Interface RBACOrBuilder

  • All Superinterfaces:
    com.google.protobuf.MessageLiteOrBuilder, com.google.protobuf.MessageOrBuilder
    All Known Implementing Classes:
    RBAC, RBAC.Builder

    public interface RBACOrBuilder
    extends com.google.protobuf.MessageOrBuilder
    • Method Summary

      All Methods Instance Methods Abstract Methods 
      Modifier and Type Method Description
      Matcher getMatcher()
      The match tree to use when resolving RBAC action for incoming requests.
      MatcherOrBuilder getMatcherOrBuilder()
      The match tree to use when resolving RBAC action for incoming requests.
      RBAC getRules()
      Specify the RBAC rules to be applied globally.
      RBACOrBuilder getRulesOrBuilder()
      Specify the RBAC rules to be applied globally.
      java.lang.String getRulesStatPrefix()
      If specified, rules will emit stats with the given prefix.
      com.google.protobuf.ByteString getRulesStatPrefixBytes()
      If specified, rules will emit stats with the given prefix.
      Matcher getShadowMatcher()
      The match tree to use for emitting stats and logs which can be used for rule testing for incoming requests.
      MatcherOrBuilder getShadowMatcherOrBuilder()
      The match tree to use for emitting stats and logs which can be used for rule testing for incoming requests.
      RBAC getShadowRules()
      Shadow rules are not enforced by the filter (i.e., returning a 403) but will emit stats and logs and can be used for rule testing.
      RBACOrBuilder getShadowRulesOrBuilder()
      Shadow rules are not enforced by the filter (i.e., returning a 403) but will emit stats and logs and can be used for rule testing.
      java.lang.String getShadowRulesStatPrefix()
      If specified, shadow rules will emit stats with the given prefix.
      com.google.protobuf.ByteString getShadowRulesStatPrefixBytes()
      If specified, shadow rules will emit stats with the given prefix.
      boolean getTrackPerRuleStats()
      If track_per_rule_stats is true, counters will be published for each rule and shadow rule.
      boolean hasMatcher()
      The match tree to use when resolving RBAC action for incoming requests.
      boolean hasRules()
      Specify the RBAC rules to be applied globally.
      boolean hasShadowMatcher()
      The match tree to use for emitting stats and logs which can be used for rule testing for incoming requests.
      boolean hasShadowRules()
      Shadow rules are not enforced by the filter (i.e., returning a 403) but will emit stats and logs and can be used for rule testing.
      • Methods inherited from interface com.google.protobuf.MessageLiteOrBuilder

        isInitialized
      • Methods inherited from interface com.google.protobuf.MessageOrBuilder

        findInitializationErrors, getAllFields, getDefaultInstanceForType, getDescriptorForType, getField, getInitializationErrorString, getOneofFieldDescriptor, getRepeatedField, getRepeatedFieldCount, getUnknownFields, hasField, hasOneof
    • Method Detail

      • hasRules

        boolean hasRules()
         Specify the RBAC rules to be applied globally.
         If absent, no enforcing RBAC policy will be applied.
         If present and empty, DENY.
         If both rules and matcher are configured, rules will be ignored.
         
        .envoy.config.rbac.v3.RBAC rules = 1 [(.udpa.annotations.field_migrate) = { ... }
        Returns:
        Whether the rules field is set.
      • getRules

        RBAC getRules()
         Specify the RBAC rules to be applied globally.
         If absent, no enforcing RBAC policy will be applied.
         If present and empty, DENY.
         If both rules and matcher are configured, rules will be ignored.
         
        .envoy.config.rbac.v3.RBAC rules = 1 [(.udpa.annotations.field_migrate) = { ... }
        Returns:
        The rules.
      • getRulesOrBuilder

        RBACOrBuilder getRulesOrBuilder()
         Specify the RBAC rules to be applied globally.
         If absent, no enforcing RBAC policy will be applied.
         If present and empty, DENY.
         If both rules and matcher are configured, rules will be ignored.
         
        .envoy.config.rbac.v3.RBAC rules = 1 [(.udpa.annotations.field_migrate) = { ... }
      • getRulesStatPrefix

        java.lang.String getRulesStatPrefix()
         If specified, rules will emit stats with the given prefix.
         This is useful to distinguish the stat when there are more than 1 RBAC filter configured with
         rules.
         
        string rules_stat_prefix = 6;
        Returns:
        The rulesStatPrefix.
      • getRulesStatPrefixBytes

        com.google.protobuf.ByteString getRulesStatPrefixBytes()
         If specified, rules will emit stats with the given prefix.
         This is useful to distinguish the stat when there are more than 1 RBAC filter configured with
         rules.
         
        string rules_stat_prefix = 6;
        Returns:
        The bytes for rulesStatPrefix.
      • hasMatcher

        boolean hasMatcher()
         The match tree to use when resolving RBAC action for incoming requests. Requests do not
         match any matcher will be denied.
         If absent, no enforcing RBAC matcher will be applied.
         If present and empty, deny all requests.
         
        .xds.type.matcher.v3.Matcher matcher = 4 [(.udpa.annotations.field_migrate) = { ... }
        Returns:
        Whether the matcher field is set.
      • getMatcher

        Matcher getMatcher()
         The match tree to use when resolving RBAC action for incoming requests. Requests do not
         match any matcher will be denied.
         If absent, no enforcing RBAC matcher will be applied.
         If present and empty, deny all requests.
         
        .xds.type.matcher.v3.Matcher matcher = 4 [(.udpa.annotations.field_migrate) = { ... }
        Returns:
        The matcher.
      • getMatcherOrBuilder

        MatcherOrBuilder getMatcherOrBuilder()
         The match tree to use when resolving RBAC action for incoming requests. Requests do not
         match any matcher will be denied.
         If absent, no enforcing RBAC matcher will be applied.
         If present and empty, deny all requests.
         
        .xds.type.matcher.v3.Matcher matcher = 4 [(.udpa.annotations.field_migrate) = { ... }
      • hasShadowRules

        boolean hasShadowRules()
         Shadow rules are not enforced by the filter (i.e., returning a 403)
         but will emit stats and logs and can be used for rule testing.
         If absent, no shadow RBAC policy will be applied.
         If both shadow rules and shadow matcher are configured, shadow rules will be ignored.
         
        .envoy.config.rbac.v3.RBAC shadow_rules = 2 [(.udpa.annotations.field_migrate) = { ... }
        Returns:
        Whether the shadowRules field is set.
      • getShadowRules

        RBAC getShadowRules()
         Shadow rules are not enforced by the filter (i.e., returning a 403)
         but will emit stats and logs and can be used for rule testing.
         If absent, no shadow RBAC policy will be applied.
         If both shadow rules and shadow matcher are configured, shadow rules will be ignored.
         
        .envoy.config.rbac.v3.RBAC shadow_rules = 2 [(.udpa.annotations.field_migrate) = { ... }
        Returns:
        The shadowRules.
      • getShadowRulesOrBuilder

        RBACOrBuilder getShadowRulesOrBuilder()
         Shadow rules are not enforced by the filter (i.e., returning a 403)
         but will emit stats and logs and can be used for rule testing.
         If absent, no shadow RBAC policy will be applied.
         If both shadow rules and shadow matcher are configured, shadow rules will be ignored.
         
        .envoy.config.rbac.v3.RBAC shadow_rules = 2 [(.udpa.annotations.field_migrate) = { ... }
      • hasShadowMatcher

        boolean hasShadowMatcher()
         The match tree to use for emitting stats and logs which can be used for rule testing for
         incoming requests.
         If absent, no shadow matcher will be applied.
         
        .xds.type.matcher.v3.Matcher shadow_matcher = 5 [(.udpa.annotations.field_migrate) = { ... }
        Returns:
        Whether the shadowMatcher field is set.
      • getShadowMatcher

        Matcher getShadowMatcher()
         The match tree to use for emitting stats and logs which can be used for rule testing for
         incoming requests.
         If absent, no shadow matcher will be applied.
         
        .xds.type.matcher.v3.Matcher shadow_matcher = 5 [(.udpa.annotations.field_migrate) = { ... }
        Returns:
        The shadowMatcher.
      • getShadowMatcherOrBuilder

        MatcherOrBuilder getShadowMatcherOrBuilder()
         The match tree to use for emitting stats and logs which can be used for rule testing for
         incoming requests.
         If absent, no shadow matcher will be applied.
         
        .xds.type.matcher.v3.Matcher shadow_matcher = 5 [(.udpa.annotations.field_migrate) = { ... }
      • getShadowRulesStatPrefix

        java.lang.String getShadowRulesStatPrefix()
         If specified, shadow rules will emit stats with the given prefix.
         This is useful to distinguish the stat when there are more than 1 RBAC filter configured with
         shadow rules.
         
        string shadow_rules_stat_prefix = 3;
        Returns:
        The shadowRulesStatPrefix.
      • getShadowRulesStatPrefixBytes

        com.google.protobuf.ByteString getShadowRulesStatPrefixBytes()
         If specified, shadow rules will emit stats with the given prefix.
         This is useful to distinguish the stat when there are more than 1 RBAC filter configured with
         shadow rules.
         
        string shadow_rules_stat_prefix = 3;
        Returns:
        The bytes for shadowRulesStatPrefix.
      • getTrackPerRuleStats

        boolean getTrackPerRuleStats()
         If track_per_rule_stats is true, counters will be published for each rule and shadow rule.
         
        bool track_per_rule_stats = 7;
        Returns:
        The trackPerRuleStats.