Documentation
¶
Index ¶
- type AWSRoleLink
- type AWSToken
- type AuthorizedKey
- type Connection
- type Context
- type CustomAttributeValidation
- type EUM
- type IdentityProvider
- type IdentityProviderCreateResponse
- type IdentityProviderResolveUserRequest
- type IdentityProviderResponse
- type IdentityProviderSearch
- type LogconfCollector
- type MFA
- type Params
- type PrincipalKey
- type PrivateKey
- type PublicKey
- type ResolveAuthorizedKey
- type Role
- type RoleRef
- type RoleStore
- func (store *RoleStore) AWSRoleLink(awsroleID string) (*AWSRoleLink, error)
- func (store *RoleStore) AWSRoleLinks(refresh bool) ([]AWSRoleLink, error)
- func (store *RoleStore) AWSToken(roleID, tokencode string, ttl int) ([]AWSToken, error)
- func (store *RoleStore) AllAuthorizedKeys(offset, limit int, sortdir, sortkey string) ([]AuthorizedKey, error)
- func (store *RoleStore) AuthorizedKey(userID, keyID string) (*AuthorizedKey, error)
- func (store *RoleStore) AuthorizedKeys(userID string) ([]AuthorizedKey, error)
- func (store *RoleStore) CreateAuthorizedKey(key AuthorizedKey, userID string) (string, error)
- func (store *RoleStore) CreateIdendityProvider(newIP IdentityProvider) (IdentityProviderCreateResponse, error)
- func (store *RoleStore) CreateLogconfCollector(conf LogconfCollector) (string, error)
- func (store *RoleStore) CreateRole(role Role) (string, error)
- func (store *RoleStore) CreateSource(source Source) (string, error)
- func (store *RoleStore) DeleteAWSRoleLInk(awsroleID string) error
- func (store *RoleStore) DeleteAuthorizedKey(userID, keyID string) error
- func (store *RoleStore) DeleteIdendityProviderByID(ID string) error
- func (store *RoleStore) DeleteLogconfCollector(collectorID string) error
- func (store *RoleStore) DeletePrincipalKey(roleID, keyID string) error
- func (store *RoleStore) DeleteRole(roleID string) error
- func (store *RoleStore) DeleteSource(sourceID string) error
- func (store *RoleStore) DisableMFA(userIDs []string) error
- func (store *RoleStore) EnableMFA(userIDs []string) error
- func (store *RoleStore) EvaluateRole(role *Role) ([]User, error)
- func (store *RoleStore) GeneratePrincipalKey(roleID string) (string, error)
- func (store *RoleStore) GetAllIdendityProviders(offset, limit int) (IdentityProviderResponse, error)
- func (store *RoleStore) GetIdendityProviderByID(ID string) (IdentityProvider, error)
- func (store *RoleStore) GetRoleMembers(roleID string) ([]User, error)
- func (store *RoleStore) GrantUserRole(userID, roleID string) error
- func (store *RoleStore) ImportPrincipalKey(key PrivateKey, roleID string) (string, error)
- func (store *RoleStore) LinkedRoles(awsroleID string) ([]AWSRoleLink, error)
- func (store *RoleStore) LogconfCollector(collectorID string) (*LogconfCollector, error)
- func (store *RoleStore) LogconfCollectors() ([]LogconfCollector, error)
- func (store *RoleStore) PrincipalKey(roleID, keyID string) (*PrincipalKey, error)
- func (store *RoleStore) PrincipalKeys(roleID string) ([]PrincipalKey, error)
- func (store *RoleStore) RefreshSources(sourceIDs []string) error
- func (store *RoleStore) ResetMFA(userIDs []string) error
- func (store *RoleStore) ResolveAuthorizedKey(resolve ResolveAuthorizedKey) ([]AuthorizedKey, error)
- func (store *RoleStore) ResolveRoles(names []string) ([]RoleRef, error)
- func (store *RoleStore) ResolveUser(userID string) (*User, error)
- func (store *RoleStore) RevokeUserRole(userID, roleID string) error
- func (store *RoleStore) Role(roleID string) (*Role, error)
- func (store *RoleStore) Roles() ([]Role, error)
- func (store *RoleStore) SearchIdendityProviders(offset, limit int, sortkey, sortdir, keywords string) (IdentityProviderResponse, error)
- func (store *RoleStore) SearchUsers(offset, limit int, sortkey, sortdir string, searchBody UserSearchObject) ([]User, error)
- func (store *RoleStore) SearchUsersExternal(keywords, sourceID string) ([]User, error)
- func (store *RoleStore) Source(sourceID string) (*Source, error)
- func (store *RoleStore) Sources() ([]Source, error)
- func (store *RoleStore) UpdateAWSRoleLink(awsRoleID string, roles []RoleRef) error
- func (store *RoleStore) UpdateAuthorizedKey(key *AuthorizedKey, userID, keyID string) error
- func (store *RoleStore) UpdateIdendityProvider(UpdatedIP IdentityProvider, ID string) error
- func (store *RoleStore) UpdateLogconfCollector(collectorID string, conf *LogconfCollector) error
- func (store *RoleStore) UpdateRole(roleID string, role *Role) error
- func (store *RoleStore) UpdateSource(sourceID string, source *Source) error
- func (store *RoleStore) UpdateUserSettings(settings *json.RawMessage, userID string) error
- func (store *RoleStore) User(userID string) (*User, error)
- func (store *RoleStore) UserRoles(userID string) ([]Role, error)
- func (store *RoleStore) UserSettings(userID string) (*json.RawMessage, error)
- type Seed
- type Source
- type SourceRule
- type User
- type UserSearchObject
- type ValidityPeriod
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AWSRoleLink ¶ added in v0.6.0
type AWSRoleLink struct {
ID string `json:"id,omitempty"`
Name string `json:"name,omitempty"`
ARN string `json:"arn,omitempty"`
Updated string `json:"updated,omitempty"`
Description string `json:"description,omitempty"`
Source string `json:"source,omitempty"`
Status string `json:"status,omitempty"`
Roles []RoleRef `json:"roles,omitempty"`
}
AWSRoleLink aws role definition.
type AWSToken ¶ added in v0.6.0
type AWSToken struct {
AccessKeyID string `json:"access_key_id,omitempty"`
SecretAccessKey string `json:"secret_access_key,omitempty"`
SessionToken string `json:"session_token,omitempty"`
Expires string `json:"expires,omitempty"`
Descriptions []string `json:"descriptions,omitempty"`
}
AWSToken aws token definition
type AuthorizedKey ¶ added in v0.6.0
type AuthorizedKey struct {
ID string `json:"id,omitempty"`
Username string `json:"username,omitempty"`
UserID string `json:"user_id,omitempty"`
Name string `json:"name,omitempty"`
Comment string `json:"comment,omitempty"`
PublicKey string `json:"public_key,omitempty"`
NotBefore string `json:"not_before,omitempty"`
NotAfter string `json:"not_after,omitempty"`
SourceAddress []string `json:"source_address,omitempty"`
}
AuthorizedKey authorizednal key definition
type Connection ¶ added in v0.6.0
type Connection struct {
Type string `json:"type,omitempty"`
Address string `json:"address,omitempty"`
AccessKeyID string `json:"iam_access_key_id,omitempty"`
SecretKey string `json:"iam_secret_access_key,omitempty"`
SessionToken string `json:"iam_session_token,omitempty"`
FetchRolePathPrefix string `json:"iam_fetch_role_path_prefix,omitempty"`
GCConfig string `json:"google_cloud_config_json,omitempty"`
OpenstackVersion string `json:"openstack_version,omitempty"`
OpenStackEndpoint string `json:"openstack_endpoint,omitempty"`
OpenStackUsername string `json:"openstack_username,omitempty"`
OpenStackUserID string `json:"openstack_user_id,omitempty"`
OpenStackPassword string `json:"openstack_password,omitempty"`
OpenStackAPIkey string `json:"openstack_apikey,omitempty"`
OpenStackDomainName string `json:"openstack_domainname,omitempty"`
OpenStackDomainID string `json:"openstack_domainid,omitempty"`
OpenStackTokenID string `json:"openstack_token_id,omitempty"`
AzureBaseURL string `json:"azure_base_url,omitempty"`
AzureSubscriptionID string `json:"azure_subscription_id,omitempty"`
AzureTenantID string `json:"azure_tenant_id,omitempty"`
AzureClientID string `json:"azure_client_id,omitempty"`
AzureClientSecret string `json:"azure_client_secret,omitempty"`
LDAPProtocol string `json:"ldap_protocol,omitempty"`
LDAPBase string `json:"ldap_base,omitempty"`
LDAPUserFilter string `json:"ldap_user_filter,omitempty"`
LDAPBindDN string `json:"ldap_bind_dn,omitempty"`
LDAPBindPassword string `json:"ldap_bind_password,omitempty"`
LDAPUserDNPattern string `json:"ldap_user_dn_pattern,omitempty"`
GoogleGsuiteDomain string `json:"google_gsuite_domain,omitempty"`
GoogleGsuiteAdminEmail string `json:"google_gsuite_domain_admin_email,omitempty"`
OIDCIssuer string `json:"oidc_issuer,omitempty"`
OIDCButtonTitle string `json:"oidc_button_title,omitempty"`
OIDCClientID string `json:"oidc_client_id,omitempty"`
OIDCClientSecret string `json:"oidc_client_secret,omitempty"`
OIDCTagsAttributeName string `json:"oidc_tags_attribute_name,omitempty"`
MFAType string `json:"mfa_type,omitempty"`
MFAAddress string `json:"mfa_address,omitempty"`
MFABaseDN string `json:"mfa_base_dn,omitempty"`
DomainControllerFQDN string `json:"domain_controller_fqdn,omitempty"`
KerberosTicket string `json:"kerberos_ticket,omitempty"`
DomainControllerPort int `json:"domain_controller_port,omitempty"`
MFAPort int `json:"mfa_port,omitempty"`
Port int `json:"port,omitempty"`
EnableMachineAuth bool `json:"enable_machine_authentication,omitempty"`
EnableUserAuth bool `json:"enable_user_authentication,omitempty"`
OIDCEnabled bool `json:"oidc_enabled,omitempty"`
FetchRoles bool `json:"iam_fetch_roles,omitempty"`
AutoUpdate bool `json:"service_address_auto_update,omitempty"`
OIDCScopesSecret []string `json:"oidc_additional_scopes_secret,omitempty"`
GCProjectIDs []string `json:"google_cloud_project_ids,omitempty"`
OpenStackTenantIDs []string `json:"openstack_tenant_ids,omitempty"`
OpenStackTenantNames []string `json:"openstack_tenant_names,omitempty"`
}
Connection source connection definition
type Context ¶
type Context struct {
Enabled bool `json:"enabled"`
BlockRole bool `json:"block_role"`
StartTime string `json:"start_time"`
EndTime string `json:"end_time"`
Timezone string `json:"timezone"`
}
Context defines the context information for a role.
type CustomAttributeValidation ¶ added in v1.25.0
type EUM ¶ added in v0.6.0
type EUM struct {
SourceID string `json:"source_id,omitempty"`
SourceSeaerchField string `json:"source_search_field,omitempty"`
}
EUM external user mapping definition
type IdentityProvider ¶ added in v1.25.0
type IdentityProvider struct {
ID string `json:"id"`
Name string `json:"name"`
TokenType string `json:"token_type"`
JWTIssuer string `json:"jwt_issuer"`
JWTAudience string `json:"jwt_audience"`
JWTSubjectType string `json:"jwt_subject_type"`
JWTSubjectDNUsernameAttribute string `json:"jwt_subject_dn_username_attribute,omitempty"`
CustomAttributes []CustomAttributeValidation `json:"custom_attributes,omitempty"`
PublicKey []PublicKey `json:"public_key,omitempty"`
PublicKeyMethod string `json:"public_key_method"`
// Used for validating certs fetched from x5u urls
X5uTrustAnchor string `json:"x5u_trust_anchor,omitempty"`
// Optional TLS trust anchor cert used when doing x5u https requests
X5uTLSTrustAnchor string `json:"x5u_tls_trust_anchor,omitempty"`
X5uPrefix string `json:"x5u_prefix,omitempty"`
UsersDirectory string `json:"users_directory"`
Enabled bool `json:"enabled"`
Author string `json:"author"`
Created string `json:"created"`
Updated string `json:"updated,omitempty"`
UpdatedBy string `json:"updated_by,omitempty"`
}
type IdentityProviderCreateResponse ¶ added in v1.25.0
type IdentityProviderCreateResponse struct {
ID string `json:"id"`
}
type IdentityProviderResolveUserRequest ¶ added in v1.25.0
type IdentityProviderResolveUserRequest struct {
Principal string `json:"principal"`
}
type IdentityProviderResponse ¶ added in v1.25.0
type IdentityProviderResponse struct {
Count int `json:"count"`
Items []IdentityProvider `json:"items"`
}
type IdentityProviderSearch ¶ added in v1.25.0
type IdentityProviderSearch struct {
Keywords string `json:"keywords,omitempty"`
}
type LogconfCollector ¶ added in v0.6.0
type LogconfCollector struct {
ID string `json:"id,omitempty"`
Name string `json:"name,omitempty"`
Type string `json:"type,omitempty"`
Updated string `json:"updated,omitempty"`
StatusCode string `json:"status_code,omitempty"`
StatusText string `json:"status_text,omitempty"`
AWSLogRegion string `json:"aws_log_region,omitempty"`
IAMAccessKeyID string `json:"iam_access_key_id,omitempty"`
IAMSecretAccessKey string `json:"iam_secret_access_key,omitempty"`
IAMSessionToken string `json:"iam_session_token,omitempty"`
AzureEventHubsNamespace string `json:"azure_event_hubs_namespace,omitempty"`
AzureResourceGroupName string `json:"azure_resource_group_name,omitempty"`
AzureSubscriptionID string `json:"azure_subscription_id,omitempty"`
AzureEventHubName string `json:"azure_event_hub_name,omitempty"`
AzureTenantID string `json:"azure_tenant_id,omitempty"`
AzureClientID string `json:"azure_client_id,omitempty"`
AzureClientSecret string `json:"azure_client_secret,omitempty"`
AzureSasConnectionString string `json:"azure_sas_connection_string,omitempty"`
Enabled bool `json:"enabled,omitempty"`
}
LogconfCollector logconf collectors definition
type Params ¶ added in v0.6.0
type Params struct {
Sortdir string `json:"sortdir,omitempty"`
Sortkey string `json:"sortkey,omitempty"`
Tokencode string `json:"tokencode,omitempty"`
Refresh bool `json:"refresh,omitempty"`
Offset int `json:"offset,omitempty"`
Limit int `json:"limit,omitempty"`
TTL int `json:"ttl,omitempty"`
}
Params struct for pagination queries.
type PrincipalKey ¶ added in v0.6.0
type PrincipalKey struct {
ID string `json:"id,omitempty"`
PublicKey string `json:"public_key,omitempty"`
}
PrincipalKey principal key definition
type PrivateKey ¶ added in v0.6.0
type PrivateKey struct {
ID string `json:"id,omitempty"`
PrivateKey string `json:"private_key,omitempty"`
}
PrivateKey principal privat key definition
type ResolveAuthorizedKey ¶ added in v0.6.0
type ResolveAuthorizedKey struct {
Username string `json:"username,omitempty"`
PublicKey string `json:"public_key,omitempty"`
}
ResolveAuthorizedKey struct for resolving authorized key.
type Role ¶
type Role struct {
ID string `json:"id"`
Name string `json:"name"`
GrantType string `json:"grant_type"`
Comment string `json:"comment"`
AccessGroupID string `json:"access_group_id"`
GrantStart string `json:"grant_start"`
GrantEnd string `json:"grant_end"`
GrantValidityPeriods []ValidityPeriod `json:"grant_validity_periods,omitempty"`
Permissions []string `json:"permissions"`
PublicKey []string `json:"principal_public_key_strings"`
MemberCount int `json:"member_count"`
FloatingLength int `json:"floating_length"`
Explicit bool `json:"explicit" tabulate:"@userCtx"`
Implicit bool `json:"implicit" tabulate:"@userCtx"`
System bool `json:"system"`
PermitAgent bool `json:"permit_agent"`
Context *Context `json:"context"`
SourceRule SourceRule `json:"source_rules"`
}
Role contains PrivX role information.
type RoleStore ¶
type RoleStore struct {
// contains filtered or unexported fields
}
RoleStore is a role-store client instance.
func (*RoleStore) AWSRoleLink ¶ added in v0.6.0
func (store *RoleStore) AWSRoleLink(awsroleID string) (*AWSRoleLink, error)
AWSRoleLink returns existing single aws role
func (*RoleStore) AWSRoleLinks ¶ added in v0.6.0
func (store *RoleStore) AWSRoleLinks(refresh bool) ([]AWSRoleLink, error)
AWSRoleLinks returns all aws roles.
func (*RoleStore) AllAuthorizedKeys ¶ added in v0.6.0
func (store *RoleStore) AllAuthorizedKeys(offset, limit int, sortdir, sortkey string) ([]AuthorizedKey, error)
AllAuthorizedKeys returns all authorized keys
func (*RoleStore) AuthorizedKey ¶ added in v0.6.0
func (store *RoleStore) AuthorizedKey(userID, keyID string) (*AuthorizedKey, error)
AuthorizedKey return user's authorized key
func (*RoleStore) AuthorizedKeys ¶ added in v0.6.0
func (store *RoleStore) AuthorizedKeys(userID string) ([]AuthorizedKey, error)
AuthorizedKeys return user's authorized keys
func (*RoleStore) CreateAuthorizedKey ¶ added in v0.6.0
func (store *RoleStore) CreateAuthorizedKey(key AuthorizedKey, userID string) (string, error)
CreateAuthorizedKey register an authorized key for user
func (*RoleStore) CreateIdendityProvider ¶ added in v1.25.0
func (store *RoleStore) CreateIdendityProvider(newIP IdentityProvider) (IdentityProviderCreateResponse, error)
Create a new Identity Provider.
func (*RoleStore) CreateLogconfCollector ¶ added in v0.6.0
func (store *RoleStore) CreateLogconfCollector(conf LogconfCollector) (string, error)
CreateLogconfCollector create a logconf collector
func (*RoleStore) CreateRole ¶
CreateRole creates new role
func (*RoleStore) CreateSource ¶ added in v0.6.0
CreateSource create a new source
func (*RoleStore) DeleteAWSRoleLInk ¶ added in v0.6.0
DeleteAWSRoleLInk delete a aws role
func (*RoleStore) DeleteAuthorizedKey ¶ added in v0.6.0
DeleteAuthorizedKey delete a user's authorized key
func (*RoleStore) DeleteIdendityProviderByID ¶ added in v1.25.0
Delete Identity Provider by ID.
func (*RoleStore) DeleteLogconfCollector ¶ added in v0.6.0
DeleteLogconfCollector delete a logconf collector
func (*RoleStore) DeletePrincipalKey ¶ added in v0.6.0
DeletePrincipalKey delete a role's principal key
func (*RoleStore) DeleteRole ¶ added in v0.6.0
DeleteRole delete a role
func (*RoleStore) DeleteSource ¶ added in v0.6.0
DeleteSource delete a source
func (*RoleStore) DisableMFA ¶ added in v0.6.0
DisableMFA disable multifactor authentication
func (*RoleStore) EvaluateRole ¶ added in v0.6.0
EvaluateRole evaluate a new role definition
func (*RoleStore) GeneratePrincipalKey ¶ added in v0.6.0
GeneratePrincipalKey generate new principal key for existing role
func (*RoleStore) GetAllIdendityProviders ¶ added in v1.25.0
func (store *RoleStore) GetAllIdendityProviders(offset, limit int) (IdentityProviderResponse, error)
List all identity providers.
func (*RoleStore) GetIdendityProviderByID ¶ added in v1.25.0
func (store *RoleStore) GetIdendityProviderByID(ID string) (IdentityProvider, error)
Get Identity Provider by ID.
func (*RoleStore) GetRoleMembers ¶
GetRoleMembers gets all members (users) of the argument role ID.
func (*RoleStore) GrantUserRole ¶ added in v0.6.0
GrantUserRole adds the specified role for the user. If the user already has the role, this function does nothing.
func (*RoleStore) ImportPrincipalKey ¶ added in v0.6.0
func (store *RoleStore) ImportPrincipalKey(key PrivateKey, roleID string) (string, error)
ImportPrincipalKey import new principal key for existing role
func (*RoleStore) LinkedRoles ¶ added in v0.6.0
func (store *RoleStore) LinkedRoles(awsroleID string) ([]AWSRoleLink, error)
LinkedRoles return AWS role granting PrivX roles
func (*RoleStore) LogconfCollector ¶ added in v0.6.0
func (store *RoleStore) LogconfCollector(collectorID string) (*LogconfCollector, error)
LogconfCollector returns existing single logconf collector
func (*RoleStore) LogconfCollectors ¶ added in v0.6.0
func (store *RoleStore) LogconfCollectors() ([]LogconfCollector, error)
LogconfCollectors returns all logconf collectors
func (*RoleStore) PrincipalKey ¶ added in v0.6.0
func (store *RoleStore) PrincipalKey(roleID, keyID string) (*PrincipalKey, error)
PrincipalKey returns a role's principal key object.
func (*RoleStore) PrincipalKeys ¶ added in v0.6.0
func (store *RoleStore) PrincipalKeys(roleID string) ([]PrincipalKey, error)
PrincipalKeys returns all principal keys
func (*RoleStore) RefreshSources ¶ added in v0.6.0
RefreshSources refresh all host and user sources
func (*RoleStore) ResolveAuthorizedKey ¶ added in v0.6.0
func (store *RoleStore) ResolveAuthorizedKey(resolve ResolveAuthorizedKey) ([]AuthorizedKey, error)
ResolveAuthorizedKey resolve authorized keys
func (*RoleStore) ResolveRoles ¶
ResolveRoles searches give role name and returns corresponding ids
func (*RoleStore) ResolveUser ¶ added in v0.6.0
ResolveUser resolve users role
func (*RoleStore) RevokeUserRole ¶ added in v0.6.0
RevokeUserRole removes the specified role from the user. If the user does not have the role, this function does nothing.
func (*RoleStore) SearchIdendityProviders ¶ added in v1.25.0
func (store *RoleStore) SearchIdendityProviders(offset, limit int, sortkey, sortdir, keywords string) (IdentityProviderResponse, error)
Search Identity Providers.
func (*RoleStore) SearchUsers ¶
func (store *RoleStore) SearchUsers(offset, limit int, sortkey, sortdir string, searchBody UserSearchObject) ([]User, error)
SearchUsers searches for users, matching the keywords and source criteria.
func (*RoleStore) SearchUsersExternal ¶ added in v0.6.0
SearchUsersExternal searche users with user search parameters.
func (*RoleStore) UpdateAWSRoleLink ¶ added in v0.6.0
UpdateAWSRoleLink update existing aws role
func (*RoleStore) UpdateAuthorizedKey ¶ added in v0.6.0
func (store *RoleStore) UpdateAuthorizedKey(key *AuthorizedKey, userID, keyID string) error
UpdateAuthorizedKey update authorized key for user
func (*RoleStore) UpdateIdendityProvider ¶ added in v1.25.0
func (store *RoleStore) UpdateIdendityProvider(UpdatedIP IdentityProvider, ID string) error
Update a Identity Provider.
func (*RoleStore) UpdateLogconfCollector ¶ added in v0.6.0
func (store *RoleStore) UpdateLogconfCollector(collectorID string, conf *LogconfCollector) error
UpdateLogconfCollector update existing logconf collector
func (*RoleStore) UpdateRole ¶ added in v0.6.0
UpdateRole update existing role
func (*RoleStore) UpdateSource ¶ added in v0.6.0
UpdateSource update existing source
func (*RoleStore) UpdateUserSettings ¶ added in v0.6.0
func (store *RoleStore) UpdateUserSettings(settings *json.RawMessage, userID string) error
UpdateUserSettings update specific user's settings
func (*RoleStore) UserSettings ¶ added in v0.6.0
func (store *RoleStore) UserSettings(userID string) (*json.RawMessage, error)
UserSettings get specific user settings
type Seed ¶ added in v0.6.0
type Seed struct {
SeedString string `json:"seed_string,omitempty"`
SeedQRCode string `json:"seed_qr_code,omitempty"`
}
Seed seed definition
type Source ¶ added in v0.6.0
type Source struct {
ID string `json:"id,omitempty"`
Created string `json:"created,omitempty"`
Updated string `json:"updated,omitempty"`
UpdatedBy string `json:"updated_by,omitempty"`
Author string `json:"author,omitempty"`
Name string `json:"name,omitempty"`
StatusCode string `json:"status_code,omitempty"`
StatusText string `json:"status_text,omitempty"`
Comment string `json:"comment,omitempty"`
TTL int `json:"ttl,omitempty"`
Enabled bool `json:"enabled,omitempty"`
Tags []string `json:"tags,omitempty"`
UsernamePattern []string `json:"username_pattern,omitempty"`
ExternalUserMapping []EUM `json:"external_user_mapping,omitempty"`
Connection Connection `json:"connection,omitempty"`
SessionPasswordEnabled bool `json:"session_password_enabled,omitempty"`
SessionPasswordPolicy *authmodel.SessionPasswordPolicy `json:"session_password_policy,omitempty"`
ChildSessionAutoLogoutDelay int `json:"child_session_auto_logout_delay,omitempty"`
}
Source definitions - user and host directories
type SourceRule ¶
type SourceRule struct {
Type string `json:"type"`
Match string `json:"match"`
Source string `json:"source,omitempty"`
Pattern string `json:"search_string,omitempty"`
Rules []SourceRule `json:"rules"`
}
SourceRule defines a mapping of role to object objects in directory
func SourceRuleNone ¶
func SourceRuleNone() SourceRule
SourceRuleNone creates an empty mapping source for the role
type User ¶
type User struct {
ID string `json:"id,omitempty"`
SourceUserID string `json:"source_user_id,omitempty"`
Principal string `json:"principal,omitempty"`
Source string `json:"source,omitempty"`
FullName string `json:"full_name,omitempty"`
Email string `json:"email,omitempty"`
DistinguishedName string `json:"distinguished_name,omitempty"`
Created string `json:"created,omitempty"`
Updated string `json:"updated,omitempty"`
UpdatedBy string `json:"updated_by,omitempty"`
Author string `json:"author,omitempty"`
Comment string `json:"comment,omitempty"`
GivenName string `json:"given_name,omitempty"`
Job string `json:"job_title,omitempty"`
Company string `json:"company,omitempty"`
Department string `json:"department,omitempty"`
Telephone string `json:"telephone,omitempty"`
Locale string `json:"locale,omitempty"`
StaleAccessToken bool `json:"stale_access_token,omitempty"`
Permissions []string `json:"permissions,omitempty"`
Tags []string `json:"tags"`
MFA MFA `json:"mfa"`
Roles []Role `json:"roles"`
AuthorizedKeys []AuthorizedKey `json:"authorized_keys,omitempty"`
}
User contains PrivX user information.
type UserSearchObject ¶ added in v0.21.0
type UserSearchObject struct {
Keywords string `json:"keywords,omitempty"`
Source string `json:"source,omitempty"`
UserIDs []string `json:"user_id,omitempty"`
}
UserSearchObject user search parameters
type ValidityPeriod ¶ added in v1.32.1
Source Files
Click to show internal directories.
Click to hide internal directories.