2) SetUseTunnel 

func (s *ServerV2) SetUseTunnel(useTunnel bool)

SetUseTunnel sets if a reverse tunnel should be used to connect to this node.

func (*ServerV2) Size 

func (m *ServerV2) Size() (n int)

func (*ServerV2) String 

func (s *ServerV2) String() string

func (*ServerV2) Unmarshal 

func (m *ServerV2) Unmarshal(dAtA []byte) error

func (*ServerV2) XXX_DiscardUnknown 

func (m *ServerV2) XXX_DiscardUnknown()

func (*ServerV2) XXX_Marshal 

func (m *ServerV2) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*ServerV2) XXX_Merge 

func (m *ServerV2) XXX_Merge(src proto.Message)

func (*ServerV2) XXX_Size 

func (m *ServerV2) XXX_Size() int

func (*ServerV2) XXX_Unmarshal 

func (m *ServerV2) XXX_Unmarshal(b []byte) error

type ServerV2List 

type ServerV2List struct {
	// Servers is a list of servers.
	Servers              []*ServerV2 `protobuf:"bytes,1,rep,name=Servers,proto3" json:"Servers,omitempty"`
	XXX_NoUnkeyedLiteral struct{}    `json:"-"`
	XXX_unrecognized     []byte      `json:"-"`
	XXX_sizecache        int32       `json:"-"`
}

ServerV2List is a list of servers. DELETE IN 8.0.0 only used in deprecated GetNodes rpc

func (*ServerV2List) Descriptor 

func (*ServerV2List) Descriptor() ([]byte, []int)

func (*ServerV2List) Marshal 

func (m *ServerV2List) Marshal() (dAtA []byte, err error)

func (*ServerV2List) MarshalTo 

func (m *ServerV2List) MarshalTo(dAtA []byte) (int, error)

func (*ServerV2List) MarshalToSizedBuffer 

func (m *ServerV2List) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*ServerV2List) ProtoMessage 

func (*ServerV2List) ProtoMessage()

func (*ServerV2List) Reset 

func (m *ServerV2List) Reset()

func (*ServerV2List) Size 

func (m *ServerV2List) Size() (n int)

func (*ServerV2List) String 

func (m *ServerV2List) String() string

func (*ServerV2List) Unmarshal 

func (m *ServerV2List) Unmarshal(dAtA []byte) error

func (*ServerV2List) XXX_DiscardUnknown 

func (m *ServerV2List) XXX_DiscardUnknown()

func (*ServerV2List) XXX_Marshal 

func (m *ServerV2List) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*ServerV2List) XXX_Merge 

func (m *ServerV2List) XXX_Merge(src proto.Message)

func (*ServerV2List) XXX_Size 

func (m *ServerV2List) XXX_Size() int

func (*ServerV2List) XXX_Unmarshal 

func (m *ServerV2List) XXX_Unmarshal(b []byte) error

type SessionRecordingConfig 

type SessionRecordingConfig interface {
	ResourceWithOrigin

	// GetMode gets the session recording mode.
	GetMode() string

	// SetMode sets the session recording mode.
	SetMode(string)

	// GetProxyChecksHostKeys gets if the proxy will check host keys.
	GetProxyChecksHostKeys() bool

	// SetProxyChecksHostKeys sets if the proxy will check host keys.
	SetProxyChecksHostKeys(bool)
}

SessionRecordingConfig defines session recording configuration. This is a configuration resource, never create more than one instance of it.

func DefaultSessionRecordingConfig 

func DefaultSessionRecordingConfig() SessionRecordingConfig

DefaultSessionRecordingConfig returns the default session recording configuration.

func NewSessionRecordingConfigFromConfigFile 

func NewSessionRecordingConfigFromConfigFile(spec SessionRecordingConfigSpecV2) (SessionRecordingConfig, error)

NewSessionRecordingConfigFromConfigFile is a convenience method to create SessionRecordingConfigV2 labelled as originating from config file.

type SessionRecordingConfigSpecV2 

type SessionRecordingConfigSpecV2 struct {
	// Mode controls where (or if) the session is recorded.
	Mode string `protobuf:"bytes,1,opt,name=Mode,proto3" json:"mode"`
	// ProxyChecksHostKeys is used to control if the proxy will check host keys
	// when in recording mode.
	ProxyChecksHostKeys  *BoolOption `protobuf:"bytes,2,opt,name=ProxyChecksHostKeys,proto3,customtype=BoolOption" json:"proxy_checks_host_keys"`
	XXX_NoUnkeyedLiteral struct{}    `json:"-"`
	XXX_unrecognized     []byte      `json:"-"`
	XXX_sizecache        int32       `json:"-"`
}

SessionRecordingConfigSpecV2 is the actual data we care about for SessionRecordingConfig.

func (*SessionRecordingConfigSpecV2) Descriptor 

func (*SessionRecordingConfigSpecV2) Descriptor() ([]byte, []int)

func (*SessionRecordingConfigSpecV2) Marshal 

func (m *SessionRecordingConfigSpecV2) Marshal() (dAtA []byte, err error)

func (*SessionRecordingConfigSpecV2) MarshalTo 

func (m *SessionRecordingConfigSpecV2) MarshalTo(dAtA []byte) (int, error)

func (*SessionRecordingConfigSpecV2) MarshalToSizedBuffer 

func (m *SessionRecordingConfigSpecV2) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*SessionRecordingConfigSpecV2) ProtoMessage 

func (*SessionRecordingConfigSpecV2) ProtoMessage()

func (*SessionRecordingConfigSpecV2) Reset 

func (m *SessionRecordingConfigSpecV2) Reset()

func (*SessionRecordingConfigSpecV2) Size 

func (m *SessionRecordingConfigSpecV2) Size() (n int)

func (*SessionRecordingConfigSpecV2) String 

func (m *SessionRecordingConfigSpecV2) String() string

func (*SessionRecordingConfigSpecV2) Unmarshal 

func (m *SessionRecordingConfigSpecV2) Unmarshal(dAtA []byte) error

func (*SessionRecordingConfigSpecV2) XXX_DiscardUnknown 

func (m *SessionRecordingConfigSpecV2) XXX_DiscardUnknown()

func (*SessionRecordingConfigSpecV2) XXX_Marshal 

func (m *SessionRecordingConfigSpecV2) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*SessionRecordingConfigSpecV2) XXX_Merge 

func (m *SessionRecordingConfigSpecV2) XXX_Merge(src proto.Message)

func (*SessionRecordingConfigSpecV2) XXX_Size 

func (m *SessionRecordingConfigSpecV2) XXX_Size() int

func (*SessionRecordingConfigSpecV2) XXX_Unmarshal 

func (m *SessionRecordingConfigSpecV2) XXX_Unmarshal(b []byte) error

type SessionRecordingConfigV2 

type SessionRecordingConfigV2 struct {
	// Kind is a resource kind
	Kind string `protobuf:"bytes,1,opt,name=Kind,proto3" json:"kind"`
	// SubKind is an optional resource sub kind, used in some resources
	SubKind string `protobuf:"bytes,2,opt,name=SubKind,proto3" json:"sub_kind,omitempty"`
	// Version is a resource version
	Version string `protobuf:"bytes,3,opt,name=Version,proto3" json:"version"`
	// Metadata is resource metadata
	Metadata Metadata `protobuf:"bytes,4,opt,name=Metadata,proto3" json:"metadata"`
	// Spec is a SessionRecordingConfig specification
	Spec                 SessionRecordingConfigSpecV2 `protobuf:"bytes,5,opt,name=Spec,proto3" json:"spec"`
	XXX_NoUnkeyedLiteral struct{}                     `json:"-"`
	XXX_unrecognized     []byte                       `json:"-"`
	XXX_sizecache        int32                        `json:"-"`
}

SessionRecordingConfigV2 contains session recording configuration.

func (*SessionRecordingConfigV2) CheckAndSetDefaults 

func (c *SessionRecordingConfigV2) CheckAndSetDefaults() error

CheckAndSetDefaults verifies the constraints for SessionRecordingConfig.

func (*SessionRecordingConfigV2) Descriptor 

func (*SessionRecordingConfigV2) Descriptor() ([]byte, []int)

func (*SessionRecordingConfigV2) Expiry 

func (c *SessionRecordingConfigV2) Expiry() time.Time

Expiry returns object expiry setting.

func (*SessionRecordingConfigV2) GetKind 

func (c *SessionRecordingConfigV2) GetKind() string

GetKind returns resource kind.

func (*SessionRecordingConfigV2) GetMetadata 

func (c *SessionRecordingConfigV2) GetMetadata() Metadata

GetMetadata returns object metadata.

func (*SessionRecordingConfigV2) GetMode 

func (c *SessionRecordingConfigV2) GetMode() string

GetMode gets the cluster's session recording mode.

func (*SessionRecordingConfigV2) GetName 

func (c *SessionRecordingConfigV2) GetName() string

GetName returns the name of the resource.

func (*SessionRecordingConfigV2) GetProxyChecksHostKeys 

func (c *SessionRecordingConfigV2) GetProxyChecksHostKeys() bool

GetProxyChecksHostKeys gets if the proxy will check host keys.

func (*SessionRecordingConfigV2) GetResourceID 

func (c *SessionRecordingConfigV2) GetResourceID() int64

GetResourceID returns resource ID.

func (*SessionRecordingConfigV2) GetSubKind 

func (c *SessionRecordingConfigV2) GetSubKind() string

GetSubKind returns resource subkind.

func (*SessionRecordingConfigV2) GetVersion 

func (c *SessionRecordingConfigV2) GetVersion() string

GetVersion returns resource version.

func (*SessionRecordingConfigV2) Marshal 

func (m *SessionRecordingConfigV2) Marshal() (dAtA []byte, err error)

func (*SessionRecordingConfigV2) MarshalTo 

func (m *SessionRecordingConfigV2) MarshalTo(dAtA []byte) (int, error)

func (*SessionRecordingConfigV2) MarshalToSizedBuffer 

func (m *SessionRecordingConfigV2) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*SessionRecordingConfigV2) Origin 

func (c *SessionRecordingConfigV2) Origin() string

Origin returns the origin value of the resource.

func (*SessionRecordingConfigV2) ProtoMessage 

func (*SessionRecordingConfigV2) ProtoMessage()

func (*SessionRecordingConfigV2) Reset 

func (m *SessionRecordingConfigV2) Reset()

func (*SessionRecordingConfigV2) SetExpiry 

func (c *SessionRecordingConfigV2) SetExpiry(expires time.Time)

SetExpiry sets expiry time for the object.

func (*SessionRecordingConfigV2) SetMode 

func (c *SessionRecordingConfigV2) SetMode(m string)

SetMode sets the cluster's session recording mode.

func (*SessionRecordingConfigV2) SetName 

func (c *SessionRecordingConfigV2) SetName(e string)

SetName sets the name of the resource.

func (*SessionRecordingConfigV2) SetOrigin 

func (c *SessionRecordingConfigV2) SetOrigin(origin string)

SetOrigin sets the origin value of the resource.

func (*SessionRecordingConfigV2) SetProxyChecksHostKeys 

func (c *SessionRecordingConfigV2) SetProxyChecksHostKeys(t bool)

SetProxyChecksHostKeys sets if the proxy will check host keys.

func (*SessionRecordingConfigV2) SetResourceID 

func (c *SessionRecordingConfigV2) SetResourceID(id int64)

SetResourceID sets resource ID.

func (*SessionRecordingConfigV2) SetSubKind 

func (c *SessionRecordingConfigV2) SetSubKind(sk string)

SetSubKind sets resource subkind.

func (*SessionRecordingConfigV2) Size 

func (m *SessionRecordingConfigV2) Size() (n int)

func (*SessionRecordingConfigV2) String 

func (m *SessionRecordingConfigV2) String() string

func (*SessionRecordingConfigV2) Unmarshal 

func (m *SessionRecordingConfigV2) Unmarshal(dAtA []byte) error

func (*SessionRecordingConfigV2) XXX_DiscardUnknown 

func (m *SessionRecordingConfigV2) XXX_DiscardUnknown()

func (*SessionRecordingConfigV2) XXX_Marshal 

func (m *SessionRecordingConfigV2) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*SessionRecordingConfigV2) XXX_Merge 

func (m *SessionRecordingConfigV2) XXX_Merge(src proto.Message)

func (*SessionRecordingConfigV2) XXX_Size 

func (m *SessionRecordingConfigV2) XXX_Size() int

func (*SessionRecordingConfigV2) XXX_Unmarshal 

func (m *SessionRecordingConfigV2) XXX_Unmarshal(b []byte) error

type Site 

type Site struct {
	Name          string    `json:"name"`
	LastConnected time.Time `json:"lastconnected"`
	Status        string    `json:"status"`
}

Site represents a cluster of teleport nodes who collectively trust the same certificate authority (CA) and have a common name.

The CA is represented by an auth server (or multiple auth servers, if running in HA mode)

type SortedDatabaseServers 

type SortedDatabaseServers []DatabaseServer

SortedDatabaseServers implements sorter for database servers.

func (SortedDatabaseServers) Len 

func (s SortedDatabaseServers) Len() int

Len returns the slice length.

func (SortedDatabaseServers) Less 

func (s SortedDatabaseServers) Less(i, j int) bool

Less compares database servers by name and host ID.

func (SortedDatabaseServers) Swap 

func (s SortedDatabaseServers) Swap(i, j int)

Swap swaps two database servers.

type SortedNamespaces 

type SortedNamespaces []Namespace

SortedNamespaces sorts namespaces

func (SortedNamespaces) Len 

func (s SortedNamespaces) Len() int

Len returns length of a role list

func (SortedNamespaces) Less 

func (s SortedNamespaces) Less(i, j int) bool

Less compares roles by name

func (SortedNamespaces) Swap 

func (s SortedNamespaces) Swap(i, j int)

Swap swaps two roles in a list

type SortedTrustedCluster 

type SortedTrustedCluster []TrustedCluster

SortedTrustedCluster sorts clusters by name

func (SortedTrustedCluster) Len 

func (s SortedTrustedCluster) Len() int

Len returns the length of a list.

func (SortedTrustedCluster) Less 

func (s SortedTrustedCluster) Less(i, j int) bool

Less compares items by name.

func (SortedTrustedCluster) Swap 

func (s SortedTrustedCluster) Swap(i, j int)

Swap swaps two items in a list.

type StaticTokens 

type StaticTokens interface {
	// Resource provides common resource properties.
	Resource
	// SetStaticTokens sets the list of static tokens used to provision nodes.
	SetStaticTokens([]ProvisionToken)
	// GetStaticTokens gets the list of static tokens used to provision nodes.
	GetStaticTokens() []ProvisionToken
}

StaticTokens define a list of static []ProvisionToken used to provision a node. StaticTokens is a configuration resource, never create more than one instance of it.

func DefaultStaticTokens 

func DefaultStaticTokens() StaticTokens

DefaultStaticTokens is used to get the default static tokens (empty list) when nothing is specified in file configuration.

func NewStaticTokens 

func NewStaticTokens(spec StaticTokensSpecV2) (StaticTokens, error)

NewStaticTokens is a convenience wrapper to create a StaticTokens resource.

type StaticTokensSpecV2 

type StaticTokensSpecV2 struct {
	// StaticTokens is a list of tokens that can be used to add nodes to the
	// cluster.
	StaticTokens         []ProvisionTokenV1 `protobuf:"bytes,1,rep,name=StaticTokens,proto3" json:"static_tokens"`
	XXX_NoUnkeyedLiteral struct{}           `json:"-"`
	XXX_unrecognized     []byte             `json:"-"`
	XXX_sizecache        int32              `json:"-"`
}

StaticTokensSpecV2 is the actual data we care about for StaticTokensSpecV2.

func (*StaticTokensSpecV2) Descriptor 

func (*StaticTokensSpecV2) Descriptor() ([]byte, []int)

func (*StaticTokensSpecV2) Marshal 

func (m *StaticTokensSpecV2) Marshal() (dAtA []byte, err error)

func (*StaticTokensSpecV2) MarshalTo 

func (m *StaticTokensSpecV2) MarshalTo(dAtA []byte) (int, error)

func (*StaticTokensSpecV2) MarshalToSizedBuffer 

func (m *StaticTokensSpecV2) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*StaticTokensSpecV2) ProtoMessage 

func (*StaticTokensSpecV2) ProtoMessage()

func (*StaticTokensSpecV2) Reset 

func (m *StaticTokensSpecV2) Reset()

func (*StaticTokensSpecV2) Size 

func (m *StaticTokensSpecV2) Size() (n int)

func (*StaticTokensSpecV2) String 

func (m *StaticTokensSpecV2) String() string

func (*StaticTokensSpecV2) Unmarshal 

func (m *StaticTokensSpecV2) Unmarshal(dAtA []byte) error

func (*StaticTokensSpecV2) XXX_DiscardUnknown 

func (m *StaticTokensSpecV2) XXX_DiscardUnknown()

func (*StaticTokensSpecV2) XXX_Marshal 

func (m *StaticTokensSpecV2) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*StaticTokensSpecV2) XXX_Merge 

func (m *StaticTokensSpecV2) XXX_Merge(src proto.Message)

func (*StaticTokensSpecV2) XXX_Size 

func (m *StaticTokensSpecV2) XXX_Size() int

func (*StaticTokensSpecV2) XXX_Unmarshal 

func (m *StaticTokensSpecV2) XXX_Unmarshal(b []byte) error

type StaticTokensV2 

type StaticTokensV2 struct {
	// Kind is a resource kind
	Kind string `protobuf:"bytes,1,opt,name=Kind,proto3" json:"kind"`
	// SubKind is an optional resource sub kind, used in some resources
	SubKind string `protobuf:"bytes,2,opt,name=SubKind,proto3" json:"sub_kind,omitempty"`
	// Version is version
	Version string `protobuf:"bytes,3,opt,name=Version,proto3" json:"version"`
	// Metadata is resource metadata
	Metadata Metadata `protobuf:"bytes,4,opt,name=Metadata,proto3" json:"metadata"`
	// Spec is a provisioning token V2 spec
	Spec                 StaticTokensSpecV2 `protobuf:"bytes,5,opt,name=Spec,proto3" json:"spec"`
	XXX_NoUnkeyedLiteral struct{}           `json:"-"`
	XXX_unrecognized     []byte             `json:"-"`
	XXX_sizecache        int32              `json:"-"`
}

StaticTokensV2 implements the StaticTokens interface.

func (*StaticTokensV2) CheckAndSetDefaults 

func (c *StaticTokensV2) CheckAndSetDefaults() error

CheckAndSetDefaults checks validity of all parameters and sets defaults.

func (*StaticTokensV2) Descriptor 

func (*StaticTokensV2) Descriptor() ([]byte, []int)

func (*StaticTokensV2) Expiry 

func (c *StaticTokensV2) Expiry() time.Time

Expiry returns object expiry setting

func (*StaticTokensV2) GetKind 

func (c *StaticTokensV2) GetKind() string

GetKind returns resource kind

func (*StaticTokensV2) GetMetadata 

func (c *StaticTokensV2) GetMetadata() Metadata

GetMetadata returns object metadata

func (*StaticTokensV2) GetName 

func (c *StaticTokensV2) GetName() string

GetName returns the name of the StaticTokens resource.

func (*StaticTokensV2) GetResourceID 

func (c *StaticTokensV2) GetResourceID() int64

GetResourceID returns resource ID

func (*StaticTokensV2) GetStaticTokens 

func (c *StaticTokensV2) GetStaticTokens() []ProvisionToken

GetStaticTokens gets the list of static tokens used to provision nodes.

func (*StaticTokensV2) GetSubKind 

func (c *StaticTokensV2) GetSubKind() string

GetSubKind returns resource sub kind

func (*StaticTokensV2) GetVersion 

func (c *StaticTokensV2) GetVersion() string

GetVersion returns resource version

func (*StaticTokensV2) Marshal 

func (m *StaticTokensV2) Marshal() (dAtA []byte, err error)

func (*StaticTokensV2) MarshalTo 

func (m *StaticTokensV2) MarshalTo(dAtA []byte) (int, error)

func (*StaticTokensV2) MarshalToSizedBuffer 

func (m *StaticTokensV2) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*StaticTokensV2) ProtoMessage 

func (*StaticTokensV2) ProtoMessage()

func (*StaticTokensV2) Reset 

func (m *StaticTokensV2) Reset()

func (*StaticTokensV2) SetExpiry 

func (c *StaticTokensV2) SetExpiry(expires time.Time)

SetExpiry sets expiry time for the object

func (*StaticTokensV2) SetName 

func (c *StaticTokensV2) SetName(e string)

SetName sets the name of the StaticTokens resource.

func (*StaticTokensV2) SetResourceID 

func (c *StaticTokensV2) SetResourceID(id int64)

SetResourceID sets resource ID

func (*StaticTokensV2) SetStaticTokens 

func (c *StaticTokensV2) SetStaticTokens(s []ProvisionToken)

SetStaticTokens sets the list of static tokens used to provision nodes.

func (*StaticTokensV2) SetSubKind 

func (c *StaticTokensV2) SetSubKind(sk string)

SetSubKind sets resource subkind

func (*StaticTokensV2) Size 

func (m *StaticTokensV2) Size() (n int)

func (*StaticTokensV2) String 

func (c *StaticTokensV2) String() string

String represents a human readable version of static provisioning tokens.

func (*StaticTokensV2) Unmarshal 

func (m *StaticTokensV2) Unmarshal(dAtA []byte) error

func (*StaticTokensV2) XXX_DiscardUnknown 

func (m *StaticTokensV2) XXX_DiscardUnknown()

func (*StaticTokensV2) XXX_Marshal 

func (m *StaticTokensV2) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*StaticTokensV2) XXX_Merge 

func (m *StaticTokensV2) XXX_Merge(src proto.Message)

func (*StaticTokensV2) XXX_Size 

func (m *StaticTokensV2) XXX_Size() int

func (*StaticTokensV2) XXX_Unmarshal 

func (m *StaticTokensV2) XXX_Unmarshal(b []byte) error

type SystemRole 

type SystemRole string

SystemRole identifies the role of an SSH connection. Unlike "user roles" introduced as part of RBAC in Teleport 1.4+ these are built-in roles used for different Teleport components when connecting to each other. 

const (
	// RoleAuth is for teleport auth server (authority, authentication and authorization)
	RoleAuth SystemRole = "Auth"
	// RoleNode is a role for SSH node in the cluster
	RoleNode SystemRole = "Node"
	// RoleProxy is a role for SSH proxy in the cluster
	RoleProxy SystemRole = "Proxy"
	// RoleAdmin is admin role
	RoleAdmin SystemRole = "Admin"
	// RoleProvisionToken is a role for nodes authenticated using provisioning tokens
	RoleProvisionToken SystemRole = "ProvisionToken"
	// RoleTrustedCluster is a role needed for tokens used to add trusted clusters.
	RoleTrustedCluster SystemRole = "Trusted_cluster"
	// RoleSignup is for first time signing up users
	RoleSignup SystemRole = "Signup"
	// RoleNop is used for actions that are already using external authz mechanisms
	// e.g. tokens or passwords
	RoleNop SystemRole = "Nop"
	// RoleRemoteProxy is a role for remote SSH proxy in the cluster
	RoleRemoteProxy SystemRole = "RemoteProxy"
	// RoleKube is a role for a kubernetes service.
	RoleKube SystemRole = "Kube"
	// RoleApp is a role for a app proxy in the cluster.
	RoleApp SystemRole = "App"
	// RoleDatabase is a role for a database proxy in the cluster.
	RoleDatabase SystemRole = "Db"
)
const LegacyClusterTokenType SystemRole = "Trustedcluster"

LegacyClusterTokenType exists for backwards compatibility reasons, needed to upgrade to 2.3

func (*SystemRole) Check 

func (r *SystemRole) Check() error

Check checks if this a a valid teleport role value, returns nil if it's ok, false otherwise

func (*SystemRole) Set 

func (r *SystemRole) Set(v string) error

Set sets the value of the teleport role from string, used to integrate with CLI tools

func (*SystemRole) String 

func (r *SystemRole) String() string

String returns debug-friendly representation of this teleport role.

type SystemRoles 

type SystemRoles []SystemRole

SystemRoles is a TeleportRole list

func NewTeleportRoles 

func NewTeleportRoles(in []string) (SystemRoles, error)

NewTeleportRoles return a list of teleport roles from slice of strings

func ParseTeleportRoles 

func ParseTeleportRoles(str string) (SystemRoles, error)

ParseTeleportRoles takes a comma-separated list of roles and returns a slice of teleport roles, or an error if parsing failed

func (SystemRoles) Check 

func (roles SystemRoles) Check() error

Check returns an error if the teleport role set is incorrect (contains unknown roles)

func (SystemRoles) Equals 

func (roles SystemRoles) Equals(other SystemRoles) bool

Equals compares two sets of teleport roles

func (SystemRoles) Include 

func (roles SystemRoles) Include(role SystemRole) bool

Include returns 'true' if a given list of teleport roles includes a given role

func (SystemRoles) String 

func (roles SystemRoles) String() string

String returns comma separated string with teleport roles

func (SystemRoles) StringSlice 

func (roles SystemRoles) StringSlice() []string

StringSlice returns teleport roles as string slice

type TLSKeyPair 

type TLSKeyPair struct {
	// Cert is a PEM encoded TLS cert
	Cert []byte `protobuf:"bytes,1,opt,name=Cert,proto3" json:"cert,omitempty"`
	// Key is a PEM encoded TLS key
	Key []byte `protobuf:"bytes,2,opt,name=Key,proto3" json:"key,omitempty"`
	// KeyType is the type of the Key.
	KeyType              PrivateKeyType `protobuf:"varint,3,opt,name=KeyType,proto3,enum=types.PrivateKeyType" json:"key_type,omitempty"`
	XXX_NoUnkeyedLiteral struct{}       `json:"-"`
	XXX_unrecognized     []byte         `json:"-"`
	XXX_sizecache        int32          `json:"-"`
}

TLSKeyPair is a TLS key pair

func (*TLSKeyPair) CheckAndSetDefaults 

func (k *TLSKeyPair) CheckAndSetDefaults() error

CheckAndSetDefaults validates TLSKeyPair and sets defaults on any empty fields as needed.

func (*TLSKeyPair) Clone 

func (k *TLSKeyPair) Clone() *TLSKeyPair

Clone returns a deep copy of TLSKeyPair that can be mutated without modifying the original.

func (*TLSKeyPair) Descriptor 

func (*TLSKeyPair) Descriptor() ([]byte, []int)

func (*TLSKeyPair) Marshal 

func (m *TLSKeyPair) Marshal() (dAtA []byte, err error)

func (*TLSKeyPair) MarshalTo 

func (m *TLSKeyPair) MarshalTo(dAtA []byte) (int, error)

func (*TLSKeyPair) MarshalToSizedBuffer 

func (m *TLSKeyPair) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*TLSKeyPair) ProtoMessage 

func (*TLSKeyPair) ProtoMessage()

func (*TLSKeyPair) Reset 

func (m *TLSKeyPair) Reset()

func (*TLSKeyPair) Size 

func (m *TLSKeyPair) Size() (n int)

func (*TLSKeyPair) String 

func (m *TLSKeyPair) String() string

func (*TLSKeyPair) Unmarshal 

func (m *TLSKeyPair) Unmarshal(dAtA []byte) error

func (*TLSKeyPair) XXX_DiscardUnknown 

func (m *TLSKeyPair) XXX_DiscardUnknown()

func (*TLSKeyPair) XXX_Marshal 

func (m *TLSKeyPair) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*TLSKeyPair) XXX_Merge 

func (m *TLSKeyPair) XXX_Merge(src proto.Message)

func (*TLSKeyPair) XXX_Size 

func (m *TLSKeyPair) XXX_Size() int

func (*TLSKeyPair) XXX_Unmarshal 

func (m *TLSKeyPair) XXX_Unmarshal(b []byte) error

type TOTPDevice 

type TOTPDevice struct {
	Key                  string   `protobuf:"bytes,1,opt,name=key,proto3" json:"key,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

TOTPDevice holds the TOTP-specific fields of MFADevice.

func (*TOTPDevice) Descriptor 

func (*TOTPDevice) Descriptor() ([]byte, []int)

func (*TOTPDevice) Marshal 

func (m *TOTPDevice) Marshal() (dAtA []byte, err error)

func (*TOTPDevice) MarshalTo 

func (m *TOTPDevice) MarshalTo(dAtA []byte) (int, error)

func (*TOTPDevice) MarshalToSizedBuffer 

func (m *TOTPDevice) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*TOTPDevice) ProtoMessage 

func (*TOTPDevice) ProtoMessage()

func (*TOTPDevice) Reset 

func (m *TOTPDevice) Reset()

func (*TOTPDevice) Size 

func (m *TOTPDevice) Size() (n int)

func (*TOTPDevice) String 

func (m *TOTPDevice) String() string

func (*TOTPDevice) Unmarshal 

func (m *TOTPDevice) Unmarshal(dAtA []byte) error

func (*TOTPDevice) XXX_DiscardUnknown 

func (m *TOTPDevice) XXX_DiscardUnknown()

func (*TOTPDevice) XXX_Marshal 

func (m *TOTPDevice) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*TOTPDevice) XXX_Merge 

func (m *TOTPDevice) XXX_Merge(src proto.Message)

func (*TOTPDevice) XXX_Size 

func (m *TOTPDevice) XXX_Size() int

func (*TOTPDevice) XXX_Unmarshal 

func (m *TOTPDevice) XXX_Unmarshal(b []byte) error

type TeamMapping 

type TeamMapping struct {
	// Organization is a Github organization a user belongs to.
	Organization string `protobuf:"bytes,1,opt,name=Organization,proto3" json:"organization"`
	// Team is a team within the organization a user belongs to.
	Team string `protobuf:"bytes,2,opt,name=Team,proto3" json:"team"`
	// Logins is a list of allowed logins for this org/team.
	Logins []string `protobuf:"bytes,3,rep,name=Logins,proto3" json:"logins,omitempty"`
	// KubeGroups is a list of allowed kubernetes groups for this org/team.
	KubeGroups []string `protobuf:"bytes,4,rep,name=KubeGroups,proto3" json:"kubernetes_groups,omitempty"`
	// KubeUsers is a list of allowed kubernetes users to impersonate for this org/team.
	KubeUsers            []string `protobuf:"bytes,5,rep,name=KubeUsers,proto3" json:"kubernetes_users,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

TeamMapping represents a single team membership mapping.

func (*TeamMapping) Descriptor 

func (*TeamMapping) Descriptor() ([]byte, []int)

func (*TeamMapping) Marshal 

func (m *TeamMapping) Marshal() (dAtA []byte, err error)

func (*TeamMapping) MarshalTo 

func (m *TeamMapping) MarshalTo(dAtA []byte) (int, error)

func (*TeamMapping) MarshalToSizedBuffer 

func (m *TeamMapping) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*TeamMapping) ProtoMessage 

func (*TeamMapping) ProtoMessage()

func (*TeamMapping) Reset 

func (m *TeamMapping) Reset()

func (*TeamMapping) Size 

func (m *TeamMapping) Size() (n int)

func (*TeamMapping) String 

func (m *TeamMapping) String() string

func (*TeamMapping) Unmarshal 

func (m *TeamMapping) Unmarshal(dAtA []byte) error

func (*TeamMapping) XXX_DiscardUnknown 

func (m *TeamMapping) XXX_DiscardUnknown()

func (*TeamMapping) XXX_Marshal 

func (m *TeamMapping) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*TeamMapping) XXX_Merge 

func (m *TeamMapping) XXX_Merge(src proto.Message)

func (*TeamMapping) XXX_Size 

func (m *TeamMapping) XXX_Size() int

func (*TeamMapping) XXX_Unmarshal 

func (m *TeamMapping) XXX_Unmarshal(b []byte) error

type ThresholdIndexSet 

type ThresholdIndexSet struct {
	// Indexes are the indexes of thresholds which relate to the role.
	Indexes              []uint32 `protobuf:"varint,1,rep,packed,name=Indexes,proto3" json:"i,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

ThresholdIndexSet encodes a list of threshold indexes. One of the listed thresholds must pass for the set to be considered to have passed (i.e. this is an `or` operator).

func (*ThresholdIndexSet) Descriptor 

func (*ThresholdIndexSet) Descriptor() ([]byte, []int)

func (*ThresholdIndexSet) Marshal 

func (m *ThresholdIndexSet) Marshal() (dAtA []byte, err error)

func (*ThresholdIndexSet) MarshalTo 

func (m *ThresholdIndexSet) MarshalTo(dAtA []byte) (int, error)

func (*ThresholdIndexSet) MarshalToSizedBuffer 

func (m *ThresholdIndexSet) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*ThresholdIndexSet) ProtoMessage 

func (*ThresholdIndexSet) ProtoMessage()

func (*ThresholdIndexSet) Reset 

func (m *ThresholdIndexSet) Reset()

func (*ThresholdIndexSet) Size 

func (m *ThresholdIndexSet) Size() (n int)

func (*ThresholdIndexSet) String 

func (m *ThresholdIndexSet) String() string

func (*ThresholdIndexSet) Unmarshal 

func (m *ThresholdIndexSet) Unmarshal(dAtA []byte) error

func (*ThresholdIndexSet) XXX_DiscardUnknown 

func (m *ThresholdIndexSet) XXX_DiscardUnknown()

func (*ThresholdIndexSet) XXX_Marshal 

func (m *ThresholdIndexSet) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*ThresholdIndexSet) XXX_Merge 

func (m *ThresholdIndexSet) XXX_Merge(src proto.Message)

func (*ThresholdIndexSet) XXX_Size 

func (m *ThresholdIndexSet) XXX_Size() int

func (*ThresholdIndexSet) XXX_Unmarshal 

func (m *ThresholdIndexSet) XXX_Unmarshal(b []byte) error

type ThresholdIndexSets 

type ThresholdIndexSets struct {
	// Sets are the sets that make up this group.
	Sets                 []ThresholdIndexSet `protobuf:"bytes,1,rep,name=Sets,proto3" json:"s,omitempty"`
	XXX_NoUnkeyedLiteral struct{}            `json:"-"`
	XXX_unrecognized     []byte              `json:"-"`
	XXX_sizecache        int32               `json:"-"`
}

ThresholdIndexSets is a list of threshold index sets. Each of the individual sets must pass (i.e. this is an `and` operator).

func (*ThresholdIndexSets) Descriptor 

func (*ThresholdIndexSets) Descriptor() ([]byte, []int)

func (*ThresholdIndexSets) Marshal 

func (m *ThresholdIndexSets) Marshal() (dAtA []byte, err error)

func (*ThresholdIndexSets) MarshalTo 

func (m *ThresholdIndexSets) MarshalTo(dAtA []byte) (int, error)

func (*ThresholdIndexSets) MarshalToSizedBuffer 

func (m *ThresholdIndexSets) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*ThresholdIndexSets) ProtoMessage 

func (*ThresholdIndexSets) ProtoMessage()

func (*ThresholdIndexSets) Reset 

func (m *ThresholdIndexSets) Reset()

func (*ThresholdIndexSets) Size 

func (m *ThresholdIndexSets) Size() (n int)

func (*ThresholdIndexSets) String 

func (m *ThresholdIndexSets) String() string

func (*ThresholdIndexSets) Unmarshal 

func (m *ThresholdIndexSets) Unmarshal(dAtA []byte) error

func (*ThresholdIndexSets) XXX_DiscardUnknown 

func (m *ThresholdIndexSets) XXX_DiscardUnknown()

func (*ThresholdIndexSets) XXX_Marshal 

func (m *ThresholdIndexSets) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*ThresholdIndexSets) XXX_Merge 

func (m *ThresholdIndexSets) XXX_Merge(src proto.Message)

func (*ThresholdIndexSets) XXX_Size 

func (m *ThresholdIndexSets) XXX_Size() int

func (*ThresholdIndexSets) XXX_Unmarshal 

func (m *ThresholdIndexSets) XXX_Unmarshal(b []byte) error

type TraitMapping 

type TraitMapping struct {
	// Trait is a teleport trait name
	Trait string `json:"trait"`
	// Value is trait value to match
	Value string `json:"value"`
	// Roles is a list of static teleport roles to map to
	Roles []string `json:"roles,omitempty"`
}

TraitMapping is a mapping that maps a trait to one or more teleport roles.

type TraitMappingSet 

type TraitMappingSet []TraitMapping

TraitMappingSet is a set of trait mappings

type TrustedCluster 

type TrustedCluster interface {
	// Resource provides common resource properties
	Resource
	// SetMetadata sets object metadata
	SetMetadata(meta Metadata)
	// GetEnabled returns the state of the TrustedCluster.
	GetEnabled() bool
	// SetEnabled enables (handshake and add ca+reverse tunnel) or disables TrustedCluster.
	SetEnabled(bool)
	// CombinedMapping is used to specify combined mapping from legacy property Roles
	// and new property RoleMap
	CombinedMapping() RoleMap
	// GetRoleMap returns role map property
	GetRoleMap() RoleMap
	// SetRoleMap sets role map
	SetRoleMap(m RoleMap)
	// GetRoles returns the roles for the certificate authority.
	GetRoles() []string
	// SetRoles sets the roles for the certificate authority.
	SetRoles([]string)
	// GetToken returns the authorization and authentication token.
	GetToken() string
	// SetToken sets the authorization and authentication.
	SetToken(string)
	// GetProxyAddress returns the address of the proxy server.
	GetProxyAddress() string
	// SetProxyAddress sets the address of the proxy server.
	SetProxyAddress(string)
	// GetReverseTunnelAddress returns the address of the reverse tunnel.
	GetReverseTunnelAddress() string
	// SetReverseTunnelAddress sets the address of the reverse tunnel.
	SetReverseTunnelAddress(string)
	// CanChangeStateTo checks the TrustedCluster can transform into another.
	CanChangeStateTo(TrustedCluster) error
}

TrustedCluster holds information needed for a cluster that can not be directly accessed (maybe be behind firewall without any open ports) to join a parent cluster.

func NewTrustedCluster 

func NewTrustedCluster(name string, spec TrustedClusterSpecV2) (TrustedCluster, error)

NewTrustedCluster is a convenience way to create a TrustedCluster resource.

type TrustedClusterSpecV2 

type TrustedClusterSpecV2 struct {
	// Enabled is a bool that indicates if the TrustedCluster is enabled or disabled.
	// Setting Enabled to false has a side effect of deleting the user and host certificate
	// authority (CA).
	Enabled bool `protobuf:"varint,1,opt,name=Enabled,proto3" json:"enabled"`
	// Roles is a list of roles that users will be assuming when connecting to this cluster.
	Roles []string `protobuf:"bytes,2,rep,name=Roles,proto3" json:"roles,omitempty"`
	// Token is the authorization token provided by another cluster needed by this cluster to join.
	Token string `protobuf:"bytes,3,opt,name=Token,proto3" json:"token"`
	// ProxyAddress is the address of the web proxy server of the cluster to join. If not set,
	// it is derived from <metadata.name>:<default web proxy server port>.
	ProxyAddress string `protobuf:"bytes,4,opt,name=ProxyAddress,proto3" json:"web_proxy_addr"`
	// ReverseTunnelAddress is the address of the SSH proxy server of the cluster to join. If
	// not set, it is derived from <metadata.name>:<default reverse tunnel port>.
	ReverseTunnelAddress string `protobuf:"bytes,5,opt,name=ReverseTunnelAddress,proto3" json:"tunnel_addr"`
	// RoleMap specifies role mappings to remote roles.
	RoleMap              []RoleMapping `protobuf:"bytes,6,rep,name=RoleMap,proto3" json:"role_map,omitempty"`
	XXX_NoUnkeyedLiteral struct{}      `json:"-"`
	XXX_unrecognized     []byte        `json:"-"`
	XXX_sizecache        int32         `json:"-"`
}

TrustedClusterSpecV2 is a Trusted Cluster specification.

func (*TrustedClusterSpecV2) Descriptor 

func (*TrustedClusterSpecV2) Descriptor() ([]byte, []int)

func (*TrustedClusterSpecV2) Marshal 

func (m *TrustedClusterSpecV2) Marshal() (dAtA []byte, err error)

func (*TrustedClusterSpecV2) MarshalTo 

func (m *TrustedClusterSpecV2) MarshalTo(dAtA []byte) (int, error)

func (*TrustedClusterSpecV2) MarshalToSizedBuffer 

func (m *TrustedClusterSpecV2) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*TrustedClusterSpecV2) ProtoMessage 

func (*TrustedClusterSpecV2) ProtoMessage()

func (*TrustedClusterSpecV2) Reset 

func (m *TrustedClusterSpecV2) Reset()

func (*TrustedClusterSpecV2) Size 

func (m *TrustedClusterSpecV2) Size() (n int)

func (*TrustedClusterSpecV2) String 

func (m *TrustedClusterSpecV2) String() string

func (*TrustedClusterSpecV2) Unmarshal 

func (m *TrustedClusterSpecV2) Unmarshal(dAtA []byte) error

func (*TrustedClusterSpecV2) XXX_DiscardUnknown 

func (m *TrustedClusterSpecV2) XXX_DiscardUnknown()

func (*TrustedClusterSpecV2) XXX_Marshal 

func (m *TrustedClusterSpecV2) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*TrustedClusterSpecV2) XXX_Merge 

func (m *TrustedClusterSpecV2) XXX_Merge(src proto.Message)

func (*TrustedClusterSpecV2) XXX_Size 

func (m *TrustedClusterSpecV2) XXX_Size() int

func (*TrustedClusterSpecV2) XXX_Unmarshal 

func (m *TrustedClusterSpecV2) XXX_Unmarshal(b []byte) error

type TrustedClusterV2 

type TrustedClusterV2 struct {
	// Kind is a resource kind.
	Kind string `protobuf:"bytes,1,opt,name=Kind,proto3" json:"kind"`
	// SubKind is an optional resource sub kind, used in some resources.
	SubKind string `protobuf:"bytes,2,opt,name=SubKind,proto3" json:"sub_kind,omitempty"`
	// Version is a resource version.
	Version string `protobuf:"bytes,3,opt,name=Version,proto3" json:"version"`
	// Metadata holds resource metadata.
	Metadata Metadata `protobuf:"bytes,4,opt,name=Metadata,proto3" json:"metadata"`
	// Spec is a Trusted Cluster specification.
	Spec                 TrustedClusterSpecV2 `protobuf:"bytes,5,opt,name=Spec,proto3" json:"spec"`
	XXX_NoUnkeyedLiteral struct{}             `json:"-"`
	XXX_unrecognized     []byte               `json:"-"`
	XXX_sizecache        int32                `json:"-"`
}

TrustedClusterV2 represents a Trusted Cluster.

func (*TrustedClusterV2) CanChangeStateTo 

func (c *TrustedClusterV2) CanChangeStateTo(t TrustedCluster) error

CanChangeStateTo checks if the state change is allowed or not. If not, returns an error explaining the reason.

func (*TrustedClusterV2) CheckAndSetDefaults 

func (c *TrustedClusterV2) CheckAndSetDefaults() error

CheckAndSetDefaults checks validity of all parameters and sets defaults

func (*TrustedClusterV2) CombinedMapping 

func (c *TrustedClusterV2) CombinedMapping() RoleMap

CombinedMapping is used to specify combined mapping from legacy property Roles and new property RoleMap

func (*TrustedClusterV2) Descriptor 

func (*TrustedClusterV2) Descriptor() ([]byte, []int)

func (*TrustedClusterV2) Expiry 

func (c *TrustedClusterV2) Expiry() time.Time

Expiry returns object expiry setting

func (*TrustedClusterV2) GetEnabled 

func (c *TrustedClusterV2) GetEnabled() bool

GetEnabled returns the state of the TrustedCluster.

func (*TrustedClusterV2) GetKind 

func (c *TrustedClusterV2) GetKind() string

GetKind returns resource kind

func (*TrustedClusterV2) GetMetadata 

func (c *TrustedClusterV2) GetMetadata() Metadata

GetMetadata returns object metadata

func (*TrustedClusterV2) GetName 

func (c *TrustedClusterV2) GetName() string

GetName returns the name of the TrustedCluster.

func (*TrustedClusterV2) GetProxyAddress 

func (c *TrustedClusterV2) GetProxyAddress() string

GetProxyAddress returns the address of the proxy server.

func (*TrustedClusterV2) GetResourceID 

func (c *TrustedClusterV2) GetResourceID() int64

GetResourceID returns resource ID

func (*TrustedClusterV2) GetReverseTunnelAddress 

func (c *TrustedClusterV2) GetReverseTunnelAddress() string

GetReverseTunnelAddress returns the address of the reverse tunnel.

func (*TrustedClusterV2) GetRoleMap 

func (c *TrustedClusterV2) GetRoleMap() RoleMap

GetRoleMap returns role map property

func (*TrustedClusterV2) GetRoles 

func (c *TrustedClusterV2) GetRoles() []string

GetRoles returns the roles for the certificate authority.

func (*TrustedClusterV2) GetSubKind 

func (c *TrustedClusterV2) GetSubKind() string

GetSubKind returns resource sub kind

func (*TrustedClusterV2) GetToken 

func (c *TrustedClusterV2) GetToken() string

GetToken returns the authorization and authentication token.

func (*TrustedClusterV2) GetVersion 

func (c *TrustedClusterV2) GetVersion() string

GetVersion returns resource version

func (*TrustedClusterV2) Marshal 

func (m *TrustedClusterV2) Marshal() (dAtA []byte, err error)

func (*TrustedClusterV2) MarshalTo 

func (m *TrustedClusterV2) MarshalTo(dAtA []byte) (int, error)

func (*TrustedClusterV2) MarshalToSizedBuffer 

func (m *TrustedClusterV2) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*TrustedClusterV2) ProtoMessage 

func (*TrustedClusterV2) ProtoMessage()

func (*TrustedClusterV2) Reset 

func (m *TrustedClusterV2) Reset()

func (*TrustedClusterV2) SetEnabled 

func (c *TrustedClusterV2) SetEnabled(e bool)

SetEnabled enables (handshake and add ca+reverse tunnel) or disables TrustedCluster.

func (*TrustedClusterV2) SetExpiry 

func (c *TrustedClusterV2) SetExpiry(expires time.Time)

SetExpiry sets expiry time for the object

func (*TrustedClusterV2) SetMetadata 

func (c *TrustedClusterV2) SetMetadata(meta Metadata)

SetMetadata sets object metadata

func (*TrustedClusterV2) SetName 

func (c *TrustedClusterV2) SetName(e string)

SetName sets the name of the TrustedCluster.

func (*TrustedClusterV2) SetProxyAddress 

func (c *TrustedClusterV2) SetProxyAddress(e string)

SetProxyAddress sets the address of the proxy server.

func (*TrustedClusterV2) SetResourceID 

func (c *TrustedClusterV2) SetResourceID(id int64)

SetResourceID sets resource ID

func (*TrustedClusterV2) SetReverseTunnelAddress 

func (c *TrustedClusterV2) SetReverseTunnelAddress(e string)

SetReverseTunnelAddress sets the address of the reverse tunnel.

func (*TrustedClusterV2) SetRoleMap 

func (c *TrustedClusterV2) SetRoleMap(m RoleMap)

SetRoleMap sets role map

func (*TrustedClusterV2) SetRoles 

func (c *TrustedClusterV2) SetRoles(e []string)

SetRoles sets the roles for the certificate authority.

func (*TrustedClusterV2) SetSubKind 

func (c *TrustedClusterV2) SetSubKind(s string)

SetSubKind sets resource subkind

func (*TrustedClusterV2) SetToken 

func (c *TrustedClusterV2) SetToken(e string)

SetToken sets the authorization and authentication.

func (*TrustedClusterV2) Size 

func (m *TrustedClusterV2) Size() (n int)

func (*TrustedClusterV2) String 

func (c *TrustedClusterV2) String() string

String represents a human readable version of trusted cluster settings.

func (*TrustedClusterV2) Unmarshal 

func (m *TrustedClusterV2) Unmarshal(dAtA []byte) error

func (*TrustedClusterV2) XXX_DiscardUnknown 

func (m *TrustedClusterV2) XXX_DiscardUnknown()

func (*TrustedClusterV2) XXX_Marshal 

func (m *TrustedClusterV2) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*TrustedClusterV2) XXX_Merge 

func (m *TrustedClusterV2) XXX_Merge(src proto.Message)

func (*TrustedClusterV2) XXX_Size 

func (m *TrustedClusterV2) XXX_Size() int

func (*TrustedClusterV2) XXX_Unmarshal 

func (m *TrustedClusterV2) XXX_Unmarshal(b []byte) error

type TrustedClusterV2List 

type TrustedClusterV2List struct {
	// TrustedClusters is a list of trusted cluster.
	TrustedClusters      []*TrustedClusterV2 `protobuf:"bytes,1,rep,name=TrustedClusters,proto3" json:"TrustedClusters,omitempty"`
	XXX_NoUnkeyedLiteral struct{}            `json:"-"`
	XXX_unrecognized     []byte              `json:"-"`
	XXX_sizecache        int32               `json:"-"`
}

TrustedClusterV2List is a list of trusted cluster.

func (*TrustedClusterV2List) Descriptor 

func (*TrustedClusterV2List) Descriptor() ([]byte, []int)

func (*TrustedClusterV2List) Marshal 

func (m *TrustedClusterV2List) Marshal() (dAtA []byte, err error)

func (*TrustedClusterV2List) MarshalTo 

func (m *TrustedClusterV2List) MarshalTo(dAtA []byte) (int, error)

func (*TrustedClusterV2List) MarshalToSizedBuffer 

func (m *TrustedClusterV2List) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*TrustedClusterV2List) ProtoMessage 

func (*TrustedClusterV2List) ProtoMessage()

func (*TrustedClusterV2List) Reset 

func (m *TrustedClusterV2List) Reset()

func (*TrustedClusterV2List) Size 

func (m *TrustedClusterV2List) Size() (n int)

func (*TrustedClusterV2List) String 

func (m *TrustedClusterV2List) String() string

func (*TrustedClusterV2List) Unmarshal 

func (m *TrustedClusterV2List) Unmarshal(dAtA []byte) error

func (*TrustedClusterV2List) XXX_DiscardUnknown 

func (m *TrustedClusterV2List) XXX_DiscardUnknown()

func (*TrustedClusterV2List) XXX_Marshal 

func (m *TrustedClusterV2List) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*TrustedClusterV2List) XXX_Merge 

func (m *TrustedClusterV2List) XXX_Merge(src proto.Message)

func (*TrustedClusterV2List) XXX_Size 

func (m *TrustedClusterV2List) XXX_Size() int

func (*TrustedClusterV2List) XXX_Unmarshal 

func (m *TrustedClusterV2List) XXX_Unmarshal(b []byte) error

type TunnelConnection 

type TunnelConnection interface {
	// Resource provides common methods for resource objects
	Resource
	// GetClusterName returns name of the cluster this connection is for.
	GetClusterName() string
	// GetProxyName returns the proxy name this connection is established to
	GetProxyName() string
	// GetLastHeartbeat returns time of the last heartbeat received from
	// the tunnel over the connection
	GetLastHeartbeat() time.Time
	// SetLastHeartbeat sets last heartbeat time
	SetLastHeartbeat(time.Time)
	// GetType gets the type of ReverseTunnel.
	GetType() TunnelType
	// SetType sets the type of ReverseTunnel.
	SetType(TunnelType)
	// String returns user friendly representation of this connection
	String() string
	// Clone returns a copy of this tunnel connection
	Clone() TunnelConnection
}

TunnelConnection is SSH reverse tunnel connection established to reverse tunnel proxy

func NewTunnelConnection 

func NewTunnelConnection(name string, spec TunnelConnectionSpecV2) (TunnelConnection, error)

NewTunnelConnection returns new connection from V2 spec

type TunnelConnectionSpecV2 

type TunnelConnectionSpecV2 struct {
	// ClusterName is a name of the cluster
	ClusterName string `protobuf:"bytes,1,opt,name=ClusterName,proto3" json:"cluster_name"`
	// ProxyName is the name of the proxy server
	ProxyName string `protobuf:"bytes,2,opt,name=ProxyName,proto3" json:"proxy_name"`
	// LastHeartbeat is a time of the last heartbeat
	LastHeartbeat time.Time `protobuf:"bytes,3,opt,name=LastHeartbeat,proto3,stdtime" json:"last_heartbeat,omitempty"`
	// Type is the type of reverse tunnel, either proxy or node.
	Type                 TunnelType `protobuf:"bytes,4,opt,name=Type,proto3,casttype=TunnelType" json:"type"`
	XXX_NoUnkeyedLiteral struct{}   `json:"-"`
	XXX_unrecognized     []byte     `json:"-"`
	XXX_sizecache        int32      `json:"-"`
}

TunnelConnectionSpecV2 is a specification for V2 tunnel connection

func (*TunnelConnectionSpecV2) Descriptor 

func (*TunnelConnectionSpecV2) Descriptor() ([]byte, []int)

func (*TunnelConnectionSpecV2) Marshal 

func (m *TunnelConnectionSpecV2) Marshal() (dAtA []byte, err error)

func (*TunnelConnectionSpecV2) MarshalTo 

func (m *TunnelConnectionSpecV2) MarshalTo(dAtA []byte) (int, error)

func (*TunnelConnectionSpecV2) MarshalToSizedBuffer 

func (m *TunnelConnectionSpecV2) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*TunnelConnectionSpecV2) ProtoMessage 

func (*TunnelConnectionSpecV2) ProtoMessage()

func (*TunnelConnectionSpecV2) Reset 

func (m *TunnelConnectionSpecV2) Reset()

func (*TunnelConnectionSpecV2) Size 

func (m *TunnelConnectionSpecV2) Size() (n int)

func (*TunnelConnectionSpecV2) String 

func (m *TunnelConnectionSpecV2) String() string

func (*TunnelConnectionSpecV2) Unmarshal 

func (m *TunnelConnectionSpecV2) Unmarshal(dAtA []byte) error

func (*TunnelConnectionSpecV2) XXX_DiscardUnknown 

func (m *TunnelConnectionSpecV2) XXX_DiscardUnknown()

func (*TunnelConnectionSpecV2) XXX_Marshal 

func (m *TunnelConnectionSpecV2) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*TunnelConnectionSpecV2) XXX_Merge 

func (m *TunnelConnectionSpecV2) XXX_Merge(src proto.Message)

func (*TunnelConnectionSpecV2) XXX_Size 

func (m *TunnelConnectionSpecV2) XXX_Size() int

func (*TunnelConnectionSpecV2) XXX_Unmarshal 

func (m *TunnelConnectionSpecV2) XXX_Unmarshal(b []byte) error

type TunnelConnectionV2 

type TunnelConnectionV2 struct {
	// Kind is a resource kind
	Kind string `protobuf:"bytes,1,opt,name=Kind,proto3" json:"kind"`
	// SubKind is an optional resource sub kind, used in some resources
	SubKind string `protobuf:"bytes,2,opt,name=SubKind,proto3" json:"sub_kind,omitempty"`
	// Version is version
	Version string `protobuf:"bytes,3,opt,name=Version,proto3" json:"version"`
	// Metadata is a resource metadata
	Metadata Metadata `protobuf:"bytes,4,opt,name=Metadata,proto3" json:"metadata"`
	// Spec is a tunnel specification
	Spec                 TunnelConnectionSpecV2 `protobuf:"bytes,5,opt,name=Spec,proto3" json:"spec"`
	XXX_NoUnkeyedLiteral struct{}               `json:"-"`
	XXX_unrecognized     []byte                 `json:"-"`
	XXX_sizecache        int32                  `json:"-"`
}

TunnelConnectionV2 is version 2 of the resource spec of the tunnel connection

func (*TunnelConnectionV2) CheckAndSetDefaults 

func (r *TunnelConnectionV2) CheckAndSetDefaults() error

CheckAndSetDefaults checks and sets default values

func (*TunnelConnectionV2) Clone 

func (r *TunnelConnectionV2) Clone() TunnelConnection

Clone returns a copy of this tunnel connection

func (*TunnelConnectionV2) Descriptor 

func (*TunnelConnectionV2) Descriptor() ([]byte, []int)

func (*TunnelConnectionV2) Expiry 

func (r *TunnelConnectionV2) Expiry() time.Time

Expiry returns object expiry setting

func (*TunnelConnectionV2) GetClusterName 

func (r *TunnelConnectionV2) GetClusterName() string

GetClusterName returns name of the cluster

func (*TunnelConnectionV2) GetKind 

func (r *TunnelConnectionV2) GetKind() string

GetKind returns resource kind

func (*TunnelConnectionV2) GetLastHeartbeat 

func (r *TunnelConnectionV2) GetLastHeartbeat() time.Time

GetLastHeartbeat returns last heartbeat

func (*TunnelConnectionV2) GetMetadata 

func (r *TunnelConnectionV2) GetMetadata() Metadata

GetMetadata returns object metadata

func (*TunnelConnectionV2) GetName 

func (r *TunnelConnectionV2) GetName() string

GetName returns the name of the User

func (*TunnelConnectionV2) GetProxyName 

func (r *TunnelConnectionV2) GetProxyName() string

GetProxyName returns the name of the proxy

func (*TunnelConnectionV2) GetResourceID 

func (r *TunnelConnectionV2) GetResourceID() int64

GetResourceID returns resource ID

func (*TunnelConnectionV2) GetSubKind 

func (r *TunnelConnectionV2) GetSubKind() string

GetSubKind returns resource sub kind

func (*TunnelConnectionV2) GetType 

func (r *TunnelConnectionV2) GetType() TunnelType

GetType gets the type of ReverseTunnel.

func (*TunnelConnectionV2) GetVersion 

func (r *TunnelConnectionV2) GetVersion() string

GetVersion returns resource version

func (*TunnelConnectionV2) Marshal 

func (m *TunnelConnectionV2) Marshal() (dAtA []byte, err error)

func (*TunnelConnectionV2) MarshalTo 

func (m *TunnelConnectionV2) MarshalTo(dAtA []byte) (int, error)

func (*TunnelConnectionV2) MarshalToSizedBuffer 

func (m *TunnelConnectionV2) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*TunnelConnectionV2) ProtoMessage 

func (*TunnelConnectionV2) ProtoMessage()

func (*TunnelConnectionV2) Reset 

func (m *TunnelConnectionV2) Reset()

func (*TunnelConnectionV2) SetExpiry 

func (r *TunnelConnectionV2) SetExpiry(expires time.Time)

SetExpiry sets expiry time for the object

func (*TunnelConnectionV2) SetLastHeartbeat 

func (r *TunnelConnectionV2) SetLastHeartbeat(tm time.Time)

SetLastHeartbeat sets last heartbeat time

func (*TunnelConnectionV2) SetName 

func (r *TunnelConnectionV2) SetName(e string)

SetName sets the name of the User

func (*TunnelConnectionV2) SetResourceID 

func (r *TunnelConnectionV2) SetResourceID(id int64)

SetResourceID sets resource ID

func (*TunnelConnectionV2) SetSubKind 

func (r *TunnelConnectionV2) SetSubKind(s string)

SetSubKind sets resource subkind

func (*TunnelConnectionV2) SetType 

func (r *TunnelConnectionV2) SetType(tt TunnelType)

SetType sets the type of ReverseTunnel.

func (*TunnelConnectionV2) Size 

func (m *TunnelConnectionV2) Size() (n int)

func (*TunnelConnectionV2) String 

func (r *TunnelConnectionV2) String() string

String returns user-friendly description of this connection

func (*TunnelConnectionV2) Unmarshal 

func (m *TunnelConnectionV2) Unmarshal(dAtA []byte) error

func (*TunnelConnectionV2) V2 

func (r *TunnelConnectionV2) V2() *TunnelConnectionV2

V2 returns V2 version of the resource

func (*TunnelConnectionV2) XXX_DiscardUnknown 

func (m *TunnelConnectionV2) XXX_DiscardUnknown()

func (*TunnelConnectionV2) XXX_Marshal 

func (m *TunnelConnectionV2) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*TunnelConnectionV2) XXX_Merge 

func (m *TunnelConnectionV2) XXX_Merge(src proto.Message)

func (*TunnelConnectionV2) XXX_Size 

func (m *TunnelConnectionV2) XXX_Size() int

func (*TunnelConnectionV2) XXX_Unmarshal 

func (m *TunnelConnectionV2) XXX_Unmarshal(b []byte) error

type TunnelType 

type TunnelType string

TunnelType is the type of tunnel. 

const (
	// NodeTunnel is a tunnel where the node connects to the proxy (dial back).
	NodeTunnel TunnelType = "node"

	// ProxyTunnel is a tunnel where a proxy connects to the proxy (trusted cluster).
	ProxyTunnel TunnelType = "proxy"

	// AppTunnel is a tunnel where the application proxy dials back to the proxy.
	AppTunnel TunnelType = "app"

	// KubeTunnel is a tunnel where the kubernetes service dials back to the proxy.
	KubeTunnel TunnelType = "kube"

	// DatabaseTunnel is a tunnel where a database proxy dials back to the proxy.
	DatabaseTunnel TunnelType = "db"
)

type U2F 

type U2F struct {
	// AppID returns the application ID for universal second factor.
	AppID string `protobuf:"bytes,1,opt,name=AppID,proto3" json:"app_id,omitempty"`
	// Facets returns the facets for universal second factor.
	Facets []string `protobuf:"bytes,2,rep,name=Facets,proto3" json:"facets,omitempty"`
	// DeviceAttestationCAs contains the trusted attestation CAs for U2F
	// devices.
	DeviceAttestationCAs []string `protobuf:"bytes,3,rep,name=DeviceAttestationCAs,proto3" json:"device_attestation_cas,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

U2F defines settings for U2F device.

func (*U2F) Check 

func (u *U2F) Check() error

func (*U2F) Descriptor 

func (*U2F) Descriptor() ([]byte, []int)

func (*U2F) Marshal 

func (m *U2F) Marshal() (dAtA []byte, err error)

func (*U2F) MarshalTo 

func (m *U2F) MarshalTo(dAtA []byte) (int, error)

func (*U2F) MarshalToSizedBuffer 

func (m *U2F) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*U2F) ProtoMessage 

func (*U2F) ProtoMessage()

func (*U2F) Reset 

func (m *U2F) Reset()

func (*U2F) Size 

func (m *U2F) Size() (n int)

func (*U2F) String 

func (m *U2F) String() string

func (*U2F) Unmarshal 

func (m *U2F) Unmarshal(dAtA []byte) error

func (*U2F) XXX_DiscardUnknown 

func (m *U2F) XXX_DiscardUnknown()

func (*U2F) XXX_Marshal 

func (m *U2F) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*U2F) XXX_Merge 

func (m *U2F) XXX_Merge(src proto.Message)

func (*U2F) XXX_Size 

func (m *U2F) XXX_Size() int

func (*U2F) XXX_Unmarshal 

func (m *U2F) XXX_Unmarshal(b []byte) error

type U2FDevice 

type U2FDevice struct {
	// KeyHandle uniquely identifies a key on a device
	KeyHandle []byte `protobuf:"bytes,1,opt,name=key_handle,json=keyHandle,proto3" json:"key_handle,omitempty"`
	// PubKey is an DER encoded ecdsa public key
	PubKey []byte `protobuf:"bytes,2,opt,name=pub_key,json=pubKey,proto3" json:"pub_key,omitempty"`
	// Counter is the latest seen value of the U2F usage counter.
	Counter              uint32   `protobuf:"varint,3,opt,name=counter,proto3" json:"counter,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

U2FDevice holds the U2F-specific fields of MFADevice.

func (*U2FDevice) Descriptor 

func (*U2FDevice) Descriptor() ([]byte, []int)

func (*U2FDevice) Marshal 

func (m *U2FDevice) Marshal() (dAtA []byte, err error)

func (*U2FDevice) MarshalTo 

func (m *U2FDevice) MarshalTo(dAtA []byte) (int, error)

func (*U2FDevice) MarshalToSizedBuffer 

func (m *U2FDevice) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*U2FDevice) ProtoMessage 

func (*U2FDevice) ProtoMessage()

func (*U2FDevice) Reset 

func (m *U2FDevice) Reset()

func (*U2FDevice) Size 

func (m *U2FDevice) Size() (n int)

func (*U2FDevice) String 

func (m *U2FDevice) String() string

func (*U2FDevice) Unmarshal 

func (m *U2FDevice) Unmarshal(dAtA []byte) error

func (*U2FDevice) XXX_DiscardUnknown 

func (m *U2FDevice) XXX_DiscardUnknown()

func (*U2FDevice) XXX_Marshal 

func (m *U2FDevice) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*U2FDevice) XXX_Merge 

func (m *U2FDevice) XXX_Merge(src proto.Message)

func (*U2FDevice) XXX_Size 

func (m *U2FDevice) XXX_Size() int

func (*U2FDevice) XXX_Unmarshal 

func (m *U2FDevice) XXX_Unmarshal(b []byte) error

type U2FRegistrationData 

type U2FRegistrationData struct {
	// Raw is the serialized registration data as received from the token
	Raw []byte `protobuf:"bytes,1,opt,name=Raw,proto3" json:"raw"`
	// KeyHandle uniquely identifies a key on a device
	KeyHandle []byte `protobuf:"bytes,2,opt,name=KeyHandle,proto3" json:"key_handle"`
	// PubKey is an DER encoded ecdsa public key
	PubKey               []byte   `protobuf:"bytes,3,opt,name=PubKey,proto3" json:"pubkey"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

U2FRegistrationData encodes the universal second factor registration payload.

func (*U2FRegistrationData) Descriptor 

func (*U2FRegistrationData) Descriptor() ([]byte, []int)

func (*U2FRegistrationData) Marshal 

func (m *U2FRegistrationData) Marshal() (dAtA []byte, err error)

func (*U2FRegistrationData) MarshalTo 

func (m *U2FRegistrationData) MarshalTo(dAtA []byte) (int, error)

func (*U2FRegistrationData) MarshalToSizedBuffer 

func (m *U2FRegistrationData) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*U2FRegistrationData) ProtoMessage 

func (*U2FRegistrationData) ProtoMessage()

func (*U2FRegistrationData) Reset 

func (m *U2FRegistrationData) Reset()

func (*U2FRegistrationData) Size 

func (m *U2FRegistrationData) Size() (n int)

func (*U2FRegistrationData) String 

func (m *U2FRegistrationData) String() string

func (*U2FRegistrationData) Unmarshal 

func (m *U2FRegistrationData) Unmarshal(dAtA []byte) error

func (*U2FRegistrationData) XXX_DiscardUnknown 

func (m *U2FRegistrationData) XXX_DiscardUnknown()

func (*U2FRegistrationData) XXX_Marshal 

func (m *U2FRegistrationData) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*U2FRegistrationData) XXX_Merge 

func (m *U2FRegistrationData) XXX_Merge(src proto.Message)

func (*U2FRegistrationData) XXX_Size 

func (m *U2FRegistrationData) XXX_Size() int

func (*U2FRegistrationData) XXX_Unmarshal 

func (m *U2FRegistrationData) XXX_Unmarshal(b []byte) error

type User 

type User interface {
	// ResourceWithSecrets provides common resource properties
	ResourceWithSecrets
	// SetMetadata sets object metadata
	SetMetadata(meta Metadata)
	// GetOIDCIdentities returns a list of connected OIDC identities
	GetOIDCIdentities() []ExternalIdentity
	// GetSAMLIdentities returns a list of connected SAML identities
	GetSAMLIdentities() []ExternalIdentity
	// GetGithubIdentities returns a list of connected Github identities
	GetGithubIdentities() []ExternalIdentity
	// Get local authentication secrets (may be nil).
	GetLocalAuth() *LocalAuthSecrets
	// Set local authentication secrets (use nil to delete).
	SetLocalAuth(auth *LocalAuthSecrets)
	// GetRoles returns a list of roles assigned to user
	GetRoles() []string
	// String returns user
	String() string
	// GetStatus return user login status
	GetStatus() LoginStatus
	// SetLocked sets login status to locked
	SetLocked(until time.Time, reason string)
	// SetRoles sets user roles
	SetRoles(roles []string)
	// AddRole adds role to the users' role list
	AddRole(name string)
	// GetCreatedBy returns information about user
	GetCreatedBy() CreatedBy
	// SetCreatedBy sets created by information
	SetCreatedBy(CreatedBy)
	// GetTraits gets the trait map for this user used to populate role variables.
	GetTraits() map[string][]string
	// GetTraits sets the trait map for this user used to populate role variables.
	SetTraits(map[string][]string)
}

User represents teleport embedded user or external user

func NewUser 

func NewUser(name string) (User, error)

NewUser creates new empty user

type UserRef 

type UserRef struct {
	// Name is name of the user
	Name                 string   `protobuf:"bytes,1,opt,name=Name,proto3" json:"name"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

UserRef holds references to user

func (*UserRef) Descriptor 

func (*UserRef) Descriptor() ([]byte, []int)

func (*UserRef) Marshal 

func (m *UserRef) Marshal() (dAtA []byte, err error)

func (*UserRef) MarshalTo 

func (m *UserRef) MarshalTo(dAtA []byte) (int, error)

func (*UserRef) MarshalToSizedBuffer 

func (m *UserRef) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*UserRef) ProtoMessage 

func (*UserRef) ProtoMessage()

func (*UserRef) Reset 

func (m *UserRef) Reset()

func (*UserRef) Size 

func (m *UserRef) Size() (n int)

func (*UserRef) String 

func (m *UserRef) String() string

func (*UserRef) Unmarshal 

func (m *UserRef) Unmarshal(dAtA []byte) error

func (*UserRef) XXX_DiscardUnknown 

func (m *UserRef) XXX_DiscardUnknown()

func (*UserRef) XXX_Marshal 

func (m *UserRef) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*UserRef) XXX_Merge 

func (m *UserRef) XXX_Merge(src proto.Message)

func (*UserRef) XXX_Size 

func (m *UserRef) XXX_Size() int

func (*UserRef) XXX_Unmarshal 

func (m *UserRef) XXX_Unmarshal(b []byte) error

type UserSpecV2 

type UserSpecV2 struct {
	// OIDCIdentities lists associated OpenID Connect identities
	// that let user log in using externally verified identity
	OIDCIdentities []ExternalIdentity `protobuf:"bytes,1,rep,name=OIDCIdentities,proto3" json:"oidc_identities,omitempty"`
	// SAMLIdentities lists associated SAML identities
	// that let user log in using externally verified identity
	SAMLIdentities []ExternalIdentity `protobuf:"bytes,2,rep,name=SAMLIdentities,proto3" json:"saml_identities,omitempty"`
	// GithubIdentities list associated Github OAuth2 identities
	// that let user log in using externally verified identity
	GithubIdentities []ExternalIdentity `protobuf:"bytes,3,rep,name=GithubIdentities,proto3" json:"github_identities,omitempty"`
	// Roles is a list of roles assigned to user
	Roles []string `protobuf:"bytes,4,rep,name=Roles,proto3" json:"roles,omitempty"`
	// Traits are key/value pairs received from an identity provider (through
	// OIDC claims or SAML assertions) or from a system administrator for local
	// accounts. Traits are used to populate role variables.
	Traits github_com_gravitational_teleport_api_types_wrappers.Traits `` /* 139-byte string literal not displayed */
	// Status is a login status of the user
	Status LoginStatus `protobuf:"bytes,6,opt,name=Status,proto3" json:"status,omitempty"`
	// Expires if set sets TTL on the user
	Expires time.Time `protobuf:"bytes,7,opt,name=Expires,proto3,stdtime" json:"expires"`
	// CreatedBy holds information about agent or person created this user
	CreatedBy CreatedBy `protobuf:"bytes,8,opt,name=CreatedBy,proto3" json:"created_by,omitempty"`
	// LocalAuths hold sensitive data necessary for performing local
	// authentication
	LocalAuth            *LocalAuthSecrets `protobuf:"bytes,9,opt,name=LocalAuth,proto3" json:"local_auth,omitempty"`
	XXX_NoUnkeyedLiteral struct{}          `json:"-"`
	XXX_unrecognized     []byte            `json:"-"`
	XXX_sizecache        int32             `json:"-"`
}

UserSpecV2 is a specification for V2 user

func (*UserSpecV2) Descriptor 

func (*UserSpecV2) Descriptor() ([]byte, []int)

func (*UserSpecV2) Marshal 

func (m *UserSpecV2) Marshal() (dAtA []byte, err error)

func (*UserSpecV2) MarshalTo 

func (m *UserSpecV2) MarshalTo(dAtA []byte) (int, error)

func (*UserSpecV2) MarshalToSizedBuffer 

func (m *UserSpecV2) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*UserSpecV2) ProtoMessage 

func (*UserSpecV2) ProtoMessage()

func (*UserSpecV2) Reset 

func (m *UserSpecV2) Reset()

func (*UserSpecV2) Size 

func (m *UserSpecV2) Size() (n int)

func (*UserSpecV2) String 

func (m *UserSpecV2) String() string

func (*UserSpecV2) Unmarshal 

func (m *UserSpecV2) Unmarshal(dAtA []byte) error

func (*UserSpecV2) XXX_DiscardUnknown 

func (m *UserSpecV2) XXX_DiscardUnknown()

func (*UserSpecV2) XXX_Marshal 

func (m *UserSpecV2) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*UserSpecV2) XXX_Merge 

func (m *UserSpecV2) XXX_Merge(src proto.Message)

func (*UserSpecV2) XXX_Size 

func (m *UserSpecV2) XXX_Size() int

func (*UserSpecV2) XXX_Unmarshal 

func (m *UserSpecV2) XXX_Unmarshal(b []byte) error

type UserV2 

type UserV2 struct {
	// Kind is a resource kind
	Kind string `protobuf:"bytes,1,opt,name=Kind,proto3" json:"kind"`
	// SubKind is an optional resource sub kind, used in some resources
	SubKind string `protobuf:"bytes,2,opt,name=SubKind,proto3" json:"sub_kind,omitempty"`
	// Version is version
	Version string `protobuf:"bytes,3,opt,name=Version,proto3" json:"version"`
	// Metadata is resource metadata
	Metadata Metadata `protobuf:"bytes,4,opt,name=Metadata,proto3" json:"metadata"`
	// Spec is a user specification
	Spec                 UserSpecV2 `protobuf:"bytes,5,opt,name=Spec,proto3" json:"spec"`
	XXX_NoUnkeyedLiteral struct{}   `json:"-"`
	XXX_unrecognized     []byte     `json:"-"`
	XXX_sizecache        int32      `json:"-"`
}

UserV2 is version 2 resource spec of the user

func (*UserV2) AddRole 

func (u *UserV2) AddRole(name string)

AddRole adds a role to user's role list

func (*UserV2) CheckAndSetDefaults 

func (u *UserV2) CheckAndSetDefaults() error

CheckAndSetDefaults checks and set default values for any missing fields.

func (*UserV2) Descriptor 

func (*UserV2) Descriptor() ([]byte, []int)

func (*UserV2) Expiry 

func (u *UserV2) Expiry() time.Time

Expiry returns expiry time for temporary users. Prefer expires from metadata, if it does not exist, fall back to expires in spec.

func (*UserV2) GetCreatedBy 

func (u *UserV2) GetCreatedBy() CreatedBy

GetCreatedBy returns information about who created user

func (*UserV2) GetGithubIdentities 

func (u *UserV2) GetGithubIdentities() []ExternalIdentity

GetGithubIdentities returns a list of connected Github identities

func (*UserV2) GetKind 

func (u *UserV2) GetKind() string

GetKind returns resource kind

func (*UserV2) GetLocalAuth 

func (u *UserV2) GetLocalAuth() *LocalAuthSecrets

GetLocalAuth gets local authentication secrets (may be nil).

func (*UserV2) GetMetadata 

func (u *UserV2) GetMetadata() Metadata

GetMetadata returns object metadata

func (*UserV2) GetName 

func (u *UserV2) GetName() string

GetName returns the name of the User

func (*UserV2) GetOIDCIdentities 

func (u *UserV2) GetOIDCIdentities() []ExternalIdentity

GetOIDCIdentities returns a list of connected OIDC identities

func (*UserV2) GetResourceID 

func (u *UserV2) GetResourceID() int64

GetResourceID returns resource ID

func (*UserV2) GetRoles 

func (u *UserV2) GetRoles() []string

GetRoles returns a list of roles assigned to user

func (*UserV2) GetSAMLIdentities 

func (u *UserV2) GetSAMLIdentities() []ExternalIdentity

GetSAMLIdentities returns a list of connected SAML identities

func (*UserV2) GetStatus 

func (u *UserV2) GetStatus() LoginStatus

GetStatus returns login status of the user

func (*UserV2) GetSubKind 

func (u *UserV2) GetSubKind() string

GetSubKind returns resource sub kind

func (*UserV2) GetTraits 

func (u *UserV2) GetTraits() map[string][]string

GetTraits gets the trait map for this user used to populate role variables.

func (*UserV2) GetVersion 

func (u *UserV2) GetVersion() string

GetVersion returns resource version

func (*UserV2) Marshal 

func (m *UserV2) Marshal() (dAtA []byte, err error)

func (*UserV2) MarshalTo 

func (m *UserV2) MarshalTo(dAtA []byte) (int, error)

func (*UserV2) MarshalToSizedBuffer 

func (m *UserV2) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*UserV2) ProtoMessage 

func (*UserV2) ProtoMessage()

func (*UserV2) Reset 

func (m *UserV2) Reset()

func (*UserV2) SetCreatedBy 

func (u *UserV2) SetCreatedBy(b CreatedBy)

SetCreatedBy sets created by information

func (*UserV2) SetExpiry 

func (u *UserV2) SetExpiry(expires time.Time)

SetExpiry sets expiry time for the object

func (*UserV2) SetLocalAuth 

func (u *UserV2) SetLocalAuth(auth *LocalAuthSecrets)

SetLocalAuth sets local authentication secrets (use nil to delete).

func (*UserV2) SetLocked 

func (u *UserV2) SetLocked(until time.Time, reason string)

SetLocked marks the user as locked

func (*UserV2) SetMetadata 

func (u *UserV2) SetMetadata(meta Metadata)

SetMetadata sets object metadata

func (*UserV2) SetName 

func (u *UserV2) SetName(e string)

SetName sets the name of the User

func (*UserV2) SetResourceID 

func (u *UserV2) SetResourceID(id int64)

SetResourceID sets resource ID

func (*UserV2) SetRoles 

func (u *UserV2) SetRoles(roles []string)

SetRoles sets a list of roles for user

func (*UserV2) SetSubKind 

func (u *UserV2) SetSubKind(s string)

SetSubKind sets resource subkind

func (*UserV2) SetTraits 

func (u *UserV2) SetTraits(traits map[string][]string)

SetTraits sets the trait map for this user used to populate role variables.

func (*UserV2) Size 

func (m *UserV2) Size() (n int)

func (*UserV2) String 

func (u *UserV2) String() string

func (*UserV2) Unmarshal 

func (m *UserV2) Unmarshal(dAtA []byte) error

func (*UserV2) WithoutSecrets 

func (u *UserV2) WithoutSecrets() Resource

WithoutSecrets returns an instance of resource without secrets.

func (*UserV2) XXX_DiscardUnknown 

func (m *UserV2) XXX_DiscardUnknown()

func (*UserV2) XXX_Marshal 

func (m *UserV2) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*UserV2) XXX_Merge 

func (m *UserV2) XXX_Merge(src proto.Message)

func (*UserV2) XXX_Size 

func (m *UserV2) XXX_Size() int

func (*UserV2) XXX_Unmarshal 

func (m *UserV2) XXX_Unmarshal(b []byte) error

type Watch 

type Watch struct {
	// Name is used for debugging purposes
	Name string

	// Kinds specifies kinds of objects to watch
	// and whether to load secret data for them
	Kinds []WatchKind

	// QueueSize is an optional queue size
	QueueSize int

	// MetricComponent is used for reporting
	MetricComponent string
}

Watch sets up watch on the event

type WatchKind 

type WatchKind struct {
	// Kind is a resource kind to watch
	Kind string
	// SubKind optionally specifies the subkind of resource to watch.
	// Some resource kinds are ambigious like web sessions, subkind in this case
	// specifies the type of web session
	SubKind string
	// Name is an optional specific resource type to watch,
	// if specified, only the events with the given resource
	// name will be sent
	Name string
	// LoadSecrets specifies whether to load secrets
	LoadSecrets bool
	// Filter supplies custom event filter parameters that differ by
	// resource (e.g. "state":"pending" for access requests).
	Filter map[string]string
}

WatchKind specifies resource kind to watch

func (WatchKind) Matches 

func (kind WatchKind) Matches(e Event) (bool, error)

Matches attempts to determine if the supplied event matches this WatchKind. If the WatchKind is misconfigured, or the event appears malformed, an error is returned.

type Watcher 

type Watcher interface {
	// Events returns channel with events
	Events() <-chan Event

	// Done returns the channel signalling the closure
	Done() <-chan struct{}

	// Close closes the watcher and releases
	// all associated resources
	Close() error

	// Error returns error associated with watcher
	Error() error
}

Watcher returns watcher

type WebSession 

type WebSession interface {
	// Resource represents common properties for all resources.
	Resource
	// GetShortName returns visible short name used in logging
	GetShortName() string
	// GetUser returns the user this session is associated with
	GetUser() string
	// SetUser sets user associated with this session
	SetUser(string)
	// GetPub is returns public certificate signed by auth server
	GetPub() []byte
	// GetPriv returns private OpenSSH key used to auth with SSH nodes
	GetPriv() []byte
	// SetPriv sets private key
	SetPriv([]byte)
	// GetTLSCert returns PEM encoded TLS certificate associated with session
	GetTLSCert() []byte
	// BearerToken is a special bearer token used for additional
	// bearer authentication
	GetBearerToken() string
	// SetExpiryTime sets session expiry time
	SetExpiryTime(time.Time)
	// GetBearerTokenExpiryTime - absolute time when token expires
	GetBearerTokenExpiryTime() time.Time
	// GetExpiryTime - absolute time when web session expires
	GetExpiryTime() time.Time
	// GetLoginTime returns the time this user recently logged in.
	GetLoginTime() time.Time
	// SetLoginTime sets when this user logged in.
	SetLoginTime(time.Time)
	// WithoutSecrets returns copy of the web session but without private keys
	WithoutSecrets() WebSession
	// String returns string representation of the session.
	String() string
}

WebSession stores key and value used to authenticate with SSH notes on behalf of user

func NewWebSession 

func NewWebSession(name string, subkind string, spec WebSessionSpecV2) (WebSession, error)

NewWebSession returns new instance of the web session based on the V2 spec

type WebSessionFilter 

type WebSessionFilter struct {
	// User is the username to filter web sessions for.
	User                 string   `protobuf:"bytes,1,opt,name=User,proto3" json:"user"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

WebSessionFilter encodes cache watch parameters for filtering web sessions.

func (*WebSessionFilter) Descriptor 

func (*WebSessionFilter) Descriptor() ([]byte, []int)

func (*WebSessionFilter) FromMap 

func (f *WebSessionFilter) FromMap(m map[string]string) error

FromMap converts provided map into this filter.

This filter is used with the cache watcher to make sure only sessions for a particular user are returned.

func (*WebSessionFilter) IntoMap 

func (f *WebSessionFilter) IntoMap() map[string]string

IntoMap makes this filter into a map.

This filter is used with the cache watcher to make sure only sessions for a particular user are returned.

func (*WebSessionFilter) Marshal 

func (m *WebSessionFilter) Marshal() (dAtA []byte, err error)

func (*WebSessionFilter) MarshalTo 

func (m *WebSessionFilter) MarshalTo(dAtA []byte) (int, error)

func (*WebSessionFilter) MarshalToSizedBuffer 

func (m *WebSessionFilter) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*WebSessionFilter) Match 

func (f *WebSessionFilter) Match(session WebSession) bool

Match checks if a given web session matches this filter.

func (*WebSessionFilter) ProtoMessage 

func (*WebSessionFilter) ProtoMessage()

func (*WebSessionFilter) Reset 

func (m *WebSessionFilter) Reset()

func (*WebSessionFilter) Size 

func (m *WebSessionFilter) Size() (n int)

func (*WebSessionFilter) String 

func (m *WebSessionFilter) String() string

func (*WebSessionFilter) Unmarshal 

func (m *WebSessionFilter) Unmarshal(dAtA []byte) error

func (*WebSessionFilter) XXX_DiscardUnknown 

func (m *WebSessionFilter) XXX_DiscardUnknown()

func (*WebSessionFilter) XXX_Marshal 

func (m *WebSessionFilter) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*WebSessionFilter) XXX_Merge 

func (m *WebSessionFilter) XXX_Merge(src proto.Message)

func (*WebSessionFilter) XXX_Size 

func (m *WebSessionFilter) XXX_Size() int

func (*WebSessionFilter) XXX_Unmarshal 

func (m *WebSessionFilter) XXX_Unmarshal(b []byte) error

type WebSessionInterface 

type WebSessionInterface interface {
	// Get returns a web session state for the given request.
	Get(ctx context.Context, req GetWebSessionRequest) (WebSession, error)

	// List gets all regular web sessions.
	List(context.Context) ([]WebSession, error)

	// Upsert updates existing or inserts a new web session.
	Upsert(ctx context.Context, session WebSession) error

	// Delete deletes the web session described by req.
	Delete(ctx context.Context, req DeleteWebSessionRequest) error

	// DeleteAll removes all web sessions.
	DeleteAll(context.Context) error
}

WebSessionInterface defines interface to regular web sessions

type WebSessionSpecV2 

type WebSessionSpecV2 struct {
	// User is the identity of the user to which the web session belongs.
	User string `protobuf:"bytes,1,opt,name=User,proto3" json:"user"`
	// Pub is the SSH certificate for the user.
	Pub []byte `protobuf:"bytes,2,opt,name=Pub,proto3" json:"pub"`
	// Priv is the SSH private key for the user.
	Priv []byte `protobuf:"bytes,3,opt,name=Priv,proto3" json:"priv,omitempty"`
	// TLSCert is the TLS certificate for the user.
	TLSCert []byte `protobuf:"bytes,4,opt,name=TLSCert,proto3" json:"tls_cert,omitempty"`
	// BearerToken is a token that is paired with the session cookie for
	// authentication. It is periodically rotated so a stolen cookie itself
	// is not enough to steal a session. In addition it is used for CSRF
	// mitigation.
	BearerToken string `protobuf:"bytes,5,opt,name=BearerToken,proto3" json:"bearer_token"`
	// BearerTokenExpires is the absolute time when the token expires.
	BearerTokenExpires time.Time `protobuf:"bytes,6,opt,name=BearerTokenExpires,proto3,stdtime" json:"bearer_token_expires"`
	// Expires is the absolute time when the session expires.
	Expires time.Time `protobuf:"bytes,7,opt,name=Expires,proto3,stdtime" json:"expires"`
	// LoginTime is the time this user recently logged in.
	LoginTime            time.Time `protobuf:"bytes,8,opt,name=LoginTime,proto3,stdtime" json:"login_time"`
	XXX_NoUnkeyedLiteral struct{}  `json:"-"`
	XXX_unrecognized     []byte    `json:"-"`
	XXX_sizecache        int32     `json:"-"`
}

WebSessionSpecV2 is a specification for web session.

func (*WebSessionSpecV2) Descriptor 

func (*WebSessionSpecV2) Descriptor() ([]byte, []int)

func (*WebSessionSpecV2) Marshal 

func (m *WebSessionSpecV2) Marshal() (dAtA []byte, err error)

func (*WebSessionSpecV2) MarshalTo 

func (m *WebSessionSpecV2) MarshalTo(dAtA []byte) (int, error)

func (*WebSessionSpecV2) MarshalToSizedBuffer 

func (m *WebSessionSpecV2) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*WebSessionSpecV2) ProtoMessage 

func (*WebSessionSpecV2) ProtoMessage()

func (*WebSessionSpecV2) Reset 

func (m *WebSessionSpecV2) Reset()

func (*WebSessionSpecV2) Size 

func (m *WebSessionSpecV2) Size() (n int)

func (*WebSessionSpecV2) String 

func (m *WebSessionSpecV2) String() string

func (*WebSessionSpecV2) Unmarshal 

func (m *WebSessionSpecV2) Unmarshal(dAtA []byte) error

func (*WebSessionSpecV2) XXX_DiscardUnknown 

func (m *WebSessionSpecV2) XXX_DiscardUnknown()

func (*WebSessionSpecV2) XXX_Marshal 

func (m *WebSessionSpecV2) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*WebSessionSpecV2) XXX_Merge 

func (m *WebSessionSpecV2) XXX_Merge(src proto.Message)

func (*WebSessionSpecV2) XXX_Size 

func (m *WebSessionSpecV2) XXX_Size() int

func (*WebSessionSpecV2) XXX_Unmarshal 

func (m *WebSessionSpecV2) XXX_Unmarshal(b []byte) error

type WebSessionV2 

type WebSessionV2 struct {
	// Kind is a resource kind.
	Kind string `protobuf:"bytes,1,opt,name=Kind,proto3" json:"kind"`
	// SubKind is an optional resource sub kind, used in some resources.
	SubKind string `protobuf:"bytes,2,opt,name=SubKind,proto3" json:"sub_kind,omitempty"`
	// Version is version.
	Version string `protobuf:"bytes,3,opt,name=Version,proto3" json:"version"`
	// Metadata is a resource metadata.
	Metadata Metadata `protobuf:"bytes,4,opt,name=Metadata,proto3" json:"metadata"`
	// Spec is a tunnel specification.
	Spec                 WebSessionSpecV2 `protobuf:"bytes,5,opt,name=Spec,proto3" json:"spec"`
	XXX_NoUnkeyedLiteral struct{}         `json:"-"`
	XXX_unrecognized     []byte           `json:"-"`
	XXX_sizecache        int32            `json:"-"`
}

WebSessionV2 represents an application or UI web session.

func (*WebSessionV2) CheckAndSetDefaults 

func (ws *WebSessionV2) CheckAndSetDefaults() error

CheckAndSetDefaults checks and set default values for any missing fields.

func (*WebSessionV2) Descriptor 

func (*WebSessionV2) Descriptor() ([]byte, []int)

func (*WebSessionV2) Expiry 

func (ws *WebSessionV2) Expiry() time.Time

Expiry returns resource Expiry

func (*WebSessionV2) GetBearerToken 

func (ws *WebSessionV2) GetBearerToken() string

GetBearerToken gets a special bearer token used for additional bearer authentication

func (*WebSessionV2) GetBearerTokenExpiryTime 

func (ws *WebSessionV2) GetBearerTokenExpiryTime() time.Time

GetBearerTokenExpiryTime - absolute time when token expires

func (*WebSessionV2) GetExpiryTime 

func (ws *WebSessionV2) GetExpiryTime() time.Time

GetExpiryTime - absolute time when web session expires

func (*WebSessionV2) GetKind 

func (ws *WebSessionV2) GetKind() string

GetKind gets resource Kind

func (*WebSessionV2) GetLoginTime 

func (ws *WebSessionV2) GetLoginTime() time.Time

GetLoginTime returns the time this user recently logged in.

func (*WebSessionV2) GetMetadata 

func (ws *WebSessionV2) GetMetadata() Metadata

GetMetadata gets resource Metadata

func (*WebSessionV2) GetName 

func (ws *WebSessionV2) GetName() string

GetName gets resource Name

func (*WebSessionV2) GetPriv 

func (ws *WebSessionV2) GetPriv() []byte

GetPriv returns private OpenSSH key used to auth with SSH nodes

func (*WebSessionV2) GetPub 

func (ws *WebSessionV2) GetPub() []byte

GetPub is returns public certificate signed by auth server

func (*WebSessionV2) GetResourceID 

func (ws *WebSessionV2) GetResourceID() int64

GetResourceID gets ResourceID

func (*WebSessionV2) GetShortName 

func (ws *WebSessionV2) GetShortName() string

GetShortName returns visible short name used in logging

func (*WebSessionV2) GetSubKind 

func (ws *WebSessionV2) GetSubKind() string

GetSubKind gets resource SubKind

func (*WebSessionV2) GetTLSCert 

func (ws *WebSessionV2) GetTLSCert() []byte

GetTLSCert returns PEM encoded TLS certificate associated with session

func (*WebSessionV2) GetUser 

func (ws *WebSessionV2) GetUser() string

GetUser returns the user this session is associated with

func (*WebSessionV2) GetVersion 

func (ws *WebSessionV2) GetVersion() string

GetVersion gets resource Version

func (*WebSessionV2) Marshal 

func (m *WebSessionV2) Marshal() (dAtA []byte, err error)

func (*WebSessionV2) MarshalTo 

func (m *WebSessionV2) MarshalTo(dAtA []byte) (int, error)

func (*WebSessionV2) MarshalToSizedBuffer 

func (m *WebSessionV2) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*WebSessionV2) ProtoMessage 

func (*WebSessionV2) ProtoMessage()

func (*WebSessionV2) Reset 

func (m *WebSessionV2) Reset()

func (*WebSessionV2) SetExpiry 

func (ws *WebSessionV2) SetExpiry(expiry time.Time)

SetExpiry Sets resource Expiry

func (*WebSessionV2) SetExpiryTime 

func (ws *WebSessionV2) SetExpiryTime(tm time.Time)

SetExpiryTime sets session expiry time

func (*WebSessionV2) SetLoginTime 

func (ws *WebSessionV2) SetLoginTime(loginTime time.Time)

SetLoginTime sets when this user logged in.

func (*WebSessionV2) SetName 

func (ws *WebSessionV2) SetName(name string)

SetName sets resource Name

func (*WebSessionV2) SetPriv 

func (ws *WebSessionV2) SetPriv(priv []byte)

SetPriv sets private key

func (*WebSessionV2) SetResourceID 

func (ws *WebSessionV2) SetResourceID(id int64)

SetResourceID sets ResourceID

func (*WebSessionV2) SetSubKind 

func (ws *WebSessionV2) SetSubKind(subKind string)

SetSubKind sets resource SubKind

func (*WebSessionV2) SetUser 

func (ws *WebSessionV2) SetUser(u string)

SetUser sets user associated with this session

func (*WebSessionV2) Size 

func (m *WebSessionV2) Size() (n int)

func (*WebSessionV2) String 

func (ws *WebSessionV2) String() string

String returns string representation of the session.

func (*WebSessionV2) Unmarshal 

func (m *WebSessionV2) Unmarshal(dAtA []byte) error

func (*WebSessionV2) WithoutSecrets 

func (ws *WebSessionV2) WithoutSecrets() WebSession

WithoutSecrets returns copy of the object but without secrets

func (*WebSessionV2) XXX_DiscardUnknown 

func (m *WebSessionV2) XXX_DiscardUnknown()

func (*WebSessionV2) XXX_Marshal 

func (m *WebSessionV2) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*WebSessionV2) XXX_Merge 

func (m *WebSessionV2) XXX_Merge(src proto.Message)

func (*WebSessionV2) XXX_Size 

func (m *WebSessionV2) XXX_Size() int

func (*WebSessionV2) XXX_Unmarshal 

func (m *WebSessionV2) XXX_Unmarshal(b []byte) error

type WebSessionsGetter 

type WebSessionsGetter interface {
	// WebSessions returns the web session manager
	WebSessions() WebSessionInterface
}

WebSessionsGetter provides access to web sessions

type WebToken 

type WebToken interface {
	// Resource represents common properties for all resources.
	Resource

	// GetToken returns the token value
	GetToken() string
	// SetToken sets the token value
	SetToken(token string)
	// GetUser returns the user the token is bound to
	GetUser() string
	// SetUser sets the user the token is bound to
	SetUser(user string)
	// String returns the text representation of this token
	String() string
}

WebToken is a time-limited unique token bound to a user's session

func NewWebToken 

func NewWebToken(expires time.Time, spec WebTokenSpecV3) (WebToken, error)

NewWebToken returns a new web token with the given expiration and spec

type WebTokenInterface 

type WebTokenInterface interface {
	// Get returns a token specified by the request.
	Get(ctx context.Context, req GetWebTokenRequest) (WebToken, error)

	// List gets all web tokens.
	List(context.Context) ([]WebToken, error)

	// Upsert updates existing or inserts a new web token.
	Upsert(ctx context.Context, token WebToken) error

	// Delete deletes the web token described by req.
	Delete(ctx context.Context, req DeleteWebTokenRequest) error

	// DeleteAll removes all web tokens.
	DeleteAll(context.Context) error
}

WebTokenInterface defines interface for managing web tokens

type WebTokenSpecV3 

type WebTokenSpecV3 struct {
	// User specifies the user the token is bound to.
	User string `protobuf:"bytes,1,opt,name=User,proto3" json:"user"`
	// Token specifies the token's value.
	Token                string   `protobuf:"bytes,2,opt,name=Token,proto3" json:"token"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

WebTokenSpecV3 is a unique time-limited token bound to a user's web session

func (*WebTokenSpecV3) Descriptor 

func (*WebTokenSpecV3) Descriptor() ([]byte, []int)

func (*WebTokenSpecV3) Marshal 

func (m *WebTokenSpecV3) Marshal() (dAtA []byte, err error)

func (*WebTokenSpecV3) MarshalTo 

func (m *WebTokenSpecV3) MarshalTo(dAtA []byte) (int, error)

func (*WebTokenSpecV3) MarshalToSizedBuffer 

func (m *WebTokenSpecV3) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*WebTokenSpecV3) ProtoMessage 

func (*WebTokenSpecV3) ProtoMessage()

func (*WebTokenSpecV3) Reset 

func (m *WebTokenSpecV3) Reset()

func (*WebTokenSpecV3) Size 

func (m *WebTokenSpecV3) Size() (n int)

func (*WebTokenSpecV3) String 

func (m *WebTokenSpecV3) String() string

func (*WebTokenSpecV3) Unmarshal 

func (m *WebTokenSpecV3) Unmarshal(dAtA []byte) error

func (*WebTokenSpecV3) XXX_DiscardUnknown 

func (m *WebTokenSpecV3) XXX_DiscardUnknown()

func (*WebTokenSpecV3) XXX_Marshal 

func (m *WebTokenSpecV3) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*WebTokenSpecV3) XXX_Merge 

func (m *WebTokenSpecV3) XXX_Merge(src proto.Message)

func (*WebTokenSpecV3) XXX_Size 

func (m *WebTokenSpecV3) XXX_Size() int

func (*WebTokenSpecV3) XXX_Unmarshal 

func (m *WebTokenSpecV3) XXX_Unmarshal(b []byte) error

type WebTokenV3 

type WebTokenV3 struct {
	// Kind is a resource kind
	Kind string `protobuf:"bytes,1,opt,name=Kind,proto3" json:"kind"`
	// SubKind is an optional resource sub kind
	SubKind string `protobuf:"bytes,2,opt,name=SubKind,proto3" json:"sub_kind,omitempty"`
	// Version is the resource version
	Version string `protobuf:"bytes,3,opt,name=Version,proto3" json:"version"`
	// Metadata is resource metadata
	Metadata Metadata `protobuf:"bytes,4,opt,name=Metadata,proto3" json:"metadata"`
	// Spec defines the web token
	Spec                 WebTokenSpecV3 `protobuf:"bytes,5,opt,name=Spec,proto3" json:"spec"`
	XXX_NoUnkeyedLiteral struct{}       `json:"-"`
	XXX_unrecognized     []byte         `json:"-"`
	XXX_sizecache        int32          `json:"-"`
}

WebTokenV3 describes a web token. Web tokens are used as a transport to relay bearer tokens to the client. Initially bound to a web session, these have been factored out into a separate resource to enable separate lifecycle management.

func (*WebTokenV3) CheckAndSetDefaults 

func (r *WebTokenV3) CheckAndSetDefaults() error

CheckAndSetDefaults validates this token value and sets defaults

func (*WebTokenV3) Descriptor 

func (*WebTokenV3) Descriptor() ([]byte, []int)

func (*WebTokenV3) Expiry 

func (r *WebTokenV3) Expiry() time.Time

Expiry returns the token absolute expiration time

func (*WebTokenV3) GetKind 

func (r *WebTokenV3) GetKind() string

GetKind returns the token resource kind

func (*WebTokenV3) GetMetadata 

func (r *WebTokenV3) GetMetadata() Metadata

GetMetadata returns the token metadata

func (*WebTokenV3) GetName 

func (r *WebTokenV3) GetName() string

GetName returns the token value

func (*WebTokenV3) GetResourceID 

func (r *WebTokenV3) GetResourceID() int64

GetResourceID returns the token resource ID

func (*WebTokenV3) GetSubKind 

func (r *WebTokenV3) GetSubKind() string

GetSubKind returns the token resource subkind

func (*WebTokenV3) GetToken 

func (r *WebTokenV3) GetToken() string

GetToken returns the token value

func (*WebTokenV3) GetUser 

func (r *WebTokenV3) GetUser() string

GetUser returns the user this token is bound to

func (*WebTokenV3) GetVersion 

func (r *WebTokenV3) GetVersion() string

GetVersion returns the token resource version

func (*WebTokenV3) Marshal 

func (m *WebTokenV3) Marshal() (dAtA []byte, err error)

func (*WebTokenV3) MarshalTo 

func (m *WebTokenV3) MarshalTo(dAtA []byte) (int, error)

func (*WebTokenV3) MarshalToSizedBuffer 

func (m *WebTokenV3) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*WebTokenV3) ProtoMessage 

func (*WebTokenV3) ProtoMessage()

func (*WebTokenV3) Reset 

func (m *WebTokenV3) Reset()

func (*WebTokenV3) SetExpiry 

func (r *WebTokenV3) SetExpiry(t time.Time)

SetExpiry sets the token absolute expiration time

func (*WebTokenV3) SetName 

func (r *WebTokenV3) SetName(name string)

SetName sets the token value

func (*WebTokenV3) SetResourceID 

func (r *WebTokenV3) SetResourceID(id int64)

SetResourceID sets the token resource ID

func (*WebTokenV3) SetSubKind 

func (r *WebTokenV3) SetSubKind(subKind string)

SetSubKind sets the token resource subkind

func (*WebTokenV3) SetToken 

func (r *WebTokenV3) SetToken(token string)

SetToken sets the token value

func (*WebTokenV3) SetUser 

func (r *WebTokenV3) SetUser(user string)

SetUser sets the user this token is bound to

func (*WebTokenV3) Size 

func (m *WebTokenV3) Size() (n int)

func (*WebTokenV3) String 

func (r *WebTokenV3) String() string

String returns string representation of the token.

func (*WebTokenV3) Unmarshal 

func (m *WebTokenV3) Unmarshal(dAtA []byte) error

func (*WebTokenV3) XXX_DiscardUnknown 

func (m *WebTokenV3) XXX_DiscardUnknown()

func (*WebTokenV3) XXX_Marshal 

func (m *WebTokenV3) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*WebTokenV3) XXX_Merge 

func (m *WebTokenV3) XXX_Merge(src proto.Message)

func (*WebTokenV3) XXX_Size 

func (m *WebTokenV3) XXX_Size() int

func (*WebTokenV3) XXX_Unmarshal 

func (m *WebTokenV3) XXX_Unmarshal(b []byte) error

type WebTokensGetter 

type WebTokensGetter interface {
	// WebTokens returns the tokens manager
	WebTokens() WebTokenInterface
}

WebTokensGetter provides access to web tokens

Source Files

View all Source files

Directories

Path Synopsis
Package events contains event related types and logic required by the Teleport API.
 Package events contains event related types and logic required by the Teleport API.
Package wrappers provides protobuf wrappers for common teleport map and list types.
 Package wrappers provides protobuf wrappers for common teleport map and list types.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.