types

package
v1.9.6 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 15, 2024 License: Apache-2.0 Imports: 5 Imported by: 95

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	FederatesWithMatch_MatchBehavior_name = map[int32]string{
		0: "MATCH_EXACT",
		1: "MATCH_SUBSET",
		2: "MATCH_SUPERSET",
		3: "MATCH_ANY",
	}
	FederatesWithMatch_MatchBehavior_value = map[string]int32{
		"MATCH_EXACT":    0,
		"MATCH_SUBSET":   1,
		"MATCH_SUPERSET": 2,
		"MATCH_ANY":      3,
	}
)

Enum value maps for FederatesWithMatch_MatchBehavior.

View Source 
var (
	LogLevel_name = map[int32]string{
		0: "UNSPECIFIED",
		1: "PANIC",
		2: "FATAL",
		3: "ERROR",
		4: "WARN",
		5: "INFO",
		6: "DEBUG",
		7: "TRACE",
	}
	LogLevel_value = map[string]int32{
		"UNSPECIFIED": 0,
		"PANIC":       1,
		"FATAL":       2,
		"ERROR":       3,
		"WARN":        4,
		"INFO":        5,
		"DEBUG":       6,
		"TRACE":       7,
	}
)

Enum value maps for LogLevel.

View Source 
var (
	SelectorMatch_MatchBehavior_name = map[int32]string{
		0: "MATCH_EXACT",
		1: "MATCH_SUBSET",
		2: "MATCH_SUPERSET",
		3: "MATCH_ANY",
	}
	SelectorMatch_MatchBehavior_value = map[string]int32{
		"MATCH_EXACT":    0,
		"MATCH_SUBSET":   1,
		"MATCH_SUPERSET": 2,
		"MATCH_ANY":      3,
	}
)

Enum value maps for SelectorMatch_MatchBehavior.

View Source 
var (
	PermissionDeniedDetails_Reason_name = map[int32]string{
		0: "UNKNOWN",
		1: "AGENT_EXPIRED",
		2: "AGENT_NOT_ATTESTED",
		3: "AGENT_NOT_ACTIVE",
		4: "AGENT_BANNED",
		5: "AGENT_MUST_REATTEST",
	}
	PermissionDeniedDetails_Reason_value = map[string]int32{
		"UNKNOWN":             0,
		"AGENT_EXPIRED":       1,
		"AGENT_NOT_ATTESTED":  2,
		"AGENT_NOT_ACTIVE":    3,
		"AGENT_BANNED":        4,
		"AGENT_MUST_REATTEST": 5,
	}
)

Enum value maps for PermissionDeniedDetails_Reason.

View Source 
var File_spire_api_types_agent_proto protoreflect.FileDescriptor
View Source 
var File_spire_api_types_attestation_proto protoreflect.FileDescriptor
View Source 
var File_spire_api_types_bundle_proto protoreflect.FileDescriptor
View Source 
var File_spire_api_types_entry_proto protoreflect.FileDescriptor
View Source 
var File_spire_api_types_federateswith_proto protoreflect.FileDescriptor
View Source 
var File_spire_api_types_federationrelationship_proto protoreflect.FileDescriptor
View Source 
var File_spire_api_types_jointoken_proto protoreflect.FileDescriptor
View Source 
var File_spire_api_types_jwtsvid_proto protoreflect.FileDescriptor
View Source 
var File_spire_api_types_logger_proto protoreflect.FileDescriptor
View Source 
var File_spire_api_types_selector_proto protoreflect.FileDescriptor
View Source 
var File_spire_api_types_spiffeid_proto protoreflect.FileDescriptor
View Source 
var File_spire_api_types_status_proto protoreflect.FileDescriptor
View Source 
var File_spire_api_types_x509svid_proto protoreflect.FileDescriptor

Functions

This section is empty.

Types

type Agent 

type Agent struct {

	// Output only. SPIFFE ID of the agent.
	Id *SPIFFEID `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
	// Output only. The method by which the agent attested.
	AttestationType string `protobuf:"bytes,2,opt,name=attestation_type,json=attestationType,proto3" json:"attestation_type,omitempty"`
	// Output only. The X509-SVID serial number.
	X509SvidSerialNumber string `protobuf:"bytes,3,opt,name=x509svid_serial_number,json=x509svidSerialNumber,proto3" json:"x509svid_serial_number,omitempty"`
	// Output only. The X509-SVID expiration (seconds since Unix epoch).
	X509SvidExpiresAt int64 `protobuf:"varint,4,opt,name=x509svid_expires_at,json=x509svidExpiresAt,proto3" json:"x509svid_expires_at,omitempty"`
	// Output only. The selectors attributed to the agent during attestation.
	Selectors []*Selector `protobuf:"bytes,5,rep,name=selectors,proto3" json:"selectors,omitempty"`
	// Output only. Whether or not the agent is banned.
	Banned bool `protobuf:"varint,6,opt,name=banned,proto3" json:"banned,omitempty"`
	// Output only. Whether or not the agent can re-attest.
	CanReattest bool `protobuf:"varint,7,opt,name=can_reattest,json=canReattest,proto3" json:"can_reattest,omitempty"`
	// contains filtered or unexported fields
}

func (*Agent) Descriptor deprecated 

func (*Agent) Descriptor() ([]byte, []int)

Deprecated: Use Agent.ProtoReflect.Descriptor instead.

func (*Agent) GetAttestationType 

func (x *Agent) GetAttestationType() string

func (*Agent) GetBanned 

func (x *Agent) GetBanned() bool

func (*Agent) GetCanReattest added in v1.6.3 

func (x *Agent) GetCanReattest() bool

func (*Agent) GetId 

func (x *Agent) GetId() *SPIFFEID

func (*Agent) GetSelectors 

func (x *Agent) GetSelectors() []*Selector

func (*Agent) GetX509SvidExpiresAt 

func (x *Agent) GetX509SvidExpiresAt() int64

func (*Agent) GetX509SvidSerialNumber 

func (x *Agent) GetX509SvidSerialNumber() string

func (*Agent) ProtoMessage 

func (*Agent) ProtoMessage()

func (*Agent) ProtoReflect 

func (x *Agent) ProtoReflect() protoreflect.Message

func (*Agent) Reset 

func (x *Agent) Reset()

func (*Agent) String 

func (x *Agent) String() string

type AgentMask 

type AgentMask struct {

	// attestation_type field mask
	AttestationType bool `protobuf:"varint,2,opt,name=attestation_type,json=attestationType,proto3" json:"attestation_type,omitempty"`
	// x509svid_serial_number field mask
	X509SvidSerialNumber bool `protobuf:"varint,3,opt,name=x509svid_serial_number,json=x509svidSerialNumber,proto3" json:"x509svid_serial_number,omitempty"`
	// x509svid_expires_at field mask
	X509SvidExpiresAt bool `protobuf:"varint,4,opt,name=x509svid_expires_at,json=x509svidExpiresAt,proto3" json:"x509svid_expires_at,omitempty"`
	// selectors field mask
	Selectors bool `protobuf:"varint,5,opt,name=selectors,proto3" json:"selectors,omitempty"`
	// banned field mask
	Banned bool `protobuf:"varint,6,opt,name=banned,proto3" json:"banned,omitempty"`
	// can_reattest field mask
	CanReattest bool `protobuf:"varint,7,opt,name=can_reattest,json=canReattest,proto3" json:"can_reattest,omitempty"`
	// contains filtered or unexported fields
}

func (*AgentMask) Descriptor deprecated 

func (*AgentMask) Descriptor() ([]byte, []int)

Deprecated: Use AgentMask.ProtoReflect.Descriptor instead.

func (*AgentMask) GetAttestationType 

func (x *AgentMask) GetAttestationType() bool

func (*AgentMask) GetBanned 

func (x *AgentMask) GetBanned() bool

func (*AgentMask) GetCanReattest added in v1.6.3 

func (x *AgentMask) GetCanReattest() bool

func (*AgentMask) GetSelectors 

func (x *AgentMask) GetSelectors() bool

func (*AgentMask) GetX509SvidExpiresAt 

func (x *AgentMask) GetX509SvidExpiresAt() bool

func (*AgentMask) GetX509SvidSerialNumber 

func (x *AgentMask) GetX509SvidSerialNumber() bool

func (*AgentMask) ProtoMessage 

func (*AgentMask) ProtoMessage()

func (*AgentMask) ProtoReflect 

func (x *AgentMask) ProtoReflect() protoreflect.Message

func (*AgentMask) Reset 

func (x *AgentMask) Reset()

func (*AgentMask) String 

func (x *AgentMask) String() string

type AttestationData 

type AttestationData struct {

	// The type of attestation data. This is typically the name of the plugin
	// that produced that data.
	Type string `protobuf:"bytes,1,opt,name=type,proto3" json:"type,omitempty"`
	// The attestation data payload.
	Payload []byte `protobuf:"bytes,2,opt,name=payload,proto3" json:"payload,omitempty"`
	// contains filtered or unexported fields
}

func (*AttestationData) Descriptor deprecated 

func (*AttestationData) Descriptor() ([]byte, []int)

Deprecated: Use AttestationData.ProtoReflect.Descriptor instead.

func (*AttestationData) GetPayload 

func (x *AttestationData) GetPayload() []byte

func (*AttestationData) GetType 

func (x *AttestationData) GetType() string

func (*AttestationData) ProtoMessage 

func (*AttestationData) ProtoMessage()

func (*AttestationData) ProtoReflect 

func (x *AttestationData) ProtoReflect() protoreflect.Message

func (*AttestationData) Reset 

func (x *AttestationData) Reset()

func (*AttestationData) String 

func (x *AttestationData) String() string

type Bundle 

type Bundle struct {

	// The name of the trust domain the bundle belongs to (e.g., "example.org").
	TrustDomain string `protobuf:"bytes,1,opt,name=trust_domain,json=trustDomain,proto3" json:"trust_domain,omitempty"`
	// X.509 authorities for authenticating X509-SVIDs.
	X509Authorities []*X509Certificate `protobuf:"bytes,2,rep,name=x509_authorities,json=x509Authorities,proto3" json:"x509_authorities,omitempty"`
	// JWT authorities for authenticating JWT-SVIDs.
	JwtAuthorities []*JWTKey `protobuf:"bytes,3,rep,name=jwt_authorities,json=jwtAuthorities,proto3" json:"jwt_authorities,omitempty"`
	// A hint on how often the bundle should be refreshed from the bundle
	// provider, in seconds. Can be zero (meaning no hint available).
	RefreshHint int64 `protobuf:"varint,4,opt,name=refresh_hint,json=refreshHint,proto3" json:"refresh_hint,omitempty"`
	// The sequence number of the bundle.
	SequenceNumber uint64 `protobuf:"varint,5,opt,name=sequence_number,json=sequenceNumber,proto3" json:"sequence_number,omitempty"`
	// contains filtered or unexported fields
}

func (*Bundle) Descriptor deprecated 

func (*Bundle) Descriptor() ([]byte, []int)

Deprecated: Use Bundle.ProtoReflect.Descriptor instead.

func (*Bundle) GetJwtAuthorities 

func (x *Bundle) GetJwtAuthorities() []*JWTKey

func (*Bundle) GetRefreshHint 

func (x *Bundle) GetRefreshHint() int64

func (*Bundle) GetSequenceNumber 

func (x *Bundle) GetSequenceNumber() uint64

func (*Bundle) GetTrustDomain 

func (x *Bundle) GetTrustDomain() string

func (*Bundle) GetX509Authorities 

func (x *Bundle) GetX509Authorities() []*X509Certificate

func (*Bundle) ProtoMessage 

func (*Bundle) ProtoMessage()

func (*Bundle) ProtoReflect 

func (x *Bundle) ProtoReflect() protoreflect.Message

func (*Bundle) Reset 

func (x *Bundle) Reset()

func (*Bundle) String 

func (x *Bundle) String() string

type BundleMask 

type BundleMask struct {

	// x509_authorities field mask.
	X509Authorities bool `protobuf:"varint,2,opt,name=x509_authorities,json=x509Authorities,proto3" json:"x509_authorities,omitempty"`
	// jwt_authorities field mask.
	JwtAuthorities bool `protobuf:"varint,3,opt,name=jwt_authorities,json=jwtAuthorities,proto3" json:"jwt_authorities,omitempty"`
	// refresh_hint field mask.
	RefreshHint bool `protobuf:"varint,4,opt,name=refresh_hint,json=refreshHint,proto3" json:"refresh_hint,omitempty"`
	// sequence_number field mask.
	SequenceNumber bool `protobuf:"varint,5,opt,name=sequence_number,json=sequenceNumber,proto3" json:"sequence_number,omitempty"`
	// contains filtered or unexported fields
}

func (*BundleMask) Descriptor deprecated 

func (*BundleMask) Descriptor() ([]byte, []int)

Deprecated: Use BundleMask.ProtoReflect.Descriptor instead.

func (*BundleMask) GetJwtAuthorities 

func (x *BundleMask) GetJwtAuthorities() bool

func (*BundleMask) GetRefreshHint 

func (x *BundleMask) GetRefreshHint() bool

func (*BundleMask) GetSequenceNumber 

func (x *BundleMask) GetSequenceNumber() bool

func (*BundleMask) GetX509Authorities 

func (x *BundleMask) GetX509Authorities() bool

func (*BundleMask) ProtoMessage 

func (*BundleMask) ProtoMessage()

func (*BundleMask) ProtoReflect 

func (x *BundleMask) ProtoReflect() protoreflect.Message

func (*BundleMask) Reset 

func (x *BundleMask) Reset()

func (*BundleMask) String 

func (x *BundleMask) String() string

type Entry 

type Entry struct {

	// Globally unique ID for the entry.
	Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
	// The SPIFFE ID of the identity described by this entry.
	SpiffeId *SPIFFEID `protobuf:"bytes,2,opt,name=spiffe_id,json=spiffeId,proto3" json:"spiffe_id,omitempty"`
	// Who the entry is delegated to. If the entry describes a node, this is
	// set to the SPIFFE ID of the SPIRE server of the trust domain (e.g.
	// spiffe://example.org/spire/server). Otherwise, it will be set to a node
	// SPIFFE ID.
	ParentId *SPIFFEID `protobuf:"bytes,3,opt,name=parent_id,json=parentId,proto3" json:"parent_id,omitempty"`
	// The selectors which identify which entities match this entry. If this is
	// an entry for a node, these selectors represent selectors produced by
	// node attestation. Otherwise, these selectors represent those produced by
	// workload attestation.
	Selectors []*Selector `protobuf:"bytes,4,rep,name=selectors,proto3" json:"selectors,omitempty"`
	// The time to live for X509-SVID identities issued for this entry (in seconds).
	// Previously called ttl
	X509SvidTtl int32 `protobuf:"varint,5,opt,name=x509_svid_ttl,json=x509SvidTtl,proto3" json:"x509_svid_ttl,omitempty"`
	// The names of trust domains the identity described by this entry
	// federates with.
	FederatesWith []string `protobuf:"bytes,6,rep,name=federates_with,json=federatesWith,proto3" json:"federates_with,omitempty"`
	// Whether or not the identity described by this entry is an administrative
	// workload. Administrative workloads are granted additional access to
	// various managerial server APIs, such as entry registration.
	Admin bool `protobuf:"varint,7,opt,name=admin,proto3" json:"admin,omitempty"`
	// Whether or not the identity described by this entry represents a
	// downstream SPIRE server. Downstream SPIRE servers have additional access
	// to various signing APIs, such as those used to sign X.509 CA
	// certificates and publish JWT signing keys.
	Downstream bool `protobuf:"varint,8,opt,name=downstream,proto3" json:"downstream,omitempty"`
	// When the entry expires (seconds since Unix epoch).
	ExpiresAt int64 `protobuf:"varint,9,opt,name=expires_at,json=expiresAt,proto3" json:"expires_at,omitempty"`
	// A list of DNS names associated with the identity described by this entry.
	DnsNames []string `protobuf:"bytes,10,rep,name=dns_names,json=dnsNames,proto3" json:"dns_names,omitempty"`
	// Revision number is bumped every time the entry is updated
	RevisionNumber int64 `protobuf:"varint,11,opt,name=revision_number,json=revisionNumber,proto3" json:"revision_number,omitempty"`
	// Determines if the issued identity is exportable to a store
	StoreSvid bool `protobuf:"varint,12,opt,name=store_svid,json=storeSvid,proto3" json:"store_svid,omitempty"`
	// The time to live for JWT-SVID identities issued for this entry (in seconds), overrides ttl if set.
	JwtSvidTtl int32 `protobuf:"varint,13,opt,name=jwt_svid_ttl,json=jwtSvidTtl,proto3" json:"jwt_svid_ttl,omitempty"`
	// An operator-specified string used to provide guidance on how this
	// identity should be used by a workload when more than one SVID is returned.
	Hint string `protobuf:"bytes,14,opt,name=hint,proto3" json:"hint,omitempty"`
	// When the entry was created (seconds since Unix epoch).
	CreatedAt int64 `protobuf:"varint,15,opt,name=created_at,json=createdAt,proto3" json:"created_at,omitempty"`
	// contains filtered or unexported fields
}

func (*Entry) Descriptor deprecated 

func (*Entry) Descriptor() ([]byte, []int)

Deprecated: Use Entry.ProtoReflect.Descriptor instead.

func (*Entry) GetAdmin 

func (x *Entry) GetAdmin() bool

func (*Entry) GetCreatedAt added in v1.6.3 

func (x *Entry) GetCreatedAt() int64

func (*Entry) GetDnsNames 

func (x *Entry) GetDnsNames() []string

func (*Entry) GetDownstream 

func (x *Entry) GetDownstream() bool

func (*Entry) GetExpiresAt 

func (x *Entry) GetExpiresAt() int64

func (*Entry) GetFederatesWith 

func (x *Entry) GetFederatesWith() []string

func (*Entry) GetHint added in v1.6.3 

func (x *Entry) GetHint() string

func (*Entry) GetId 

func (x *Entry) GetId() string

func (*Entry) GetJwtSvidTtl added in v1.5.0 

func (x *Entry) GetJwtSvidTtl() int32

func (*Entry) GetParentId 

func (x *Entry) GetParentId() *SPIFFEID

func (*Entry) GetRevisionNumber 

func (x *Entry) GetRevisionNumber() int64

func (*Entry) GetSelectors 

func (x *Entry) GetSelectors() []*Selector

func (*Entry) GetSpiffeId 

func (x *Entry) GetSpiffeId() *SPIFFEID

func (*Entry) GetStoreSvid added in v1.1.0 

func (x *Entry) GetStoreSvid() bool

func (*Entry) GetX509SvidTtl added in v1.5.0 

func (x *Entry) GetX509SvidTtl() int32

func (*Entry) ProtoMessage 

func (*Entry) ProtoMessage()

func (*Entry) ProtoReflect 

func (x *Entry) ProtoReflect() protoreflect.Message

func (*Entry) Reset 

func (x *Entry) Reset()

func (*Entry) String 

func (x *Entry) String() string

type EntryMask 

type EntryMask struct {

	// spiffe_id field mask
	SpiffeId bool `protobuf:"varint,2,opt,name=spiffe_id,json=spiffeId,proto3" json:"spiffe_id,omitempty"`
	// parent_id field mask
	ParentId bool `protobuf:"varint,3,opt,name=parent_id,json=parentId,proto3" json:"parent_id,omitempty"`
	// selectors field mask
	Selectors bool `protobuf:"varint,4,opt,name=selectors,proto3" json:"selectors,omitempty"`
	// x509_svid_ttl field mask
	X509SvidTtl bool `protobuf:"varint,5,opt,name=x509_svid_ttl,json=x509SvidTtl,proto3" json:"x509_svid_ttl,omitempty"`
	// federates_with field mask
	FederatesWith bool `protobuf:"varint,6,opt,name=federates_with,json=federatesWith,proto3" json:"federates_with,omitempty"`
	// admin field mask
	Admin bool `protobuf:"varint,7,opt,name=admin,proto3" json:"admin,omitempty"`
	// downstream field mask
	Downstream bool `protobuf:"varint,8,opt,name=downstream,proto3" json:"downstream,omitempty"`
	// expires_at field mask
	ExpiresAt bool `protobuf:"varint,9,opt,name=expires_at,json=expiresAt,proto3" json:"expires_at,omitempty"`
	// dns_names field mask
	DnsNames bool `protobuf:"varint,10,opt,name=dns_names,json=dnsNames,proto3" json:"dns_names,omitempty"`
	// revision_number field mask
	RevisionNumber bool `protobuf:"varint,11,opt,name=revision_number,json=revisionNumber,proto3" json:"revision_number,omitempty"`
	// store_svid field mask
	StoreSvid bool `protobuf:"varint,12,opt,name=store_svid,json=storeSvid,proto3" json:"store_svid,omitempty"`
	// jwt_svid_ttl field mask
	JwtSvidTtl bool `protobuf:"varint,13,opt,name=jwt_svid_ttl,json=jwtSvidTtl,proto3" json:"jwt_svid_ttl,omitempty"`
	// hint field mask
	Hint bool `protobuf:"varint,14,opt,name=hint,proto3" json:"hint,omitempty"`
	// created_at field mask
	CreatedAt bool `protobuf:"varint,15,opt,name=created_at,json=createdAt,proto3" json:"created_at,omitempty"`
	// contains filtered or unexported fields
}

Field mask for Entry fields

func (*EntryMask) Descriptor deprecated 

func (*EntryMask) Descriptor() ([]byte, []int)

Deprecated: Use EntryMask.ProtoReflect.Descriptor instead.

func (*EntryMask) GetAdmin 

func (x *EntryMask) GetAdmin() bool

func (*EntryMask) GetCreatedAt added in v1.6.3 

func (x *EntryMask) GetCreatedAt() bool

func (*EntryMask) GetDnsNames 

func (x *EntryMask) GetDnsNames() bool

func (*EntryMask) GetDownstream 

func (x *EntryMask) GetDownstream() bool

func (*EntryMask) GetExpiresAt 

func (x *EntryMask) GetExpiresAt() bool

func (*EntryMask) GetFederatesWith 

func (x *EntryMask) GetFederatesWith() bool

func (*EntryMask) GetHint added in v1.6.3 

func (x *EntryMask) GetHint() bool

func (*EntryMask) GetJwtSvidTtl added in v1.5.0 

func (x *EntryMask) GetJwtSvidTtl() bool

func (*EntryMask) GetParentId 

func (x *EntryMask) GetParentId() bool

func (*EntryMask) GetRevisionNumber 

func (x *EntryMask) GetRevisionNumber() bool

func (*EntryMask) GetSelectors 

func (x *EntryMask) GetSelectors() bool

func (*EntryMask) GetSpiffeId 

func (x *EntryMask) GetSpiffeId() bool

func (*EntryMask) GetStoreSvid added in v1.1.0 

func (x *EntryMask) GetStoreSvid() bool

func (*EntryMask) GetX509SvidTtl added in v1.5.0 

func (x *EntryMask) GetX509SvidTtl() bool

func (*EntryMask) ProtoMessage 

func (*EntryMask) ProtoMessage()

func (*EntryMask) ProtoReflect 

func (x *EntryMask) ProtoReflect() protoreflect.Message

func (*EntryMask) Reset 

func (x *EntryMask) Reset()

func (*EntryMask) String 

func (x *EntryMask) String() string

type FederatesWithMatch 

type FederatesWithMatch struct {

	// The set of trust domain names to match on (e.g., "example.org").
	TrustDomains []string `protobuf:"bytes,1,rep,name=trust_domains,json=trustDomains,proto3" json:"trust_domains,omitempty"`
	// How to match the trust domains.
	Match FederatesWithMatch_MatchBehavior `protobuf:"varint,2,opt,name=match,proto3,enum=spire.api.types.FederatesWithMatch_MatchBehavior" json:"match,omitempty"`
	// contains filtered or unexported fields
}

func (*FederatesWithMatch) Descriptor deprecated 

func (*FederatesWithMatch) Descriptor() ([]byte, []int)

Deprecated: Use FederatesWithMatch.ProtoReflect.Descriptor instead.

func (*FederatesWithMatch) GetMatch 

func (x *FederatesWithMatch) GetMatch() FederatesWithMatch_MatchBehavior

func (*FederatesWithMatch) GetTrustDomains 

func (x *FederatesWithMatch) GetTrustDomains() []string

func (*FederatesWithMatch) ProtoMessage 

func (*FederatesWithMatch) ProtoMessage()

func (*FederatesWithMatch) ProtoReflect 

func (x *FederatesWithMatch) ProtoReflect() protoreflect.Message

func (*FederatesWithMatch) Reset 

func (x *FederatesWithMatch) Reset()

func (*FederatesWithMatch) String 

func (x *FederatesWithMatch) String() string

type FederatesWithMatch_MatchBehavior 

type FederatesWithMatch_MatchBehavior int32
const (
	// Indicates that the federated trust domains in this match are
	// equal to the candidate trust domains, independent of ordering.
	// Example:
	//   Given:
	//     - e1 { FederatesWith: ["spiffe://td1", "spiffe://td2", "spiffe://td3"]}
	//     - e2 { FederatesWith: ["spiffe://td1", "spiffe://td2"]}
	//     - e3 { FederatesWith: ["spiffe://td1"]}
	//   Operation:
	//     - MATCH_EXACT ["spiffe://td1", "spiffe://td2"]
	//   Entries that match:
	//     - 'e2'
	FederatesWithMatch_MATCH_EXACT FederatesWithMatch_MatchBehavior = 0
	// Indicates that all candidates which have a non-empty subset
	// of the provided set of trust domains will match.
	// Example:
	//   Given:
	//     - e1 { FederatesWith: ["spiffe://td1", "spiffe://td2", "spiffe://td3"]}
	//     - e2 { FederatesWith: ["spiffe://td1", "spiffe://td2"]}
	//     - e3 { FederatesWith: ["spiffe://td1"]}
	//   Operation:
	//     - MATCH_SUBSET ["spiffe://td1"]
	//   Entries that match:
	//     - 'e1'
	FederatesWithMatch_MATCH_SUBSET FederatesWithMatch_MatchBehavior = 1
	// Indicate that all candidates which are a superset
	// of the provided set of trust domains will match.
	// Example:
	//   Given:
	//     - e1 { FederatesWith: ["spiffe://td1", "spiffe://td2", "spiffe://td3"]}
	//     - e2 { FederatesWith: ["spiffe://td1", "spiffe://td2"]}
	//     - e3 { FederatesWith: ["spiffe://td1"]}
	//   Operation:
	//     - MATCH_SUPERSET ["spiffe://td1", "spiffe://td2"]
	//   Entries that match:
	//     - 'e1'
	//     - 'e2'
	FederatesWithMatch_MATCH_SUPERSET FederatesWithMatch_MatchBehavior = 2
	// Indicates that all candidates which have at least one
	// of the provided set of trust domains will match.
	// Example:
	//   Given:
	//     - e1 { FederatesWith: ["spiffe://td1", "spiffe://td2", "spiffe://td3"]}
	//     - e2 { FederatesWith: ["spiffe://td1", "spiffe://td2"]}
	//     - e3 { FederatesWith: ["spiffe://td1"]}
	//   Operation:
	//     - MATCH_ANY ["spiffe://td1"]
	//   Entries that match:
	//     - 'e1'
	//     - 'e2'
	//     - 'e3'
	FederatesWithMatch_MATCH_ANY FederatesWithMatch_MatchBehavior = 3
)

func (FederatesWithMatch_MatchBehavior) Descriptor 

func (FederatesWithMatch_MatchBehavior) Descriptor() protoreflect.EnumDescriptor

func (FederatesWithMatch_MatchBehavior) Enum 

func (x FederatesWithMatch_MatchBehavior) Enum() *FederatesWithMatch_MatchBehavior

func (FederatesWithMatch_MatchBehavior) EnumDescriptor deprecated 

func (FederatesWithMatch_MatchBehavior) EnumDescriptor() ([]byte, []int)

Deprecated: Use FederatesWithMatch_MatchBehavior.Descriptor instead.

func (FederatesWithMatch_MatchBehavior) Number 

func (x FederatesWithMatch_MatchBehavior) Number() protoreflect.EnumNumber

func (FederatesWithMatch_MatchBehavior) String 

func (x FederatesWithMatch_MatchBehavior) String() string

func (FederatesWithMatch_MatchBehavior) Type 

func (FederatesWithMatch_MatchBehavior) Type() protoreflect.EnumType

type FederationRelationship added in v1.1.0 

type FederationRelationship struct {

	// Required. The trust domain name (e.g., "example.org") to federate with.
	TrustDomain string `protobuf:"bytes,1,opt,name=trust_domain,json=trustDomain,proto3" json:"trust_domain,omitempty"`
	// Required. URL of the SPIFFE bundle endpoint that provides the trust
	// bundle to federate with. Must use the HTTPS protocol.
	BundleEndpointUrl string `protobuf:"bytes,2,opt,name=bundle_endpoint_url,json=bundleEndpointUrl,proto3" json:"bundle_endpoint_url,omitempty"`
	// Required. The endpoint profile type.
	//
	// Types that are assignable to BundleEndpointProfile:
	//	*FederationRelationship_HttpsWeb
	//	*FederationRelationship_HttpsSpiffe
	BundleEndpointProfile isFederationRelationship_BundleEndpointProfile `protobuf_oneof:"bundle_endpoint_profile"`
	// Optional. The bundle for the trust domain. This field can be used to
	// create or replace the referenced trust domains' bundle when the
	// relationship is created or updated.  When the relationship is retrieved,
	// it will be set to the referenced trust domain's latest bundle (if
	// available). Please note that the `https_spiffe` profile requires an
	// existing trust domain bundle in order to function correctly. The
	// required bundle must match the trust domain specified in the bundle
	// endpoint SPIFFE ID. If the bundle endpoint SPIFFE ID resides in the same
	// trust domain that you're trying to federate with, you may optionally
	// specify that trust domain bundle here. If the bundle endpoint SPIFFE ID
	// _does not_ reside in the same trust domain that you're federating with,
	// please ensure that the trust domain bundle for that trust domain has
	// been configured separately (e.g. configured via another federation
	// relationship or manually set via the Bundle API).
	TrustDomainBundle *Bundle `protobuf:"bytes,5,opt,name=trust_domain_bundle,json=trustDomainBundle,proto3" json:"trust_domain_bundle,omitempty"`
	// contains filtered or unexported fields
}

func (*FederationRelationship) Descriptor deprecated added in v1.1.0 

func (*FederationRelationship) Descriptor() ([]byte, []int)

Deprecated: Use FederationRelationship.ProtoReflect.Descriptor instead.

func (*FederationRelationship) GetBundleEndpointProfile added in v1.1.0 

func (m *FederationRelationship) GetBundleEndpointProfile() isFederationRelationship_BundleEndpointProfile

func (*FederationRelationship) GetBundleEndpointUrl added in v1.1.0 

func (x *FederationRelationship) GetBundleEndpointUrl() string

func (*FederationRelationship) GetHttpsSpiffe added in v1.1.0 

func (x *FederationRelationship) GetHttpsSpiffe() *HTTPSSPIFFEProfile

func (*FederationRelationship) GetHttpsWeb added in v1.1.0 

func (x *FederationRelationship) GetHttpsWeb() *HTTPSWebProfile

func (*FederationRelationship) GetTrustDomain added in v1.1.0 

func (x *FederationRelationship) GetTrustDomain() string

func (*FederationRelationship) GetTrustDomainBundle added in v1.1.0 

func (x *FederationRelationship) GetTrustDomainBundle() *Bundle

func (*FederationRelationship) ProtoMessage added in v1.1.0 

func (*FederationRelationship) ProtoMessage()

func (*FederationRelationship) ProtoReflect added in v1.1.0 

func (x *FederationRelationship) ProtoReflect() protoreflect.Message

func (*FederationRelationship) Reset added in v1.1.0 

func (x *FederationRelationship) Reset()

func (*FederationRelationship) String added in v1.1.0 

func (x *FederationRelationship) String() string

type FederationRelationshipMask added in v1.1.0 

type FederationRelationshipMask struct {

	// bundle_endpoint_url field mask.
	BundleEndpointUrl bool `protobuf:"varint,1,opt,name=bundle_endpoint_url,json=bundleEndpointUrl,proto3" json:"bundle_endpoint_url,omitempty"`
	// bundle_endpoint_profile field mask.
	BundleEndpointProfile bool `` /* 127-byte string literal not displayed */
	// trust_domain_bundle field mask.
	TrustDomainBundle bool `protobuf:"varint,3,opt,name=trust_domain_bundle,json=trustDomainBundle,proto3" json:"trust_domain_bundle,omitempty"`
	// contains filtered or unexported fields
}

func (*FederationRelationshipMask) Descriptor deprecated added in v1.1.0 

func (*FederationRelationshipMask) Descriptor() ([]byte, []int)

Deprecated: Use FederationRelationshipMask.ProtoReflect.Descriptor instead.

func (*FederationRelationshipMask) GetBundleEndpointProfile added in v1.1.0 

func (x *FederationRelationshipMask) GetBundleEndpointProfile() bool

func (*FederationRelationshipMask) GetBundleEndpointUrl added in v1.1.0 

func (x *FederationRelationshipMask) GetBundleEndpointUrl() bool

func (*FederationRelationshipMask) GetTrustDomainBundle added in v1.1.0 

func (x *FederationRelationshipMask) GetTrustDomainBundle() bool

func (*FederationRelationshipMask) ProtoMessage added in v1.1.0 

func (*FederationRelationshipMask) ProtoMessage()

func (*FederationRelationshipMask) ProtoReflect added in v1.1.0 

func (x *FederationRelationshipMask) ProtoReflect() protoreflect.Message

func (*FederationRelationshipMask) Reset added in v1.1.0 

func (x *FederationRelationshipMask) Reset()

func (*FederationRelationshipMask) String added in v1.1.0 

func (x *FederationRelationshipMask) String() string

type FederationRelationship_HttpsSpiffe added in v1.1.0 

type FederationRelationship_HttpsSpiffe struct {
	// Use SPIFFE Authentication endpoint profile.
	HttpsSpiffe *HTTPSSPIFFEProfile `protobuf:"bytes,4,opt,name=https_spiffe,json=httpsSpiffe,proto3,oneof"`
}

type FederationRelationship_HttpsWeb added in v1.1.0 

type FederationRelationship_HttpsWeb struct {
	// Use Web PKI endpoint profile.
	HttpsWeb *HTTPSWebProfile `protobuf:"bytes,3,opt,name=https_web,json=httpsWeb,proto3,oneof"`
}

type HTTPSSPIFFEProfile added in v1.1.0 

type HTTPSSPIFFEProfile struct {

	// Required. Specifies the expected SPIFFE ID of the SPIFFE bundle endpoint
	// server.
	EndpointSpiffeId string `protobuf:"bytes,1,opt,name=endpoint_spiffe_id,json=endpointSpiffeId,proto3" json:"endpoint_spiffe_id,omitempty"`
	// contains filtered or unexported fields
}

func (*HTTPSSPIFFEProfile) Descriptor deprecated added in v1.1.0 

func (*HTTPSSPIFFEProfile) Descriptor() ([]byte, []int)

Deprecated: Use HTTPSSPIFFEProfile.ProtoReflect.Descriptor instead.

func (*HTTPSSPIFFEProfile) GetEndpointSpiffeId added in v1.1.0 

func (x *HTTPSSPIFFEProfile) GetEndpointSpiffeId() string

func (*HTTPSSPIFFEProfile) ProtoMessage added in v1.1.0 

func (*HTTPSSPIFFEProfile) ProtoMessage()

func (*HTTPSSPIFFEProfile) ProtoReflect added in v1.1.0 

func (x *HTTPSSPIFFEProfile) ProtoReflect() protoreflect.Message

func (*HTTPSSPIFFEProfile) Reset added in v1.1.0 

func (x *HTTPSSPIFFEProfile) Reset()

func (*HTTPSSPIFFEProfile) String added in v1.1.0 

func (x *HTTPSSPIFFEProfile) String() string

type HTTPSWebProfile added in v1.1.0 

type HTTPSWebProfile struct {
	// contains filtered or unexported fields
}

func (*HTTPSWebProfile) Descriptor deprecated added in v1.1.0 

func (*HTTPSWebProfile) Descriptor() ([]byte, []int)

Deprecated: Use HTTPSWebProfile.ProtoReflect.Descriptor instead.

func (*HTTPSWebProfile) ProtoMessage added in v1.1.0 

func (*HTTPSWebProfile) ProtoMessage()

func (*HTTPSWebProfile) ProtoReflect added in v1.1.0 

func (x *HTTPSWebProfile) ProtoReflect() protoreflect.Message

func (*HTTPSWebProfile) Reset added in v1.1.0 

func (x *HTTPSWebProfile) Reset()

func (*HTTPSWebProfile) String added in v1.1.0 

func (x *HTTPSWebProfile) String() string

type JWTKey 

type JWTKey struct {

	// The PKIX encoded public key.
	PublicKey []byte `protobuf:"bytes,1,opt,name=public_key,json=publicKey,proto3" json:"public_key,omitempty"`
	// The key identifier.
	KeyId string `protobuf:"bytes,2,opt,name=key_id,json=keyId,proto3" json:"key_id,omitempty"`
	// When the key expires (seconds since Unix epoch). If zero, the key does
	// not expire.
	ExpiresAt int64 `protobuf:"varint,3,opt,name=expires_at,json=expiresAt,proto3" json:"expires_at,omitempty"`
	// This authority is no longer secure and must not be used
	Tainted bool `protobuf:"varint,4,opt,name=tainted,proto3" json:"tainted,omitempty"`
	// contains filtered or unexported fields
}

func (*JWTKey) Descriptor deprecated 

func (*JWTKey) Descriptor() ([]byte, []int)

Deprecated: Use JWTKey.ProtoReflect.Descriptor instead.

func (*JWTKey) GetExpiresAt 

func (x *JWTKey) GetExpiresAt() int64

func (*JWTKey) GetKeyId 

func (x *JWTKey) GetKeyId() string

func (*JWTKey) GetPublicKey 

func (x *JWTKey) GetPublicKey() []byte

func (*JWTKey) GetTainted added in v1.7.2 

func (x *JWTKey) GetTainted() bool

func (*JWTKey) ProtoMessage 

func (*JWTKey) ProtoMessage()

func (*JWTKey) ProtoReflect 

func (x *JWTKey) ProtoReflect() protoreflect.Message

func (*JWTKey) Reset 

func (x *JWTKey) Reset()

func (*JWTKey) String 

func (x *JWTKey) String() string

type JWTSVID 

type JWTSVID struct {

	// The serialized JWT token.
	Token string `protobuf:"bytes,1,opt,name=token,proto3" json:"token,omitempty"`
	// The SPIFFE ID of the JWT-SVID.
	Id *SPIFFEID `protobuf:"bytes,2,opt,name=id,proto3" json:"id,omitempty"`
	// Expiration timestamp (seconds since Unix epoch).
	ExpiresAt int64 `protobuf:"varint,3,opt,name=expires_at,json=expiresAt,proto3" json:"expires_at,omitempty"`
	// Issuance timestamp (seconds since Unix epoch).
	IssuedAt int64 `protobuf:"varint,4,opt,name=issued_at,json=issuedAt,proto3" json:"issued_at,omitempty"`
	// Optional. An operator-specified string used to provide guidance on how this
	// identity should be used by a workload when more than one SVID is returned.
	// For example, `internal` and `external` to indicate an SVID for internal or
	// external use, respectively.
	Hint string `protobuf:"bytes,5,opt,name=hint,proto3" json:"hint,omitempty"`
	// contains filtered or unexported fields
}

JWT SPIFFE Verifiable Identity Document. It contains the raw JWT token as well as a few denormalized fields for convenience.

func (*JWTSVID) Descriptor deprecated 

func (*JWTSVID) Descriptor() ([]byte, []int)

Deprecated: Use JWTSVID.ProtoReflect.Descriptor instead.

func (*JWTSVID) GetExpiresAt 

func (x *JWTSVID) GetExpiresAt() int64

func (*JWTSVID) GetHint added in v1.6.4 

func (x *JWTSVID) GetHint() string

func (*JWTSVID) GetId 

func (x *JWTSVID) GetId() *SPIFFEID

func (*JWTSVID) GetIssuedAt 

func (x *JWTSVID) GetIssuedAt() int64

func (*JWTSVID) GetToken 

func (x *JWTSVID) GetToken() string

func (*JWTSVID) ProtoMessage 

func (*JWTSVID) ProtoMessage()

func (*JWTSVID) ProtoReflect 

func (x *JWTSVID) ProtoReflect() protoreflect.Message

func (*JWTSVID) Reset 

func (x *JWTSVID) Reset()

func (*JWTSVID) String 

func (x *JWTSVID) String() string

type JoinToken 

type JoinToken struct {

	// The value of the token.
	Value string `protobuf:"bytes,1,opt,name=value,proto3" json:"value,omitempty"`
	// The token expiration (seconds since Unix epoch).
	ExpiresAt int64 `protobuf:"varint,2,opt,name=expires_at,json=expiresAt,proto3" json:"expires_at,omitempty"`
	// contains filtered or unexported fields
}

func (*JoinToken) Descriptor deprecated 

func (*JoinToken) Descriptor() ([]byte, []int)

Deprecated: Use JoinToken.ProtoReflect.Descriptor instead.

func (*JoinToken) GetExpiresAt 

func (x *JoinToken) GetExpiresAt() int64

func (*JoinToken) GetValue 

func (x *JoinToken) GetValue() string

func (*JoinToken) ProtoMessage 

func (*JoinToken) ProtoMessage()

func (*JoinToken) ProtoReflect 

func (x *JoinToken) ProtoReflect() protoreflect.Message

func (*JoinToken) Reset 

func (x *JoinToken) Reset()

func (*JoinToken) String 

func (x *JoinToken) String() string

type LogLevel added in v1.9.2 

type LogLevel int32

The logger log levels. 

const (
	LogLevel_UNSPECIFIED LogLevel = 0
	LogLevel_PANIC       LogLevel = 1
	LogLevel_FATAL       LogLevel = 2
	LogLevel_ERROR       LogLevel = 3
	LogLevel_WARN        LogLevel = 4
	LogLevel_INFO        LogLevel = 5
	LogLevel_DEBUG       LogLevel = 6
	LogLevel_TRACE       LogLevel = 7
)

func (LogLevel) Descriptor added in v1.9.2 

func (LogLevel) Descriptor() protoreflect.EnumDescriptor

func (LogLevel) Enum added in v1.9.2 

func (x LogLevel) Enum() *LogLevel

func (LogLevel) EnumDescriptor deprecated added in v1.9.2 

func (LogLevel) EnumDescriptor() ([]byte, []int)

Deprecated: Use LogLevel.Descriptor instead.

func (LogLevel) Number added in v1.9.2 

func (x LogLevel) Number() protoreflect.EnumNumber

func (LogLevel) String added in v1.9.2 

func (x LogLevel) String() string

func (LogLevel) Type added in v1.9.2 

func (LogLevel) Type() protoreflect.EnumType

type Logger added in v1.9.2 

type Logger struct {

	// Output only. The logger's current log level.
	CurrentLevel LogLevel `` /* 128-byte string literal not displayed */
	// Output only. The logger's log level at process launch.
	LaunchLevel LogLevel `protobuf:"varint,2,opt,name=launch_level,json=launchLevel,proto3,enum=spire.api.types.LogLevel" json:"launch_level,omitempty"`
	// contains filtered or unexported fields
}

Represents the current Logger settings.

func (*Logger) Descriptor deprecated added in v1.9.2 

func (*Logger) Descriptor() ([]byte, []int)

Deprecated: Use Logger.ProtoReflect.Descriptor instead.

func (*Logger) GetCurrentLevel added in v1.9.2 

func (x *Logger) GetCurrentLevel() LogLevel

func (*Logger) GetLaunchLevel added in v1.9.2 

func (x *Logger) GetLaunchLevel() LogLevel

func (*Logger) ProtoMessage added in v1.9.2 

func (*Logger) ProtoMessage()

func (*Logger) ProtoReflect added in v1.9.2 

func (x *Logger) ProtoReflect() protoreflect.Message

func (*Logger) Reset added in v1.9.2 

func (x *Logger) Reset()

func (*Logger) String added in v1.9.2 

func (x *Logger) String() string

type PermissionDeniedDetails 

type PermissionDeniedDetails struct {
	Reason PermissionDeniedDetails_Reason `protobuf:"varint,1,opt,name=reason,proto3,enum=spire.api.types.PermissionDeniedDetails_Reason" json:"reason,omitempty"`
	// contains filtered or unexported fields
}

func (*PermissionDeniedDetails) Descriptor deprecated 

func (*PermissionDeniedDetails) Descriptor() ([]byte, []int)

Deprecated: Use PermissionDeniedDetails.ProtoReflect.Descriptor instead.

func (*PermissionDeniedDetails) GetReason 

func (x *PermissionDeniedDetails) GetReason() PermissionDeniedDetails_Reason

func (*PermissionDeniedDetails) ProtoMessage 

func (*PermissionDeniedDetails) ProtoMessage()

func (*PermissionDeniedDetails) ProtoReflect 

func (x *PermissionDeniedDetails) ProtoReflect() protoreflect.Message

func (*PermissionDeniedDetails) Reset 

func (x *PermissionDeniedDetails) Reset()

func (*PermissionDeniedDetails) String 

func (x *PermissionDeniedDetails) String() string

type PermissionDeniedDetails_Reason 

type PermissionDeniedDetails_Reason int32
const (
	// Reason unknown.
	PermissionDeniedDetails_UNKNOWN PermissionDeniedDetails_Reason = 0
	// Agent identity has expired.
	PermissionDeniedDetails_AGENT_EXPIRED PermissionDeniedDetails_Reason = 1
	// Identity is not an attested agent.
	PermissionDeniedDetails_AGENT_NOT_ATTESTED PermissionDeniedDetails_Reason = 2
	// Identity is not the active agent identity.
	PermissionDeniedDetails_AGENT_NOT_ACTIVE PermissionDeniedDetails_Reason = 3
	// Agent has been banned.
	PermissionDeniedDetails_AGENT_BANNED PermissionDeniedDetails_Reason = 4
	// Agent attempted to renew SVID, but should reattest instead
	PermissionDeniedDetails_AGENT_MUST_REATTEST PermissionDeniedDetails_Reason = 5
)

func (PermissionDeniedDetails_Reason) Descriptor 

func (PermissionDeniedDetails_Reason) Descriptor() protoreflect.EnumDescriptor

func (PermissionDeniedDetails_Reason) Enum 

func (x PermissionDeniedDetails_Reason) Enum() *PermissionDeniedDetails_Reason

func (PermissionDeniedDetails_Reason) EnumDescriptor deprecated 

func (PermissionDeniedDetails_Reason) EnumDescriptor() ([]byte, []int)

Deprecated: Use PermissionDeniedDetails_Reason.Descriptor instead.

func (PermissionDeniedDetails_Reason) Number 

func (x PermissionDeniedDetails_Reason) Number() protoreflect.EnumNumber

func (PermissionDeniedDetails_Reason) String 

func (x PermissionDeniedDetails_Reason) String() string

func (PermissionDeniedDetails_Reason) Type 

func (PermissionDeniedDetails_Reason) Type() protoreflect.EnumType

type SPIFFEID 

type SPIFFEID struct {

	// Trust domain portion the SPIFFE ID (e.g. "example.org")
	TrustDomain string `protobuf:"bytes,1,opt,name=trust_domain,json=trustDomain,proto3" json:"trust_domain,omitempty"`
	// The path component of the SPIFFE ID (e.g. "/foo/bar/baz"). The path
	// SHOULD have a leading slash. Consumers MUST normalize the path before
	// making any sort of comparison between IDs.
	Path string `protobuf:"bytes,2,opt,name=path,proto3" json:"path,omitempty"`
	// contains filtered or unexported fields
}

A SPIFFE ID, consisting of the trust domain name and a path portions of the SPIFFE ID URI.

func (*SPIFFEID) Descriptor deprecated 

func (*SPIFFEID) Descriptor() ([]byte, []int)

Deprecated: Use SPIFFEID.ProtoReflect.Descriptor instead.

func (*SPIFFEID) GetPath 

func (x *SPIFFEID) GetPath() string

func (*SPIFFEID) GetTrustDomain 

func (x *SPIFFEID) GetTrustDomain() string

func (*SPIFFEID) ProtoMessage 

func (*SPIFFEID) ProtoMessage()

func (*SPIFFEID) ProtoReflect 

func (x *SPIFFEID) ProtoReflect() protoreflect.Message

func (*SPIFFEID) Reset 

func (x *SPIFFEID) Reset()

func (*SPIFFEID) String 

func (x *SPIFFEID) String() string

type Selector 

type Selector struct {

	// The type of the selector. This is typically the name of the plugin that
	// produces the selector.
	Type string `protobuf:"bytes,1,opt,name=type,proto3" json:"type,omitempty"`
	// The value of the selector.
	Value string `protobuf:"bytes,2,opt,name=value,proto3" json:"value,omitempty"`
	// contains filtered or unexported fields
}

func (*Selector) Descriptor deprecated 

func (*Selector) Descriptor() ([]byte, []int)

Deprecated: Use Selector.ProtoReflect.Descriptor instead.

func (*Selector) GetType 

func (x *Selector) GetType() string

func (*Selector) GetValue 

func (x *Selector) GetValue() string

func (*Selector) ProtoMessage 

func (*Selector) ProtoMessage()

func (*Selector) ProtoReflect 

func (x *Selector) ProtoReflect() protoreflect.Message

func (*Selector) Reset 

func (x *Selector) Reset()

func (*Selector) String 

func (x *Selector) String() string

type SelectorMatch 

type SelectorMatch struct {

	// The set of selectors to match on.
	Selectors []*Selector `protobuf:"bytes,1,rep,name=selectors,proto3" json:"selectors,omitempty"`
	// How to match the selectors.
	Match SelectorMatch_MatchBehavior `protobuf:"varint,2,opt,name=match,proto3,enum=spire.api.types.SelectorMatch_MatchBehavior" json:"match,omitempty"`
	// contains filtered or unexported fields
}

func (*SelectorMatch) Descriptor deprecated 

func (*SelectorMatch) Descriptor() ([]byte, []int)

Deprecated: Use SelectorMatch.ProtoReflect.Descriptor instead.

func (*SelectorMatch) GetMatch 

func (x *SelectorMatch) GetMatch() SelectorMatch_MatchBehavior

func (*SelectorMatch) GetSelectors 

func (x *SelectorMatch) GetSelectors() []*Selector

func (*SelectorMatch) ProtoMessage 

func (*SelectorMatch) ProtoMessage()

func (*SelectorMatch) ProtoReflect 

func (x *SelectorMatch) ProtoReflect() protoreflect.Message

func (*SelectorMatch) Reset 

func (x *SelectorMatch) Reset()

func (*SelectorMatch) String 

func (x *SelectorMatch) String() string

type SelectorMatch_MatchBehavior 

type SelectorMatch_MatchBehavior int32
const (
	// Indicates that the selectors in this match are equal to the
	// candidate selectors, independent of ordering.
	// Example:
	//   Given:
	//     - 'e1 { Selectors: ["a:1", "b:2", "c:3"]}'
	//     - 'e2 { Selectors: ["a:1", "b:2"]}'
	//     - 'e3 { Selectors: ["a:1"]}'
	//   Operation:
	//     - MATCH_EXACT ["a:1", "b:2"]
	//   Entries that match:
	//     - 'e2'
	SelectorMatch_MATCH_EXACT SelectorMatch_MatchBehavior = 0
	// Indicates that all candidates which have a non-empty subset
	// of the provided set of selectors will match.
	// Example:
	//   Given:
	//     - 'e1 { Selectors: ["a:1", "b:2", "c:3"]}'
	//     - 'e2 { Selectors: ["a:1", "b:2"]}'
	//     - 'e3 { Selectors: ["a:1"]}'
	//   Operation:
	//     - MATCH_SUBSET ["a:1"]
	//   Entries that match:
	//     - 'e1'
	SelectorMatch_MATCH_SUBSET SelectorMatch_MatchBehavior = 1
	// Indicates that all candidates which are a superset
	// of the provided selectors will match.
	// Example:
	//   Given:
	//     - 'e1 { Selectors: ["a:1", "b:2", "c:3"]}'
	//     - 'e2 { Selectors: ["a:1", "b:2"]}'
	//     - 'e3 { Selectors: ["a:1"]}'
	//   Operation:
	//     - MATCH_SUPERSET ["a:1", "b:2"]
	//   Entries that match:
	//     - 'e1'
	//     - 'e2'
	SelectorMatch_MATCH_SUPERSET SelectorMatch_MatchBehavior = 2
	// Indicates that all candidates which have at least one
	// of the provided set of selectors will match.
	// Example:
	//   Given:
	//     - 'e1 { Selectors: ["a:1", "b:2", "c:3"]}'
	//     - 'e2 { Selectors: ["a:1", "b:2"]}'
	//     - 'e3 { Selectors: ["a:1"]}'
	//   Operation:
	//     - MATCH_ANY ["a:1"]
	//   Entries that match:
	//     - 'e1'
	//     - 'e2'
	//     - 'e3'
	SelectorMatch_MATCH_ANY SelectorMatch_MatchBehavior = 3
)

func (SelectorMatch_MatchBehavior) Descriptor 

func (SelectorMatch_MatchBehavior) Descriptor() protoreflect.EnumDescriptor

func (SelectorMatch_MatchBehavior) Enum 

func (x SelectorMatch_MatchBehavior) Enum() *SelectorMatch_MatchBehavior

func (SelectorMatch_MatchBehavior) EnumDescriptor deprecated 

func (SelectorMatch_MatchBehavior) EnumDescriptor() ([]byte, []int)

Deprecated: Use SelectorMatch_MatchBehavior.Descriptor instead.

func (SelectorMatch_MatchBehavior) Number 

func (x SelectorMatch_MatchBehavior) Number() protoreflect.EnumNumber

func (SelectorMatch_MatchBehavior) String 

func (x SelectorMatch_MatchBehavior) String() string

func (SelectorMatch_MatchBehavior) Type 

func (SelectorMatch_MatchBehavior) Type() protoreflect.EnumType

type Status 

type Status struct {

	// A status code, which should be an enum value of google.rpc.Code.
	Code int32 `protobuf:"varint,1,opt,name=code,proto3" json:"code,omitempty"`
	// A developer-facing error message.
	Message string `protobuf:"bytes,2,opt,name=message,proto3" json:"message,omitempty"`
	// contains filtered or unexported fields
}

func (*Status) Descriptor deprecated 

func (*Status) Descriptor() ([]byte, []int)

Deprecated: Use Status.ProtoReflect.Descriptor instead.

func (*Status) GetCode 

func (x *Status) GetCode() int32

func (*Status) GetMessage 

func (x *Status) GetMessage() string

func (*Status) ProtoMessage 

func (*Status) ProtoMessage()

func (*Status) ProtoReflect 

func (x *Status) ProtoReflect() protoreflect.Message

func (*Status) Reset 

func (x *Status) Reset()

func (*Status) String 

func (x *Status) String() string

type X509Certificate 

type X509Certificate struct {

	// The ASN.1 DER encoded bytes of the X.509 certificate.
	Asn1 []byte `protobuf:"bytes,1,opt,name=asn1,proto3" json:"asn1,omitempty"`
	// This authority is no longer secure and must not be used.
	Tainted bool `protobuf:"varint,2,opt,name=tainted,proto3" json:"tainted,omitempty"`
	// contains filtered or unexported fields
}

func (*X509Certificate) Descriptor deprecated 

func (*X509Certificate) Descriptor() ([]byte, []int)

Deprecated: Use X509Certificate.ProtoReflect.Descriptor instead.

func (*X509Certificate) GetAsn1 

func (x *X509Certificate) GetAsn1() []byte

func (*X509Certificate) GetTainted added in v1.7.2 

func (x *X509Certificate) GetTainted() bool

func (*X509Certificate) ProtoMessage 

func (*X509Certificate) ProtoMessage()

func (*X509Certificate) ProtoReflect 

func (x *X509Certificate) ProtoReflect() protoreflect.Message

func (*X509Certificate) Reset 

func (x *X509Certificate) Reset()

func (*X509Certificate) String 

func (x *X509Certificate) String() string

type X509SVID 

type X509SVID struct {

	// Certificate and intermediates required to form a chain of trust back to
	// the X.509 authorities of the trust domain (ASN.1 DER encoded).
	CertChain [][]byte `protobuf:"bytes,1,rep,name=cert_chain,json=certChain,proto3" json:"cert_chain,omitempty"`
	// SPIFFE ID of the SVID.
	Id *SPIFFEID `protobuf:"bytes,2,opt,name=id,proto3" json:"id,omitempty"`
	// Expiration timestamp (seconds since Unix epoch).
	ExpiresAt int64 `protobuf:"varint,3,opt,name=expires_at,json=expiresAt,proto3" json:"expires_at,omitempty"`
	// Optional. An operator-specified string used to provide guidance on how this
	// identity should be used by a workload when more than one SVID is returned.
	// For example, `internal` and `external` to indicate an SVID for internal or
	// external use, respectively.
	Hint string `protobuf:"bytes,4,opt,name=hint,proto3" json:"hint,omitempty"`
	// contains filtered or unexported fields
}

X.509 SPIFFE Verifiable Identity Document. It contains the raw X.509 certificate data as well as a few denormalized fields for convenience.

func (*X509SVID) Descriptor deprecated 

func (*X509SVID) Descriptor() ([]byte, []int)

Deprecated: Use X509SVID.ProtoReflect.Descriptor instead.

func (*X509SVID) GetCertChain 

func (x *X509SVID) GetCertChain() [][]byte

func (*X509SVID) GetExpiresAt 

func (x *X509SVID) GetExpiresAt() int64

func (*X509SVID) GetHint added in v1.6.4 

func (x *X509SVID) GetHint() string

func (*X509SVID) GetId 

func (x *X509SVID) GetId() *SPIFFEID

func (*X509SVID) ProtoMessage 

func (*X509SVID) ProtoMessage()

func (*X509SVID) ProtoReflect 

func (x *X509SVID) ProtoReflect() protoreflect.Message

func (*X509SVID) Reset 

func (x *X509SVID) Reset()

func (*X509SVID) String 

func (x *X509SVID) String() string

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.