policy

package
v0.6.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 23, 2025 License: BSD-3-Clause-Clear Imports: 7 Imported by: 22

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	AttributeRuleTypeEnum_name = map[int32]string{
		0: "ATTRIBUTE_RULE_TYPE_ENUM_UNSPECIFIED",
		1: "ATTRIBUTE_RULE_TYPE_ENUM_ALL_OF",
		2: "ATTRIBUTE_RULE_TYPE_ENUM_ANY_OF",
		3: "ATTRIBUTE_RULE_TYPE_ENUM_HIERARCHY",
	}
	AttributeRuleTypeEnum_value = map[string]int32{
		"ATTRIBUTE_RULE_TYPE_ENUM_UNSPECIFIED": 0,
		"ATTRIBUTE_RULE_TYPE_ENUM_ALL_OF":      1,
		"ATTRIBUTE_RULE_TYPE_ENUM_ANY_OF":      2,
		"ATTRIBUTE_RULE_TYPE_ENUM_HIERARCHY":   3,
	}
)

Enum value maps for AttributeRuleTypeEnum.

View Source 
var (
	SubjectMappingOperatorEnum_name = map[int32]string{
		0: "SUBJECT_MAPPING_OPERATOR_ENUM_UNSPECIFIED",
		1: "SUBJECT_MAPPING_OPERATOR_ENUM_IN",
		2: "SUBJECT_MAPPING_OPERATOR_ENUM_NOT_IN",
		3: "SUBJECT_MAPPING_OPERATOR_ENUM_IN_CONTAINS",
	}
	SubjectMappingOperatorEnum_value = map[string]int32{
		"SUBJECT_MAPPING_OPERATOR_ENUM_UNSPECIFIED": 0,
		"SUBJECT_MAPPING_OPERATOR_ENUM_IN":          1,
		"SUBJECT_MAPPING_OPERATOR_ENUM_NOT_IN":      2,
		"SUBJECT_MAPPING_OPERATOR_ENUM_IN_CONTAINS": 3,
	}
)

Enum value maps for SubjectMappingOperatorEnum.

View Source 
var (
	ConditionBooleanTypeEnum_name = map[int32]string{
		0: "CONDITION_BOOLEAN_TYPE_ENUM_UNSPECIFIED",
		1: "CONDITION_BOOLEAN_TYPE_ENUM_AND",
		2: "CONDITION_BOOLEAN_TYPE_ENUM_OR",
	}
	ConditionBooleanTypeEnum_value = map[string]int32{
		"CONDITION_BOOLEAN_TYPE_ENUM_UNSPECIFIED": 0,
		"CONDITION_BOOLEAN_TYPE_ENUM_AND":         1,
		"CONDITION_BOOLEAN_TYPE_ENUM_OR":          2,
	}
)

Enum value maps for ConditionBooleanTypeEnum.

View Source 
var (
	SourceType_name = map[int32]string{
		0: "SOURCE_TYPE_UNSPECIFIED",
		1: "SOURCE_TYPE_INTERNAL",
		2: "SOURCE_TYPE_EXTERNAL",
	}
	SourceType_value = map[string]int32{
		"SOURCE_TYPE_UNSPECIFIED": 0,
		"SOURCE_TYPE_INTERNAL":    1,
		"SOURCE_TYPE_EXTERNAL":    2,
	}
)

Enum value maps for SourceType.

View Source 
var (
	KasPublicKeyAlgEnum_name = map[int32]string{
		0: "KAS_PUBLIC_KEY_ALG_ENUM_UNSPECIFIED",
		1: "KAS_PUBLIC_KEY_ALG_ENUM_RSA_2048",
		2: "KAS_PUBLIC_KEY_ALG_ENUM_RSA_4096",
		5: "KAS_PUBLIC_KEY_ALG_ENUM_EC_SECP256R1",
		6: "KAS_PUBLIC_KEY_ALG_ENUM_EC_SECP384R1",
		7: "KAS_PUBLIC_KEY_ALG_ENUM_EC_SECP521R1",
	}
	KasPublicKeyAlgEnum_value = map[string]int32{
		"KAS_PUBLIC_KEY_ALG_ENUM_UNSPECIFIED":  0,
		"KAS_PUBLIC_KEY_ALG_ENUM_RSA_2048":     1,
		"KAS_PUBLIC_KEY_ALG_ENUM_RSA_4096":     2,
		"KAS_PUBLIC_KEY_ALG_ENUM_EC_SECP256R1": 5,
		"KAS_PUBLIC_KEY_ALG_ENUM_EC_SECP384R1": 6,
		"KAS_PUBLIC_KEY_ALG_ENUM_EC_SECP521R1": 7,
	}
)

Enum value maps for KasPublicKeyAlgEnum.

View Source 
var (
	Algorithm_name = map[int32]string{
		0: "ALGORITHM_UNSPECIFIED",
		1: "ALGORITHM_RSA_2048",
		2: "ALGORITHM_RSA_4096",
		3: "ALGORITHM_EC_P256",
		4: "ALGORITHM_EC_P384",
		5: "ALGORITHM_EC_P521",
	}
	Algorithm_value = map[string]int32{
		"ALGORITHM_UNSPECIFIED": 0,
		"ALGORITHM_RSA_2048":    1,
		"ALGORITHM_RSA_4096":    2,
		"ALGORITHM_EC_P256":     3,
		"ALGORITHM_EC_P384":     4,
		"ALGORITHM_EC_P521":     5,
	}
)

Enum value maps for Algorithm.

View Source 
var (
	KeyStatus_name = map[int32]string{
		0: "KEY_STATUS_UNSPECIFIED",
		1: "KEY_STATUS_ACTIVE",
		2: "KEY_STATUS_ROTATED",
	}
	KeyStatus_value = map[string]int32{
		"KEY_STATUS_UNSPECIFIED": 0,
		"KEY_STATUS_ACTIVE":      1,
		"KEY_STATUS_ROTATED":     2,
	}
)

Enum value maps for KeyStatus.

View Source 
var (
	KeyMode_name = map[int32]string{
		0: "KEY_MODE_UNSPECIFIED",
		1: "KEY_MODE_CONFIG_ROOT_KEY",
		2: "KEY_MODE_PROVIDER_ROOT_KEY",
		3: "KEY_MODE_REMOTE",
		4: "KEY_MODE_PUBLIC_KEY_ONLY",
	}
	KeyMode_value = map[string]int32{
		"KEY_MODE_UNSPECIFIED":       0,
		"KEY_MODE_CONFIG_ROOT_KEY":   1,
		"KEY_MODE_PROVIDER_ROOT_KEY": 2,
		"KEY_MODE_REMOTE":            3,
		"KEY_MODE_PUBLIC_KEY_ONLY":   4,
	}
)

Enum value maps for KeyMode.

View Source 
var (
	Action_StandardAction_name = map[int32]string{
		0: "STANDARD_ACTION_UNSPECIFIED",
		1: "STANDARD_ACTION_DECRYPT",
		2: "STANDARD_ACTION_TRANSMIT",
	}
	Action_StandardAction_value = map[string]int32{
		"STANDARD_ACTION_UNSPECIFIED": 0,
		"STANDARD_ACTION_DECRYPT":     1,
		"STANDARD_ACTION_TRANSMIT":    2,
	}
)

Enum value maps for Action_StandardAction.

View Source 
var File_policy_objects_proto protoreflect.FileDescriptor
View Source 
var File_policy_selectors_proto protoreflect.FileDescriptor

Functions

This section is empty.

Types

type Action 

type Action struct {

	// Generated uuid in database
	Id string `protobuf:"bytes,3,opt,name=id,proto3" json:"id,omitempty"`
	// Deprecated
	//
	// Types that are assignable to Value:
	//
	//	*Action_Standard
	//	*Action_Custom
	Value    isAction_Value   `protobuf_oneof:"value"`
	Name     string           `protobuf:"bytes,4,opt,name=name,proto3" json:"name,omitempty"`
	Metadata *common.Metadata `protobuf:"bytes,100,opt,name=metadata,proto3" json:"metadata,omitempty"`
	// contains filtered or unexported fields
}

An action an entity can take

func (*Action) Descriptor deprecated 

func (*Action) Descriptor() ([]byte, []int)

Deprecated: Use Action.ProtoReflect.Descriptor instead.

func (*Action) GetCustom 

func (x *Action) GetCustom() string

func (*Action) GetId added in v0.3.0 

func (x *Action) GetId() string

func (*Action) GetMetadata added in v0.3.0 

func (x *Action) GetMetadata() *common.Metadata

func (*Action) GetName added in v0.3.0 

func (x *Action) GetName() string

func (*Action) GetStandard 

func (x *Action) GetStandard() Action_StandardAction

func (*Action) GetValue 

func (m *Action) GetValue() isAction_Value

func (*Action) ProtoMessage 

func (*Action) ProtoMessage()

func (*Action) ProtoReflect 

func (x *Action) ProtoReflect() protoreflect.Message

func (*Action) Reset 

func (x *Action) Reset()

func (*Action) String 

func (x *Action) String() string

type Action_Custom 

type Action_Custom struct {
	// Deprecated
	Custom string `protobuf:"bytes,2,opt,name=custom,proto3,oneof"`
}

type Action_Standard 

type Action_Standard struct {
	// Deprecated
	Standard Action_StandardAction `protobuf:"varint,1,opt,name=standard,proto3,enum=policy.Action_StandardAction,oneof"`
}

type Action_StandardAction 

type Action_StandardAction int32
const (
	Action_STANDARD_ACTION_UNSPECIFIED Action_StandardAction = 0
	// Deprecated
	// Migrate to 'read' action name
	Action_STANDARD_ACTION_DECRYPT Action_StandardAction = 1
	// Deprecated
	// Migrate to 'create' action name
	Action_STANDARD_ACTION_TRANSMIT Action_StandardAction = 2
)

func (Action_StandardAction) Descriptor 

func (Action_StandardAction) Descriptor() protoreflect.EnumDescriptor

func (Action_StandardAction) Enum 

func (x Action_StandardAction) Enum() *Action_StandardAction

func (Action_StandardAction) EnumDescriptor deprecated 

func (Action_StandardAction) EnumDescriptor() ([]byte, []int)

Deprecated: Use Action_StandardAction.Descriptor instead.

func (Action_StandardAction) Number 

func (x Action_StandardAction) Number() protoreflect.EnumNumber

func (Action_StandardAction) String 

func (x Action_StandardAction) String() string

func (Action_StandardAction) Type 

func (Action_StandardAction) Type() protoreflect.EnumType

type Algorithm added in v0.3.3 

type Algorithm int32

Supported key algorithms. 

const (
	Algorithm_ALGORITHM_UNSPECIFIED Algorithm = 0
	Algorithm_ALGORITHM_RSA_2048    Algorithm = 1
	Algorithm_ALGORITHM_RSA_4096    Algorithm = 2
	Algorithm_ALGORITHM_EC_P256     Algorithm = 3
	Algorithm_ALGORITHM_EC_P384     Algorithm = 4
	Algorithm_ALGORITHM_EC_P521     Algorithm = 5
)

func (Algorithm) Descriptor added in v0.3.3 

func (Algorithm) Descriptor() protoreflect.EnumDescriptor

func (Algorithm) Enum added in v0.3.3 

func (x Algorithm) Enum() *Algorithm

func (Algorithm) EnumDescriptor deprecated added in v0.3.3 

func (Algorithm) EnumDescriptor() ([]byte, []int)

Deprecated: Use Algorithm.Descriptor instead.

func (Algorithm) Number added in v0.3.3 

func (x Algorithm) Number() protoreflect.EnumNumber

func (Algorithm) String added in v0.3.3 

func (x Algorithm) String() string

func (Algorithm) Type added in v0.3.3 

func (Algorithm) Type() protoreflect.EnumType

type AsymmetricKey added in v0.3.3 

type AsymmetricKey struct {

	// Required
	Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
	// Required
	KeyId string `protobuf:"bytes,2,opt,name=key_id,json=keyId,proto3" json:"key_id,omitempty"`
	// Required
	KeyAlgorithm Algorithm `protobuf:"varint,3,opt,name=key_algorithm,json=keyAlgorithm,proto3,enum=policy.Algorithm" json:"key_algorithm,omitempty"`
	// Required
	KeyStatus KeyStatus `protobuf:"varint,4,opt,name=key_status,json=keyStatus,proto3,enum=policy.KeyStatus" json:"key_status,omitempty"`
	// Required
	KeyMode KeyMode `protobuf:"varint,5,opt,name=key_mode,json=keyMode,proto3,enum=policy.KeyMode" json:"key_mode,omitempty"` // Specifies how the key is managed (local or remote)
	// Required
	PublicKeyCtx *PublicKeyCtx `protobuf:"bytes,6,opt,name=public_key_ctx,json=publicKeyCtx,proto3" json:"public_key_ctx,omitempty"` // Specific structure based on key provider implementation
	// Optional
	PrivateKeyCtx *PrivateKeyCtx `protobuf:"bytes,7,opt,name=private_key_ctx,json=privateKeyCtx,proto3" json:"private_key_ctx,omitempty"` // Specific structure based on key provider implementation
	// Optional
	ProviderConfig *KeyProviderConfig `protobuf:"bytes,8,opt,name=provider_config,json=providerConfig,proto3" json:"provider_config,omitempty"` // Configuration for the key provider
	// Common metadata fields
	Metadata *common.Metadata `protobuf:"bytes,100,opt,name=metadata,proto3" json:"metadata,omitempty"`
	// contains filtered or unexported fields
}

func (*AsymmetricKey) Descriptor deprecated added in v0.3.3 

func (*AsymmetricKey) Descriptor() ([]byte, []int)

Deprecated: Use AsymmetricKey.ProtoReflect.Descriptor instead.

func (*AsymmetricKey) GetId added in v0.3.3 

func (x *AsymmetricKey) GetId() string

func (*AsymmetricKey) GetKeyAlgorithm added in v0.3.3 

func (x *AsymmetricKey) GetKeyAlgorithm() Algorithm

func (*AsymmetricKey) GetKeyId added in v0.3.3 

func (x *AsymmetricKey) GetKeyId() string

func (*AsymmetricKey) GetKeyMode added in v0.3.3 

func (x *AsymmetricKey) GetKeyMode() KeyMode

func (*AsymmetricKey) GetKeyStatus added in v0.3.3 

func (x *AsymmetricKey) GetKeyStatus() KeyStatus

func (*AsymmetricKey) GetMetadata added in v0.3.3 

func (x *AsymmetricKey) GetMetadata() *common.Metadata

func (*AsymmetricKey) GetPrivateKeyCtx added in v0.3.3 

func (x *AsymmetricKey) GetPrivateKeyCtx() *PrivateKeyCtx

func (*AsymmetricKey) GetProviderConfig added in v0.3.3 

func (x *AsymmetricKey) GetProviderConfig() *KeyProviderConfig

func (*AsymmetricKey) GetPublicKeyCtx added in v0.3.3 

func (x *AsymmetricKey) GetPublicKeyCtx() *PublicKeyCtx

func (*AsymmetricKey) ProtoMessage added in v0.3.3 

func (*AsymmetricKey) ProtoMessage()

func (*AsymmetricKey) ProtoReflect added in v0.3.3 

func (x *AsymmetricKey) ProtoReflect() protoreflect.Message

func (*AsymmetricKey) Reset added in v0.3.3 

func (x *AsymmetricKey) Reset()

func (*AsymmetricKey) String added in v0.3.3 

func (x *AsymmetricKey) String() string

type Attribute 

type Attribute struct {
	Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
	// namespace of the attribute
	Namespace *Namespace `protobuf:"bytes,2,opt,name=namespace,proto3" json:"namespace,omitempty"`
	// attribute name
	Name string `protobuf:"bytes,3,opt,name=name,proto3" json:"name,omitempty"`
	// attribute rule enum
	Rule   AttributeRuleTypeEnum `protobuf:"varint,4,opt,name=rule,proto3,enum=policy.AttributeRuleTypeEnum" json:"rule,omitempty"`
	Values []*Value              `protobuf:"bytes,5,rep,name=values,proto3" json:"values,omitempty"`
	// Deprecated KAS grants for the attribute. Use kas_keys instead.
	Grants []*KeyAccessServer `protobuf:"bytes,6,rep,name=grants,proto3" json:"grants,omitempty"`
	Fqn    string             `protobuf:"bytes,7,opt,name=fqn,proto3" json:"fqn,omitempty"`
	// active by default until explicitly deactivated
	Active *wrapperspb.BoolValue `protobuf:"bytes,8,opt,name=active,proto3" json:"active,omitempty"`
	// Keys associated with the attribute
	KasKeys []*SimpleKasKey `protobuf:"bytes,9,rep,name=kas_keys,json=kasKeys,proto3" json:"kas_keys,omitempty"`
	// Common metadata
	Metadata *common.Metadata `protobuf:"bytes,100,opt,name=metadata,proto3" json:"metadata,omitempty"`
	// contains filtered or unexported fields
}

func (*Attribute) Descriptor deprecated 

func (*Attribute) Descriptor() ([]byte, []int)

Deprecated: Use Attribute.ProtoReflect.Descriptor instead.

func (*Attribute) GetActive 

func (x *Attribute) GetActive() *wrapperspb.BoolValue

func (*Attribute) GetFqn 

func (x *Attribute) GetFqn() string

func (*Attribute) GetGrants 

func (x *Attribute) GetGrants() []*KeyAccessServer

func (*Attribute) GetId 

func (x *Attribute) GetId() string

func (*Attribute) GetKasKeys added in v0.3.3 

func (x *Attribute) GetKasKeys() []*SimpleKasKey

func (*Attribute) GetMetadata 

func (x *Attribute) GetMetadata() *common.Metadata

func (*Attribute) GetName 

func (x *Attribute) GetName() string

func (*Attribute) GetNamespace 

func (x *Attribute) GetNamespace() *Namespace

func (*Attribute) GetRule 

func (x *Attribute) GetRule() AttributeRuleTypeEnum

func (*Attribute) GetValues 

func (x *Attribute) GetValues() []*Value

func (*Attribute) ProtoMessage 

func (*Attribute) ProtoMessage()

func (*Attribute) ProtoReflect 

func (x *Attribute) ProtoReflect() protoreflect.Message

func (*Attribute) Reset 

func (x *Attribute) Reset()

func (*Attribute) String 

func (x *Attribute) String() string

type AttributeDefinitionSelector 

type AttributeDefinitionSelector struct {

	// Deprecated
	WithKeyAccessGrants bool                                           `protobuf:"varint,1,opt,name=with_key_access_grants,json=withKeyAccessGrants,proto3" json:"with_key_access_grants,omitempty"`
	WithNamespace       *AttributeDefinitionSelector_NamespaceSelector `protobuf:"bytes,10,opt,name=with_namespace,json=withNamespace,proto3" json:"with_namespace,omitempty"`
	WithValues          *AttributeDefinitionSelector_ValueSelector     `protobuf:"bytes,11,opt,name=with_values,json=withValues,proto3" json:"with_values,omitempty"`
	// contains filtered or unexported fields
}

func (*AttributeDefinitionSelector) Descriptor deprecated 

func (*AttributeDefinitionSelector) Descriptor() ([]byte, []int)

Deprecated: Use AttributeDefinitionSelector.ProtoReflect.Descriptor instead.

func (*AttributeDefinitionSelector) GetWithKeyAccessGrants 

func (x *AttributeDefinitionSelector) GetWithKeyAccessGrants() bool

func (*AttributeDefinitionSelector) GetWithNamespace 

func (x *AttributeDefinitionSelector) GetWithNamespace() *AttributeDefinitionSelector_NamespaceSelector

func (*AttributeDefinitionSelector) GetWithValues 

func (x *AttributeDefinitionSelector) GetWithValues() *AttributeDefinitionSelector_ValueSelector

func (*AttributeDefinitionSelector) ProtoMessage 

func (*AttributeDefinitionSelector) ProtoMessage()

func (*AttributeDefinitionSelector) ProtoReflect 

func (x *AttributeDefinitionSelector) ProtoReflect() protoreflect.Message

func (*AttributeDefinitionSelector) Reset 

func (x *AttributeDefinitionSelector) Reset()

func (*AttributeDefinitionSelector) String 

func (x *AttributeDefinitionSelector) String() string

type AttributeDefinitionSelector_NamespaceSelector 

type AttributeDefinitionSelector_NamespaceSelector struct {
	// contains filtered or unexported fields
}

func (*AttributeDefinitionSelector_NamespaceSelector) Descriptor deprecated 

func (*AttributeDefinitionSelector_NamespaceSelector) Descriptor() ([]byte, []int)

Deprecated: Use AttributeDefinitionSelector_NamespaceSelector.ProtoReflect.Descriptor instead.

func (*AttributeDefinitionSelector_NamespaceSelector) ProtoMessage 

func (*AttributeDefinitionSelector_NamespaceSelector) ProtoMessage()

func (*AttributeDefinitionSelector_NamespaceSelector) ProtoReflect 

func (x *AttributeDefinitionSelector_NamespaceSelector) ProtoReflect() protoreflect.Message

func (*AttributeDefinitionSelector_NamespaceSelector) Reset 

func (x *AttributeDefinitionSelector_NamespaceSelector) Reset()

func (*AttributeDefinitionSelector_NamespaceSelector) String 

func (x *AttributeDefinitionSelector_NamespaceSelector) String() string

type AttributeDefinitionSelector_ValueSelector 

type AttributeDefinitionSelector_ValueSelector struct {

	// Deprecated
	WithKeyAccessGrants bool `protobuf:"varint,1,opt,name=with_key_access_grants,json=withKeyAccessGrants,proto3" json:"with_key_access_grants,omitempty"`
	WithSubjectMaps     bool `protobuf:"varint,2,opt,name=with_subject_maps,json=withSubjectMaps,proto3" json:"with_subject_maps,omitempty"`
	WithResourceMaps    bool `protobuf:"varint,3,opt,name=with_resource_maps,json=withResourceMaps,proto3" json:"with_resource_maps,omitempty"`
	// contains filtered or unexported fields
}

func (*AttributeDefinitionSelector_ValueSelector) Descriptor deprecated 

func (*AttributeDefinitionSelector_ValueSelector) Descriptor() ([]byte, []int)

Deprecated: Use AttributeDefinitionSelector_ValueSelector.ProtoReflect.Descriptor instead.

func (*AttributeDefinitionSelector_ValueSelector) GetWithKeyAccessGrants 

func (x *AttributeDefinitionSelector_ValueSelector) GetWithKeyAccessGrants() bool

func (*AttributeDefinitionSelector_ValueSelector) GetWithResourceMaps 

func (x *AttributeDefinitionSelector_ValueSelector) GetWithResourceMaps() bool

func (*AttributeDefinitionSelector_ValueSelector) GetWithSubjectMaps 

func (x *AttributeDefinitionSelector_ValueSelector) GetWithSubjectMaps() bool

func (*AttributeDefinitionSelector_ValueSelector) ProtoMessage 

func (*AttributeDefinitionSelector_ValueSelector) ProtoMessage()

func (*AttributeDefinitionSelector_ValueSelector) ProtoReflect 

func (x *AttributeDefinitionSelector_ValueSelector) ProtoReflect() protoreflect.Message

func (*AttributeDefinitionSelector_ValueSelector) Reset 

func (x *AttributeDefinitionSelector_ValueSelector) Reset()

func (*AttributeDefinitionSelector_ValueSelector) String 

func (x *AttributeDefinitionSelector_ValueSelector) String() string

type AttributeNamespaceSelector 

type AttributeNamespaceSelector struct {
	WithAttributes *AttributeNamespaceSelector_AttributeSelector `protobuf:"bytes,10,opt,name=with_attributes,json=withAttributes,proto3" json:"with_attributes,omitempty"`
	// contains filtered or unexported fields
}

func (*AttributeNamespaceSelector) Descriptor deprecated 

func (*AttributeNamespaceSelector) Descriptor() ([]byte, []int)

Deprecated: Use AttributeNamespaceSelector.ProtoReflect.Descriptor instead.

func (*AttributeNamespaceSelector) GetWithAttributes 

func (x *AttributeNamespaceSelector) GetWithAttributes() *AttributeNamespaceSelector_AttributeSelector

func (*AttributeNamespaceSelector) ProtoMessage 

func (*AttributeNamespaceSelector) ProtoMessage()

func (*AttributeNamespaceSelector) ProtoReflect 

func (x *AttributeNamespaceSelector) ProtoReflect() protoreflect.Message

func (*AttributeNamespaceSelector) Reset 

func (x *AttributeNamespaceSelector) Reset()

func (*AttributeNamespaceSelector) String 

func (x *AttributeNamespaceSelector) String() string

type AttributeNamespaceSelector_AttributeSelector 

type AttributeNamespaceSelector_AttributeSelector struct {

	// Deprecated
	WithKeyAccessGrants bool                                                        `protobuf:"varint,1,opt,name=with_key_access_grants,json=withKeyAccessGrants,proto3" json:"with_key_access_grants,omitempty"`
	WithValues          *AttributeNamespaceSelector_AttributeSelector_ValueSelector `protobuf:"bytes,10,opt,name=with_values,json=withValues,proto3" json:"with_values,omitempty"`
	// contains filtered or unexported fields
}

func (*AttributeNamespaceSelector_AttributeSelector) Descriptor deprecated 

func (*AttributeNamespaceSelector_AttributeSelector) Descriptor() ([]byte, []int)

Deprecated: Use AttributeNamespaceSelector_AttributeSelector.ProtoReflect.Descriptor instead.

func (*AttributeNamespaceSelector_AttributeSelector) GetWithKeyAccessGrants 

func (x *AttributeNamespaceSelector_AttributeSelector) GetWithKeyAccessGrants() bool

func (*AttributeNamespaceSelector_AttributeSelector) GetWithValues 

func (x *AttributeNamespaceSelector_AttributeSelector) GetWithValues() *AttributeNamespaceSelector_AttributeSelector_ValueSelector

func (*AttributeNamespaceSelector_AttributeSelector) ProtoMessage 

func (*AttributeNamespaceSelector_AttributeSelector) ProtoMessage()

func (*AttributeNamespaceSelector_AttributeSelector) ProtoReflect 

func (x *AttributeNamespaceSelector_AttributeSelector) ProtoReflect() protoreflect.Message

func (*AttributeNamespaceSelector_AttributeSelector) Reset 

func (x *AttributeNamespaceSelector_AttributeSelector) Reset()

func (*AttributeNamespaceSelector_AttributeSelector) String 

func (x *AttributeNamespaceSelector_AttributeSelector) String() string

type AttributeNamespaceSelector_AttributeSelector_ValueSelector 

type AttributeNamespaceSelector_AttributeSelector_ValueSelector struct {

	// Deprecated
	WithKeyAccessGrants bool `protobuf:"varint,1,opt,name=with_key_access_grants,json=withKeyAccessGrants,proto3" json:"with_key_access_grants,omitempty"`
	WithSubjectMaps     bool `protobuf:"varint,2,opt,name=with_subject_maps,json=withSubjectMaps,proto3" json:"with_subject_maps,omitempty"`
	WithResourceMaps    bool `protobuf:"varint,3,opt,name=with_resource_maps,json=withResourceMaps,proto3" json:"with_resource_maps,omitempty"`
	// contains filtered or unexported fields
}

func (*AttributeNamespaceSelector_AttributeSelector_ValueSelector) Descriptor deprecated 

func (*AttributeNamespaceSelector_AttributeSelector_ValueSelector) Descriptor() ([]byte, []int)

Deprecated: Use AttributeNamespaceSelector_AttributeSelector_ValueSelector.ProtoReflect.Descriptor instead.

func (*AttributeNamespaceSelector_AttributeSelector_ValueSelector) GetWithKeyAccessGrants 

func (x *AttributeNamespaceSelector_AttributeSelector_ValueSelector) GetWithKeyAccessGrants() bool

func (*AttributeNamespaceSelector_AttributeSelector_ValueSelector) GetWithResourceMaps 

func (x *AttributeNamespaceSelector_AttributeSelector_ValueSelector) GetWithResourceMaps() bool

func (*AttributeNamespaceSelector_AttributeSelector_ValueSelector) GetWithSubjectMaps 

func (x *AttributeNamespaceSelector_AttributeSelector_ValueSelector) GetWithSubjectMaps() bool

func (*AttributeNamespaceSelector_AttributeSelector_ValueSelector) ProtoMessage 

func (*AttributeNamespaceSelector_AttributeSelector_ValueSelector) ProtoMessage()

func (*AttributeNamespaceSelector_AttributeSelector_ValueSelector) ProtoReflect 

func (x *AttributeNamespaceSelector_AttributeSelector_ValueSelector) ProtoReflect() protoreflect.Message

func (*AttributeNamespaceSelector_AttributeSelector_ValueSelector) Reset 

func (x *AttributeNamespaceSelector_AttributeSelector_ValueSelector) Reset()

func (*AttributeNamespaceSelector_AttributeSelector_ValueSelector) String 

func (x *AttributeNamespaceSelector_AttributeSelector_ValueSelector) String() string

type AttributeRuleTypeEnum 

type AttributeRuleTypeEnum int32
const (
	AttributeRuleTypeEnum_ATTRIBUTE_RULE_TYPE_ENUM_UNSPECIFIED AttributeRuleTypeEnum = 0
	AttributeRuleTypeEnum_ATTRIBUTE_RULE_TYPE_ENUM_ALL_OF      AttributeRuleTypeEnum = 1
	AttributeRuleTypeEnum_ATTRIBUTE_RULE_TYPE_ENUM_ANY_OF      AttributeRuleTypeEnum = 2
	AttributeRuleTypeEnum_ATTRIBUTE_RULE_TYPE_ENUM_HIERARCHY   AttributeRuleTypeEnum = 3
)

func (AttributeRuleTypeEnum) Descriptor 

func (AttributeRuleTypeEnum) Descriptor() protoreflect.EnumDescriptor

func (AttributeRuleTypeEnum) Enum 

func (x AttributeRuleTypeEnum) Enum() *AttributeRuleTypeEnum

func (AttributeRuleTypeEnum) EnumDescriptor deprecated 

func (AttributeRuleTypeEnum) EnumDescriptor() ([]byte, []int)

Deprecated: Use AttributeRuleTypeEnum.Descriptor instead.

func (AttributeRuleTypeEnum) Number 

func (x AttributeRuleTypeEnum) Number() protoreflect.EnumNumber

func (AttributeRuleTypeEnum) String 

func (x AttributeRuleTypeEnum) String() string

func (AttributeRuleTypeEnum) Type 

func (AttributeRuleTypeEnum) Type() protoreflect.EnumType

type AttributeValueSelector 

type AttributeValueSelector struct {

	// Deprecated
	WithKeyAccessGrants bool                                      `protobuf:"varint,1,opt,name=with_key_access_grants,json=withKeyAccessGrants,proto3" json:"with_key_access_grants,omitempty"`
	WithSubjectMaps     bool                                      `protobuf:"varint,2,opt,name=with_subject_maps,json=withSubjectMaps,proto3" json:"with_subject_maps,omitempty"`
	WithResourceMaps    bool                                      `protobuf:"varint,3,opt,name=with_resource_maps,json=withResourceMaps,proto3" json:"with_resource_maps,omitempty"`
	WithAttribute       *AttributeValueSelector_AttributeSelector `protobuf:"bytes,10,opt,name=with_attribute,json=withAttribute,proto3" json:"with_attribute,omitempty"`
	// contains filtered or unexported fields
}

func (*AttributeValueSelector) Descriptor deprecated 

func (*AttributeValueSelector) Descriptor() ([]byte, []int)

Deprecated: Use AttributeValueSelector.ProtoReflect.Descriptor instead.

func (*AttributeValueSelector) GetWithAttribute 

func (x *AttributeValueSelector) GetWithAttribute() *AttributeValueSelector_AttributeSelector

func (*AttributeValueSelector) GetWithKeyAccessGrants 

func (x *AttributeValueSelector) GetWithKeyAccessGrants() bool

func (*AttributeValueSelector) GetWithResourceMaps 

func (x *AttributeValueSelector) GetWithResourceMaps() bool

func (*AttributeValueSelector) GetWithSubjectMaps 

func (x *AttributeValueSelector) GetWithSubjectMaps() bool

func (*AttributeValueSelector) ProtoMessage 

func (*AttributeValueSelector) ProtoMessage()

func (*AttributeValueSelector) ProtoReflect 

func (x *AttributeValueSelector) ProtoReflect() protoreflect.Message

func (*AttributeValueSelector) Reset 

func (x *AttributeValueSelector) Reset()

func (*AttributeValueSelector) String 

func (x *AttributeValueSelector) String() string

type AttributeValueSelector_AttributeSelector 

type AttributeValueSelector_AttributeSelector struct {

	// Deprecated
	WithKeyAccessGrants bool                                                        `protobuf:"varint,1,opt,name=with_key_access_grants,json=withKeyAccessGrants,proto3" json:"with_key_access_grants,omitempty"`
	WithNamespace       *AttributeValueSelector_AttributeSelector_NamespaceSelector `protobuf:"bytes,10,opt,name=with_namespace,json=withNamespace,proto3" json:"with_namespace,omitempty"`
	// contains filtered or unexported fields
}

func (*AttributeValueSelector_AttributeSelector) Descriptor deprecated 

func (*AttributeValueSelector_AttributeSelector) Descriptor() ([]byte, []int)

Deprecated: Use AttributeValueSelector_AttributeSelector.ProtoReflect.Descriptor instead.

func (*AttributeValueSelector_AttributeSelector) GetWithKeyAccessGrants 

func (x *AttributeValueSelector_AttributeSelector) GetWithKeyAccessGrants() bool

func (*AttributeValueSelector_AttributeSelector) GetWithNamespace 

func (x *AttributeValueSelector_AttributeSelector) GetWithNamespace() *AttributeValueSelector_AttributeSelector_NamespaceSelector

func (*AttributeValueSelector_AttributeSelector) ProtoMessage 

func (*AttributeValueSelector_AttributeSelector) ProtoMessage()

func (*AttributeValueSelector_AttributeSelector) ProtoReflect 

func (x *AttributeValueSelector_AttributeSelector) ProtoReflect() protoreflect.Message

func (*AttributeValueSelector_AttributeSelector) Reset 

func (x *AttributeValueSelector_AttributeSelector) Reset()

func (*AttributeValueSelector_AttributeSelector) String 

func (x *AttributeValueSelector_AttributeSelector) String() string

type AttributeValueSelector_AttributeSelector_NamespaceSelector 

type AttributeValueSelector_AttributeSelector_NamespaceSelector struct {
	// contains filtered or unexported fields
}

func (*AttributeValueSelector_AttributeSelector_NamespaceSelector) Descriptor deprecated 

func (*AttributeValueSelector_AttributeSelector_NamespaceSelector) Descriptor() ([]byte, []int)

Deprecated: Use AttributeValueSelector_AttributeSelector_NamespaceSelector.ProtoReflect.Descriptor instead.

func (*AttributeValueSelector_AttributeSelector_NamespaceSelector) ProtoMessage 

func (*AttributeValueSelector_AttributeSelector_NamespaceSelector) ProtoMessage()

func (*AttributeValueSelector_AttributeSelector_NamespaceSelector) ProtoReflect 

func (x *AttributeValueSelector_AttributeSelector_NamespaceSelector) ProtoReflect() protoreflect.Message

func (*AttributeValueSelector_AttributeSelector_NamespaceSelector) Reset 

func (x *AttributeValueSelector_AttributeSelector_NamespaceSelector) Reset()

func (*AttributeValueSelector_AttributeSelector_NamespaceSelector) String 

func (x *AttributeValueSelector_AttributeSelector_NamespaceSelector) String() string

type Condition 

type Condition struct {

	// a selector for a field value on a flattened Entity Representation (such as
	// from idP/LDAP)
	SubjectExternalSelectorValue string `` /* 149-byte string literal not displayed */
	// the evaluation operator of relation
	Operator SubjectMappingOperatorEnum `protobuf:"varint,2,opt,name=operator,proto3,enum=policy.SubjectMappingOperatorEnum" json:"operator,omitempty"`
	// list of comparison values for the result of applying the
	// subject_external_selector_value on a flattened Entity Representation
	// (Subject), evaluated by the operator
	SubjectExternalValues []string `` /* 126-byte string literal not displayed */
	// contains filtered or unexported fields
}

* A Condition defines a rule of <the value at the flattened 'selector value' location> <operator> <subject external values>

func (*Condition) Descriptor deprecated 

func (*Condition) Descriptor() ([]byte, []int)

Deprecated: Use Condition.ProtoReflect.Descriptor instead.

func (*Condition) GetOperator 

func (x *Condition) GetOperator() SubjectMappingOperatorEnum

func (*Condition) GetSubjectExternalSelectorValue 

func (x *Condition) GetSubjectExternalSelectorValue() string

func (*Condition) GetSubjectExternalValues 

func (x *Condition) GetSubjectExternalValues() []string

func (*Condition) ProtoMessage 

func (*Condition) ProtoMessage()

func (*Condition) ProtoReflect 

func (x *Condition) ProtoReflect() protoreflect.Message

func (*Condition) Reset 

func (x *Condition) Reset()

func (*Condition) String 

func (x *Condition) String() string

type ConditionBooleanTypeEnum 

type ConditionBooleanTypeEnum int32
const (
	ConditionBooleanTypeEnum_CONDITION_BOOLEAN_TYPE_ENUM_UNSPECIFIED ConditionBooleanTypeEnum = 0
	ConditionBooleanTypeEnum_CONDITION_BOOLEAN_TYPE_ENUM_AND         ConditionBooleanTypeEnum = 1
	ConditionBooleanTypeEnum_CONDITION_BOOLEAN_TYPE_ENUM_OR          ConditionBooleanTypeEnum = 2
)

func (ConditionBooleanTypeEnum) Descriptor 

func (ConditionBooleanTypeEnum) Descriptor() protoreflect.EnumDescriptor

func (ConditionBooleanTypeEnum) Enum 

func (x ConditionBooleanTypeEnum) Enum() *ConditionBooleanTypeEnum

func (ConditionBooleanTypeEnum) EnumDescriptor deprecated 

func (ConditionBooleanTypeEnum) EnumDescriptor() ([]byte, []int)

Deprecated: Use ConditionBooleanTypeEnum.Descriptor instead.

func (ConditionBooleanTypeEnum) Number 

func (x ConditionBooleanTypeEnum) Number() protoreflect.EnumNumber

func (ConditionBooleanTypeEnum) String 

func (x ConditionBooleanTypeEnum) String() string

func (ConditionBooleanTypeEnum) Type 

func (ConditionBooleanTypeEnum) Type() protoreflect.EnumType

type ConditionGroup 

type ConditionGroup struct {
	Conditions []*Condition `protobuf:"bytes,1,rep,name=conditions,proto3" json:"conditions,omitempty"`
	// the boolean evaluation type across the conditions
	BooleanOperator ConditionBooleanTypeEnum `` /* 144-byte string literal not displayed */
	// contains filtered or unexported fields
}

A collection of Conditions evaluated by the boolean_operator provided

func (*ConditionGroup) Descriptor deprecated 

func (*ConditionGroup) Descriptor() ([]byte, []int)

Deprecated: Use ConditionGroup.ProtoReflect.Descriptor instead.

func (*ConditionGroup) GetBooleanOperator 

func (x *ConditionGroup) GetBooleanOperator() ConditionBooleanTypeEnum

func (*ConditionGroup) GetConditions 

func (x *ConditionGroup) GetConditions() []*Condition

func (*ConditionGroup) ProtoMessage 

func (*ConditionGroup) ProtoMessage()

func (*ConditionGroup) ProtoReflect 

func (x *ConditionGroup) ProtoReflect() protoreflect.Message

func (*ConditionGroup) Reset 

func (x *ConditionGroup) Reset()

func (*ConditionGroup) String 

func (x *ConditionGroup) String() string

type KasKey added in v0.3.3 

type KasKey struct {
	KasId  string         `protobuf:"bytes,1,opt,name=kas_id,json=kasId,proto3" json:"kas_id,omitempty"`
	Key    *AsymmetricKey `protobuf:"bytes,2,opt,name=key,proto3" json:"key,omitempty"`
	KasUri string         `protobuf:"bytes,3,opt,name=kas_uri,json=kasUri,proto3" json:"kas_uri,omitempty"`
	// contains filtered or unexported fields
}

func (*KasKey) Descriptor deprecated added in v0.3.3 

func (*KasKey) Descriptor() ([]byte, []int)

Deprecated: Use KasKey.ProtoReflect.Descriptor instead.

func (*KasKey) GetKasId added in v0.3.3 

func (x *KasKey) GetKasId() string

func (*KasKey) GetKasUri added in v0.3.3 

func (x *KasKey) GetKasUri() string

func (*KasKey) GetKey added in v0.3.3 

func (x *KasKey) GetKey() *AsymmetricKey

func (*KasKey) ProtoMessage added in v0.3.3 

func (*KasKey) ProtoMessage()

func (*KasKey) ProtoReflect added in v0.3.3 

func (x *KasKey) ProtoReflect() protoreflect.Message

func (*KasKey) Reset added in v0.3.3 

func (x *KasKey) Reset()

func (*KasKey) String added in v0.3.3 

func (x *KasKey) String() string

type KasPublicKey added in v0.2.13 

type KasPublicKey struct {

	// x509 ASN.1 content in PEM envelope, usually
	Pem string `protobuf:"bytes,1,opt,name=pem,proto3" json:"pem,omitempty"`
	// A unique string identifier for this key
	Kid string `protobuf:"bytes,2,opt,name=kid,proto3" json:"kid,omitempty"`
	// A known algorithm type with any additional parameters encoded.
	// To start, these may be `rsa:2048` for encrypting ZTDF files and
	// `ec:secp256r1` for nanoTDF, but more formats may be added as needed.
	Alg KasPublicKeyAlgEnum `protobuf:"varint,3,opt,name=alg,proto3,enum=policy.KasPublicKeyAlgEnum" json:"alg,omitempty"`
	// contains filtered or unexported fields
}

Deprecated A KAS public key and some associated metadata for further identifcation

func (*KasPublicKey) Descriptor deprecated added in v0.2.13 

func (*KasPublicKey) Descriptor() ([]byte, []int)

Deprecated: Use KasPublicKey.ProtoReflect.Descriptor instead.

func (*KasPublicKey) GetAlg added in v0.2.13 

func (x *KasPublicKey) GetAlg() KasPublicKeyAlgEnum

func (*KasPublicKey) GetKid added in v0.2.13 

func (x *KasPublicKey) GetKid() string

func (*KasPublicKey) GetPem added in v0.2.13 

func (x *KasPublicKey) GetPem() string

func (*KasPublicKey) ProtoMessage added in v0.2.13 

func (*KasPublicKey) ProtoMessage()

func (*KasPublicKey) ProtoReflect added in v0.2.13 

func (x *KasPublicKey) ProtoReflect() protoreflect.Message

func (*KasPublicKey) Reset added in v0.2.13 

func (x *KasPublicKey) Reset()

func (*KasPublicKey) String added in v0.2.13 

func (x *KasPublicKey) String() string

type KasPublicKeyAlgEnum added in v0.2.13 

type KasPublicKeyAlgEnum int32
const (
	KasPublicKeyAlgEnum_KAS_PUBLIC_KEY_ALG_ENUM_UNSPECIFIED  KasPublicKeyAlgEnum = 0
	KasPublicKeyAlgEnum_KAS_PUBLIC_KEY_ALG_ENUM_RSA_2048     KasPublicKeyAlgEnum = 1
	KasPublicKeyAlgEnum_KAS_PUBLIC_KEY_ALG_ENUM_RSA_4096     KasPublicKeyAlgEnum = 2
	KasPublicKeyAlgEnum_KAS_PUBLIC_KEY_ALG_ENUM_EC_SECP256R1 KasPublicKeyAlgEnum = 5
	KasPublicKeyAlgEnum_KAS_PUBLIC_KEY_ALG_ENUM_EC_SECP384R1 KasPublicKeyAlgEnum = 6
	KasPublicKeyAlgEnum_KAS_PUBLIC_KEY_ALG_ENUM_EC_SECP521R1 KasPublicKeyAlgEnum = 7
)

func (KasPublicKeyAlgEnum) Descriptor added in v0.2.13 

func (KasPublicKeyAlgEnum) Descriptor() protoreflect.EnumDescriptor

func (KasPublicKeyAlgEnum) Enum added in v0.2.13 

func (x KasPublicKeyAlgEnum) Enum() *KasPublicKeyAlgEnum

func (KasPublicKeyAlgEnum) EnumDescriptor deprecated added in v0.2.13 

func (KasPublicKeyAlgEnum) EnumDescriptor() ([]byte, []int)

Deprecated: Use KasPublicKeyAlgEnum.Descriptor instead.

func (KasPublicKeyAlgEnum) Number added in v0.2.13 

func (x KasPublicKeyAlgEnum) Number() protoreflect.EnumNumber

func (KasPublicKeyAlgEnum) String added in v0.2.13 

func (x KasPublicKeyAlgEnum) String() string

func (KasPublicKeyAlgEnum) Type added in v0.2.13 

func (KasPublicKeyAlgEnum) Type() protoreflect.EnumType

type KasPublicKeySet added in v0.2.13 

type KasPublicKeySet struct {
	Keys []*KasPublicKey `protobuf:"bytes,1,rep,name=keys,proto3" json:"keys,omitempty"`
	// contains filtered or unexported fields
}

Deprecated A list of known KAS public keys

func (*KasPublicKeySet) Descriptor deprecated added in v0.2.13 

func (*KasPublicKeySet) Descriptor() ([]byte, []int)

Deprecated: Use KasPublicKeySet.ProtoReflect.Descriptor instead.

func (*KasPublicKeySet) GetKeys added in v0.2.13 

func (x *KasPublicKeySet) GetKeys() []*KasPublicKey

func (*KasPublicKeySet) ProtoMessage added in v0.2.13 

func (*KasPublicKeySet) ProtoMessage()

func (*KasPublicKeySet) ProtoReflect added in v0.2.13 

func (x *KasPublicKeySet) ProtoReflect() protoreflect.Message

func (*KasPublicKeySet) Reset added in v0.2.13 

func (x *KasPublicKeySet) Reset()

func (*KasPublicKeySet) String added in v0.2.13 

func (x *KasPublicKeySet) String() string

type Key added in v0.2.24 

type Key struct {

	// the database record ID, not the key ID (`kid`)
	Id        string                `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
	IsActive  *wrapperspb.BoolValue `protobuf:"bytes,2,opt,name=is_active,json=isActive,proto3" json:"is_active,omitempty"`
	WasMapped *wrapperspb.BoolValue `protobuf:"bytes,3,opt,name=was_mapped,json=wasMapped,proto3" json:"was_mapped,omitempty"`
	PublicKey *KasPublicKey         `protobuf:"bytes,4,opt,name=public_key,json=publicKey,proto3" json:"public_key,omitempty"`
	Kas       *KeyAccessServer      `protobuf:"bytes,5,opt,name=kas,proto3" json:"kas,omitempty"`
	// Common metadata
	Metadata *common.Metadata `protobuf:"bytes,100,opt,name=metadata,proto3" json:"metadata,omitempty"`
	// contains filtered or unexported fields
}

func (*Key) Descriptor deprecated added in v0.2.24 

func (*Key) Descriptor() ([]byte, []int)

Deprecated: Use Key.ProtoReflect.Descriptor instead.

func (*Key) GetId added in v0.2.24 

func (x *Key) GetId() string

func (*Key) GetIsActive added in v0.2.24 

func (x *Key) GetIsActive() *wrapperspb.BoolValue

func (*Key) GetKas added in v0.2.24 

func (x *Key) GetKas() *KeyAccessServer

func (*Key) GetMetadata added in v0.2.24 

func (x *Key) GetMetadata() *common.Metadata

func (*Key) GetPublicKey added in v0.2.24 

func (x *Key) GetPublicKey() *KasPublicKey

func (*Key) GetWasMapped added in v0.2.24 

func (x *Key) GetWasMapped() *wrapperspb.BoolValue

func (*Key) ProtoMessage added in v0.2.24 

func (*Key) ProtoMessage()

func (*Key) ProtoReflect added in v0.2.24 

func (x *Key) ProtoReflect() protoreflect.Message

func (*Key) Reset added in v0.2.24 

func (x *Key) Reset()

func (*Key) String added in v0.2.24 

func (x *Key) String() string

type KeyAccessServer added in v0.2.0 

type KeyAccessServer struct {
	Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
	// Address of a KAS instance
	Uri string `protobuf:"bytes,2,opt,name=uri,proto3" json:"uri,omitempty"`
	// Deprecated
	PublicKey *PublicKey `protobuf:"bytes,3,opt,name=public_key,json=publicKey,proto3" json:"public_key,omitempty"`
	// The source of the KAS: (INTERNAL, EXTERNAL)
	SourceType SourceType `protobuf:"varint,4,opt,name=source_type,json=sourceType,proto3,enum=policy.SourceType" json:"source_type,omitempty"`
	// Kas keys associated with this KAS
	KasKeys []*SimpleKasKey `protobuf:"bytes,5,rep,name=kas_keys,json=kasKeys,proto3" json:"kas_keys,omitempty"`
	// Optional
	// Unique name of the KAS instance
	Name string `protobuf:"bytes,20,opt,name=name,proto3" json:"name,omitempty"`
	// Common metadata
	Metadata *common.Metadata `protobuf:"bytes,100,opt,name=metadata,proto3" json:"metadata,omitempty"`
	// contains filtered or unexported fields
}

Key Access Server Registry

func (*KeyAccessServer) Descriptor deprecated added in v0.2.0 

func (*KeyAccessServer) Descriptor() ([]byte, []int)

Deprecated: Use KeyAccessServer.ProtoReflect.Descriptor instead.

func (*KeyAccessServer) GetId added in v0.2.0 

func (x *KeyAccessServer) GetId() string

func (*KeyAccessServer) GetKasKeys added in v0.3.3 

func (x *KeyAccessServer) GetKasKeys() []*SimpleKasKey

func (*KeyAccessServer) GetMetadata added in v0.2.0 

func (x *KeyAccessServer) GetMetadata() *common.Metadata

func (*KeyAccessServer) GetName added in v0.2.19 

func (x *KeyAccessServer) GetName() string

func (*KeyAccessServer) GetPublicKey added in v0.2.0 

func (x *KeyAccessServer) GetPublicKey() *PublicKey

func (*KeyAccessServer) GetSourceType added in v0.3.3 

func (x *KeyAccessServer) GetSourceType() SourceType

func (*KeyAccessServer) GetUri added in v0.2.0 

func (x *KeyAccessServer) GetUri() string

func (*KeyAccessServer) ProtoMessage added in v0.2.0 

func (*KeyAccessServer) ProtoMessage()

func (*KeyAccessServer) ProtoReflect added in v0.2.0 

func (x *KeyAccessServer) ProtoReflect() protoreflect.Message

func (*KeyAccessServer) Reset added in v0.2.0 

func (x *KeyAccessServer) Reset()

func (*KeyAccessServer) String added in v0.2.0 

func (x *KeyAccessServer) String() string

type KeyMode added in v0.3.3 

type KeyMode int32

Describes the management and operational mode of a cryptographic key. 

const (
	// KEY_MODE_UNSPECIFIED: Default, unspecified key mode. Indicates an uninitialized or error state.
	KeyMode_KEY_MODE_UNSPECIFIED KeyMode = 0
	// KEY_MODE_CONFIG_ROOT_KEY: Local key management where the private key is wrapped by a Key Encryption Key (KEK)
	// sourced from local configuration. Unwrapping and all cryptographic operations are performed locally.
	KeyMode_KEY_MODE_CONFIG_ROOT_KEY KeyMode = 1
	// KEY_MODE_PROVIDER_ROOT_KEY: Local key management where the private key is wrapped by a Key Encryption Key (KEK)
	// managed by an external provider (e.g., a Hardware Security Module or Cloud KMS).
	// Key unwrapping is delegated to the external provider; subsequent cryptographic operations
	// are performed locally using the unwrapped key.
	KeyMode_KEY_MODE_PROVIDER_ROOT_KEY KeyMode = 2
	// KEY_MODE_REMOTE: Remote key management where the private key is stored in, and all cryptographic
	// operations are performed by, a remote Key Management Service (KMS) or HSM.
	// The private key material never leaves the secure boundary of the remote system.
	KeyMode_KEY_MODE_REMOTE KeyMode = 3
	// KEY_MODE_PUBLIC_KEY_ONLY: Public key only mode. Used when only a public key is available or required,
	// typically for wrapping operations (e.g., encrypting a Data Encryption Key (DEK) for an external KAS).
	// The corresponding private key is not managed or accessible by this system.
	KeyMode_KEY_MODE_PUBLIC_KEY_ONLY KeyMode = 4
)

func (KeyMode) Descriptor added in v0.3.3 

func (KeyMode) Descriptor() protoreflect.EnumDescriptor

func (KeyMode) Enum added in v0.3.3 

func (x KeyMode) Enum() *KeyMode

func (KeyMode) EnumDescriptor deprecated added in v0.3.3 

func (KeyMode) EnumDescriptor() ([]byte, []int)

Deprecated: Use KeyMode.Descriptor instead.

func (KeyMode) Number added in v0.3.3 

func (x KeyMode) Number() protoreflect.EnumNumber

func (KeyMode) String added in v0.3.3 

func (x KeyMode) String() string

func (KeyMode) Type added in v0.3.3 

func (KeyMode) Type() protoreflect.EnumType

type KeyProviderConfig added in v0.3.2 

type KeyProviderConfig struct {
	Id         string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
	Name       string `protobuf:"bytes,2,opt,name=name,proto3" json:"name,omitempty"`
	ConfigJson []byte `protobuf:"bytes,3,opt,name=config_json,json=configJson,proto3" json:"config_json,omitempty"`
	// Common metadata
	Metadata *common.Metadata `protobuf:"bytes,100,opt,name=metadata,proto3" json:"metadata,omitempty"`
	// contains filtered or unexported fields
}

func (*KeyProviderConfig) Descriptor deprecated added in v0.3.2 

func (*KeyProviderConfig) Descriptor() ([]byte, []int)

Deprecated: Use KeyProviderConfig.ProtoReflect.Descriptor instead.

func (*KeyProviderConfig) GetConfigJson added in v0.3.2 

func (x *KeyProviderConfig) GetConfigJson() []byte

func (*KeyProviderConfig) GetId added in v0.3.2 

func (x *KeyProviderConfig) GetId() string

func (*KeyProviderConfig) GetMetadata added in v0.3.2 

func (x *KeyProviderConfig) GetMetadata() *common.Metadata

func (*KeyProviderConfig) GetName added in v0.3.2 

func (x *KeyProviderConfig) GetName() string

func (*KeyProviderConfig) ProtoMessage added in v0.3.2 

func (*KeyProviderConfig) ProtoMessage()

func (*KeyProviderConfig) ProtoReflect added in v0.3.2 

func (x *KeyProviderConfig) ProtoReflect() protoreflect.Message

func (*KeyProviderConfig) Reset added in v0.3.2 

func (x *KeyProviderConfig) Reset()

func (*KeyProviderConfig) String added in v0.3.2 

func (x *KeyProviderConfig) String() string

type KeyStatus added in v0.3.3 

type KeyStatus int32

The status of the key 

const (
	KeyStatus_KEY_STATUS_UNSPECIFIED KeyStatus = 0
	KeyStatus_KEY_STATUS_ACTIVE      KeyStatus = 1
	KeyStatus_KEY_STATUS_ROTATED     KeyStatus = 2
)

func (KeyStatus) Descriptor added in v0.3.3 

func (KeyStatus) Descriptor() protoreflect.EnumDescriptor

func (KeyStatus) Enum added in v0.3.3 

func (x KeyStatus) Enum() *KeyStatus

func (KeyStatus) EnumDescriptor deprecated added in v0.3.3 

func (KeyStatus) EnumDescriptor() ([]byte, []int)

Deprecated: Use KeyStatus.Descriptor instead.

func (KeyStatus) Number added in v0.3.3 

func (x KeyStatus) Number() protoreflect.EnumNumber

func (KeyStatus) String added in v0.3.3 

func (x KeyStatus) String() string

func (KeyStatus) Type added in v0.3.3 

func (KeyStatus) Type() protoreflect.EnumType

type Namespace 

type Namespace struct {

	// generated uuid in database
	Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
	// used to partition Attribute Definitions, support by namespace AuthN and
	// enable federation
	Name string `protobuf:"bytes,2,opt,name=name,proto3" json:"name,omitempty"`
	Fqn  string `protobuf:"bytes,3,opt,name=fqn,proto3" json:"fqn,omitempty"`
	// active by default until explicitly deactivated
	Active   *wrapperspb.BoolValue `protobuf:"bytes,4,opt,name=active,proto3" json:"active,omitempty"`
	Metadata *common.Metadata      `protobuf:"bytes,5,opt,name=metadata,proto3" json:"metadata,omitempty"`
	// Deprecated KAS grants for the namespace. Use kas_keys instead.
	Grants []*KeyAccessServer `protobuf:"bytes,6,rep,name=grants,proto3" json:"grants,omitempty"`
	// Keys for the namespace
	KasKeys []*SimpleKasKey `protobuf:"bytes,7,rep,name=kas_keys,json=kasKeys,proto3" json:"kas_keys,omitempty"`
	// contains filtered or unexported fields
}

func (*Namespace) Descriptor deprecated 

func (*Namespace) Descriptor() ([]byte, []int)

Deprecated: Use Namespace.ProtoReflect.Descriptor instead.

func (*Namespace) GetActive 

func (x *Namespace) GetActive() *wrapperspb.BoolValue

func (*Namespace) GetFqn 

func (x *Namespace) GetFqn() string

func (*Namespace) GetGrants added in v0.2.12 

func (x *Namespace) GetGrants() []*KeyAccessServer

func (*Namespace) GetId 

func (x *Namespace) GetId() string

func (*Namespace) GetKasKeys added in v0.3.3 

func (x *Namespace) GetKasKeys() []*SimpleKasKey

func (*Namespace) GetMetadata 

func (x *Namespace) GetMetadata() *common.Metadata

func (*Namespace) GetName 

func (x *Namespace) GetName() string

func (*Namespace) ProtoMessage 

func (*Namespace) ProtoMessage()

func (*Namespace) ProtoReflect 

func (x *Namespace) ProtoReflect() protoreflect.Message

func (*Namespace) Reset 

func (x *Namespace) Reset()

func (*Namespace) String 

func (x *Namespace) String() string

type PageRequest added in v0.2.19 

type PageRequest struct {

	// Optional
	// Set to configured default limit if not provided
	// Maximum limit set in platform config and enforced by services
	Limit int32 `protobuf:"varint,1,opt,name=limit,proto3" json:"limit,omitempty"`
	// Optional
	// Defaulted if not provided
	Offset int32 `protobuf:"varint,2,opt,name=offset,proto3" json:"offset,omitempty"`
	// contains filtered or unexported fields
}

func (*PageRequest) Descriptor deprecated added in v0.2.19 

func (*PageRequest) Descriptor() ([]byte, []int)

Deprecated: Use PageRequest.ProtoReflect.Descriptor instead.

func (*PageRequest) GetLimit added in v0.2.19 

func (x *PageRequest) GetLimit() int32

func (*PageRequest) GetOffset added in v0.2.19 

func (x *PageRequest) GetOffset() int32

func (*PageRequest) ProtoMessage added in v0.2.19 

func (*PageRequest) ProtoMessage()

func (*PageRequest) ProtoReflect added in v0.2.19 

func (x *PageRequest) ProtoReflect() protoreflect.Message

func (*PageRequest) Reset added in v0.2.19 

func (x *PageRequest) Reset()

func (*PageRequest) String added in v0.2.19 

func (x *PageRequest) String() string

type PageResponse added in v0.2.19 

type PageResponse struct {

	// Requested pagination offset
	CurrentOffset int32 `protobuf:"varint,1,opt,name=current_offset,json=currentOffset,proto3" json:"current_offset,omitempty"`
	// Calculated with request limit + offset or defaults
	// Empty when none remain after current page
	NextOffset int32 `protobuf:"varint,2,opt,name=next_offset,json=nextOffset,proto3" json:"next_offset,omitempty"`
	// Total count of entire list
	Total int32 `protobuf:"varint,3,opt,name=total,proto3" json:"total,omitempty"`
	// contains filtered or unexported fields
}

func (*PageResponse) Descriptor deprecated added in v0.2.19 

func (*PageResponse) Descriptor() ([]byte, []int)

Deprecated: Use PageResponse.ProtoReflect.Descriptor instead.

func (*PageResponse) GetCurrentOffset added in v0.2.19 

func (x *PageResponse) GetCurrentOffset() int32

func (*PageResponse) GetNextOffset added in v0.2.19 

func (x *PageResponse) GetNextOffset() int32

func (*PageResponse) GetTotal added in v0.2.19 

func (x *PageResponse) GetTotal() int32

func (*PageResponse) ProtoMessage added in v0.2.19 

func (*PageResponse) ProtoMessage()

func (*PageResponse) ProtoReflect added in v0.2.19 

func (x *PageResponse) ProtoReflect() protoreflect.Message

func (*PageResponse) Reset added in v0.2.19 

func (x *PageResponse) Reset()

func (*PageResponse) String added in v0.2.19 

func (x *PageResponse) String() string

type PrivateKeyCtx added in v0.3.6 

type PrivateKeyCtx struct {

	// Required
	KeyId string `protobuf:"bytes,1,opt,name=key_id,json=keyId,proto3" json:"key_id,omitempty"` // Key ID for the symmetric key wrapping this key.
	// Optional
	WrappedKey string `protobuf:"bytes,2,opt,name=wrapped_key,json=wrappedKey,proto3" json:"wrapped_key,omitempty"` // Base64 encoded wrapped key. Conditionally required if key_mode is LOCAL. Should not be present if key_mode is REMOTE.
	// contains filtered or unexported fields
}

func (*PrivateKeyCtx) Descriptor deprecated added in v0.3.6 

func (*PrivateKeyCtx) Descriptor() ([]byte, []int)

Deprecated: Use PrivateKeyCtx.ProtoReflect.Descriptor instead.

func (*PrivateKeyCtx) GetKeyId added in v0.3.6 

func (x *PrivateKeyCtx) GetKeyId() string

func (*PrivateKeyCtx) GetWrappedKey added in v0.3.6 

func (x *PrivateKeyCtx) GetWrappedKey() string

func (*PrivateKeyCtx) ProtoMessage added in v0.3.6 

func (*PrivateKeyCtx) ProtoMessage()

func (*PrivateKeyCtx) ProtoReflect added in v0.3.6 

func (x *PrivateKeyCtx) ProtoReflect() protoreflect.Message

func (*PrivateKeyCtx) Reset added in v0.3.6 

func (x *PrivateKeyCtx) Reset()

func (*PrivateKeyCtx) String added in v0.3.6 

func (x *PrivateKeyCtx) String() string

type PublicKey added in v0.2.0 

type PublicKey struct {

	// Types that are assignable to PublicKey:
	//
	//	*PublicKey_Remote
	//	*PublicKey_Cached
	PublicKey isPublicKey_PublicKey `protobuf_oneof:"public_key"`
	// contains filtered or unexported fields
}

Deprecated

func (*PublicKey) Descriptor deprecated added in v0.2.0 

func (*PublicKey) Descriptor() ([]byte, []int)

Deprecated: Use PublicKey.ProtoReflect.Descriptor instead.

func (*PublicKey) GetCached added in v0.2.13 

func (x *PublicKey) GetCached() *KasPublicKeySet

func (*PublicKey) GetPublicKey added in v0.2.0 

func (m *PublicKey) GetPublicKey() isPublicKey_PublicKey

func (*PublicKey) GetRemote added in v0.2.0 

func (x *PublicKey) GetRemote() string

func (*PublicKey) ProtoMessage added in v0.2.0 

func (*PublicKey) ProtoMessage()

func (*PublicKey) ProtoReflect added in v0.2.0 

func (x *PublicKey) ProtoReflect() protoreflect.Message

func (*PublicKey) Reset added in v0.2.0 

func (x *PublicKey) Reset()

func (*PublicKey) String added in v0.2.0 

func (x *PublicKey) String() string

type PublicKeyCtx added in v0.3.6 

type PublicKeyCtx struct {

	// Required
	Pem string `protobuf:"bytes,1,opt,name=pem,proto3" json:"pem,omitempty"` // Base64 encoded public key in PEM format
	// contains filtered or unexported fields
}

func (*PublicKeyCtx) Descriptor deprecated added in v0.3.6 

func (*PublicKeyCtx) Descriptor() ([]byte, []int)

Deprecated: Use PublicKeyCtx.ProtoReflect.Descriptor instead.

func (*PublicKeyCtx) GetPem added in v0.3.6 

func (x *PublicKeyCtx) GetPem() string

func (*PublicKeyCtx) ProtoMessage added in v0.3.6 

func (*PublicKeyCtx) ProtoMessage()

func (*PublicKeyCtx) ProtoReflect added in v0.3.6 

func (x *PublicKeyCtx) ProtoReflect() protoreflect.Message

func (*PublicKeyCtx) Reset added in v0.3.6 

func (x *PublicKeyCtx) Reset()

func (*PublicKeyCtx) String added in v0.3.6 

func (x *PublicKeyCtx) String() string

type PublicKey_Cached added in v0.2.13 

type PublicKey_Cached struct {
	// public key with additional information. Current preferred version
	Cached *KasPublicKeySet `protobuf:"bytes,3,opt,name=cached,proto3,oneof"`
}

type PublicKey_Remote added in v0.2.0 

type PublicKey_Remote struct {
	// kas public key url - optional since can also be retrieved via public key
	Remote string `protobuf:"bytes,1,opt,name=remote,proto3,oneof"`
}

type RegisteredResource added in v0.3.0 

type RegisteredResource struct {
	Id     string                     `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
	Name   string                     `protobuf:"bytes,2,opt,name=name,proto3" json:"name,omitempty"`
	Values []*RegisteredResourceValue `protobuf:"bytes,3,rep,name=values,proto3" json:"values,omitempty"`
	// Common metadata
	Metadata *common.Metadata `protobuf:"bytes,100,opt,name=metadata,proto3" json:"metadata,omitempty"`
	// contains filtered or unexported fields
}

func (*RegisteredResource) Descriptor deprecated added in v0.3.0 

func (*RegisteredResource) Descriptor() ([]byte, []int)

Deprecated: Use RegisteredResource.ProtoReflect.Descriptor instead.

func (*RegisteredResource) GetId added in v0.3.0 

func (x *RegisteredResource) GetId() string

func (*RegisteredResource) GetMetadata added in v0.3.0 

func (x *RegisteredResource) GetMetadata() *common.Metadata

func (*RegisteredResource) GetName added in v0.3.0 

func (x *RegisteredResource) GetName() string

func (*RegisteredResource) GetValues added in v0.3.0 

func (x *RegisteredResource) GetValues() []*RegisteredResourceValue

func (*RegisteredResource) ProtoMessage added in v0.3.0 

func (*RegisteredResource) ProtoMessage()

func (*RegisteredResource) ProtoReflect added in v0.3.0 

func (x *RegisteredResource) ProtoReflect() protoreflect.Message

func (*RegisteredResource) Reset added in v0.3.0 

func (x *RegisteredResource) Reset()

func (*RegisteredResource) String added in v0.3.0 

func (x *RegisteredResource) String() string

type RegisteredResourceValue added in v0.3.0 

type RegisteredResourceValue struct {
	Id                    string                                          `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
	Value                 string                                          `protobuf:"bytes,2,opt,name=value,proto3" json:"value,omitempty"`
	Resource              *RegisteredResource                             `protobuf:"bytes,3,opt,name=resource,proto3" json:"resource,omitempty"`
	ActionAttributeValues []*RegisteredResourceValue_ActionAttributeValue `` /* 126-byte string literal not displayed */
	// Common metadata
	Metadata *common.Metadata `protobuf:"bytes,100,opt,name=metadata,proto3" json:"metadata,omitempty"`
	// contains filtered or unexported fields
}

func (*RegisteredResourceValue) Descriptor deprecated added in v0.3.0 

func (*RegisteredResourceValue) Descriptor() ([]byte, []int)

Deprecated: Use RegisteredResourceValue.ProtoReflect.Descriptor instead.

func (*RegisteredResourceValue) GetActionAttributeValues added in v0.3.3 

func (x *RegisteredResourceValue) GetActionAttributeValues() []*RegisteredResourceValue_ActionAttributeValue

func (*RegisteredResourceValue) GetId added in v0.3.0 

func (x *RegisteredResourceValue) GetId() string

func (*RegisteredResourceValue) GetMetadata added in v0.3.0 

func (x *RegisteredResourceValue) GetMetadata() *common.Metadata

func (*RegisteredResourceValue) GetResource added in v0.3.0 

func (x *RegisteredResourceValue) GetResource() *RegisteredResource

func (*RegisteredResourceValue) GetValue added in v0.3.0 

func (x *RegisteredResourceValue) GetValue() string

func (*RegisteredResourceValue) ProtoMessage added in v0.3.0 

func (*RegisteredResourceValue) ProtoMessage()

func (*RegisteredResourceValue) ProtoReflect added in v0.3.0 

func (x *RegisteredResourceValue) ProtoReflect() protoreflect.Message

func (*RegisteredResourceValue) Reset added in v0.3.0 

func (x *RegisteredResourceValue) Reset()

func (*RegisteredResourceValue) String added in v0.3.0 

func (x *RegisteredResourceValue) String() string

type RegisteredResourceValue_ActionAttributeValue added in v0.3.3 

type RegisteredResourceValue_ActionAttributeValue struct {
	Id             string  `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
	Action         *Action `protobuf:"bytes,2,opt,name=action,proto3" json:"action,omitempty"`
	AttributeValue *Value  `protobuf:"bytes,3,opt,name=attribute_value,json=attributeValue,proto3" json:"attribute_value,omitempty"`
	// Common metadata
	Metadata *common.Metadata `protobuf:"bytes,100,opt,name=metadata,proto3" json:"metadata,omitempty"`
	// contains filtered or unexported fields
}

func (*RegisteredResourceValue_ActionAttributeValue) Descriptor deprecated added in v0.3.3 

func (*RegisteredResourceValue_ActionAttributeValue) Descriptor() ([]byte, []int)

Deprecated: Use RegisteredResourceValue_ActionAttributeValue.ProtoReflect.Descriptor instead.

func (*RegisteredResourceValue_ActionAttributeValue) GetAction added in v0.3.3 

func (x *RegisteredResourceValue_ActionAttributeValue) GetAction() *Action

func (*RegisteredResourceValue_ActionAttributeValue) GetAttributeValue added in v0.3.3 

func (x *RegisteredResourceValue_ActionAttributeValue) GetAttributeValue() *Value

func (*RegisteredResourceValue_ActionAttributeValue) GetId added in v0.3.3 

func (x *RegisteredResourceValue_ActionAttributeValue) GetId() string

func (*RegisteredResourceValue_ActionAttributeValue) GetMetadata added in v0.3.3 

func (x *RegisteredResourceValue_ActionAttributeValue) GetMetadata() *common.Metadata

func (*RegisteredResourceValue_ActionAttributeValue) ProtoMessage added in v0.3.3 

func (*RegisteredResourceValue_ActionAttributeValue) ProtoMessage()

func (*RegisteredResourceValue_ActionAttributeValue) ProtoReflect added in v0.3.3 

func (x *RegisteredResourceValue_ActionAttributeValue) ProtoReflect() protoreflect.Message

func (*RegisteredResourceValue_ActionAttributeValue) Reset added in v0.3.3 

func (x *RegisteredResourceValue_ActionAttributeValue) Reset()

func (*RegisteredResourceValue_ActionAttributeValue) String added in v0.3.3 

func (x *RegisteredResourceValue_ActionAttributeValue) String() string

type ResourceMapping 

type ResourceMapping struct {
	Id             string                `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
	Metadata       *common.Metadata      `protobuf:"bytes,2,opt,name=metadata,proto3" json:"metadata,omitempty"`
	AttributeValue *Value                `protobuf:"bytes,3,opt,name=attribute_value,json=attributeValue,proto3" json:"attribute_value,omitempty"`
	Terms          []string              `protobuf:"bytes,4,rep,name=terms,proto3" json:"terms,omitempty"`
	Group          *ResourceMappingGroup `protobuf:"bytes,5,opt,name=group,proto3" json:"group,omitempty"`
	// contains filtered or unexported fields
}

Resource Mappings (aka Access Control Resource Encodings aka ACRE) are structures supporting the mapping of Resources and Attribute Values

func (*ResourceMapping) Descriptor deprecated 

func (*ResourceMapping) Descriptor() ([]byte, []int)

Deprecated: Use ResourceMapping.ProtoReflect.Descriptor instead.

func (*ResourceMapping) GetAttributeValue 

func (x *ResourceMapping) GetAttributeValue() *Value

func (*ResourceMapping) GetGroup added in v0.2.11 

func (x *ResourceMapping) GetGroup() *ResourceMappingGroup

func (*ResourceMapping) GetId 

func (x *ResourceMapping) GetId() string

func (*ResourceMapping) GetMetadata 

func (x *ResourceMapping) GetMetadata() *common.Metadata

func (*ResourceMapping) GetTerms 

func (x *ResourceMapping) GetTerms() []string

func (*ResourceMapping) ProtoMessage 

func (*ResourceMapping) ProtoMessage()

func (*ResourceMapping) ProtoReflect 

func (x *ResourceMapping) ProtoReflect() protoreflect.Message

func (*ResourceMapping) Reset 

func (x *ResourceMapping) Reset()

func (*ResourceMapping) String 

func (x *ResourceMapping) String() string

type ResourceMappingGroup added in v0.2.11 

type ResourceMappingGroup struct {
	Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
	// the namespace containing the group of resource mappings
	NamespaceId string `protobuf:"bytes,2,opt,name=namespace_id,json=namespaceId,proto3" json:"namespace_id,omitempty"`
	// the common name for the group of resource mappings, which must be unique
	// per namespace
	Name string `protobuf:"bytes,3,opt,name=name,proto3" json:"name,omitempty"`
	// Common metadata
	Metadata *common.Metadata `protobuf:"bytes,100,opt,name=metadata,proto3" json:"metadata,omitempty"`
	// contains filtered or unexported fields
}

Resource Mapping Groups are namespaced collections of Resource Mappings associated under a common group name.

func (*ResourceMappingGroup) Descriptor deprecated added in v0.2.11 

func (*ResourceMappingGroup) Descriptor() ([]byte, []int)

Deprecated: Use ResourceMappingGroup.ProtoReflect.Descriptor instead.

func (*ResourceMappingGroup) GetId added in v0.2.11 

func (x *ResourceMappingGroup) GetId() string

func (*ResourceMappingGroup) GetMetadata added in v0.2.15 

func (x *ResourceMappingGroup) GetMetadata() *common.Metadata

func (*ResourceMappingGroup) GetName added in v0.2.11 

func (x *ResourceMappingGroup) GetName() string

func (*ResourceMappingGroup) GetNamespaceId added in v0.2.11 

func (x *ResourceMappingGroup) GetNamespaceId() string

func (*ResourceMappingGroup) ProtoMessage added in v0.2.11 

func (*ResourceMappingGroup) ProtoMessage()

func (*ResourceMappingGroup) ProtoReflect added in v0.2.11 

func (x *ResourceMappingGroup) ProtoReflect() protoreflect.Message

func (*ResourceMappingGroup) Reset added in v0.2.11 

func (x *ResourceMappingGroup) Reset()

func (*ResourceMappingGroup) String added in v0.2.11 

func (x *ResourceMappingGroup) String() string

type SimpleKasKey added in v0.4.0 

type SimpleKasKey struct {
	KasUri    string              `protobuf:"bytes,1,opt,name=kas_uri,json=kasUri,proto3" json:"kas_uri,omitempty"`          // The URL of the Key Access Server
	PublicKey *SimpleKasPublicKey `protobuf:"bytes,2,opt,name=public_key,json=publicKey,proto3" json:"public_key,omitempty"` // The public key of the Key that belongs to the KAS
	KasId     string              `protobuf:"bytes,3,opt,name=kas_id,json=kasId,proto3" json:"kas_id,omitempty"`             // The ID of the Key Access Server
	// contains filtered or unexported fields
}

func (*SimpleKasKey) Descriptor deprecated added in v0.4.0 

func (*SimpleKasKey) Descriptor() ([]byte, []int)

Deprecated: Use SimpleKasKey.ProtoReflect.Descriptor instead.

func (*SimpleKasKey) GetKasId added in v0.4.0 

func (x *SimpleKasKey) GetKasId() string

func (*SimpleKasKey) GetKasUri added in v0.4.0 

func (x *SimpleKasKey) GetKasUri() string

func (*SimpleKasKey) GetPublicKey added in v0.4.0 

func (x *SimpleKasKey) GetPublicKey() *SimpleKasPublicKey

func (*SimpleKasKey) ProtoMessage added in v0.4.0 

func (*SimpleKasKey) ProtoMessage()

func (*SimpleKasKey) ProtoReflect added in v0.4.0 

func (x *SimpleKasKey) ProtoReflect() protoreflect.Message

func (*SimpleKasKey) Reset added in v0.4.0 

func (x *SimpleKasKey) Reset()

func (*SimpleKasKey) String added in v0.4.0 

func (x *SimpleKasKey) String() string

type SimpleKasPublicKey added in v0.4.0 

type SimpleKasPublicKey struct {
	Algorithm Algorithm `protobuf:"varint,1,opt,name=algorithm,proto3,enum=policy.Algorithm" json:"algorithm,omitempty"`
	Kid       string    `protobuf:"bytes,2,opt,name=kid,proto3" json:"kid,omitempty"`
	Pem       string    `protobuf:"bytes,3,opt,name=pem,proto3" json:"pem,omitempty"`
	// contains filtered or unexported fields
}

func (*SimpleKasPublicKey) Descriptor deprecated added in v0.4.0 

func (*SimpleKasPublicKey) Descriptor() ([]byte, []int)

Deprecated: Use SimpleKasPublicKey.ProtoReflect.Descriptor instead.

func (*SimpleKasPublicKey) GetAlgorithm added in v0.4.0 

func (x *SimpleKasPublicKey) GetAlgorithm() Algorithm

func (*SimpleKasPublicKey) GetKid added in v0.4.0 

func (x *SimpleKasPublicKey) GetKid() string

func (*SimpleKasPublicKey) GetPem added in v0.4.0 

func (x *SimpleKasPublicKey) GetPem() string

func (*SimpleKasPublicKey) ProtoMessage added in v0.4.0 

func (*SimpleKasPublicKey) ProtoMessage()

func (*SimpleKasPublicKey) ProtoReflect added in v0.4.0 

func (x *SimpleKasPublicKey) ProtoReflect() protoreflect.Message

func (*SimpleKasPublicKey) Reset added in v0.4.0 

func (x *SimpleKasPublicKey) Reset()

func (*SimpleKasPublicKey) String added in v0.4.0 

func (x *SimpleKasPublicKey) String() string

type SourceType added in v0.3.3 

type SourceType int32

Describes whether this kas is managed by the organization or if they imported the kas information from an external party. These two modes are necessary in order to encrypt a tdf dek with an external parties kas public key. 

const (
	SourceType_SOURCE_TYPE_UNSPECIFIED SourceType = 0
	// The kas is managed by the organization.
	SourceType_SOURCE_TYPE_INTERNAL SourceType = 1
	// The kas is managed by an external party.
	SourceType_SOURCE_TYPE_EXTERNAL SourceType = 2
)

func (SourceType) Descriptor added in v0.3.3 

func (SourceType) Descriptor() protoreflect.EnumDescriptor

func (SourceType) Enum added in v0.3.3 

func (x SourceType) Enum() *SourceType

func (SourceType) EnumDescriptor deprecated added in v0.3.3 

func (SourceType) EnumDescriptor() ([]byte, []int)

Deprecated: Use SourceType.Descriptor instead.

func (SourceType) Number added in v0.3.3 

func (x SourceType) Number() protoreflect.EnumNumber

func (SourceType) String added in v0.3.3 

func (x SourceType) String() string

func (SourceType) Type added in v0.3.3 

func (SourceType) Type() protoreflect.EnumType

type SubjectConditionSet 

type SubjectConditionSet struct {
	Id          string           `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
	SubjectSets []*SubjectSet    `protobuf:"bytes,3,rep,name=subject_sets,json=subjectSets,proto3" json:"subject_sets,omitempty"`
	Metadata    *common.Metadata `protobuf:"bytes,100,opt,name=metadata,proto3" json:"metadata,omitempty"`
	// contains filtered or unexported fields
}

A container for multiple Subject Sets, each containing Condition Groups, each containing Conditions. Multiple Subject Sets in a SubjectConditionSet are evaluated with AND logic. As each Subject Mapping has only one Attribute Value, the SubjectConditionSet is reusable across multiple Subject Mappings / Attribute Values and is an independent unit.

func (*SubjectConditionSet) Descriptor deprecated 

func (*SubjectConditionSet) Descriptor() ([]byte, []int)

Deprecated: Use SubjectConditionSet.ProtoReflect.Descriptor instead.

func (*SubjectConditionSet) GetId 

func (x *SubjectConditionSet) GetId() string

func (*SubjectConditionSet) GetMetadata 

func (x *SubjectConditionSet) GetMetadata() *common.Metadata

func (*SubjectConditionSet) GetSubjectSets 

func (x *SubjectConditionSet) GetSubjectSets() []*SubjectSet

func (*SubjectConditionSet) ProtoMessage 

func (*SubjectConditionSet) ProtoMessage()

func (*SubjectConditionSet) ProtoReflect 

func (x *SubjectConditionSet) ProtoReflect() protoreflect.Message

func (*SubjectConditionSet) Reset 

func (x *SubjectConditionSet) Reset()

func (*SubjectConditionSet) String 

func (x *SubjectConditionSet) String() string

type SubjectMapping 

type SubjectMapping struct {
	Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
	// the Attribute Value mapped to; aka: "The Entity Entitlement Attribute"
	AttributeValue *Value `protobuf:"bytes,2,opt,name=attribute_value,json=attributeValue,proto3" json:"attribute_value,omitempty"`
	// the reusable SubjectConditionSet mapped to the given Attribute Value
	SubjectConditionSet *SubjectConditionSet `protobuf:"bytes,3,opt,name=subject_condition_set,json=subjectConditionSet,proto3" json:"subject_condition_set,omitempty"`
	// The actions permitted by subjects in this mapping
	Actions  []*Action        `protobuf:"bytes,4,rep,name=actions,proto3" json:"actions,omitempty"`
	Metadata *common.Metadata `protobuf:"bytes,100,opt,name=metadata,proto3" json:"metadata,omitempty"`
	// contains filtered or unexported fields
}

Subject Mapping: A Policy assigning Subject Set(s) to a permitted attribute value + action(s) combination

func (*SubjectMapping) Descriptor deprecated 

func (*SubjectMapping) Descriptor() ([]byte, []int)

Deprecated: Use SubjectMapping.ProtoReflect.Descriptor instead.

func (*SubjectMapping) GetActions 

func (x *SubjectMapping) GetActions() []*Action

func (*SubjectMapping) GetAttributeValue 

func (x *SubjectMapping) GetAttributeValue() *Value

func (*SubjectMapping) GetId 

func (x *SubjectMapping) GetId() string

func (*SubjectMapping) GetMetadata 

func (x *SubjectMapping) GetMetadata() *common.Metadata

func (*SubjectMapping) GetSubjectConditionSet 

func (x *SubjectMapping) GetSubjectConditionSet() *SubjectConditionSet

func (*SubjectMapping) ProtoMessage 

func (*SubjectMapping) ProtoMessage()

func (*SubjectMapping) ProtoReflect 

func (x *SubjectMapping) ProtoReflect() protoreflect.Message

func (*SubjectMapping) Reset 

func (x *SubjectMapping) Reset()

func (*SubjectMapping) String 

func (x *SubjectMapping) String() string

type SubjectMappingOperatorEnum 

type SubjectMappingOperatorEnum int32
const (
	SubjectMappingOperatorEnum_SUBJECT_MAPPING_OPERATOR_ENUM_UNSPECIFIED SubjectMappingOperatorEnum = 0
	// operator that returns true if a value in a list matches the string
	SubjectMappingOperatorEnum_SUBJECT_MAPPING_OPERATOR_ENUM_IN SubjectMappingOperatorEnum = 1
	// operator that returns true if a value is not in a list that is matched by
	// string
	SubjectMappingOperatorEnum_SUBJECT_MAPPING_OPERATOR_ENUM_NOT_IN SubjectMappingOperatorEnum = 2
	// operator that returns true if a value in a list contains the substring
	SubjectMappingOperatorEnum_SUBJECT_MAPPING_OPERATOR_ENUM_IN_CONTAINS SubjectMappingOperatorEnum = 3
)

func (SubjectMappingOperatorEnum) Descriptor 

func (SubjectMappingOperatorEnum) Descriptor() protoreflect.EnumDescriptor

func (SubjectMappingOperatorEnum) Enum 

func (x SubjectMappingOperatorEnum) Enum() *SubjectMappingOperatorEnum

func (SubjectMappingOperatorEnum) EnumDescriptor deprecated 

func (SubjectMappingOperatorEnum) EnumDescriptor() ([]byte, []int)

Deprecated: Use SubjectMappingOperatorEnum.Descriptor instead.

func (SubjectMappingOperatorEnum) Number 

func (x SubjectMappingOperatorEnum) Number() protoreflect.EnumNumber

func (SubjectMappingOperatorEnum) String 

func (x SubjectMappingOperatorEnum) String() string

func (SubjectMappingOperatorEnum) Type 

func (SubjectMappingOperatorEnum) Type() protoreflect.EnumType

type SubjectProperty 

type SubjectProperty struct {
	ExternalSelectorValue string `` /* 126-byte string literal not displayed */
	ExternalValue         string `protobuf:"bytes,2,opt,name=external_value,json=externalValue,proto3" json:"external_value,omitempty"`
	// contains filtered or unexported fields
}

A property of a Subject/Entity as its selector expression -> value result pair. This would mirror external user attributes retrieved from an authoritative source such as an IDP (Identity Provider) or User Store. Examples include such ADFS/LDAP, OKTA, etc. For now, a valid property must contain both a selector expression & a resulting value.

The external_selector_value is a specifier to select a value from a flattened external representation of an Entity (such as from idP/LDAP), and the external_value is the value selected by the external_selector_value on that Entity Representation (Subject Context). These mirror the Condition.

func (*SubjectProperty) Descriptor deprecated 

func (*SubjectProperty) Descriptor() ([]byte, []int)

Deprecated: Use SubjectProperty.ProtoReflect.Descriptor instead.

func (*SubjectProperty) GetExternalSelectorValue 

func (x *SubjectProperty) GetExternalSelectorValue() string

func (*SubjectProperty) GetExternalValue 

func (x *SubjectProperty) GetExternalValue() string

func (*SubjectProperty) ProtoMessage 

func (*SubjectProperty) ProtoMessage()

func (*SubjectProperty) ProtoReflect 

func (x *SubjectProperty) ProtoReflect() protoreflect.Message

func (*SubjectProperty) Reset 

func (x *SubjectProperty) Reset()

func (*SubjectProperty) String 

func (x *SubjectProperty) String() string

type SubjectSet 

type SubjectSet struct {

	// multiple Condition Groups are evaluated with AND logic
	ConditionGroups []*ConditionGroup `protobuf:"bytes,1,rep,name=condition_groups,json=conditionGroups,proto3" json:"condition_groups,omitempty"`
	// contains filtered or unexported fields
}

A collection of Condition Groups

func (*SubjectSet) Descriptor deprecated 

func (*SubjectSet) Descriptor() ([]byte, []int)

Deprecated: Use SubjectSet.ProtoReflect.Descriptor instead.

func (*SubjectSet) GetConditionGroups 

func (x *SubjectSet) GetConditionGroups() []*ConditionGroup

func (*SubjectSet) ProtoMessage 

func (*SubjectSet) ProtoMessage()

func (*SubjectSet) ProtoReflect 

func (x *SubjectSet) ProtoReflect() protoreflect.Message

func (*SubjectSet) Reset 

func (x *SubjectSet) Reset()

func (*SubjectSet) String 

func (x *SubjectSet) String() string

type SymmetricKey added in v0.3.3 

type SymmetricKey struct {
	Id             string             `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
	KeyId          string             `protobuf:"bytes,2,opt,name=key_id,json=keyId,proto3" json:"key_id,omitempty"`
	KeyStatus      KeyStatus          `protobuf:"varint,3,opt,name=key_status,json=keyStatus,proto3,enum=policy.KeyStatus" json:"key_status,omitempty"`
	KeyMode        KeyMode            `protobuf:"varint,4,opt,name=key_mode,json=keyMode,proto3,enum=policy.KeyMode" json:"key_mode,omitempty"` // Specifies how the key is managed (local or remote)
	KeyCtx         []byte             `protobuf:"bytes,5,opt,name=key_ctx,json=keyCtx,proto3" json:"key_ctx,omitempty"`                         // Specific structure based on key provider implementation
	ProviderConfig *KeyProviderConfig `protobuf:"bytes,6,opt,name=provider_config,json=providerConfig,proto3" json:"provider_config,omitempty"` // Configuration for the key provider
	// Common metadata fields
	Metadata *common.Metadata `protobuf:"bytes,100,opt,name=metadata,proto3" json:"metadata,omitempty"`
	// contains filtered or unexported fields
}

func (*SymmetricKey) Descriptor deprecated added in v0.3.3 

func (*SymmetricKey) Descriptor() ([]byte, []int)

Deprecated: Use SymmetricKey.ProtoReflect.Descriptor instead.

func (*SymmetricKey) GetId added in v0.3.3 

func (x *SymmetricKey) GetId() string

func (*SymmetricKey) GetKeyCtx added in v0.3.3 

func (x *SymmetricKey) GetKeyCtx() []byte

func (*SymmetricKey) GetKeyId added in v0.3.3 

func (x *SymmetricKey) GetKeyId() string

func (*SymmetricKey) GetKeyMode added in v0.3.3 

func (x *SymmetricKey) GetKeyMode() KeyMode

func (*SymmetricKey) GetKeyStatus added in v0.3.3 

func (x *SymmetricKey) GetKeyStatus() KeyStatus

func (*SymmetricKey) GetMetadata added in v0.3.3 

func (x *SymmetricKey) GetMetadata() *common.Metadata

func (*SymmetricKey) GetProviderConfig added in v0.3.3 

func (x *SymmetricKey) GetProviderConfig() *KeyProviderConfig

func (*SymmetricKey) ProtoMessage added in v0.3.3 

func (*SymmetricKey) ProtoMessage()

func (*SymmetricKey) ProtoReflect added in v0.3.3 

func (x *SymmetricKey) ProtoReflect() protoreflect.Message

func (*SymmetricKey) Reset added in v0.3.3 

func (x *SymmetricKey) Reset()

func (*SymmetricKey) String added in v0.3.3 

func (x *SymmetricKey) String() string

type Value 

type Value struct {

	// generated uuid in database
	Id        string     `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
	Attribute *Attribute `protobuf:"bytes,2,opt,name=attribute,proto3" json:"attribute,omitempty"`
	Value     string     `protobuf:"bytes,3,opt,name=value,proto3" json:"value,omitempty"`
	// Deprecated KAS grants for the value. Use kas_keys instead.
	Grants []*KeyAccessServer `protobuf:"bytes,5,rep,name=grants,proto3" json:"grants,omitempty"`
	Fqn    string             `protobuf:"bytes,6,opt,name=fqn,proto3" json:"fqn,omitempty"`
	// active by default until explicitly deactivated
	Active *wrapperspb.BoolValue `protobuf:"bytes,7,opt,name=active,proto3" json:"active,omitempty"`
	// subject mapping
	SubjectMappings  []*SubjectMapping  `protobuf:"bytes,8,rep,name=subject_mappings,json=subjectMappings,proto3" json:"subject_mappings,omitempty"`
	KasKeys          []*SimpleKasKey    `protobuf:"bytes,9,rep,name=kas_keys,json=kasKeys,proto3" json:"kas_keys,omitempty"`
	ResourceMappings []*ResourceMapping `protobuf:"bytes,10,rep,name=resource_mappings,json=resourceMappings,proto3" json:"resource_mappings,omitempty"`
	// Common metadata
	Metadata *common.Metadata `protobuf:"bytes,100,opt,name=metadata,proto3" json:"metadata,omitempty"`
	// contains filtered or unexported fields
}

func (*Value) Descriptor deprecated 

func (*Value) Descriptor() ([]byte, []int)

Deprecated: Use Value.ProtoReflect.Descriptor instead.

func (*Value) GetActive 

func (x *Value) GetActive() *wrapperspb.BoolValue

func (*Value) GetAttribute 

func (x *Value) GetAttribute() *Attribute

func (*Value) GetFqn 

func (x *Value) GetFqn() string

func (*Value) GetGrants 

func (x *Value) GetGrants() []*KeyAccessServer

func (*Value) GetId 

func (x *Value) GetId() string

func (*Value) GetKasKeys added in v0.3.3 

func (x *Value) GetKasKeys() []*SimpleKasKey

func (*Value) GetMetadata 

func (x *Value) GetMetadata() *common.Metadata

func (*Value) GetResourceMappings added in v0.3.4 

func (x *Value) GetResourceMappings() []*ResourceMapping

func (*Value) GetSubjectMappings 

func (x *Value) GetSubjectMappings() []*SubjectMapping

func (*Value) GetValue 

func (x *Value) GetValue() string

func (*Value) ProtoMessage 

func (*Value) ProtoMessage()

func (*Value) ProtoReflect 

func (x *Value) ProtoReflect() protoreflect.Message

func (*Value) Reset 

func (x *Value) Reset()

func (*Value) String 

func (x *Value) String() string

Source Files

View all Source files

Directories

Path Synopsis
actionsconnect
Package attributes is a reverse proxy.
 Package attributes is a reverse proxy.
attributesconnect
Package kasregistry is a reverse proxy.
 Package kasregistry is a reverse proxy.
kasregistryconnect
keymanagementconnect
namespacesconnect
registeredresourcesconnect
resourcemappingconnect
subjectmappingconnect
unsafeconnect

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.