github.com/hxx258456/ccgo@v0.0.5-0.20230213014102-48b35f46f66f/go-control-plane/envoy/config/rbac/v2/rbac.pb.go (about) 1 // Code generated by protoc-gen-go. DO NOT EDIT. 2 // versions: 3 // protoc-gen-go v1.25.0 4 // protoc v3.16.0 5 // source: envoy/config/rbac/v2/rbac.proto 6 7 package envoy_config_rbac_v2 8 9 import ( 10 _ "github.com/cncf/xds/go/udpa/annotations" 11 core "github.com/hxx258456/ccgo/go-control-plane/envoy/api/v2/core" 12 route "github.com/hxx258456/ccgo/go-control-plane/envoy/api/v2/route" 13 matcher "github.com/hxx258456/ccgo/go-control-plane/envoy/type/matcher" 14 _ "github.com/envoyproxy/protoc-gen-validate/validate" 15 proto "github.com/golang/protobuf/proto" 16 v1alpha1 "google.golang.org/genproto/googleapis/api/expr/v1alpha1" 17 protoreflect "google.golang.org/protobuf/reflect/protoreflect" 18 protoimpl "google.golang.org/protobuf/runtime/protoimpl" 19 reflect "reflect" 20 sync "sync" 21 ) 22 23 const ( 24 // Verify that this generated code is sufficiently up-to-date. 25 _ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion) 26 // Verify that runtime/protoimpl is sufficiently up-to-date. 27 _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) 28 ) 29 30 // This is a compile-time assertion that a sufficiently up-to-date version 31 // of the legacy proto package is being used. 32 const _ = proto.ProtoPackageIsVersion4 33 34 // Should we do safe-list or block-list style access control? 35 type RBAC_Action int32 36 37 const ( 38 // The policies grant access to principals. The rest is denied. This is safe-list style 39 // access control. This is the default type. 40 RBAC_ALLOW RBAC_Action = 0 41 // The policies deny access to principals. The rest is allowed. This is block-list style 42 // access control. 43 RBAC_DENY RBAC_Action = 1 44 ) 45 46 // Enum value maps for RBAC_Action. 47 var ( 48 RBAC_Action_name = map[int32]string{ 49 0: "ALLOW", 50 1: "DENY", 51 } 52 RBAC_Action_value = map[string]int32{ 53 "ALLOW": 0, 54 "DENY": 1, 55 } 56 ) 57 58 func (x RBAC_Action) Enum() *RBAC_Action { 59 p := new(RBAC_Action) 60 *p = x 61 return p 62 } 63 64 func (x RBAC_Action) String() string { 65 return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x)) 66 } 67 68 func (RBAC_Action) Descriptor() protoreflect.EnumDescriptor { 69 return file_envoy_config_rbac_v2_rbac_proto_enumTypes[0].Descriptor() 70 } 71 72 func (RBAC_Action) Type() protoreflect.EnumType { 73 return &file_envoy_config_rbac_v2_rbac_proto_enumTypes[0] 74 } 75 76 func (x RBAC_Action) Number() protoreflect.EnumNumber { 77 return protoreflect.EnumNumber(x) 78 } 79 80 // Deprecated: Use RBAC_Action.Descriptor instead. 81 func (RBAC_Action) EnumDescriptor() ([]byte, []int) { 82 return file_envoy_config_rbac_v2_rbac_proto_rawDescGZIP(), []int{0, 0} 83 } 84 85 // Role Based Access Control (RBAC) provides service-level and method-level access control for a 86 // service. RBAC policies are additive. The policies are examined in order. A request is allowed 87 // once a matching policy is found (suppose the `action` is ALLOW). 88 // 89 // Here is an example of RBAC configuration. It has two policies: 90 // 91 // * Service account "cluster.local/ns/default/sa/admin" has full access to the service, and so 92 // does "cluster.local/ns/default/sa/superuser". 93 // 94 // * Any user can read ("GET") the service at paths with prefix "/products", so long as the 95 // destination port is either 80 or 443. 96 // 97 // .. code-block:: yaml 98 // 99 // action: ALLOW 100 // policies: 101 // "service-admin": 102 // permissions: 103 // - any: true 104 // principals: 105 // - authenticated: 106 // principal_name: 107 // exact: "cluster.local/ns/default/sa/admin" 108 // - authenticated: 109 // principal_name: 110 // exact: "cluster.local/ns/default/sa/superuser" 111 // "product-viewer": 112 // permissions: 113 // - and_rules: 114 // rules: 115 // - header: { name: ":method", exact_match: "GET" } 116 // - url_path: 117 // path: { prefix: "/products" } 118 // - or_rules: 119 // rules: 120 // - destination_port: 80 121 // - destination_port: 443 122 // principals: 123 // - any: true 124 // 125 type RBAC struct { 126 state protoimpl.MessageState 127 sizeCache protoimpl.SizeCache 128 unknownFields protoimpl.UnknownFields 129 130 // The action to take if a policy matches. The request is allowed if and only if: 131 // 132 // * `action` is "ALLOWED" and at least one policy matches 133 // * `action` is "DENY" and none of the policies match 134 Action RBAC_Action `protobuf:"varint,1,opt,name=action,proto3,enum=envoy.config.rbac.v2.RBAC_Action" json:"action,omitempty"` 135 // Maps from policy name to policy. A match occurs when at least one policy matches the request. 136 Policies map[string]*Policy `protobuf:"bytes,2,rep,name=policies,proto3" json:"policies,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"` 137 } 138 139 func (x *RBAC) Reset() { 140 *x = RBAC{} 141 if protoimpl.UnsafeEnabled { 142 mi := &file_envoy_config_rbac_v2_rbac_proto_msgTypes[0] 143 ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) 144 ms.StoreMessageInfo(mi) 145 } 146 } 147 148 func (x *RBAC) String() string { 149 return protoimpl.X.MessageStringOf(x) 150 } 151 152 func (*RBAC) ProtoMessage() {} 153 154 func (x *RBAC) ProtoReflect() protoreflect.Message { 155 mi := &file_envoy_config_rbac_v2_rbac_proto_msgTypes[0] 156 if protoimpl.UnsafeEnabled && x != nil { 157 ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) 158 if ms.LoadMessageInfo() == nil { 159 ms.StoreMessageInfo(mi) 160 } 161 return ms 162 } 163 return mi.MessageOf(x) 164 } 165 166 // Deprecated: Use RBAC.ProtoReflect.Descriptor instead. 167 func (*RBAC) Descriptor() ([]byte, []int) { 168 return file_envoy_config_rbac_v2_rbac_proto_rawDescGZIP(), []int{0} 169 } 170 171 func (x *RBAC) GetAction() RBAC_Action { 172 if x != nil { 173 return x.Action 174 } 175 return RBAC_ALLOW 176 } 177 178 func (x *RBAC) GetPolicies() map[string]*Policy { 179 if x != nil { 180 return x.Policies 181 } 182 return nil 183 } 184 185 // Policy specifies a role and the principals that are assigned/denied the role. A policy matches if 186 // and only if at least one of its permissions match the action taking place AND at least one of its 187 // principals match the downstream AND the condition is true if specified. 188 type Policy struct { 189 state protoimpl.MessageState 190 sizeCache protoimpl.SizeCache 191 unknownFields protoimpl.UnknownFields 192 193 // Required. The set of permissions that define a role. Each permission is matched with OR 194 // semantics. To match all actions for this policy, a single Permission with the `any` field set 195 // to true should be used. 196 Permissions []*Permission `protobuf:"bytes,1,rep,name=permissions,proto3" json:"permissions,omitempty"` 197 // Required. The set of principals that are assigned/denied the role based on “action”. Each 198 // principal is matched with OR semantics. To match all downstreams for this policy, a single 199 // Principal with the `any` field set to true should be used. 200 Principals []*Principal `protobuf:"bytes,2,rep,name=principals,proto3" json:"principals,omitempty"` 201 // An optional symbolic expression specifying an access control 202 // :ref:`condition <arch_overview_condition>`. The condition is combined 203 // with the permissions and the principals as a clause with AND semantics. 204 Condition *v1alpha1.Expr `protobuf:"bytes,3,opt,name=condition,proto3" json:"condition,omitempty"` 205 } 206 207 func (x *Policy) Reset() { 208 *x = Policy{} 209 if protoimpl.UnsafeEnabled { 210 mi := &file_envoy_config_rbac_v2_rbac_proto_msgTypes[1] 211 ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) 212 ms.StoreMessageInfo(mi) 213 } 214 } 215 216 func (x *Policy) String() string { 217 return protoimpl.X.MessageStringOf(x) 218 } 219 220 func (*Policy) ProtoMessage() {} 221 222 func (x *Policy) ProtoReflect() protoreflect.Message { 223 mi := &file_envoy_config_rbac_v2_rbac_proto_msgTypes[1] 224 if protoimpl.UnsafeEnabled && x != nil { 225 ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) 226 if ms.LoadMessageInfo() == nil { 227 ms.StoreMessageInfo(mi) 228 } 229 return ms 230 } 231 return mi.MessageOf(x) 232 } 233 234 // Deprecated: Use Policy.ProtoReflect.Descriptor instead. 235 func (*Policy) Descriptor() ([]byte, []int) { 236 return file_envoy_config_rbac_v2_rbac_proto_rawDescGZIP(), []int{1} 237 } 238 239 func (x *Policy) GetPermissions() []*Permission { 240 if x != nil { 241 return x.Permissions 242 } 243 return nil 244 } 245 246 func (x *Policy) GetPrincipals() []*Principal { 247 if x != nil { 248 return x.Principals 249 } 250 return nil 251 } 252 253 func (x *Policy) GetCondition() *v1alpha1.Expr { 254 if x != nil { 255 return x.Condition 256 } 257 return nil 258 } 259 260 // Permission defines an action (or actions) that a principal can take. 261 // [#next-free-field: 11] 262 type Permission struct { 263 state protoimpl.MessageState 264 sizeCache protoimpl.SizeCache 265 unknownFields protoimpl.UnknownFields 266 267 // Types that are assignable to Rule: 268 // *Permission_AndRules 269 // *Permission_OrRules 270 // *Permission_Any 271 // *Permission_Header 272 // *Permission_UrlPath 273 // *Permission_DestinationIp 274 // *Permission_DestinationPort 275 // *Permission_Metadata 276 // *Permission_NotRule 277 // *Permission_RequestedServerName 278 Rule isPermission_Rule `protobuf_oneof:"rule"` 279 } 280 281 func (x *Permission) Reset() { 282 *x = Permission{} 283 if protoimpl.UnsafeEnabled { 284 mi := &file_envoy_config_rbac_v2_rbac_proto_msgTypes[2] 285 ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) 286 ms.StoreMessageInfo(mi) 287 } 288 } 289 290 func (x *Permission) String() string { 291 return protoimpl.X.MessageStringOf(x) 292 } 293 294 func (*Permission) ProtoMessage() {} 295 296 func (x *Permission) ProtoReflect() protoreflect.Message { 297 mi := &file_envoy_config_rbac_v2_rbac_proto_msgTypes[2] 298 if protoimpl.UnsafeEnabled && x != nil { 299 ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) 300 if ms.LoadMessageInfo() == nil { 301 ms.StoreMessageInfo(mi) 302 } 303 return ms 304 } 305 return mi.MessageOf(x) 306 } 307 308 // Deprecated: Use Permission.ProtoReflect.Descriptor instead. 309 func (*Permission) Descriptor() ([]byte, []int) { 310 return file_envoy_config_rbac_v2_rbac_proto_rawDescGZIP(), []int{2} 311 } 312 313 func (m *Permission) GetRule() isPermission_Rule { 314 if m != nil { 315 return m.Rule 316 } 317 return nil 318 } 319 320 func (x *Permission) GetAndRules() *Permission_Set { 321 if x, ok := x.GetRule().(*Permission_AndRules); ok { 322 return x.AndRules 323 } 324 return nil 325 } 326 327 func (x *Permission) GetOrRules() *Permission_Set { 328 if x, ok := x.GetRule().(*Permission_OrRules); ok { 329 return x.OrRules 330 } 331 return nil 332 } 333 334 func (x *Permission) GetAny() bool { 335 if x, ok := x.GetRule().(*Permission_Any); ok { 336 return x.Any 337 } 338 return false 339 } 340 341 func (x *Permission) GetHeader() *route.HeaderMatcher { 342 if x, ok := x.GetRule().(*Permission_Header); ok { 343 return x.Header 344 } 345 return nil 346 } 347 348 func (x *Permission) GetUrlPath() *matcher.PathMatcher { 349 if x, ok := x.GetRule().(*Permission_UrlPath); ok { 350 return x.UrlPath 351 } 352 return nil 353 } 354 355 func (x *Permission) GetDestinationIp() *core.CidrRange { 356 if x, ok := x.GetRule().(*Permission_DestinationIp); ok { 357 return x.DestinationIp 358 } 359 return nil 360 } 361 362 func (x *Permission) GetDestinationPort() uint32 { 363 if x, ok := x.GetRule().(*Permission_DestinationPort); ok { 364 return x.DestinationPort 365 } 366 return 0 367 } 368 369 func (x *Permission) GetMetadata() *matcher.MetadataMatcher { 370 if x, ok := x.GetRule().(*Permission_Metadata); ok { 371 return x.Metadata 372 } 373 return nil 374 } 375 376 func (x *Permission) GetNotRule() *Permission { 377 if x, ok := x.GetRule().(*Permission_NotRule); ok { 378 return x.NotRule 379 } 380 return nil 381 } 382 383 func (x *Permission) GetRequestedServerName() *matcher.StringMatcher { 384 if x, ok := x.GetRule().(*Permission_RequestedServerName); ok { 385 return x.RequestedServerName 386 } 387 return nil 388 } 389 390 type isPermission_Rule interface { 391 isPermission_Rule() 392 } 393 394 type Permission_AndRules struct { 395 // A set of rules that all must match in order to define the action. 396 AndRules *Permission_Set `protobuf:"bytes,1,opt,name=and_rules,json=andRules,proto3,oneof"` 397 } 398 399 type Permission_OrRules struct { 400 // A set of rules where at least one must match in order to define the action. 401 OrRules *Permission_Set `protobuf:"bytes,2,opt,name=or_rules,json=orRules,proto3,oneof"` 402 } 403 404 type Permission_Any struct { 405 // When any is set, it matches any action. 406 Any bool `protobuf:"varint,3,opt,name=any,proto3,oneof"` 407 } 408 409 type Permission_Header struct { 410 // A header (or pseudo-header such as :path or :method) on the incoming HTTP request. Only 411 // available for HTTP request. 412 // Note: the pseudo-header :path includes the query and fragment string. Use the `url_path` 413 // field if you want to match the URL path without the query and fragment string. 414 Header *route.HeaderMatcher `protobuf:"bytes,4,opt,name=header,proto3,oneof"` 415 } 416 417 type Permission_UrlPath struct { 418 // A URL path on the incoming HTTP request. Only available for HTTP. 419 UrlPath *matcher.PathMatcher `protobuf:"bytes,10,opt,name=url_path,json=urlPath,proto3,oneof"` 420 } 421 422 type Permission_DestinationIp struct { 423 // A CIDR block that describes the destination IP. 424 DestinationIp *core.CidrRange `protobuf:"bytes,5,opt,name=destination_ip,json=destinationIp,proto3,oneof"` 425 } 426 427 type Permission_DestinationPort struct { 428 // A port number that describes the destination port connecting to. 429 DestinationPort uint32 `protobuf:"varint,6,opt,name=destination_port,json=destinationPort,proto3,oneof"` 430 } 431 432 type Permission_Metadata struct { 433 // Metadata that describes additional information about the action. 434 Metadata *matcher.MetadataMatcher `protobuf:"bytes,7,opt,name=metadata,proto3,oneof"` 435 } 436 437 type Permission_NotRule struct { 438 // Negates matching the provided permission. For instance, if the value of `not_rule` would 439 // match, this permission would not match. Conversely, if the value of `not_rule` would not 440 // match, this permission would match. 441 NotRule *Permission `protobuf:"bytes,8,opt,name=not_rule,json=notRule,proto3,oneof"` 442 } 443 444 type Permission_RequestedServerName struct { 445 // The request server from the client's connection request. This is 446 // typically TLS SNI. 447 // 448 // .. attention:: 449 // 450 // The behavior of this field may be affected by how Envoy is configured 451 // as explained below. 452 // 453 // * If the :ref:`TLS Inspector <config_listener_filters_tls_inspector>` 454 // filter is not added, and if a `FilterChainMatch` is not defined for 455 // the :ref:`server name <envoy_api_field_listener.FilterChainMatch.server_names>`, 456 // a TLS connection's requested SNI server name will be treated as if it 457 // wasn't present. 458 // 459 // * A :ref:`listener filter <arch_overview_listener_filters>` may 460 // overwrite a connection's requested server name within Envoy. 461 // 462 // Please refer to :ref:`this FAQ entry <faq_how_to_setup_sni>` to learn to 463 // setup SNI. 464 RequestedServerName *matcher.StringMatcher `protobuf:"bytes,9,opt,name=requested_server_name,json=requestedServerName,proto3,oneof"` 465 } 466 467 func (*Permission_AndRules) isPermission_Rule() {} 468 469 func (*Permission_OrRules) isPermission_Rule() {} 470 471 func (*Permission_Any) isPermission_Rule() {} 472 473 func (*Permission_Header) isPermission_Rule() {} 474 475 func (*Permission_UrlPath) isPermission_Rule() {} 476 477 func (*Permission_DestinationIp) isPermission_Rule() {} 478 479 func (*Permission_DestinationPort) isPermission_Rule() {} 480 481 func (*Permission_Metadata) isPermission_Rule() {} 482 483 func (*Permission_NotRule) isPermission_Rule() {} 484 485 func (*Permission_RequestedServerName) isPermission_Rule() {} 486 487 // Principal defines an identity or a group of identities for a downstream subject. 488 // [#next-free-field: 12] 489 type Principal struct { 490 state protoimpl.MessageState 491 sizeCache protoimpl.SizeCache 492 unknownFields protoimpl.UnknownFields 493 494 // Types that are assignable to Identifier: 495 // *Principal_AndIds 496 // *Principal_OrIds 497 // *Principal_Any 498 // *Principal_Authenticated_ 499 // *Principal_SourceIp 500 // *Principal_DirectRemoteIp 501 // *Principal_RemoteIp 502 // *Principal_Header 503 // *Principal_UrlPath 504 // *Principal_Metadata 505 // *Principal_NotId 506 Identifier isPrincipal_Identifier `protobuf_oneof:"identifier"` 507 } 508 509 func (x *Principal) Reset() { 510 *x = Principal{} 511 if protoimpl.UnsafeEnabled { 512 mi := &file_envoy_config_rbac_v2_rbac_proto_msgTypes[3] 513 ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) 514 ms.StoreMessageInfo(mi) 515 } 516 } 517 518 func (x *Principal) String() string { 519 return protoimpl.X.MessageStringOf(x) 520 } 521 522 func (*Principal) ProtoMessage() {} 523 524 func (x *Principal) ProtoReflect() protoreflect.Message { 525 mi := &file_envoy_config_rbac_v2_rbac_proto_msgTypes[3] 526 if protoimpl.UnsafeEnabled && x != nil { 527 ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) 528 if ms.LoadMessageInfo() == nil { 529 ms.StoreMessageInfo(mi) 530 } 531 return ms 532 } 533 return mi.MessageOf(x) 534 } 535 536 // Deprecated: Use Principal.ProtoReflect.Descriptor instead. 537 func (*Principal) Descriptor() ([]byte, []int) { 538 return file_envoy_config_rbac_v2_rbac_proto_rawDescGZIP(), []int{3} 539 } 540 541 func (m *Principal) GetIdentifier() isPrincipal_Identifier { 542 if m != nil { 543 return m.Identifier 544 } 545 return nil 546 } 547 548 func (x *Principal) GetAndIds() *Principal_Set { 549 if x, ok := x.GetIdentifier().(*Principal_AndIds); ok { 550 return x.AndIds 551 } 552 return nil 553 } 554 555 func (x *Principal) GetOrIds() *Principal_Set { 556 if x, ok := x.GetIdentifier().(*Principal_OrIds); ok { 557 return x.OrIds 558 } 559 return nil 560 } 561 562 func (x *Principal) GetAny() bool { 563 if x, ok := x.GetIdentifier().(*Principal_Any); ok { 564 return x.Any 565 } 566 return false 567 } 568 569 func (x *Principal) GetAuthenticated() *Principal_Authenticated { 570 if x, ok := x.GetIdentifier().(*Principal_Authenticated_); ok { 571 return x.Authenticated 572 } 573 return nil 574 } 575 576 // Deprecated: Do not use. 577 func (x *Principal) GetSourceIp() *core.CidrRange { 578 if x, ok := x.GetIdentifier().(*Principal_SourceIp); ok { 579 return x.SourceIp 580 } 581 return nil 582 } 583 584 func (x *Principal) GetDirectRemoteIp() *core.CidrRange { 585 if x, ok := x.GetIdentifier().(*Principal_DirectRemoteIp); ok { 586 return x.DirectRemoteIp 587 } 588 return nil 589 } 590 591 func (x *Principal) GetRemoteIp() *core.CidrRange { 592 if x, ok := x.GetIdentifier().(*Principal_RemoteIp); ok { 593 return x.RemoteIp 594 } 595 return nil 596 } 597 598 func (x *Principal) GetHeader() *route.HeaderMatcher { 599 if x, ok := x.GetIdentifier().(*Principal_Header); ok { 600 return x.Header 601 } 602 return nil 603 } 604 605 func (x *Principal) GetUrlPath() *matcher.PathMatcher { 606 if x, ok := x.GetIdentifier().(*Principal_UrlPath); ok { 607 return x.UrlPath 608 } 609 return nil 610 } 611 612 func (x *Principal) GetMetadata() *matcher.MetadataMatcher { 613 if x, ok := x.GetIdentifier().(*Principal_Metadata); ok { 614 return x.Metadata 615 } 616 return nil 617 } 618 619 func (x *Principal) GetNotId() *Principal { 620 if x, ok := x.GetIdentifier().(*Principal_NotId); ok { 621 return x.NotId 622 } 623 return nil 624 } 625 626 type isPrincipal_Identifier interface { 627 isPrincipal_Identifier() 628 } 629 630 type Principal_AndIds struct { 631 // A set of identifiers that all must match in order to define the downstream. 632 AndIds *Principal_Set `protobuf:"bytes,1,opt,name=and_ids,json=andIds,proto3,oneof"` 633 } 634 635 type Principal_OrIds struct { 636 // A set of identifiers at least one must match in order to define the downstream. 637 OrIds *Principal_Set `protobuf:"bytes,2,opt,name=or_ids,json=orIds,proto3,oneof"` 638 } 639 640 type Principal_Any struct { 641 // When any is set, it matches any downstream. 642 Any bool `protobuf:"varint,3,opt,name=any,proto3,oneof"` 643 } 644 645 type Principal_Authenticated_ struct { 646 // Authenticated attributes that identify the downstream. 647 Authenticated *Principal_Authenticated `protobuf:"bytes,4,opt,name=authenticated,proto3,oneof"` 648 } 649 650 type Principal_SourceIp struct { 651 // A CIDR block that describes the downstream IP. 652 // This address will honor proxy protocol, but will not honor XFF. 653 // 654 // Deprecated: Do not use. 655 SourceIp *core.CidrRange `protobuf:"bytes,5,opt,name=source_ip,json=sourceIp,proto3,oneof"` 656 } 657 658 type Principal_DirectRemoteIp struct { 659 // A CIDR block that describes the downstream remote/origin address. 660 // Note: This is always the physical peer even if the 661 // :ref:`remote_ip <envoy_api_field_config.rbac.v2.Principal.remote_ip>` is inferred 662 // from for example the x-forwarder-for header, proxy protocol, etc. 663 DirectRemoteIp *core.CidrRange `protobuf:"bytes,10,opt,name=direct_remote_ip,json=directRemoteIp,proto3,oneof"` 664 } 665 666 type Principal_RemoteIp struct { 667 // A CIDR block that describes the downstream remote/origin address. 668 // Note: This may not be the physical peer and could be different from the 669 // :ref:`direct_remote_ip <envoy_api_field_config.rbac.v2.Principal.direct_remote_ip>`. 670 // E.g, if the remote ip is inferred from for example the x-forwarder-for header, 671 // proxy protocol, etc. 672 RemoteIp *core.CidrRange `protobuf:"bytes,11,opt,name=remote_ip,json=remoteIp,proto3,oneof"` 673 } 674 675 type Principal_Header struct { 676 // A header (or pseudo-header such as :path or :method) on the incoming HTTP request. Only 677 // available for HTTP request. 678 // Note: the pseudo-header :path includes the query and fragment string. Use the `url_path` 679 // field if you want to match the URL path without the query and fragment string. 680 Header *route.HeaderMatcher `protobuf:"bytes,6,opt,name=header,proto3,oneof"` 681 } 682 683 type Principal_UrlPath struct { 684 // A URL path on the incoming HTTP request. Only available for HTTP. 685 UrlPath *matcher.PathMatcher `protobuf:"bytes,9,opt,name=url_path,json=urlPath,proto3,oneof"` 686 } 687 688 type Principal_Metadata struct { 689 // Metadata that describes additional information about the principal. 690 Metadata *matcher.MetadataMatcher `protobuf:"bytes,7,opt,name=metadata,proto3,oneof"` 691 } 692 693 type Principal_NotId struct { 694 // Negates matching the provided principal. For instance, if the value of `not_id` would match, 695 // this principal would not match. Conversely, if the value of `not_id` would not match, this 696 // principal would match. 697 NotId *Principal `protobuf:"bytes,8,opt,name=not_id,json=notId,proto3,oneof"` 698 } 699 700 func (*Principal_AndIds) isPrincipal_Identifier() {} 701 702 func (*Principal_OrIds) isPrincipal_Identifier() {} 703 704 func (*Principal_Any) isPrincipal_Identifier() {} 705 706 func (*Principal_Authenticated_) isPrincipal_Identifier() {} 707 708 func (*Principal_SourceIp) isPrincipal_Identifier() {} 709 710 func (*Principal_DirectRemoteIp) isPrincipal_Identifier() {} 711 712 func (*Principal_RemoteIp) isPrincipal_Identifier() {} 713 714 func (*Principal_Header) isPrincipal_Identifier() {} 715 716 func (*Principal_UrlPath) isPrincipal_Identifier() {} 717 718 func (*Principal_Metadata) isPrincipal_Identifier() {} 719 720 func (*Principal_NotId) isPrincipal_Identifier() {} 721 722 // Used in the `and_rules` and `or_rules` fields in the `rule` oneof. Depending on the context, 723 // each are applied with the associated behavior. 724 type Permission_Set struct { 725 state protoimpl.MessageState 726 sizeCache protoimpl.SizeCache 727 unknownFields protoimpl.UnknownFields 728 729 Rules []*Permission `protobuf:"bytes,1,rep,name=rules,proto3" json:"rules,omitempty"` 730 } 731 732 func (x *Permission_Set) Reset() { 733 *x = Permission_Set{} 734 if protoimpl.UnsafeEnabled { 735 mi := &file_envoy_config_rbac_v2_rbac_proto_msgTypes[5] 736 ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) 737 ms.StoreMessageInfo(mi) 738 } 739 } 740 741 func (x *Permission_Set) String() string { 742 return protoimpl.X.MessageStringOf(x) 743 } 744 745 func (*Permission_Set) ProtoMessage() {} 746 747 func (x *Permission_Set) ProtoReflect() protoreflect.Message { 748 mi := &file_envoy_config_rbac_v2_rbac_proto_msgTypes[5] 749 if protoimpl.UnsafeEnabled && x != nil { 750 ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) 751 if ms.LoadMessageInfo() == nil { 752 ms.StoreMessageInfo(mi) 753 } 754 return ms 755 } 756 return mi.MessageOf(x) 757 } 758 759 // Deprecated: Use Permission_Set.ProtoReflect.Descriptor instead. 760 func (*Permission_Set) Descriptor() ([]byte, []int) { 761 return file_envoy_config_rbac_v2_rbac_proto_rawDescGZIP(), []int{2, 0} 762 } 763 764 func (x *Permission_Set) GetRules() []*Permission { 765 if x != nil { 766 return x.Rules 767 } 768 return nil 769 } 770 771 // Used in the `and_ids` and `or_ids` fields in the `identifier` oneof. Depending on the context, 772 // each are applied with the associated behavior. 773 type Principal_Set struct { 774 state protoimpl.MessageState 775 sizeCache protoimpl.SizeCache 776 unknownFields protoimpl.UnknownFields 777 778 Ids []*Principal `protobuf:"bytes,1,rep,name=ids,proto3" json:"ids,omitempty"` 779 } 780 781 func (x *Principal_Set) Reset() { 782 *x = Principal_Set{} 783 if protoimpl.UnsafeEnabled { 784 mi := &file_envoy_config_rbac_v2_rbac_proto_msgTypes[6] 785 ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) 786 ms.StoreMessageInfo(mi) 787 } 788 } 789 790 func (x *Principal_Set) String() string { 791 return protoimpl.X.MessageStringOf(x) 792 } 793 794 func (*Principal_Set) ProtoMessage() {} 795 796 func (x *Principal_Set) ProtoReflect() protoreflect.Message { 797 mi := &file_envoy_config_rbac_v2_rbac_proto_msgTypes[6] 798 if protoimpl.UnsafeEnabled && x != nil { 799 ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) 800 if ms.LoadMessageInfo() == nil { 801 ms.StoreMessageInfo(mi) 802 } 803 return ms 804 } 805 return mi.MessageOf(x) 806 } 807 808 // Deprecated: Use Principal_Set.ProtoReflect.Descriptor instead. 809 func (*Principal_Set) Descriptor() ([]byte, []int) { 810 return file_envoy_config_rbac_v2_rbac_proto_rawDescGZIP(), []int{3, 0} 811 } 812 813 func (x *Principal_Set) GetIds() []*Principal { 814 if x != nil { 815 return x.Ids 816 } 817 return nil 818 } 819 820 // Authentication attributes for a downstream. 821 type Principal_Authenticated struct { 822 state protoimpl.MessageState 823 sizeCache protoimpl.SizeCache 824 unknownFields protoimpl.UnknownFields 825 826 // The name of the principal. If set, The URI SAN or DNS SAN in that order is used from the 827 // certificate, otherwise the subject field is used. If unset, it applies to any user that is 828 // authenticated. 829 PrincipalName *matcher.StringMatcher `protobuf:"bytes,2,opt,name=principal_name,json=principalName,proto3" json:"principal_name,omitempty"` 830 } 831 832 func (x *Principal_Authenticated) Reset() { 833 *x = Principal_Authenticated{} 834 if protoimpl.UnsafeEnabled { 835 mi := &file_envoy_config_rbac_v2_rbac_proto_msgTypes[7] 836 ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) 837 ms.StoreMessageInfo(mi) 838 } 839 } 840 841 func (x *Principal_Authenticated) String() string { 842 return protoimpl.X.MessageStringOf(x) 843 } 844 845 func (*Principal_Authenticated) ProtoMessage() {} 846 847 func (x *Principal_Authenticated) ProtoReflect() protoreflect.Message { 848 mi := &file_envoy_config_rbac_v2_rbac_proto_msgTypes[7] 849 if protoimpl.UnsafeEnabled && x != nil { 850 ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) 851 if ms.LoadMessageInfo() == nil { 852 ms.StoreMessageInfo(mi) 853 } 854 return ms 855 } 856 return mi.MessageOf(x) 857 } 858 859 // Deprecated: Use Principal_Authenticated.ProtoReflect.Descriptor instead. 860 func (*Principal_Authenticated) Descriptor() ([]byte, []int) { 861 return file_envoy_config_rbac_v2_rbac_proto_rawDescGZIP(), []int{3, 1} 862 } 863 864 func (x *Principal_Authenticated) GetPrincipalName() *matcher.StringMatcher { 865 if x != nil { 866 return x.PrincipalName 867 } 868 return nil 869 } 870 871 var File_envoy_config_rbac_v2_rbac_proto protoreflect.FileDescriptor 872 873 var file_envoy_config_rbac_v2_rbac_proto_rawDesc = []byte{ 874 0x0a, 0x1f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x72, 875 0x62, 0x61, 0x63, 0x2f, 0x76, 0x32, 0x2f, 0x72, 0x62, 0x61, 0x63, 0x2e, 0x70, 0x72, 0x6f, 0x74, 876 0x6f, 0x12, 0x14, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 877 0x72, 0x62, 0x61, 0x63, 0x2e, 0x76, 0x32, 0x1a, 0x1f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 878 0x70, 0x69, 0x2f, 0x76, 0x32, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x61, 0x64, 0x64, 0x72, 0x65, 879 0x73, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x29, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 880 0x61, 0x70, 0x69, 0x2f, 0x76, 0x32, 0x2f, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2f, 0x72, 0x6f, 0x75, 881 0x74, 0x65, 0x5f, 0x63, 0x6f, 0x6d, 0x70, 0x6f, 0x6e, 0x65, 0x6e, 0x74, 0x73, 0x2e, 0x70, 0x72, 882 0x6f, 0x74, 0x6f, 0x1a, 0x21, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 883 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2f, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 884 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 885 0x70, 0x65, 0x2f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2f, 0x70, 0x61, 0x74, 0x68, 0x2e, 886 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 887 0x65, 0x2f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2f, 0x73, 0x74, 0x72, 0x69, 0x6e, 0x67, 888 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x25, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x61, 889 0x70, 0x69, 0x2f, 0x65, 0x78, 0x70, 0x72, 0x2f, 0x76, 0x31, 0x61, 0x6c, 0x70, 0x68, 0x61, 0x31, 890 0x2f, 0x73, 0x79, 0x6e, 0x74, 0x61, 0x78, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 891 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 892 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61, 893 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 894 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x81, 0x02, 0x0a, 0x04, 0x52, 0x42, 0x41, 0x43, 0x12, 0x39, 895 0x0a, 0x06, 0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x21, 896 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72, 0x62, 897 0x61, 0x63, 0x2e, 0x76, 0x32, 0x2e, 0x52, 0x42, 0x41, 0x43, 0x2e, 0x41, 0x63, 0x74, 0x69, 0x6f, 898 0x6e, 0x52, 0x06, 0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x44, 0x0a, 0x08, 0x70, 0x6f, 0x6c, 899 0x69, 0x63, 0x69, 0x65, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x28, 0x2e, 0x65, 0x6e, 900 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72, 0x62, 0x61, 0x63, 0x2e, 901 0x76, 0x32, 0x2e, 0x52, 0x42, 0x41, 0x43, 0x2e, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x69, 0x65, 0x73, 902 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, 0x08, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x69, 0x65, 0x73, 0x1a, 903 0x59, 0x0a, 0x0d, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x69, 0x65, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 904 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x6b, 905 0x65, 0x79, 0x12, 0x32, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 906 0x0b, 0x32, 0x1c, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 907 0x2e, 0x72, 0x62, 0x61, 0x63, 0x2e, 0x76, 0x32, 0x2e, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x52, 908 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x3a, 0x02, 0x38, 0x01, 0x22, 0x1d, 0x0a, 0x06, 0x41, 0x63, 909 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x09, 0x0a, 0x05, 0x41, 0x4c, 0x4c, 0x4f, 0x57, 0x10, 0x00, 0x12, 910 0x08, 0x0a, 0x04, 0x44, 0x45, 0x4e, 0x59, 0x10, 0x01, 0x22, 0xdf, 0x01, 0x0a, 0x06, 0x50, 0x6f, 911 0x6c, 0x69, 0x63, 0x79, 0x12, 0x4c, 0x0a, 0x0b, 0x70, 0x65, 0x72, 0x6d, 0x69, 0x73, 0x73, 0x69, 912 0x6f, 0x6e, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 913 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72, 0x62, 0x61, 0x63, 0x2e, 0x76, 0x32, 914 0x2e, 0x50, 0x65, 0x72, 0x6d, 0x69, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x42, 0x08, 0xfa, 0x42, 0x05, 915 0x92, 0x01, 0x02, 0x08, 0x01, 0x52, 0x0b, 0x70, 0x65, 0x72, 0x6d, 0x69, 0x73, 0x73, 0x69, 0x6f, 916 0x6e, 0x73, 0x12, 0x49, 0x0a, 0x0a, 0x70, 0x72, 0x69, 0x6e, 0x63, 0x69, 0x70, 0x61, 0x6c, 0x73, 917 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 918 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72, 0x62, 0x61, 0x63, 0x2e, 0x76, 0x32, 0x2e, 0x50, 0x72, 919 0x69, 0x6e, 0x63, 0x69, 0x70, 0x61, 0x6c, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x92, 0x01, 0x02, 0x08, 920 0x01, 0x52, 0x0a, 0x70, 0x72, 0x69, 0x6e, 0x63, 0x69, 0x70, 0x61, 0x6c, 0x73, 0x12, 0x3c, 0x0a, 921 0x09, 0x63, 0x6f, 0x6e, 0x64, 0x69, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 922 0x32, 0x1e, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x65, 0x78, 923 0x70, 0x72, 0x2e, 0x76, 0x31, 0x61, 0x6c, 0x70, 0x68, 0x61, 0x31, 0x2e, 0x45, 0x78, 0x70, 0x72, 924 0x52, 0x09, 0x63, 0x6f, 0x6e, 0x64, 0x69, 0x74, 0x69, 0x6f, 0x6e, 0x22, 0xdc, 0x05, 0x0a, 0x0a, 925 0x50, 0x65, 0x72, 0x6d, 0x69, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x43, 0x0a, 0x09, 0x61, 0x6e, 926 0x64, 0x5f, 0x72, 0x75, 0x6c, 0x65, 0x73, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x24, 0x2e, 927 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72, 0x62, 0x61, 928 0x63, 0x2e, 0x76, 0x32, 0x2e, 0x50, 0x65, 0x72, 0x6d, 0x69, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x2e, 929 0x53, 0x65, 0x74, 0x48, 0x00, 0x52, 0x08, 0x61, 0x6e, 0x64, 0x52, 0x75, 0x6c, 0x65, 0x73, 0x12, 930 0x41, 0x0a, 0x08, 0x6f, 0x72, 0x5f, 0x72, 0x75, 0x6c, 0x65, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 931 0x0b, 0x32, 0x24, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 932 0x2e, 0x72, 0x62, 0x61, 0x63, 0x2e, 0x76, 0x32, 0x2e, 0x50, 0x65, 0x72, 0x6d, 0x69, 0x73, 0x73, 933 0x69, 0x6f, 0x6e, 0x2e, 0x53, 0x65, 0x74, 0x48, 0x00, 0x52, 0x07, 0x6f, 0x72, 0x52, 0x75, 0x6c, 934 0x65, 0x73, 0x12, 0x1b, 0x0a, 0x03, 0x61, 0x6e, 0x79, 0x18, 0x03, 0x20, 0x01, 0x28, 0x08, 0x42, 935 0x07, 0xfa, 0x42, 0x04, 0x6a, 0x02, 0x08, 0x01, 0x48, 0x00, 0x52, 0x03, 0x61, 0x6e, 0x79, 0x12, 936 0x3b, 0x0a, 0x06, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 937 0x21, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x72, 938 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x4d, 0x61, 0x74, 0x63, 0x68, 939 0x65, 0x72, 0x48, 0x00, 0x52, 0x06, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x12, 0x3c, 0x0a, 0x08, 940 0x75, 0x72, 0x6c, 0x5f, 0x70, 0x61, 0x74, 0x68, 0x18, 0x0a, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1f, 941 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 942 0x68, 0x65, 0x72, 0x2e, 0x50, 0x61, 0x74, 0x68, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x48, 943 0x00, 0x52, 0x07, 0x75, 0x72, 0x6c, 0x50, 0x61, 0x74, 0x68, 0x12, 0x45, 0x0a, 0x0e, 0x64, 0x65, 944 0x73, 0x74, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x69, 0x70, 0x18, 0x05, 0x20, 0x01, 945 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 946 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x43, 0x69, 0x64, 0x72, 0x52, 0x61, 0x6e, 0x67, 0x65, 947 0x48, 0x00, 0x52, 0x0d, 0x64, 0x65, 0x73, 0x74, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x49, 948 0x70, 0x12, 0x36, 0x0a, 0x10, 0x64, 0x65, 0x73, 0x74, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 949 0x5f, 0x70, 0x6f, 0x72, 0x74, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0d, 0x42, 0x09, 0xfa, 0x42, 0x06, 950 0x2a, 0x04, 0x18, 0xff, 0xff, 0x03, 0x48, 0x00, 0x52, 0x0f, 0x64, 0x65, 0x73, 0x74, 0x69, 0x6e, 951 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x50, 0x6f, 0x72, 0x74, 0x12, 0x41, 0x0a, 0x08, 0x6d, 0x65, 0x74, 952 0x61, 0x64, 0x61, 0x74, 0x61, 0x18, 0x07, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x23, 0x2e, 0x65, 0x6e, 953 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 954 0x2e, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 955 0x48, 0x00, 0x52, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x12, 0x3d, 0x0a, 0x08, 956 0x6e, 0x6f, 0x74, 0x5f, 0x72, 0x75, 0x6c, 0x65, 0x18, 0x08, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x20, 957 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72, 0x62, 958 0x61, 0x63, 0x2e, 0x76, 0x32, 0x2e, 0x50, 0x65, 0x72, 0x6d, 0x69, 0x73, 0x73, 0x69, 0x6f, 0x6e, 959 0x48, 0x00, 0x52, 0x07, 0x6e, 0x6f, 0x74, 0x52, 0x75, 0x6c, 0x65, 0x12, 0x57, 0x0a, 0x15, 0x72, 960 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x65, 0x64, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x5f, 961 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x09, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x21, 0x2e, 0x65, 0x6e, 0x76, 962 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 963 0x53, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x48, 0x00, 0x52, 964 0x13, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x65, 0x64, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 965 0x4e, 0x61, 0x6d, 0x65, 0x1a, 0x47, 0x0a, 0x03, 0x53, 0x65, 0x74, 0x12, 0x40, 0x0a, 0x05, 0x72, 966 0x75, 0x6c, 0x65, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x65, 0x6e, 0x76, 967 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72, 0x62, 0x61, 0x63, 0x2e, 0x76, 968 0x32, 0x2e, 0x50, 0x65, 0x72, 0x6d, 0x69, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x42, 0x08, 0xfa, 0x42, 969 0x05, 0x92, 0x01, 0x02, 0x08, 0x01, 0x52, 0x05, 0x72, 0x75, 0x6c, 0x65, 0x73, 0x42, 0x0b, 0x0a, 970 0x04, 0x72, 0x75, 0x6c, 0x65, 0x12, 0x03, 0xf8, 0x42, 0x01, 0x22, 0xf5, 0x06, 0x0a, 0x09, 0x50, 971 0x72, 0x69, 0x6e, 0x63, 0x69, 0x70, 0x61, 0x6c, 0x12, 0x3e, 0x0a, 0x07, 0x61, 0x6e, 0x64, 0x5f, 972 0x69, 0x64, 0x73, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x23, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 973 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72, 0x62, 0x61, 0x63, 0x2e, 0x76, 0x32, 974 0x2e, 0x50, 0x72, 0x69, 0x6e, 0x63, 0x69, 0x70, 0x61, 0x6c, 0x2e, 0x53, 0x65, 0x74, 0x48, 0x00, 975 0x52, 0x06, 0x61, 0x6e, 0x64, 0x49, 0x64, 0x73, 0x12, 0x3c, 0x0a, 0x06, 0x6f, 0x72, 0x5f, 0x69, 976 0x64, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x23, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 977 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72, 0x62, 0x61, 0x63, 0x2e, 0x76, 0x32, 0x2e, 978 0x50, 0x72, 0x69, 0x6e, 0x63, 0x69, 0x70, 0x61, 0x6c, 0x2e, 0x53, 0x65, 0x74, 0x48, 0x00, 0x52, 979 0x05, 0x6f, 0x72, 0x49, 0x64, 0x73, 0x12, 0x1b, 0x0a, 0x03, 0x61, 0x6e, 0x79, 0x18, 0x03, 0x20, 980 0x01, 0x28, 0x08, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x6a, 0x02, 0x08, 0x01, 0x48, 0x00, 0x52, 0x03, 981 0x61, 0x6e, 0x79, 0x12, 0x55, 0x0a, 0x0d, 0x61, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 982 0x61, 0x74, 0x65, 0x64, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2d, 0x2e, 0x65, 0x6e, 0x76, 983 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72, 0x62, 0x61, 0x63, 0x2e, 0x76, 984 0x32, 0x2e, 0x50, 0x72, 0x69, 0x6e, 0x63, 0x69, 0x70, 0x61, 0x6c, 0x2e, 0x41, 0x75, 0x74, 0x68, 985 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, 0x65, 0x64, 0x48, 0x00, 0x52, 0x0d, 0x61, 0x75, 0x74, 986 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, 0x65, 0x64, 0x12, 0x3f, 0x0a, 0x09, 0x73, 0x6f, 987 0x75, 0x72, 0x63, 0x65, 0x5f, 0x69, 0x70, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 988 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 989 0x65, 0x2e, 0x43, 0x69, 0x64, 0x72, 0x52, 0x61, 0x6e, 0x67, 0x65, 0x42, 0x02, 0x18, 0x01, 0x48, 990 0x00, 0x52, 0x08, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x49, 0x70, 0x12, 0x48, 0x0a, 0x10, 0x64, 991 0x69, 0x72, 0x65, 0x63, 0x74, 0x5f, 0x72, 0x65, 0x6d, 0x6f, 0x74, 0x65, 0x5f, 0x69, 0x70, 0x18, 992 0x0a, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 993 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x43, 0x69, 0x64, 0x72, 0x52, 0x61, 994 0x6e, 0x67, 0x65, 0x48, 0x00, 0x52, 0x0e, 0x64, 0x69, 0x72, 0x65, 0x63, 0x74, 0x52, 0x65, 0x6d, 995 0x6f, 0x74, 0x65, 0x49, 0x70, 0x12, 0x3b, 0x0a, 0x09, 0x72, 0x65, 0x6d, 0x6f, 0x74, 0x65, 0x5f, 996 0x69, 0x70, 0x18, 0x0b, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 997 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x32, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x43, 0x69, 0x64, 998 0x72, 0x52, 0x61, 0x6e, 0x67, 0x65, 0x48, 0x00, 0x52, 0x08, 0x72, 0x65, 0x6d, 0x6f, 0x74, 0x65, 999 0x49, 0x70, 0x12, 0x3b, 0x0a, 0x06, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x18, 0x06, 0x20, 0x01, 1000 0x28, 0x0b, 0x32, 0x21, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 1001 0x32, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x4d, 0x61, 1002 0x74, 0x63, 0x68, 0x65, 0x72, 0x48, 0x00, 0x52, 0x06, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x12, 1003 0x3c, 0x0a, 0x08, 0x75, 0x72, 0x6c, 0x5f, 0x70, 0x61, 0x74, 0x68, 0x18, 0x09, 0x20, 0x01, 0x28, 1004 0x0b, 0x32, 0x1f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 1005 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x50, 0x61, 0x74, 0x68, 0x4d, 0x61, 0x74, 0x63, 0x68, 1006 0x65, 0x72, 0x48, 0x00, 0x52, 0x07, 0x75, 0x72, 0x6c, 0x50, 0x61, 0x74, 0x68, 0x12, 0x41, 0x0a, 1007 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x18, 0x07, 0x20, 0x01, 0x28, 0x0b, 0x32, 1008 0x23, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 1009 0x63, 0x68, 0x65, 0x72, 0x2e, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x4d, 0x61, 0x74, 1010 0x63, 0x68, 0x65, 0x72, 0x48, 0x00, 0x52, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 1011 0x12, 0x38, 0x0a, 0x06, 0x6e, 0x6f, 0x74, 0x5f, 0x69, 0x64, 0x18, 0x08, 0x20, 0x01, 0x28, 0x0b, 1012 0x32, 0x1f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 1013 0x72, 0x62, 0x61, 0x63, 0x2e, 0x76, 0x32, 0x2e, 0x50, 0x72, 0x69, 0x6e, 0x63, 0x69, 0x70, 0x61, 1014 0x6c, 0x48, 0x00, 0x52, 0x05, 0x6e, 0x6f, 0x74, 0x49, 0x64, 0x1a, 0x42, 0x0a, 0x03, 0x53, 0x65, 1015 0x74, 0x12, 0x3b, 0x0a, 0x03, 0x69, 0x64, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1f, 1016 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72, 0x62, 1017 0x61, 0x63, 0x2e, 0x76, 0x32, 0x2e, 0x50, 0x72, 0x69, 0x6e, 0x63, 0x69, 0x70, 0x61, 0x6c, 0x42, 1018 0x08, 0xfa, 0x42, 0x05, 0x92, 0x01, 0x02, 0x08, 0x01, 0x52, 0x03, 0x69, 0x64, 0x73, 0x1a, 0x5f, 1019 0x0a, 0x0d, 0x41, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, 0x65, 0x64, 0x12, 1020 0x48, 0x0a, 0x0e, 0x70, 0x72, 0x69, 0x6e, 0x63, 0x69, 0x70, 0x61, 0x6c, 0x5f, 0x6e, 0x61, 0x6d, 1021 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x21, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 1022 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x53, 0x74, 0x72, 1023 0x69, 0x6e, 0x67, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x52, 0x0d, 0x70, 0x72, 0x69, 0x6e, 1024 0x63, 0x69, 0x70, 0x61, 0x6c, 0x4e, 0x61, 0x6d, 0x65, 0x4a, 0x04, 0x08, 0x01, 0x10, 0x02, 0x42, 1025 0x11, 0x0a, 0x0a, 0x69, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x66, 0x69, 0x65, 0x72, 0x12, 0x03, 0xf8, 1026 0x42, 0x01, 0x42, 0x39, 0x0a, 0x22, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 1027 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 1028 0x2e, 0x72, 0x62, 0x61, 0x63, 0x2e, 0x76, 0x32, 0x42, 0x09, 0x52, 0x62, 0x61, 0x63, 0x50, 0x72, 1029 0x6f, 0x74, 0x6f, 0x50, 0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x01, 0x62, 0x06, 0x70, 1030 0x72, 0x6f, 0x74, 0x6f, 0x33, 1031 } 1032 1033 var ( 1034 file_envoy_config_rbac_v2_rbac_proto_rawDescOnce sync.Once 1035 file_envoy_config_rbac_v2_rbac_proto_rawDescData = file_envoy_config_rbac_v2_rbac_proto_rawDesc 1036 ) 1037 1038 func file_envoy_config_rbac_v2_rbac_proto_rawDescGZIP() []byte { 1039 file_envoy_config_rbac_v2_rbac_proto_rawDescOnce.Do(func() { 1040 file_envoy_config_rbac_v2_rbac_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_config_rbac_v2_rbac_proto_rawDescData) 1041 }) 1042 return file_envoy_config_rbac_v2_rbac_proto_rawDescData 1043 } 1044 1045 var file_envoy_config_rbac_v2_rbac_proto_enumTypes = make([]protoimpl.EnumInfo, 1) 1046 var file_envoy_config_rbac_v2_rbac_proto_msgTypes = make([]protoimpl.MessageInfo, 8) 1047 var file_envoy_config_rbac_v2_rbac_proto_goTypes = []interface{}{ 1048 (RBAC_Action)(0), // 0: envoy.config.rbac.v2.RBAC.Action 1049 (*RBAC)(nil), // 1: envoy.config.rbac.v2.RBAC 1050 (*Policy)(nil), // 2: envoy.config.rbac.v2.Policy 1051 (*Permission)(nil), // 3: envoy.config.rbac.v2.Permission 1052 (*Principal)(nil), // 4: envoy.config.rbac.v2.Principal 1053 nil, // 5: envoy.config.rbac.v2.RBAC.PoliciesEntry 1054 (*Permission_Set)(nil), // 6: envoy.config.rbac.v2.Permission.Set 1055 (*Principal_Set)(nil), // 7: envoy.config.rbac.v2.Principal.Set 1056 (*Principal_Authenticated)(nil), // 8: envoy.config.rbac.v2.Principal.Authenticated 1057 (*v1alpha1.Expr)(nil), // 9: google.api.expr.v1alpha1.Expr 1058 (*route.HeaderMatcher)(nil), // 10: envoy.api.v2.route.HeaderMatcher 1059 (*matcher.PathMatcher)(nil), // 11: envoy.type.matcher.PathMatcher 1060 (*core.CidrRange)(nil), // 12: envoy.api.v2.core.CidrRange 1061 (*matcher.MetadataMatcher)(nil), // 13: envoy.type.matcher.MetadataMatcher 1062 (*matcher.StringMatcher)(nil), // 14: envoy.type.matcher.StringMatcher 1063 } 1064 var file_envoy_config_rbac_v2_rbac_proto_depIdxs = []int32{ 1065 0, // 0: envoy.config.rbac.v2.RBAC.action:type_name -> envoy.config.rbac.v2.RBAC.Action 1066 5, // 1: envoy.config.rbac.v2.RBAC.policies:type_name -> envoy.config.rbac.v2.RBAC.PoliciesEntry 1067 3, // 2: envoy.config.rbac.v2.Policy.permissions:type_name -> envoy.config.rbac.v2.Permission 1068 4, // 3: envoy.config.rbac.v2.Policy.principals:type_name -> envoy.config.rbac.v2.Principal 1069 9, // 4: envoy.config.rbac.v2.Policy.condition:type_name -> google.api.expr.v1alpha1.Expr 1070 6, // 5: envoy.config.rbac.v2.Permission.and_rules:type_name -> envoy.config.rbac.v2.Permission.Set 1071 6, // 6: envoy.config.rbac.v2.Permission.or_rules:type_name -> envoy.config.rbac.v2.Permission.Set 1072 10, // 7: envoy.config.rbac.v2.Permission.header:type_name -> envoy.api.v2.route.HeaderMatcher 1073 11, // 8: envoy.config.rbac.v2.Permission.url_path:type_name -> envoy.type.matcher.PathMatcher 1074 12, // 9: envoy.config.rbac.v2.Permission.destination_ip:type_name -> envoy.api.v2.core.CidrRange 1075 13, // 10: envoy.config.rbac.v2.Permission.metadata:type_name -> envoy.type.matcher.MetadataMatcher 1076 3, // 11: envoy.config.rbac.v2.Permission.not_rule:type_name -> envoy.config.rbac.v2.Permission 1077 14, // 12: envoy.config.rbac.v2.Permission.requested_server_name:type_name -> envoy.type.matcher.StringMatcher 1078 7, // 13: envoy.config.rbac.v2.Principal.and_ids:type_name -> envoy.config.rbac.v2.Principal.Set 1079 7, // 14: envoy.config.rbac.v2.Principal.or_ids:type_name -> envoy.config.rbac.v2.Principal.Set 1080 8, // 15: envoy.config.rbac.v2.Principal.authenticated:type_name -> envoy.config.rbac.v2.Principal.Authenticated 1081 12, // 16: envoy.config.rbac.v2.Principal.source_ip:type_name -> envoy.api.v2.core.CidrRange 1082 12, // 17: envoy.config.rbac.v2.Principal.direct_remote_ip:type_name -> envoy.api.v2.core.CidrRange 1083 12, // 18: envoy.config.rbac.v2.Principal.remote_ip:type_name -> envoy.api.v2.core.CidrRange 1084 10, // 19: envoy.config.rbac.v2.Principal.header:type_name -> envoy.api.v2.route.HeaderMatcher 1085 11, // 20: envoy.config.rbac.v2.Principal.url_path:type_name -> envoy.type.matcher.PathMatcher 1086 13, // 21: envoy.config.rbac.v2.Principal.metadata:type_name -> envoy.type.matcher.MetadataMatcher 1087 4, // 22: envoy.config.rbac.v2.Principal.not_id:type_name -> envoy.config.rbac.v2.Principal 1088 2, // 23: envoy.config.rbac.v2.RBAC.PoliciesEntry.value:type_name -> envoy.config.rbac.v2.Policy 1089 3, // 24: envoy.config.rbac.v2.Permission.Set.rules:type_name -> envoy.config.rbac.v2.Permission 1090 4, // 25: envoy.config.rbac.v2.Principal.Set.ids:type_name -> envoy.config.rbac.v2.Principal 1091 14, // 26: envoy.config.rbac.v2.Principal.Authenticated.principal_name:type_name -> envoy.type.matcher.StringMatcher 1092 27, // [27:27] is the sub-list for method output_type 1093 27, // [27:27] is the sub-list for method input_type 1094 27, // [27:27] is the sub-list for extension type_name 1095 27, // [27:27] is the sub-list for extension extendee 1096 0, // [0:27] is the sub-list for field type_name 1097 } 1098 1099 func init() { file_envoy_config_rbac_v2_rbac_proto_init() } 1100 func file_envoy_config_rbac_v2_rbac_proto_init() { 1101 if File_envoy_config_rbac_v2_rbac_proto != nil { 1102 return 1103 } 1104 if !protoimpl.UnsafeEnabled { 1105 file_envoy_config_rbac_v2_rbac_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} { 1106 switch v := v.(*RBAC); i { 1107 case 0: 1108 return &v.state 1109 case 1: 1110 return &v.sizeCache 1111 case 2: 1112 return &v.unknownFields 1113 default: 1114 return nil 1115 } 1116 } 1117 file_envoy_config_rbac_v2_rbac_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} { 1118 switch v := v.(*Policy); i { 1119 case 0: 1120 return &v.state 1121 case 1: 1122 return &v.sizeCache 1123 case 2: 1124 return &v.unknownFields 1125 default: 1126 return nil 1127 } 1128 } 1129 file_envoy_config_rbac_v2_rbac_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} { 1130 switch v := v.(*Permission); i { 1131 case 0: 1132 return &v.state 1133 case 1: 1134 return &v.sizeCache 1135 case 2: 1136 return &v.unknownFields 1137 default: 1138 return nil 1139 } 1140 } 1141 file_envoy_config_rbac_v2_rbac_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} { 1142 switch v := v.(*Principal); i { 1143 case 0: 1144 return &v.state 1145 case 1: 1146 return &v.sizeCache 1147 case 2: 1148 return &v.unknownFields 1149 default: 1150 return nil 1151 } 1152 } 1153 file_envoy_config_rbac_v2_rbac_proto_msgTypes[5].Exporter = func(v interface{}, i int) interface{} { 1154 switch v := v.(*Permission_Set); i { 1155 case 0: 1156 return &v.state 1157 case 1: 1158 return &v.sizeCache 1159 case 2: 1160 return &v.unknownFields 1161 default: 1162 return nil 1163 } 1164 } 1165 file_envoy_config_rbac_v2_rbac_proto_msgTypes[6].Exporter = func(v interface{}, i int) interface{} { 1166 switch v := v.(*Principal_Set); i { 1167 case 0: 1168 return &v.state 1169 case 1: 1170 return &v.sizeCache 1171 case 2: 1172 return &v.unknownFields 1173 default: 1174 return nil 1175 } 1176 } 1177 file_envoy_config_rbac_v2_rbac_proto_msgTypes[7].Exporter = func(v interface{}, i int) interface{} { 1178 switch v := v.(*Principal_Authenticated); i { 1179 case 0: 1180 return &v.state 1181 case 1: 1182 return &v.sizeCache 1183 case 2: 1184 return &v.unknownFields 1185 default: 1186 return nil 1187 } 1188 } 1189 } 1190 file_envoy_config_rbac_v2_rbac_proto_msgTypes[2].OneofWrappers = []interface{}{ 1191 (*Permission_AndRules)(nil), 1192 (*Permission_OrRules)(nil), 1193 (*Permission_Any)(nil), 1194 (*Permission_Header)(nil), 1195 (*Permission_UrlPath)(nil), 1196 (*Permission_DestinationIp)(nil), 1197 (*Permission_DestinationPort)(nil), 1198 (*Permission_Metadata)(nil), 1199 (*Permission_NotRule)(nil), 1200 (*Permission_RequestedServerName)(nil), 1201 } 1202 file_envoy_config_rbac_v2_rbac_proto_msgTypes[3].OneofWrappers = []interface{}{ 1203 (*Principal_AndIds)(nil), 1204 (*Principal_OrIds)(nil), 1205 (*Principal_Any)(nil), 1206 (*Principal_Authenticated_)(nil), 1207 (*Principal_SourceIp)(nil), 1208 (*Principal_DirectRemoteIp)(nil), 1209 (*Principal_RemoteIp)(nil), 1210 (*Principal_Header)(nil), 1211 (*Principal_UrlPath)(nil), 1212 (*Principal_Metadata)(nil), 1213 (*Principal_NotId)(nil), 1214 } 1215 type x struct{} 1216 out := protoimpl.TypeBuilder{ 1217 File: protoimpl.DescBuilder{ 1218 GoPackagePath: reflect.TypeOf(x{}).PkgPath(), 1219 RawDescriptor: file_envoy_config_rbac_v2_rbac_proto_rawDesc, 1220 NumEnums: 1, 1221 NumMessages: 8, 1222 NumExtensions: 0, 1223 NumServices: 0, 1224 }, 1225 GoTypes: file_envoy_config_rbac_v2_rbac_proto_goTypes, 1226 DependencyIndexes: file_envoy_config_rbac_v2_rbac_proto_depIdxs, 1227 EnumInfos: file_envoy_config_rbac_v2_rbac_proto_enumTypes, 1228 MessageInfos: file_envoy_config_rbac_v2_rbac_proto_msgTypes, 1229 }.Build() 1230 File_envoy_config_rbac_v2_rbac_proto = out.File 1231 file_envoy_config_rbac_v2_rbac_proto_rawDesc = nil 1232 file_envoy_config_rbac_v2_rbac_proto_goTypes = nil 1233 file_envoy_config_rbac_v2_rbac_proto_depIdxs = nil 1234 }