github.com/hxx258456/ccgo@v0.0.5-0.20230213014102-48b35f46f66f/go-control-plane/envoy/config/rbac/v3/rbac.pb.go (about) 1 // Code generated by protoc-gen-go. DO NOT EDIT. 2 // versions: 3 // protoc-gen-go v1.25.0 4 // protoc v3.16.0 5 // source: envoy/config/rbac/v3/rbac.proto 6 7 package envoy_config_rbac_v3 8 9 import ( 10 _ "github.com/cncf/xds/go/udpa/annotations" 11 _ "github.com/hxx258456/ccgo/go-control-plane/envoy/annotations" 12 v32 "github.com/hxx258456/ccgo/go-control-plane/envoy/config/core/v3" 13 v3 "github.com/hxx258456/ccgo/go-control-plane/envoy/config/route/v3" 14 v31 "github.com/hxx258456/ccgo/go-control-plane/envoy/type/matcher/v3" 15 v33 "github.com/hxx258456/ccgo/go-control-plane/envoy/type/v3" 16 _ "github.com/envoyproxy/protoc-gen-validate/validate" 17 proto "github.com/golang/protobuf/proto" 18 v1alpha1 "google.golang.org/genproto/googleapis/api/expr/v1alpha1" 19 protoreflect "google.golang.org/protobuf/reflect/protoreflect" 20 protoimpl "google.golang.org/protobuf/runtime/protoimpl" 21 reflect "reflect" 22 sync "sync" 23 ) 24 25 const ( 26 // Verify that this generated code is sufficiently up-to-date. 27 _ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion) 28 // Verify that runtime/protoimpl is sufficiently up-to-date. 29 _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) 30 ) 31 32 // This is a compile-time assertion that a sufficiently up-to-date version 33 // of the legacy proto package is being used. 34 const _ = proto.ProtoPackageIsVersion4 35 36 // Should we do safe-list or block-list style access control? 37 type RBAC_Action int32 38 39 const ( 40 // The policies grant access to principals. The rest are denied. This is safe-list style 41 // access control. This is the default type. 42 RBAC_ALLOW RBAC_Action = 0 43 // The policies deny access to principals. The rest are allowed. This is block-list style 44 // access control. 45 RBAC_DENY RBAC_Action = 1 46 // The policies set the `access_log_hint` dynamic metadata key based on if requests match. 47 // All requests are allowed. 48 RBAC_LOG RBAC_Action = 2 49 ) 50 51 // Enum value maps for RBAC_Action. 52 var ( 53 RBAC_Action_name = map[int32]string{ 54 0: "ALLOW", 55 1: "DENY", 56 2: "LOG", 57 } 58 RBAC_Action_value = map[string]int32{ 59 "ALLOW": 0, 60 "DENY": 1, 61 "LOG": 2, 62 } 63 ) 64 65 func (x RBAC_Action) Enum() *RBAC_Action { 66 p := new(RBAC_Action) 67 *p = x 68 return p 69 } 70 71 func (x RBAC_Action) String() string { 72 return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x)) 73 } 74 75 func (RBAC_Action) Descriptor() protoreflect.EnumDescriptor { 76 return file_envoy_config_rbac_v3_rbac_proto_enumTypes[0].Descriptor() 77 } 78 79 func (RBAC_Action) Type() protoreflect.EnumType { 80 return &file_envoy_config_rbac_v3_rbac_proto_enumTypes[0] 81 } 82 83 func (x RBAC_Action) Number() protoreflect.EnumNumber { 84 return protoreflect.EnumNumber(x) 85 } 86 87 // Deprecated: Use RBAC_Action.Descriptor instead. 88 func (RBAC_Action) EnumDescriptor() ([]byte, []int) { 89 return file_envoy_config_rbac_v3_rbac_proto_rawDescGZIP(), []int{0, 0} 90 } 91 92 // Role Based Access Control (RBAC) provides service-level and method-level access control for a 93 // service. Requests are allowed or denied based on the `action` and whether a matching policy is 94 // found. For instance, if the action is ALLOW and a matching policy is found the request should be 95 // allowed. 96 // 97 // RBAC can also be used to make access logging decisions by communicating with access loggers 98 // through dynamic metadata. When the action is LOG and at least one policy matches, the 99 // `access_log_hint` value in the shared key namespace 'envoy.common' is set to `true` indicating 100 // the request should be logged. 101 // 102 // Here is an example of RBAC configuration. It has two policies: 103 // 104 // * Service account "cluster.local/ns/default/sa/admin" has full access to the service, and so 105 // does "cluster.local/ns/default/sa/superuser". 106 // 107 // * Any user can read ("GET") the service at paths with prefix "/products", so long as the 108 // destination port is either 80 or 443. 109 // 110 // .. code-block:: yaml 111 // 112 // action: ALLOW 113 // policies: 114 // "service-admin": 115 // permissions: 116 // - any: true 117 // principals: 118 // - authenticated: 119 // principal_name: 120 // exact: "cluster.local/ns/default/sa/admin" 121 // - authenticated: 122 // principal_name: 123 // exact: "cluster.local/ns/default/sa/superuser" 124 // "product-viewer": 125 // permissions: 126 // - and_rules: 127 // rules: 128 // - header: 129 // name: ":method" 130 // string_match: 131 // exact: "GET" 132 // - url_path: 133 // path: { prefix: "/products" } 134 // - or_rules: 135 // rules: 136 // - destination_port: 80 137 // - destination_port: 443 138 // principals: 139 // - any: true 140 // 141 type RBAC struct { 142 state protoimpl.MessageState 143 sizeCache protoimpl.SizeCache 144 unknownFields protoimpl.UnknownFields 145 146 // The action to take if a policy matches. Every action either allows or denies a request, 147 // and can also carry out action-specific operations. 148 // 149 // Actions: 150 // 151 // * ALLOW: Allows the request if and only if there is a policy that matches 152 // the request. 153 // * DENY: Allows the request if and only if there are no policies that 154 // match the request. 155 // * LOG: Allows all requests. If at least one policy matches, the dynamic 156 // metadata key `access_log_hint` is set to the value `true` under the shared 157 // key namespace 'envoy.common'. If no policies match, it is set to `false`. 158 // Other actions do not modify this key. 159 // 160 Action RBAC_Action `protobuf:"varint,1,opt,name=action,proto3,enum=envoy.config.rbac.v3.RBAC_Action" json:"action,omitempty"` 161 // Maps from policy name to policy. A match occurs when at least one policy matches the request. 162 // The policies are evaluated in lexicographic order of the policy name. 163 Policies map[string]*Policy `protobuf:"bytes,2,rep,name=policies,proto3" json:"policies,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"` 164 } 165 166 func (x *RBAC) Reset() { 167 *x = RBAC{} 168 if protoimpl.UnsafeEnabled { 169 mi := &file_envoy_config_rbac_v3_rbac_proto_msgTypes[0] 170 ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) 171 ms.StoreMessageInfo(mi) 172 } 173 } 174 175 func (x *RBAC) String() string { 176 return protoimpl.X.MessageStringOf(x) 177 } 178 179 func (*RBAC) ProtoMessage() {} 180 181 func (x *RBAC) ProtoReflect() protoreflect.Message { 182 mi := &file_envoy_config_rbac_v3_rbac_proto_msgTypes[0] 183 if protoimpl.UnsafeEnabled && x != nil { 184 ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) 185 if ms.LoadMessageInfo() == nil { 186 ms.StoreMessageInfo(mi) 187 } 188 return ms 189 } 190 return mi.MessageOf(x) 191 } 192 193 // Deprecated: Use RBAC.ProtoReflect.Descriptor instead. 194 func (*RBAC) Descriptor() ([]byte, []int) { 195 return file_envoy_config_rbac_v3_rbac_proto_rawDescGZIP(), []int{0} 196 } 197 198 func (x *RBAC) GetAction() RBAC_Action { 199 if x != nil { 200 return x.Action 201 } 202 return RBAC_ALLOW 203 } 204 205 func (x *RBAC) GetPolicies() map[string]*Policy { 206 if x != nil { 207 return x.Policies 208 } 209 return nil 210 } 211 212 // Policy specifies a role and the principals that are assigned/denied the role. 213 // A policy matches if and only if at least one of its permissions match the 214 // action taking place AND at least one of its principals match the downstream 215 // AND the condition is true if specified. 216 type Policy struct { 217 state protoimpl.MessageState 218 sizeCache protoimpl.SizeCache 219 unknownFields protoimpl.UnknownFields 220 221 // Required. The set of permissions that define a role. Each permission is 222 // matched with OR semantics. To match all actions for this policy, a single 223 // Permission with the `any` field set to true should be used. 224 Permissions []*Permission `protobuf:"bytes,1,rep,name=permissions,proto3" json:"permissions,omitempty"` 225 // Required. The set of principals that are assigned/denied the role based on 226 // “action”. Each principal is matched with OR semantics. To match all 227 // downstreams for this policy, a single Principal with the `any` field set to 228 // true should be used. 229 Principals []*Principal `protobuf:"bytes,2,rep,name=principals,proto3" json:"principals,omitempty"` 230 // An optional symbolic expression specifying an access control 231 // :ref:`condition <arch_overview_condition>`. The condition is combined 232 // with the permissions and the principals as a clause with AND semantics. 233 // Only be used when checked_condition is not used. 234 Condition *v1alpha1.Expr `protobuf:"bytes,3,opt,name=condition,proto3" json:"condition,omitempty"` 235 // [#not-implemented-hide:] 236 // An optional symbolic expression that has been successfully type checked. 237 // Only be used when condition is not used. 238 CheckedCondition *v1alpha1.CheckedExpr `protobuf:"bytes,4,opt,name=checked_condition,json=checkedCondition,proto3" json:"checked_condition,omitempty"` 239 } 240 241 func (x *Policy) Reset() { 242 *x = Policy{} 243 if protoimpl.UnsafeEnabled { 244 mi := &file_envoy_config_rbac_v3_rbac_proto_msgTypes[1] 245 ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) 246 ms.StoreMessageInfo(mi) 247 } 248 } 249 250 func (x *Policy) String() string { 251 return protoimpl.X.MessageStringOf(x) 252 } 253 254 func (*Policy) ProtoMessage() {} 255 256 func (x *Policy) ProtoReflect() protoreflect.Message { 257 mi := &file_envoy_config_rbac_v3_rbac_proto_msgTypes[1] 258 if protoimpl.UnsafeEnabled && x != nil { 259 ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) 260 if ms.LoadMessageInfo() == nil { 261 ms.StoreMessageInfo(mi) 262 } 263 return ms 264 } 265 return mi.MessageOf(x) 266 } 267 268 // Deprecated: Use Policy.ProtoReflect.Descriptor instead. 269 func (*Policy) Descriptor() ([]byte, []int) { 270 return file_envoy_config_rbac_v3_rbac_proto_rawDescGZIP(), []int{1} 271 } 272 273 func (x *Policy) GetPermissions() []*Permission { 274 if x != nil { 275 return x.Permissions 276 } 277 return nil 278 } 279 280 func (x *Policy) GetPrincipals() []*Principal { 281 if x != nil { 282 return x.Principals 283 } 284 return nil 285 } 286 287 func (x *Policy) GetCondition() *v1alpha1.Expr { 288 if x != nil { 289 return x.Condition 290 } 291 return nil 292 } 293 294 func (x *Policy) GetCheckedCondition() *v1alpha1.CheckedExpr { 295 if x != nil { 296 return x.CheckedCondition 297 } 298 return nil 299 } 300 301 // Permission defines an action (or actions) that a principal can take. 302 // [#next-free-field: 12] 303 type Permission struct { 304 state protoimpl.MessageState 305 sizeCache protoimpl.SizeCache 306 unknownFields protoimpl.UnknownFields 307 308 // Types that are assignable to Rule: 309 // *Permission_AndRules 310 // *Permission_OrRules 311 // *Permission_Any 312 // *Permission_Header 313 // *Permission_UrlPath 314 // *Permission_DestinationIp 315 // *Permission_DestinationPort 316 // *Permission_DestinationPortRange 317 // *Permission_Metadata 318 // *Permission_NotRule 319 // *Permission_RequestedServerName 320 Rule isPermission_Rule `protobuf_oneof:"rule"` 321 } 322 323 func (x *Permission) Reset() { 324 *x = Permission{} 325 if protoimpl.UnsafeEnabled { 326 mi := &file_envoy_config_rbac_v3_rbac_proto_msgTypes[2] 327 ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) 328 ms.StoreMessageInfo(mi) 329 } 330 } 331 332 func (x *Permission) String() string { 333 return protoimpl.X.MessageStringOf(x) 334 } 335 336 func (*Permission) ProtoMessage() {} 337 338 func (x *Permission) ProtoReflect() protoreflect.Message { 339 mi := &file_envoy_config_rbac_v3_rbac_proto_msgTypes[2] 340 if protoimpl.UnsafeEnabled && x != nil { 341 ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) 342 if ms.LoadMessageInfo() == nil { 343 ms.StoreMessageInfo(mi) 344 } 345 return ms 346 } 347 return mi.MessageOf(x) 348 } 349 350 // Deprecated: Use Permission.ProtoReflect.Descriptor instead. 351 func (*Permission) Descriptor() ([]byte, []int) { 352 return file_envoy_config_rbac_v3_rbac_proto_rawDescGZIP(), []int{2} 353 } 354 355 func (m *Permission) GetRule() isPermission_Rule { 356 if m != nil { 357 return m.Rule 358 } 359 return nil 360 } 361 362 func (x *Permission) GetAndRules() *Permission_Set { 363 if x, ok := x.GetRule().(*Permission_AndRules); ok { 364 return x.AndRules 365 } 366 return nil 367 } 368 369 func (x *Permission) GetOrRules() *Permission_Set { 370 if x, ok := x.GetRule().(*Permission_OrRules); ok { 371 return x.OrRules 372 } 373 return nil 374 } 375 376 func (x *Permission) GetAny() bool { 377 if x, ok := x.GetRule().(*Permission_Any); ok { 378 return x.Any 379 } 380 return false 381 } 382 383 func (x *Permission) GetHeader() *v3.HeaderMatcher { 384 if x, ok := x.GetRule().(*Permission_Header); ok { 385 return x.Header 386 } 387 return nil 388 } 389 390 func (x *Permission) GetUrlPath() *v31.PathMatcher { 391 if x, ok := x.GetRule().(*Permission_UrlPath); ok { 392 return x.UrlPath 393 } 394 return nil 395 } 396 397 func (x *Permission) GetDestinationIp() *v32.CidrRange { 398 if x, ok := x.GetRule().(*Permission_DestinationIp); ok { 399 return x.DestinationIp 400 } 401 return nil 402 } 403 404 func (x *Permission) GetDestinationPort() uint32 { 405 if x, ok := x.GetRule().(*Permission_DestinationPort); ok { 406 return x.DestinationPort 407 } 408 return 0 409 } 410 411 func (x *Permission) GetDestinationPortRange() *v33.Int32Range { 412 if x, ok := x.GetRule().(*Permission_DestinationPortRange); ok { 413 return x.DestinationPortRange 414 } 415 return nil 416 } 417 418 func (x *Permission) GetMetadata() *v31.MetadataMatcher { 419 if x, ok := x.GetRule().(*Permission_Metadata); ok { 420 return x.Metadata 421 } 422 return nil 423 } 424 425 func (x *Permission) GetNotRule() *Permission { 426 if x, ok := x.GetRule().(*Permission_NotRule); ok { 427 return x.NotRule 428 } 429 return nil 430 } 431 432 func (x *Permission) GetRequestedServerName() *v31.StringMatcher { 433 if x, ok := x.GetRule().(*Permission_RequestedServerName); ok { 434 return x.RequestedServerName 435 } 436 return nil 437 } 438 439 type isPermission_Rule interface { 440 isPermission_Rule() 441 } 442 443 type Permission_AndRules struct { 444 // A set of rules that all must match in order to define the action. 445 AndRules *Permission_Set `protobuf:"bytes,1,opt,name=and_rules,json=andRules,proto3,oneof"` 446 } 447 448 type Permission_OrRules struct { 449 // A set of rules where at least one must match in order to define the action. 450 OrRules *Permission_Set `protobuf:"bytes,2,opt,name=or_rules,json=orRules,proto3,oneof"` 451 } 452 453 type Permission_Any struct { 454 // When any is set, it matches any action. 455 Any bool `protobuf:"varint,3,opt,name=any,proto3,oneof"` 456 } 457 458 type Permission_Header struct { 459 // A header (or pseudo-header such as :path or :method) on the incoming HTTP request. Only 460 // available for HTTP request. 461 // Note: the pseudo-header :path includes the query and fragment string. Use the `url_path` 462 // field if you want to match the URL path without the query and fragment string. 463 Header *v3.HeaderMatcher `protobuf:"bytes,4,opt,name=header,proto3,oneof"` 464 } 465 466 type Permission_UrlPath struct { 467 // A URL path on the incoming HTTP request. Only available for HTTP. 468 UrlPath *v31.PathMatcher `protobuf:"bytes,10,opt,name=url_path,json=urlPath,proto3,oneof"` 469 } 470 471 type Permission_DestinationIp struct { 472 // A CIDR block that describes the destination IP. 473 DestinationIp *v32.CidrRange `protobuf:"bytes,5,opt,name=destination_ip,json=destinationIp,proto3,oneof"` 474 } 475 476 type Permission_DestinationPort struct { 477 // A port number that describes the destination port connecting to. 478 DestinationPort uint32 `protobuf:"varint,6,opt,name=destination_port,json=destinationPort,proto3,oneof"` 479 } 480 481 type Permission_DestinationPortRange struct { 482 // A port number range that describes a range of destination ports connecting to. 483 DestinationPortRange *v33.Int32Range `protobuf:"bytes,11,opt,name=destination_port_range,json=destinationPortRange,proto3,oneof"` 484 } 485 486 type Permission_Metadata struct { 487 // Metadata that describes additional information about the action. 488 Metadata *v31.MetadataMatcher `protobuf:"bytes,7,opt,name=metadata,proto3,oneof"` 489 } 490 491 type Permission_NotRule struct { 492 // Negates matching the provided permission. For instance, if the value of 493 // `not_rule` would match, this permission would not match. Conversely, if 494 // the value of `not_rule` would not match, this permission would match. 495 NotRule *Permission `protobuf:"bytes,8,opt,name=not_rule,json=notRule,proto3,oneof"` 496 } 497 498 type Permission_RequestedServerName struct { 499 // The request server from the client's connection request. This is 500 // typically TLS SNI. 501 // 502 // .. attention:: 503 // 504 // The behavior of this field may be affected by how Envoy is configured 505 // as explained below. 506 // 507 // * If the :ref:`TLS Inspector <config_listener_filters_tls_inspector>` 508 // filter is not added, and if a `FilterChainMatch` is not defined for 509 // the :ref:`server name 510 // <envoy_v3_api_field_config.listener.v3.FilterChainMatch.server_names>`, 511 // a TLS connection's requested SNI server name will be treated as if it 512 // wasn't present. 513 // 514 // * A :ref:`listener filter <arch_overview_listener_filters>` may 515 // overwrite a connection's requested server name within Envoy. 516 // 517 // Please refer to :ref:`this FAQ entry <faq_how_to_setup_sni>` to learn to 518 // setup SNI. 519 RequestedServerName *v31.StringMatcher `protobuf:"bytes,9,opt,name=requested_server_name,json=requestedServerName,proto3,oneof"` 520 } 521 522 func (*Permission_AndRules) isPermission_Rule() {} 523 524 func (*Permission_OrRules) isPermission_Rule() {} 525 526 func (*Permission_Any) isPermission_Rule() {} 527 528 func (*Permission_Header) isPermission_Rule() {} 529 530 func (*Permission_UrlPath) isPermission_Rule() {} 531 532 func (*Permission_DestinationIp) isPermission_Rule() {} 533 534 func (*Permission_DestinationPort) isPermission_Rule() {} 535 536 func (*Permission_DestinationPortRange) isPermission_Rule() {} 537 538 func (*Permission_Metadata) isPermission_Rule() {} 539 540 func (*Permission_NotRule) isPermission_Rule() {} 541 542 func (*Permission_RequestedServerName) isPermission_Rule() {} 543 544 // Principal defines an identity or a group of identities for a downstream 545 // subject. 546 // [#next-free-field: 12] 547 type Principal struct { 548 state protoimpl.MessageState 549 sizeCache protoimpl.SizeCache 550 unknownFields protoimpl.UnknownFields 551 552 // Types that are assignable to Identifier: 553 // *Principal_AndIds 554 // *Principal_OrIds 555 // *Principal_Any 556 // *Principal_Authenticated_ 557 // *Principal_SourceIp 558 // *Principal_DirectRemoteIp 559 // *Principal_RemoteIp 560 // *Principal_Header 561 // *Principal_UrlPath 562 // *Principal_Metadata 563 // *Principal_NotId 564 Identifier isPrincipal_Identifier `protobuf_oneof:"identifier"` 565 } 566 567 func (x *Principal) Reset() { 568 *x = Principal{} 569 if protoimpl.UnsafeEnabled { 570 mi := &file_envoy_config_rbac_v3_rbac_proto_msgTypes[3] 571 ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) 572 ms.StoreMessageInfo(mi) 573 } 574 } 575 576 func (x *Principal) String() string { 577 return protoimpl.X.MessageStringOf(x) 578 } 579 580 func (*Principal) ProtoMessage() {} 581 582 func (x *Principal) ProtoReflect() protoreflect.Message { 583 mi := &file_envoy_config_rbac_v3_rbac_proto_msgTypes[3] 584 if protoimpl.UnsafeEnabled && x != nil { 585 ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) 586 if ms.LoadMessageInfo() == nil { 587 ms.StoreMessageInfo(mi) 588 } 589 return ms 590 } 591 return mi.MessageOf(x) 592 } 593 594 // Deprecated: Use Principal.ProtoReflect.Descriptor instead. 595 func (*Principal) Descriptor() ([]byte, []int) { 596 return file_envoy_config_rbac_v3_rbac_proto_rawDescGZIP(), []int{3} 597 } 598 599 func (m *Principal) GetIdentifier() isPrincipal_Identifier { 600 if m != nil { 601 return m.Identifier 602 } 603 return nil 604 } 605 606 func (x *Principal) GetAndIds() *Principal_Set { 607 if x, ok := x.GetIdentifier().(*Principal_AndIds); ok { 608 return x.AndIds 609 } 610 return nil 611 } 612 613 func (x *Principal) GetOrIds() *Principal_Set { 614 if x, ok := x.GetIdentifier().(*Principal_OrIds); ok { 615 return x.OrIds 616 } 617 return nil 618 } 619 620 func (x *Principal) GetAny() bool { 621 if x, ok := x.GetIdentifier().(*Principal_Any); ok { 622 return x.Any 623 } 624 return false 625 } 626 627 func (x *Principal) GetAuthenticated() *Principal_Authenticated { 628 if x, ok := x.GetIdentifier().(*Principal_Authenticated_); ok { 629 return x.Authenticated 630 } 631 return nil 632 } 633 634 // Deprecated: Do not use. 635 func (x *Principal) GetSourceIp() *v32.CidrRange { 636 if x, ok := x.GetIdentifier().(*Principal_SourceIp); ok { 637 return x.SourceIp 638 } 639 return nil 640 } 641 642 func (x *Principal) GetDirectRemoteIp() *v32.CidrRange { 643 if x, ok := x.GetIdentifier().(*Principal_DirectRemoteIp); ok { 644 return x.DirectRemoteIp 645 } 646 return nil 647 } 648 649 func (x *Principal) GetRemoteIp() *v32.CidrRange { 650 if x, ok := x.GetIdentifier().(*Principal_RemoteIp); ok { 651 return x.RemoteIp 652 } 653 return nil 654 } 655 656 func (x *Principal) GetHeader() *v3.HeaderMatcher { 657 if x, ok := x.GetIdentifier().(*Principal_Header); ok { 658 return x.Header 659 } 660 return nil 661 } 662 663 func (x *Principal) GetUrlPath() *v31.PathMatcher { 664 if x, ok := x.GetIdentifier().(*Principal_UrlPath); ok { 665 return x.UrlPath 666 } 667 return nil 668 } 669 670 func (x *Principal) GetMetadata() *v31.MetadataMatcher { 671 if x, ok := x.GetIdentifier().(*Principal_Metadata); ok { 672 return x.Metadata 673 } 674 return nil 675 } 676 677 func (x *Principal) GetNotId() *Principal { 678 if x, ok := x.GetIdentifier().(*Principal_NotId); ok { 679 return x.NotId 680 } 681 return nil 682 } 683 684 type isPrincipal_Identifier interface { 685 isPrincipal_Identifier() 686 } 687 688 type Principal_AndIds struct { 689 // A set of identifiers that all must match in order to define the 690 // downstream. 691 AndIds *Principal_Set `protobuf:"bytes,1,opt,name=and_ids,json=andIds,proto3,oneof"` 692 } 693 694 type Principal_OrIds struct { 695 // A set of identifiers at least one must match in order to define the 696 // downstream. 697 OrIds *Principal_Set `protobuf:"bytes,2,opt,name=or_ids,json=orIds,proto3,oneof"` 698 } 699 700 type Principal_Any struct { 701 // When any is set, it matches any downstream. 702 Any bool `protobuf:"varint,3,opt,name=any,proto3,oneof"` 703 } 704 705 type Principal_Authenticated_ struct { 706 // Authenticated attributes that identify the downstream. 707 Authenticated *Principal_Authenticated `protobuf:"bytes,4,opt,name=authenticated,proto3,oneof"` 708 } 709 710 type Principal_SourceIp struct { 711 // A CIDR block that describes the downstream IP. 712 // This address will honor proxy protocol, but will not honor XFF. 713 // 714 // Deprecated: Do not use. 715 SourceIp *v32.CidrRange `protobuf:"bytes,5,opt,name=source_ip,json=sourceIp,proto3,oneof"` 716 } 717 718 type Principal_DirectRemoteIp struct { 719 // A CIDR block that describes the downstream remote/origin address. 720 // Note: This is always the physical peer even if the 721 // :ref:`remote_ip <envoy_v3_api_field_config.rbac.v3.Principal.remote_ip>` is 722 // inferred from for example the x-forwarder-for header, proxy protocol, 723 // etc. 724 DirectRemoteIp *v32.CidrRange `protobuf:"bytes,10,opt,name=direct_remote_ip,json=directRemoteIp,proto3,oneof"` 725 } 726 727 type Principal_RemoteIp struct { 728 // A CIDR block that describes the downstream remote/origin address. 729 // Note: This may not be the physical peer and could be different from the 730 // :ref:`direct_remote_ip 731 // <envoy_v3_api_field_config.rbac.v3.Principal.direct_remote_ip>`. E.g, if the 732 // remote ip is inferred from for example the x-forwarder-for header, proxy 733 // protocol, etc. 734 RemoteIp *v32.CidrRange `protobuf:"bytes,11,opt,name=remote_ip,json=remoteIp,proto3,oneof"` 735 } 736 737 type Principal_Header struct { 738 // A header (or pseudo-header such as :path or :method) on the incoming HTTP 739 // request. Only available for HTTP request. Note: the pseudo-header :path 740 // includes the query and fragment string. Use the `url_path` field if you 741 // want to match the URL path without the query and fragment string. 742 Header *v3.HeaderMatcher `protobuf:"bytes,6,opt,name=header,proto3,oneof"` 743 } 744 745 type Principal_UrlPath struct { 746 // A URL path on the incoming HTTP request. Only available for HTTP. 747 UrlPath *v31.PathMatcher `protobuf:"bytes,9,opt,name=url_path,json=urlPath,proto3,oneof"` 748 } 749 750 type Principal_Metadata struct { 751 // Metadata that describes additional information about the principal. 752 Metadata *v31.MetadataMatcher `protobuf:"bytes,7,opt,name=metadata,proto3,oneof"` 753 } 754 755 type Principal_NotId struct { 756 // Negates matching the provided principal. For instance, if the value of 757 // `not_id` would match, this principal would not match. Conversely, if the 758 // value of `not_id` would not match, this principal would match. 759 NotId *Principal `protobuf:"bytes,8,opt,name=not_id,json=notId,proto3,oneof"` 760 } 761 762 func (*Principal_AndIds) isPrincipal_Identifier() {} 763 764 func (*Principal_OrIds) isPrincipal_Identifier() {} 765 766 func (*Principal_Any) isPrincipal_Identifier() {} 767 768 func (*Principal_Authenticated_) isPrincipal_Identifier() {} 769 770 func (*Principal_SourceIp) isPrincipal_Identifier() {} 771 772 func (*Principal_DirectRemoteIp) isPrincipal_Identifier() {} 773 774 func (*Principal_RemoteIp) isPrincipal_Identifier() {} 775 776 func (*Principal_Header) isPrincipal_Identifier() {} 777 778 func (*Principal_UrlPath) isPrincipal_Identifier() {} 779 780 func (*Principal_Metadata) isPrincipal_Identifier() {} 781 782 func (*Principal_NotId) isPrincipal_Identifier() {} 783 784 // Used in the `and_rules` and `or_rules` fields in the `rule` oneof. Depending on the context, 785 // each are applied with the associated behavior. 786 type Permission_Set struct { 787 state protoimpl.MessageState 788 sizeCache protoimpl.SizeCache 789 unknownFields protoimpl.UnknownFields 790 791 Rules []*Permission `protobuf:"bytes,1,rep,name=rules,proto3" json:"rules,omitempty"` 792 } 793 794 func (x *Permission_Set) Reset() { 795 *x = Permission_Set{} 796 if protoimpl.UnsafeEnabled { 797 mi := &file_envoy_config_rbac_v3_rbac_proto_msgTypes[5] 798 ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) 799 ms.StoreMessageInfo(mi) 800 } 801 } 802 803 func (x *Permission_Set) String() string { 804 return protoimpl.X.MessageStringOf(x) 805 } 806 807 func (*Permission_Set) ProtoMessage() {} 808 809 func (x *Permission_Set) ProtoReflect() protoreflect.Message { 810 mi := &file_envoy_config_rbac_v3_rbac_proto_msgTypes[5] 811 if protoimpl.UnsafeEnabled && x != nil { 812 ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) 813 if ms.LoadMessageInfo() == nil { 814 ms.StoreMessageInfo(mi) 815 } 816 return ms 817 } 818 return mi.MessageOf(x) 819 } 820 821 // Deprecated: Use Permission_Set.ProtoReflect.Descriptor instead. 822 func (*Permission_Set) Descriptor() ([]byte, []int) { 823 return file_envoy_config_rbac_v3_rbac_proto_rawDescGZIP(), []int{2, 0} 824 } 825 826 func (x *Permission_Set) GetRules() []*Permission { 827 if x != nil { 828 return x.Rules 829 } 830 return nil 831 } 832 833 // Used in the `and_ids` and `or_ids` fields in the `identifier` oneof. 834 // Depending on the context, each are applied with the associated behavior. 835 type Principal_Set struct { 836 state protoimpl.MessageState 837 sizeCache protoimpl.SizeCache 838 unknownFields protoimpl.UnknownFields 839 840 Ids []*Principal `protobuf:"bytes,1,rep,name=ids,proto3" json:"ids,omitempty"` 841 } 842 843 func (x *Principal_Set) Reset() { 844 *x = Principal_Set{} 845 if protoimpl.UnsafeEnabled { 846 mi := &file_envoy_config_rbac_v3_rbac_proto_msgTypes[6] 847 ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) 848 ms.StoreMessageInfo(mi) 849 } 850 } 851 852 func (x *Principal_Set) String() string { 853 return protoimpl.X.MessageStringOf(x) 854 } 855 856 func (*Principal_Set) ProtoMessage() {} 857 858 func (x *Principal_Set) ProtoReflect() protoreflect.Message { 859 mi := &file_envoy_config_rbac_v3_rbac_proto_msgTypes[6] 860 if protoimpl.UnsafeEnabled && x != nil { 861 ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) 862 if ms.LoadMessageInfo() == nil { 863 ms.StoreMessageInfo(mi) 864 } 865 return ms 866 } 867 return mi.MessageOf(x) 868 } 869 870 // Deprecated: Use Principal_Set.ProtoReflect.Descriptor instead. 871 func (*Principal_Set) Descriptor() ([]byte, []int) { 872 return file_envoy_config_rbac_v3_rbac_proto_rawDescGZIP(), []int{3, 0} 873 } 874 875 func (x *Principal_Set) GetIds() []*Principal { 876 if x != nil { 877 return x.Ids 878 } 879 return nil 880 } 881 882 // Authentication attributes for a downstream. 883 type Principal_Authenticated struct { 884 state protoimpl.MessageState 885 sizeCache protoimpl.SizeCache 886 unknownFields protoimpl.UnknownFields 887 888 // The name of the principal. If set, The URI SAN or DNS SAN in that order 889 // is used from the certificate, otherwise the subject field is used. If 890 // unset, it applies to any user that is authenticated. 891 PrincipalName *v31.StringMatcher `protobuf:"bytes,2,opt,name=principal_name,json=principalName,proto3" json:"principal_name,omitempty"` 892 } 893 894 func (x *Principal_Authenticated) Reset() { 895 *x = Principal_Authenticated{} 896 if protoimpl.UnsafeEnabled { 897 mi := &file_envoy_config_rbac_v3_rbac_proto_msgTypes[7] 898 ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) 899 ms.StoreMessageInfo(mi) 900 } 901 } 902 903 func (x *Principal_Authenticated) String() string { 904 return protoimpl.X.MessageStringOf(x) 905 } 906 907 func (*Principal_Authenticated) ProtoMessage() {} 908 909 func (x *Principal_Authenticated) ProtoReflect() protoreflect.Message { 910 mi := &file_envoy_config_rbac_v3_rbac_proto_msgTypes[7] 911 if protoimpl.UnsafeEnabled && x != nil { 912 ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) 913 if ms.LoadMessageInfo() == nil { 914 ms.StoreMessageInfo(mi) 915 } 916 return ms 917 } 918 return mi.MessageOf(x) 919 } 920 921 // Deprecated: Use Principal_Authenticated.ProtoReflect.Descriptor instead. 922 func (*Principal_Authenticated) Descriptor() ([]byte, []int) { 923 return file_envoy_config_rbac_v3_rbac_proto_rawDescGZIP(), []int{3, 1} 924 } 925 926 func (x *Principal_Authenticated) GetPrincipalName() *v31.StringMatcher { 927 if x != nil { 928 return x.PrincipalName 929 } 930 return nil 931 } 932 933 var File_envoy_config_rbac_v3_rbac_proto protoreflect.FileDescriptor 934 935 var file_envoy_config_rbac_v3_rbac_proto_rawDesc = []byte{ 936 0x0a, 0x1f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x72, 937 0x62, 0x61, 0x63, 0x2f, 0x76, 0x33, 0x2f, 0x72, 0x62, 0x61, 0x63, 0x2e, 0x70, 0x72, 0x6f, 0x74, 938 0x6f, 0x12, 0x14, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 939 0x72, 0x62, 0x61, 0x63, 0x2e, 0x76, 0x33, 0x1a, 0x22, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 940 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x61, 0x64, 941 0x64, 0x72, 0x65, 0x73, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x2c, 0x65, 0x6e, 0x76, 942 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2f, 943 0x76, 0x33, 0x2f, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x5f, 0x63, 0x6f, 0x6d, 0x70, 0x6f, 0x6e, 0x65, 944 0x6e, 0x74, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x24, 0x65, 0x6e, 0x76, 0x6f, 0x79, 945 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2f, 0x76, 0x33, 946 0x2f, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 947 0x20, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x6d, 0x61, 0x74, 0x63, 948 0x68, 0x65, 0x72, 0x2f, 0x76, 0x33, 0x2f, 0x70, 0x61, 0x74, 0x68, 0x2e, 0x70, 0x72, 0x6f, 0x74, 949 0x6f, 0x1a, 0x22, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x2f, 0x6d, 0x61, 950 0x74, 0x63, 0x68, 0x65, 0x72, 0x2f, 0x76, 0x33, 0x2f, 0x73, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x2e, 951 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x19, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x74, 0x79, 0x70, 952 0x65, 0x2f, 0x76, 0x33, 0x2f, 0x72, 0x61, 0x6e, 0x67, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 953 0x1a, 0x26, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x65, 0x78, 0x70, 954 0x72, 0x2f, 0x76, 0x31, 0x61, 0x6c, 0x70, 0x68, 0x61, 0x31, 0x2f, 0x63, 0x68, 0x65, 0x63, 0x6b, 955 0x65, 0x64, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x25, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 956 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x65, 0x78, 0x70, 0x72, 0x2f, 0x76, 0x31, 0x61, 0x6c, 0x70, 0x68, 957 0x61, 0x31, 0x2f, 0x73, 0x79, 0x6e, 0x74, 0x61, 0x78, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 958 0x23, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 959 0x6e, 0x73, 0x2f, 0x64, 0x65, 0x70, 0x72, 0x65, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x70, 960 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 961 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x6d, 0x69, 0x67, 0x72, 0x61, 0x74, 0x65, 0x2e, 0x70, 962 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1d, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 963 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x70, 0x72, 964 0x6f, 0x74, 0x6f, 0x1a, 0x21, 0x75, 0x64, 0x70, 0x61, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 965 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x69, 0x6e, 0x67, 966 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 967 0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 968 0xb6, 0x02, 0x0a, 0x04, 0x52, 0x42, 0x41, 0x43, 0x12, 0x43, 0x0a, 0x06, 0x61, 0x63, 0x74, 0x69, 969 0x6f, 0x6e, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x21, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 970 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72, 0x62, 0x61, 0x63, 0x2e, 0x76, 0x33, 0x2e, 971 0x52, 0x42, 0x41, 0x43, 0x2e, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x08, 0xfa, 0x42, 0x05, 972 0x82, 0x01, 0x02, 0x10, 0x01, 0x52, 0x06, 0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x44, 0x0a, 973 0x08, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x69, 0x65, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 974 0x28, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72, 975 0x62, 0x61, 0x63, 0x2e, 0x76, 0x33, 0x2e, 0x52, 0x42, 0x41, 0x43, 0x2e, 0x50, 0x6f, 0x6c, 0x69, 976 0x63, 0x69, 0x65, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, 0x08, 0x70, 0x6f, 0x6c, 0x69, 0x63, 977 0x69, 0x65, 0x73, 0x1a, 0x59, 0x0a, 0x0d, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x69, 0x65, 0x73, 0x45, 978 0x6e, 0x74, 0x72, 0x79, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 979 0x09, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x12, 0x32, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 980 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 981 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72, 0x62, 0x61, 0x63, 0x2e, 0x76, 0x33, 0x2e, 0x50, 0x6f, 0x6c, 982 0x69, 0x63, 0x79, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x3a, 0x02, 0x38, 0x01, 0x22, 0x26, 983 0x0a, 0x06, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x09, 0x0a, 0x05, 0x41, 0x4c, 0x4c, 0x4f, 984 0x57, 0x10, 0x00, 0x12, 0x08, 0x0a, 0x04, 0x44, 0x45, 0x4e, 0x59, 0x10, 0x01, 0x12, 0x07, 0x0a, 985 0x03, 0x4c, 0x4f, 0x47, 0x10, 0x02, 0x3a, 0x20, 0x9a, 0xc5, 0x88, 0x1e, 0x1b, 0x0a, 0x19, 0x65, 986 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72, 0x62, 0x61, 0x63, 987 0x2e, 0x76, 0x32, 0x2e, 0x52, 0x42, 0x41, 0x43, 0x22, 0x93, 0x03, 0x0a, 0x06, 0x50, 0x6f, 0x6c, 988 0x69, 0x63, 0x79, 0x12, 0x4c, 0x0a, 0x0b, 0x70, 0x65, 0x72, 0x6d, 0x69, 0x73, 0x73, 0x69, 0x6f, 989 0x6e, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 990 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72, 0x62, 0x61, 0x63, 0x2e, 0x76, 0x33, 0x2e, 991 0x50, 0x65, 0x72, 0x6d, 0x69, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x92, 992 0x01, 0x02, 0x08, 0x01, 0x52, 0x0b, 0x70, 0x65, 0x72, 0x6d, 0x69, 0x73, 0x73, 0x69, 0x6f, 0x6e, 993 0x73, 0x12, 0x49, 0x0a, 0x0a, 0x70, 0x72, 0x69, 0x6e, 0x63, 0x69, 0x70, 0x61, 0x6c, 0x73, 0x18, 994 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 995 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72, 0x62, 0x61, 0x63, 0x2e, 0x76, 0x33, 0x2e, 0x50, 0x72, 0x69, 996 0x6e, 0x63, 0x69, 0x70, 0x61, 0x6c, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x92, 0x01, 0x02, 0x08, 0x01, 997 0x52, 0x0a, 0x70, 0x72, 0x69, 0x6e, 0x63, 0x69, 0x70, 0x61, 0x6c, 0x73, 0x12, 0x5a, 0x0a, 0x09, 998 0x63, 0x6f, 0x6e, 0x64, 0x69, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 999 0x1e, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x65, 0x78, 0x70, 1000 0x72, 0x2e, 0x76, 0x31, 0x61, 0x6c, 0x70, 0x68, 0x61, 0x31, 0x2e, 0x45, 0x78, 0x70, 0x72, 0x42, 1001 0x1c, 0xf2, 0x98, 0xfe, 0x8f, 0x05, 0x16, 0x12, 0x14, 0x65, 0x78, 0x70, 0x72, 0x65, 0x73, 0x73, 1002 0x69, 0x6f, 0x6e, 0x5f, 0x73, 0x70, 0x65, 0x63, 0x69, 0x66, 0x69, 0x65, 0x72, 0x52, 0x09, 0x63, 1003 0x6f, 0x6e, 0x64, 0x69, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x70, 0x0a, 0x11, 0x63, 0x68, 0x65, 0x63, 1004 0x6b, 0x65, 0x64, 0x5f, 0x63, 0x6f, 0x6e, 0x64, 0x69, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x04, 0x20, 1005 0x01, 0x28, 0x0b, 0x32, 0x25, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x61, 0x70, 0x69, 1006 0x2e, 0x65, 0x78, 0x70, 0x72, 0x2e, 0x76, 0x31, 0x61, 0x6c, 0x70, 0x68, 0x61, 0x31, 0x2e, 0x43, 1007 0x68, 0x65, 0x63, 0x6b, 0x65, 0x64, 0x45, 0x78, 0x70, 0x72, 0x42, 0x1c, 0xf2, 0x98, 0xfe, 0x8f, 1008 0x05, 0x16, 0x12, 0x14, 0x65, 0x78, 0x70, 0x72, 0x65, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x5f, 0x73, 1009 0x70, 0x65, 0x63, 0x69, 0x66, 0x69, 0x65, 0x72, 0x52, 0x10, 0x63, 0x68, 0x65, 0x63, 0x6b, 0x65, 1010 0x64, 0x43, 0x6f, 0x6e, 0x64, 0x69, 0x74, 0x69, 0x6f, 0x6e, 0x3a, 0x22, 0x9a, 0xc5, 0x88, 0x1e, 1011 0x1d, 0x0a, 0x1b, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 1012 0x72, 0x62, 0x61, 0x63, 0x2e, 0x76, 0x32, 0x2e, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x22, 0x92, 1013 0x07, 0x0a, 0x0a, 0x50, 0x65, 0x72, 0x6d, 0x69, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x43, 0x0a, 1014 0x09, 0x61, 0x6e, 0x64, 0x5f, 0x72, 0x75, 0x6c, 0x65, 0x73, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 1015 0x32, 0x24, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 1016 0x72, 0x62, 0x61, 0x63, 0x2e, 0x76, 0x33, 0x2e, 0x50, 0x65, 0x72, 0x6d, 0x69, 0x73, 0x73, 0x69, 1017 0x6f, 0x6e, 0x2e, 0x53, 0x65, 0x74, 0x48, 0x00, 0x52, 0x08, 0x61, 0x6e, 0x64, 0x52, 0x75, 0x6c, 1018 0x65, 0x73, 0x12, 0x41, 0x0a, 0x08, 0x6f, 0x72, 0x5f, 0x72, 0x75, 0x6c, 0x65, 0x73, 0x18, 0x02, 1019 0x20, 0x01, 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 1020 0x66, 0x69, 0x67, 0x2e, 0x72, 0x62, 0x61, 0x63, 0x2e, 0x76, 0x33, 0x2e, 0x50, 0x65, 0x72, 0x6d, 1021 0x69, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x2e, 0x53, 0x65, 0x74, 0x48, 0x00, 0x52, 0x07, 0x6f, 0x72, 1022 0x52, 0x75, 0x6c, 0x65, 0x73, 0x12, 0x1b, 0x0a, 0x03, 0x61, 0x6e, 0x79, 0x18, 0x03, 0x20, 0x01, 1023 0x28, 0x08, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x6a, 0x02, 0x08, 0x01, 0x48, 0x00, 0x52, 0x03, 0x61, 1024 0x6e, 0x79, 0x12, 0x3e, 0x0a, 0x06, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x18, 0x04, 0x20, 0x01, 1025 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 1026 0x67, 0x2e, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x48, 0x65, 0x61, 0x64, 0x65, 1027 0x72, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x48, 0x00, 0x52, 0x06, 0x68, 0x65, 0x61, 0x64, 1028 0x65, 0x72, 0x12, 0x3f, 0x0a, 0x08, 0x75, 0x72, 0x6c, 0x5f, 0x70, 0x61, 0x74, 0x68, 0x18, 0x0a, 1029 0x20, 0x01, 0x28, 0x0b, 0x32, 0x22, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 1030 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x50, 0x61, 0x74, 1031 0x68, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x48, 0x00, 0x52, 0x07, 0x75, 0x72, 0x6c, 0x50, 1032 0x61, 0x74, 0x68, 0x12, 0x48, 0x0a, 0x0e, 0x64, 0x65, 0x73, 0x74, 0x69, 0x6e, 0x61, 0x74, 0x69, 1033 0x6f, 0x6e, 0x5f, 0x69, 0x70, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1f, 0x2e, 0x65, 0x6e, 1034 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 1035 0x76, 0x33, 0x2e, 0x43, 0x69, 0x64, 0x72, 0x52, 0x61, 0x6e, 0x67, 0x65, 0x48, 0x00, 0x52, 0x0d, 1036 0x64, 0x65, 0x73, 0x74, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x49, 0x70, 0x12, 0x36, 0x0a, 1037 0x10, 0x64, 0x65, 0x73, 0x74, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x70, 0x6f, 0x72, 1038 0x74, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0d, 0x42, 0x09, 0xfa, 0x42, 0x06, 0x2a, 0x04, 0x18, 0xff, 1039 0xff, 0x03, 0x48, 0x00, 0x52, 0x0f, 0x64, 0x65, 0x73, 0x74, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 1040 0x6e, 0x50, 0x6f, 0x72, 0x74, 0x12, 0x51, 0x0a, 0x16, 0x64, 0x65, 0x73, 0x74, 0x69, 0x6e, 0x61, 1041 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x70, 0x6f, 0x72, 0x74, 0x5f, 0x72, 0x61, 0x6e, 0x67, 0x65, 0x18, 1042 0x0b, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 1043 0x70, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x49, 0x6e, 0x74, 0x33, 0x32, 0x52, 0x61, 0x6e, 0x67, 0x65, 1044 0x48, 0x00, 0x52, 0x14, 0x64, 0x65, 0x73, 0x74, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x50, 1045 0x6f, 0x72, 0x74, 0x52, 0x61, 0x6e, 0x67, 0x65, 0x12, 0x44, 0x0a, 0x08, 0x6d, 0x65, 0x74, 0x61, 1046 0x64, 0x61, 0x74, 0x61, 0x18, 0x07, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x26, 0x2e, 0x65, 0x6e, 0x76, 1047 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 1048 0x76, 0x33, 0x2e, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x4d, 0x61, 0x74, 0x63, 0x68, 1049 0x65, 0x72, 0x48, 0x00, 0x52, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x12, 0x3d, 1050 0x0a, 0x08, 0x6e, 0x6f, 0x74, 0x5f, 0x72, 0x75, 0x6c, 0x65, 0x18, 0x08, 0x20, 0x01, 0x28, 0x0b, 1051 0x32, 0x20, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 1052 0x72, 0x62, 0x61, 0x63, 0x2e, 0x76, 0x33, 0x2e, 0x50, 0x65, 0x72, 0x6d, 0x69, 0x73, 0x73, 0x69, 1053 0x6f, 0x6e, 0x48, 0x00, 0x52, 0x07, 0x6e, 0x6f, 0x74, 0x52, 0x75, 0x6c, 0x65, 0x12, 0x5a, 0x0a, 1054 0x15, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x65, 0x64, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x65, 1055 0x72, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x09, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x65, 1056 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 1057 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x53, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x4d, 0x61, 0x74, 0x63, 0x68, 1058 0x65, 0x72, 0x48, 0x00, 0x52, 0x13, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x65, 0x64, 0x53, 1059 0x65, 0x72, 0x76, 0x65, 0x72, 0x4e, 0x61, 0x6d, 0x65, 0x1a, 0x73, 0x0a, 0x03, 0x53, 0x65, 0x74, 1060 0x12, 0x40, 0x0a, 0x05, 0x72, 0x75, 0x6c, 0x65, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 1061 0x20, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72, 1062 0x62, 0x61, 0x63, 0x2e, 0x76, 0x33, 0x2e, 0x50, 0x65, 0x72, 0x6d, 0x69, 0x73, 0x73, 0x69, 0x6f, 1063 0x6e, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x92, 0x01, 0x02, 0x08, 0x01, 0x52, 0x05, 0x72, 0x75, 0x6c, 1064 0x65, 0x73, 0x3a, 0x2a, 0x9a, 0xc5, 0x88, 0x1e, 0x25, 0x0a, 0x23, 0x65, 0x6e, 0x76, 0x6f, 0x79, 1065 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72, 0x62, 0x61, 0x63, 0x2e, 0x76, 0x32, 0x2e, 1066 0x50, 0x65, 0x72, 0x6d, 0x69, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x2e, 0x53, 0x65, 0x74, 0x3a, 0x26, 1067 0x9a, 0xc5, 0x88, 0x1e, 0x21, 0x0a, 0x1f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 1068 0x66, 0x69, 0x67, 0x2e, 0x72, 0x62, 0x61, 0x63, 0x2e, 0x76, 0x32, 0x2e, 0x50, 0x65, 0x72, 0x6d, 1069 0x69, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x42, 0x0b, 0x0a, 0x04, 0x72, 0x75, 0x6c, 0x65, 0x12, 0x03, 1070 0xf8, 0x42, 0x01, 0x22, 0x9b, 0x08, 0x0a, 0x09, 0x50, 0x72, 0x69, 0x6e, 0x63, 0x69, 0x70, 0x61, 1071 0x6c, 0x12, 0x3e, 0x0a, 0x07, 0x61, 0x6e, 0x64, 0x5f, 0x69, 0x64, 0x73, 0x18, 0x01, 0x20, 0x01, 1072 0x28, 0x0b, 0x32, 0x23, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 1073 0x67, 0x2e, 0x72, 0x62, 0x61, 0x63, 0x2e, 0x76, 0x33, 0x2e, 0x50, 0x72, 0x69, 0x6e, 0x63, 0x69, 1074 0x70, 0x61, 0x6c, 0x2e, 0x53, 0x65, 0x74, 0x48, 0x00, 0x52, 0x06, 0x61, 0x6e, 0x64, 0x49, 0x64, 1075 0x73, 0x12, 0x3c, 0x0a, 0x06, 0x6f, 0x72, 0x5f, 0x69, 0x64, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 1076 0x0b, 0x32, 0x23, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 1077 0x2e, 0x72, 0x62, 0x61, 0x63, 0x2e, 0x76, 0x33, 0x2e, 0x50, 0x72, 0x69, 0x6e, 0x63, 0x69, 0x70, 1078 0x61, 0x6c, 0x2e, 0x53, 0x65, 0x74, 0x48, 0x00, 0x52, 0x05, 0x6f, 0x72, 0x49, 0x64, 0x73, 0x12, 1079 0x1b, 0x0a, 0x03, 0x61, 0x6e, 0x79, 0x18, 0x03, 0x20, 0x01, 0x28, 0x08, 0x42, 0x07, 0xfa, 0x42, 1080 0x04, 0x6a, 0x02, 0x08, 0x01, 0x48, 0x00, 0x52, 0x03, 0x61, 0x6e, 0x79, 0x12, 0x55, 0x0a, 0x0d, 1081 0x61, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, 0x65, 0x64, 0x18, 0x04, 0x20, 1082 0x01, 0x28, 0x0b, 0x32, 0x2d, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 1083 0x69, 0x67, 0x2e, 0x72, 0x62, 0x61, 0x63, 0x2e, 0x76, 0x33, 0x2e, 0x50, 0x72, 0x69, 0x6e, 0x63, 1084 0x69, 0x70, 0x61, 0x6c, 0x2e, 0x41, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, 1085 0x65, 0x64, 0x48, 0x00, 0x52, 0x0d, 0x61, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, 1086 0x74, 0x65, 0x64, 0x12, 0x4b, 0x0a, 0x09, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x5f, 0x69, 0x70, 1087 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 1088 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x69, 1089 0x64, 0x72, 0x52, 0x61, 0x6e, 0x67, 0x65, 0x42, 0x0b, 0x18, 0x01, 0x92, 0xc7, 0x86, 0xd8, 0x04, 1090 0x03, 0x33, 0x2e, 0x30, 0x48, 0x00, 0x52, 0x08, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x49, 0x70, 1091 0x12, 0x4b, 0x0a, 0x10, 0x64, 0x69, 0x72, 0x65, 0x63, 0x74, 0x5f, 0x72, 0x65, 0x6d, 0x6f, 0x74, 1092 0x65, 0x5f, 0x69, 0x70, 0x18, 0x0a, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1f, 0x2e, 0x65, 0x6e, 0x76, 1093 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 1094 0x33, 0x2e, 0x43, 0x69, 0x64, 0x72, 0x52, 0x61, 0x6e, 0x67, 0x65, 0x48, 0x00, 0x52, 0x0e, 0x64, 1095 0x69, 0x72, 0x65, 0x63, 0x74, 0x52, 0x65, 0x6d, 0x6f, 0x74, 0x65, 0x49, 0x70, 0x12, 0x3e, 0x0a, 1096 0x09, 0x72, 0x65, 0x6d, 0x6f, 0x74, 0x65, 0x5f, 0x69, 0x70, 0x18, 0x0b, 0x20, 0x01, 0x28, 0x0b, 1097 0x32, 0x1f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 1098 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x43, 0x69, 0x64, 0x72, 0x52, 0x61, 0x6e, 0x67, 1099 0x65, 0x48, 0x00, 0x52, 0x08, 0x72, 0x65, 0x6d, 0x6f, 0x74, 0x65, 0x49, 0x70, 0x12, 0x3e, 0x0a, 1100 0x06, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x24, 0x2e, 1101 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72, 0x6f, 0x75, 1102 0x74, 0x65, 0x2e, 0x76, 0x33, 0x2e, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x4d, 0x61, 0x74, 0x63, 1103 0x68, 0x65, 0x72, 0x48, 0x00, 0x52, 0x06, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x12, 0x3f, 0x0a, 1104 0x08, 0x75, 0x72, 0x6c, 0x5f, 0x70, 0x61, 0x74, 0x68, 0x18, 0x09, 0x20, 0x01, 0x28, 0x0b, 0x32, 1105 0x22, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 1106 0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x50, 0x61, 0x74, 0x68, 0x4d, 0x61, 0x74, 0x63, 1107 0x68, 0x65, 0x72, 0x48, 0x00, 0x52, 0x07, 0x75, 0x72, 0x6c, 0x50, 0x61, 0x74, 0x68, 0x12, 0x44, 1108 0x0a, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x18, 0x07, 0x20, 0x01, 0x28, 0x0b, 1109 0x32, 0x26, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 1110 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 1111 0x61, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x48, 0x00, 0x52, 0x08, 0x6d, 0x65, 0x74, 0x61, 1112 0x64, 0x61, 0x74, 0x61, 0x12, 0x38, 0x0a, 0x06, 0x6e, 0x6f, 0x74, 0x5f, 0x69, 0x64, 0x18, 0x08, 1113 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 1114 0x66, 0x69, 0x67, 0x2e, 0x72, 0x62, 0x61, 0x63, 0x2e, 0x76, 0x33, 0x2e, 0x50, 0x72, 0x69, 0x6e, 1115 0x63, 0x69, 0x70, 0x61, 0x6c, 0x48, 0x00, 0x52, 0x05, 0x6e, 0x6f, 0x74, 0x49, 0x64, 0x1a, 0x6d, 1116 0x0a, 0x03, 0x53, 0x65, 0x74, 0x12, 0x3b, 0x0a, 0x03, 0x69, 0x64, 0x73, 0x18, 0x01, 0x20, 0x03, 1117 0x28, 0x0b, 0x32, 0x1f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 1118 0x67, 0x2e, 0x72, 0x62, 0x61, 0x63, 0x2e, 0x76, 0x33, 0x2e, 0x50, 0x72, 0x69, 0x6e, 0x63, 0x69, 1119 0x70, 0x61, 0x6c, 0x42, 0x08, 0xfa, 0x42, 0x05, 0x92, 0x01, 0x02, 0x08, 0x01, 0x52, 0x03, 0x69, 1120 0x64, 0x73, 0x3a, 0x29, 0x9a, 0xc5, 0x88, 0x1e, 0x24, 0x0a, 0x22, 0x65, 0x6e, 0x76, 0x6f, 0x79, 1121 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72, 0x62, 0x61, 0x63, 0x2e, 0x76, 0x32, 0x2e, 1122 0x50, 0x72, 0x69, 0x6e, 0x63, 0x69, 0x70, 0x61, 0x6c, 0x2e, 0x53, 0x65, 0x74, 0x1a, 0x97, 0x01, 1123 0x0a, 0x0d, 0x41, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, 0x65, 0x64, 0x12, 1124 0x4b, 0x0a, 0x0e, 0x70, 0x72, 0x69, 0x6e, 0x63, 0x69, 0x70, 0x61, 0x6c, 0x5f, 0x6e, 0x61, 0x6d, 1125 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 1126 0x74, 0x79, 0x70, 0x65, 0x2e, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x2e, 0x76, 0x33, 0x2e, 1127 0x53, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x52, 0x0d, 0x70, 1128 0x72, 0x69, 0x6e, 0x63, 0x69, 0x70, 0x61, 0x6c, 0x4e, 0x61, 0x6d, 0x65, 0x3a, 0x33, 0x9a, 0xc5, 1129 0x88, 0x1e, 0x2e, 0x0a, 0x2c, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 1130 0x67, 0x2e, 0x72, 0x62, 0x61, 0x63, 0x2e, 0x76, 0x32, 0x2e, 0x50, 0x72, 0x69, 0x6e, 0x63, 0x69, 1131 0x70, 0x61, 0x6c, 0x2e, 0x41, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, 0x65, 1132 0x64, 0x4a, 0x04, 0x08, 0x01, 0x10, 0x02, 0x3a, 0x25, 0x9a, 0xc5, 0x88, 0x1e, 0x20, 0x0a, 0x1e, 1133 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x72, 0x62, 0x61, 1134 0x63, 0x2e, 0x76, 0x32, 0x2e, 0x50, 0x72, 0x69, 0x6e, 0x63, 0x69, 0x70, 0x61, 0x6c, 0x42, 0x11, 1135 0x0a, 0x0a, 0x69, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x66, 0x69, 0x65, 0x72, 0x12, 0x03, 0xf8, 0x42, 1136 0x01, 0x42, 0x39, 0x0a, 0x22, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 1137 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 1138 0x72, 0x62, 0x61, 0x63, 0x2e, 0x76, 0x33, 0x42, 0x09, 0x52, 0x62, 0x61, 0x63, 0x50, 0x72, 0x6f, 1139 0x74, 0x6f, 0x50, 0x01, 0xba, 0x80, 0xc8, 0xd1, 0x06, 0x02, 0x10, 0x02, 0x62, 0x06, 0x70, 0x72, 1140 0x6f, 0x74, 0x6f, 0x33, 1141 } 1142 1143 var ( 1144 file_envoy_config_rbac_v3_rbac_proto_rawDescOnce sync.Once 1145 file_envoy_config_rbac_v3_rbac_proto_rawDescData = file_envoy_config_rbac_v3_rbac_proto_rawDesc 1146 ) 1147 1148 func file_envoy_config_rbac_v3_rbac_proto_rawDescGZIP() []byte { 1149 file_envoy_config_rbac_v3_rbac_proto_rawDescOnce.Do(func() { 1150 file_envoy_config_rbac_v3_rbac_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_config_rbac_v3_rbac_proto_rawDescData) 1151 }) 1152 return file_envoy_config_rbac_v3_rbac_proto_rawDescData 1153 } 1154 1155 var file_envoy_config_rbac_v3_rbac_proto_enumTypes = make([]protoimpl.EnumInfo, 1) 1156 var file_envoy_config_rbac_v3_rbac_proto_msgTypes = make([]protoimpl.MessageInfo, 8) 1157 var file_envoy_config_rbac_v3_rbac_proto_goTypes = []interface{}{ 1158 (RBAC_Action)(0), // 0: envoy.config.rbac.v3.RBAC.Action 1159 (*RBAC)(nil), // 1: envoy.config.rbac.v3.RBAC 1160 (*Policy)(nil), // 2: envoy.config.rbac.v3.Policy 1161 (*Permission)(nil), // 3: envoy.config.rbac.v3.Permission 1162 (*Principal)(nil), // 4: envoy.config.rbac.v3.Principal 1163 nil, // 5: envoy.config.rbac.v3.RBAC.PoliciesEntry 1164 (*Permission_Set)(nil), // 6: envoy.config.rbac.v3.Permission.Set 1165 (*Principal_Set)(nil), // 7: envoy.config.rbac.v3.Principal.Set 1166 (*Principal_Authenticated)(nil), // 8: envoy.config.rbac.v3.Principal.Authenticated 1167 (*v1alpha1.Expr)(nil), // 9: google.api.expr.v1alpha1.Expr 1168 (*v1alpha1.CheckedExpr)(nil), // 10: google.api.expr.v1alpha1.CheckedExpr 1169 (*v3.HeaderMatcher)(nil), // 11: envoy.config.route.v3.HeaderMatcher 1170 (*v31.PathMatcher)(nil), // 12: envoy.type.matcher.v3.PathMatcher 1171 (*v32.CidrRange)(nil), // 13: envoy.config.core.v3.CidrRange 1172 (*v33.Int32Range)(nil), // 14: envoy.type.v3.Int32Range 1173 (*v31.MetadataMatcher)(nil), // 15: envoy.type.matcher.v3.MetadataMatcher 1174 (*v31.StringMatcher)(nil), // 16: envoy.type.matcher.v3.StringMatcher 1175 } 1176 var file_envoy_config_rbac_v3_rbac_proto_depIdxs = []int32{ 1177 0, // 0: envoy.config.rbac.v3.RBAC.action:type_name -> envoy.config.rbac.v3.RBAC.Action 1178 5, // 1: envoy.config.rbac.v3.RBAC.policies:type_name -> envoy.config.rbac.v3.RBAC.PoliciesEntry 1179 3, // 2: envoy.config.rbac.v3.Policy.permissions:type_name -> envoy.config.rbac.v3.Permission 1180 4, // 3: envoy.config.rbac.v3.Policy.principals:type_name -> envoy.config.rbac.v3.Principal 1181 9, // 4: envoy.config.rbac.v3.Policy.condition:type_name -> google.api.expr.v1alpha1.Expr 1182 10, // 5: envoy.config.rbac.v3.Policy.checked_condition:type_name -> google.api.expr.v1alpha1.CheckedExpr 1183 6, // 6: envoy.config.rbac.v3.Permission.and_rules:type_name -> envoy.config.rbac.v3.Permission.Set 1184 6, // 7: envoy.config.rbac.v3.Permission.or_rules:type_name -> envoy.config.rbac.v3.Permission.Set 1185 11, // 8: envoy.config.rbac.v3.Permission.header:type_name -> envoy.config.route.v3.HeaderMatcher 1186 12, // 9: envoy.config.rbac.v3.Permission.url_path:type_name -> envoy.type.matcher.v3.PathMatcher 1187 13, // 10: envoy.config.rbac.v3.Permission.destination_ip:type_name -> envoy.config.core.v3.CidrRange 1188 14, // 11: envoy.config.rbac.v3.Permission.destination_port_range:type_name -> envoy.type.v3.Int32Range 1189 15, // 12: envoy.config.rbac.v3.Permission.metadata:type_name -> envoy.type.matcher.v3.MetadataMatcher 1190 3, // 13: envoy.config.rbac.v3.Permission.not_rule:type_name -> envoy.config.rbac.v3.Permission 1191 16, // 14: envoy.config.rbac.v3.Permission.requested_server_name:type_name -> envoy.type.matcher.v3.StringMatcher 1192 7, // 15: envoy.config.rbac.v3.Principal.and_ids:type_name -> envoy.config.rbac.v3.Principal.Set 1193 7, // 16: envoy.config.rbac.v3.Principal.or_ids:type_name -> envoy.config.rbac.v3.Principal.Set 1194 8, // 17: envoy.config.rbac.v3.Principal.authenticated:type_name -> envoy.config.rbac.v3.Principal.Authenticated 1195 13, // 18: envoy.config.rbac.v3.Principal.source_ip:type_name -> envoy.config.core.v3.CidrRange 1196 13, // 19: envoy.config.rbac.v3.Principal.direct_remote_ip:type_name -> envoy.config.core.v3.CidrRange 1197 13, // 20: envoy.config.rbac.v3.Principal.remote_ip:type_name -> envoy.config.core.v3.CidrRange 1198 11, // 21: envoy.config.rbac.v3.Principal.header:type_name -> envoy.config.route.v3.HeaderMatcher 1199 12, // 22: envoy.config.rbac.v3.Principal.url_path:type_name -> envoy.type.matcher.v3.PathMatcher 1200 15, // 23: envoy.config.rbac.v3.Principal.metadata:type_name -> envoy.type.matcher.v3.MetadataMatcher 1201 4, // 24: envoy.config.rbac.v3.Principal.not_id:type_name -> envoy.config.rbac.v3.Principal 1202 2, // 25: envoy.config.rbac.v3.RBAC.PoliciesEntry.value:type_name -> envoy.config.rbac.v3.Policy 1203 3, // 26: envoy.config.rbac.v3.Permission.Set.rules:type_name -> envoy.config.rbac.v3.Permission 1204 4, // 27: envoy.config.rbac.v3.Principal.Set.ids:type_name -> envoy.config.rbac.v3.Principal 1205 16, // 28: envoy.config.rbac.v3.Principal.Authenticated.principal_name:type_name -> envoy.type.matcher.v3.StringMatcher 1206 29, // [29:29] is the sub-list for method output_type 1207 29, // [29:29] is the sub-list for method input_type 1208 29, // [29:29] is the sub-list for extension type_name 1209 29, // [29:29] is the sub-list for extension extendee 1210 0, // [0:29] is the sub-list for field type_name 1211 } 1212 1213 func init() { file_envoy_config_rbac_v3_rbac_proto_init() } 1214 func file_envoy_config_rbac_v3_rbac_proto_init() { 1215 if File_envoy_config_rbac_v3_rbac_proto != nil { 1216 return 1217 } 1218 if !protoimpl.UnsafeEnabled { 1219 file_envoy_config_rbac_v3_rbac_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} { 1220 switch v := v.(*RBAC); i { 1221 case 0: 1222 return &v.state 1223 case 1: 1224 return &v.sizeCache 1225 case 2: 1226 return &v.unknownFields 1227 default: 1228 return nil 1229 } 1230 } 1231 file_envoy_config_rbac_v3_rbac_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} { 1232 switch v := v.(*Policy); i { 1233 case 0: 1234 return &v.state 1235 case 1: 1236 return &v.sizeCache 1237 case 2: 1238 return &v.unknownFields 1239 default: 1240 return nil 1241 } 1242 } 1243 file_envoy_config_rbac_v3_rbac_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} { 1244 switch v := v.(*Permission); i { 1245 case 0: 1246 return &v.state 1247 case 1: 1248 return &v.sizeCache 1249 case 2: 1250 return &v.unknownFields 1251 default: 1252 return nil 1253 } 1254 } 1255 file_envoy_config_rbac_v3_rbac_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} { 1256 switch v := v.(*Principal); i { 1257 case 0: 1258 return &v.state 1259 case 1: 1260 return &v.sizeCache 1261 case 2: 1262 return &v.unknownFields 1263 default: 1264 return nil 1265 } 1266 } 1267 file_envoy_config_rbac_v3_rbac_proto_msgTypes[5].Exporter = func(v interface{}, i int) interface{} { 1268 switch v := v.(*Permission_Set); i { 1269 case 0: 1270 return &v.state 1271 case 1: 1272 return &v.sizeCache 1273 case 2: 1274 return &v.unknownFields 1275 default: 1276 return nil 1277 } 1278 } 1279 file_envoy_config_rbac_v3_rbac_proto_msgTypes[6].Exporter = func(v interface{}, i int) interface{} { 1280 switch v := v.(*Principal_Set); i { 1281 case 0: 1282 return &v.state 1283 case 1: 1284 return &v.sizeCache 1285 case 2: 1286 return &v.unknownFields 1287 default: 1288 return nil 1289 } 1290 } 1291 file_envoy_config_rbac_v3_rbac_proto_msgTypes[7].Exporter = func(v interface{}, i int) interface{} { 1292 switch v := v.(*Principal_Authenticated); i { 1293 case 0: 1294 return &v.state 1295 case 1: 1296 return &v.sizeCache 1297 case 2: 1298 return &v.unknownFields 1299 default: 1300 return nil 1301 } 1302 } 1303 } 1304 file_envoy_config_rbac_v3_rbac_proto_msgTypes[2].OneofWrappers = []interface{}{ 1305 (*Permission_AndRules)(nil), 1306 (*Permission_OrRules)(nil), 1307 (*Permission_Any)(nil), 1308 (*Permission_Header)(nil), 1309 (*Permission_UrlPath)(nil), 1310 (*Permission_DestinationIp)(nil), 1311 (*Permission_DestinationPort)(nil), 1312 (*Permission_DestinationPortRange)(nil), 1313 (*Permission_Metadata)(nil), 1314 (*Permission_NotRule)(nil), 1315 (*Permission_RequestedServerName)(nil), 1316 } 1317 file_envoy_config_rbac_v3_rbac_proto_msgTypes[3].OneofWrappers = []interface{}{ 1318 (*Principal_AndIds)(nil), 1319 (*Principal_OrIds)(nil), 1320 (*Principal_Any)(nil), 1321 (*Principal_Authenticated_)(nil), 1322 (*Principal_SourceIp)(nil), 1323 (*Principal_DirectRemoteIp)(nil), 1324 (*Principal_RemoteIp)(nil), 1325 (*Principal_Header)(nil), 1326 (*Principal_UrlPath)(nil), 1327 (*Principal_Metadata)(nil), 1328 (*Principal_NotId)(nil), 1329 } 1330 type x struct{} 1331 out := protoimpl.TypeBuilder{ 1332 File: protoimpl.DescBuilder{ 1333 GoPackagePath: reflect.TypeOf(x{}).PkgPath(), 1334 RawDescriptor: file_envoy_config_rbac_v3_rbac_proto_rawDesc, 1335 NumEnums: 1, 1336 NumMessages: 8, 1337 NumExtensions: 0, 1338 NumServices: 0, 1339 }, 1340 GoTypes: file_envoy_config_rbac_v3_rbac_proto_goTypes, 1341 DependencyIndexes: file_envoy_config_rbac_v3_rbac_proto_depIdxs, 1342 EnumInfos: file_envoy_config_rbac_v3_rbac_proto_enumTypes, 1343 MessageInfos: file_envoy_config_rbac_v3_rbac_proto_msgTypes, 1344 }.Build() 1345 File_envoy_config_rbac_v3_rbac_proto = out.File 1346 file_envoy_config_rbac_v3_rbac_proto_rawDesc = nil 1347 file_envoy_config_rbac_v3_rbac_proto_goTypes = nil 1348 file_envoy_config_rbac_v3_rbac_proto_depIdxs = nil 1349 }