Package io.envoyproxy.envoy.config.rbac.v2

Class Policy.Builder

java.lang.Object
com.google.protobuf.AbstractMessageLite.Builder
com.google.protobuf.AbstractMessage.Builder<BuilderT>
com.google.protobuf.GeneratedMessageV3.Builder<Policy.Builder>
io.envoyproxy.envoy.config.rbac.v2.Policy.Builder
All Implemented Interfaces:
com.google.protobuf.Message.Builder, com.google.protobuf.MessageLite.Builder, com.google.protobuf.MessageLiteOrBuilder, com.google.protobuf.MessageOrBuilder, PolicyOrBuilder, Cloneable
Enclosing class:
Policy
public static final class Policy.Builder extends com.google.protobuf.GeneratedMessageV3.Builder<Policy.Builder> implements PolicyOrBuilder
 Policy specifies a role and the principals that are assigned/denied the role. A policy matches if
 and only if at least one of its permissions match the action taking place AND at least one of its
 principals match the downstream AND the condition is true if specified.
Protobuf type envoy.config.rbac.v2.Policy

  • Method Details

    • getDescriptor

      public static final com.google.protobuf.Descriptors.Descriptor getDescriptor()

    • internalGetFieldAccessorTable

      protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable internalGetFieldAccessorTable()
      Specified by:
      internalGetFieldAccessorTable in class com.google.protobuf.GeneratedMessageV3.Builder<Policy.Builder>

    • clear

      public Policy.Builder clear()
      Specified by:
      clear in interface com.google.protobuf.Message.Builder
      Specified by:
      clear in interface com.google.protobuf.MessageLite.Builder
      Overrides:
      clear in class com.google.protobuf.GeneratedMessageV3.Builder<Policy.Builder>

    • getDescriptorForType

      public com.google.protobuf.Descriptors.Descriptor getDescriptorForType()
      Specified by:
      getDescriptorForType in interface com.google.protobuf.Message.Builder
      Specified by:
      getDescriptorForType in interface com.google.protobuf.MessageOrBuilder
      Overrides:
      getDescriptorForType in class com.google.protobuf.GeneratedMessageV3.Builder<Policy.Builder>

    • getDefaultInstanceForType

      public Policy getDefaultInstanceForType()
      Specified by:
      getDefaultInstanceForType in interface com.google.protobuf.MessageLiteOrBuilder
      Specified by:
      getDefaultInstanceForType in interface com.google.protobuf.MessageOrBuilder

    • build

      public Policy build()
      Specified by:
      build in interface com.google.protobuf.Message.Builder
      Specified by:
      build in interface com.google.protobuf.MessageLite.Builder

    • buildPartial

      public Policy buildPartial()
      Specified by:
      buildPartial in interface com.google.protobuf.Message.Builder
      Specified by:
      buildPartial in interface com.google.protobuf.MessageLite.Builder

    • clone

      public Policy.Builder clone()
      Specified by:
      clone in interface com.google.protobuf.Message.Builder
      Specified by:
      clone in interface com.google.protobuf.MessageLite.Builder
      Overrides:
      clone in class com.google.protobuf.GeneratedMessageV3.Builder<Policy.Builder>

    • setField

      public Policy.Builder setField(com.google.protobuf.Descriptors.FieldDescriptor field, Object value)
      Specified by:
      setField in interface com.google.protobuf.Message.Builder
      Overrides:
      setField in class com.google.protobuf.GeneratedMessageV3.Builder<Policy.Builder>

    • clearField

      public Policy.Builder clearField(com.google.protobuf.Descriptors.FieldDescriptor field)
      Specified by:
      clearField in interface com.google.protobuf.Message.Builder
      Overrides:
      clearField in class com.google.protobuf.GeneratedMessageV3.Builder<Policy.Builder>

    • clearOneof

      public Policy.Builder clearOneof(com.google.protobuf.Descriptors.OneofDescriptor oneof)
      Specified by:
      clearOneof in interface com.google.protobuf.Message.Builder
      Overrides:
      clearOneof in class com.google.protobuf.GeneratedMessageV3.Builder<Policy.Builder>

    • setRepeatedField

      public Policy.Builder setRepeatedField(com.google.protobuf.Descriptors.FieldDescriptor field, int index, Object value)
      Specified by:
      setRepeatedField in interface com.google.protobuf.Message.Builder
      Overrides:
      setRepeatedField in class com.google.protobuf.GeneratedMessageV3.Builder<Policy.Builder>

    • addRepeatedField

      public Policy.Builder addRepeatedField(com.google.protobuf.Descriptors.FieldDescriptor field, Object value)
      Specified by:
      addRepeatedField in interface com.google.protobuf.Message.Builder
      Overrides:
      addRepeatedField in class com.google.protobuf.GeneratedMessageV3.Builder<Policy.Builder>

    • mergeFrom

      public Policy.Builder mergeFrom(com.google.protobuf.Message other)
      Specified by:
      mergeFrom in interface com.google.protobuf.Message.Builder
      Overrides:
      mergeFrom in class com.google.protobuf.AbstractMessage.Builder<Policy.Builder>

    • mergeFrom

      public Policy.Builder mergeFrom(Policy other)

    • isInitialized

      public final boolean isInitialized()
      Specified by:
      isInitialized in interface com.google.protobuf.MessageLiteOrBuilder
      Overrides:
      isInitialized in class com.google.protobuf.GeneratedMessageV3.Builder<Policy.Builder>

    • mergeFrom

      public Policy.Builder mergeFrom(com.google.protobuf.CodedInputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws IOException
      Specified by:
      mergeFrom in interface com.google.protobuf.Message.Builder
      Specified by:
      mergeFrom in interface com.google.protobuf.MessageLite.Builder
      Overrides:
      mergeFrom in class com.google.protobuf.AbstractMessage.Builder<Policy.Builder>
      Throws:
      IOException

    • getPermissionsList

      public List<Permission> getPermissionsList()
       Required. The set of permissions that define a role. Each permission is matched with OR
 semantics. To match all actions for this policy, a single Permission with the `any` field set
 to true should be used.
      repeated .envoy.config.rbac.v2.Permission permissions = 1 [(.validate.rules) = { ... }
      Specified by:
      getPermissionsList in interface PolicyOrBuilder

    • getPermissionsCount

      public int getPermissionsCount()
       Required. The set of permissions that define a role. Each permission is matched with OR
 semantics. To match all actions for this policy, a single Permission with the `any` field set
 to true should be used.
      repeated .envoy.config.rbac.v2.Permission permissions = 1 [(.validate.rules) = { ... }
      Specified by:
      getPermissionsCount in interface PolicyOrBuilder

    • getPermissions

      public Permission getPermissions(int index)
       Required. The set of permissions that define a role. Each permission is matched with OR
 semantics. To match all actions for this policy, a single Permission with the `any` field set
 to true should be used.
      repeated .envoy.config.rbac.v2.Permission permissions = 1 [(.validate.rules) = { ... }
      Specified by:
      getPermissions in interface PolicyOrBuilder

    • setPermissions

      public Policy.Builder setPermissions(int index, Permission value)
       Required. The set of permissions that define a role. Each permission is matched with OR
 semantics. To match all actions for this policy, a single Permission with the `any` field set
 to true should be used.
      repeated .envoy.config.rbac.v2.Permission permissions = 1 [(.validate.rules) = { ... }

    • setPermissions

      public Policy.Builder setPermissions(int index, Permission.Builder builderForValue)
       Required. The set of permissions that define a role. Each permission is matched with OR
 semantics. To match all actions for this policy, a single Permission with the `any` field set
 to true should be used.
      repeated .envoy.config.rbac.v2.Permission permissions = 1 [(.validate.rules) = { ... }

    • addPermissions

      public Policy.Builder addPermissions(Permission value)
       Required. The set of permissions that define a role. Each permission is matched with OR
 semantics. To match all actions for this policy, a single Permission with the `any` field set
 to true should be used.
      repeated .envoy.config.rbac.v2.Permission permissions = 1 [(.validate.rules) = { ... }

    • addPermissions

      public Policy.Builder addPermissions(int index, Permission value)
       Required. The set of permissions that define a role. Each permission is matched with OR
 semantics. To match all actions for this policy, a single Permission with the `any` field set
 to true should be used.
      repeated .envoy.config.rbac.v2.Permission permissions = 1 [(.validate.rules) = { ... }

    • addPermissions

      public Policy.Builder addPermissions(Permission.Builder builderForValue)
       Required. The set of permissions that define a role. Each permission is matched with OR
 semantics. To match all actions for this policy, a single Permission with the `any` field set
 to true should be used.
      repeated .envoy.config.rbac.v2.Permission permissions = 1 [(.validate.rules) = { ... }

    • addPermissions

      public Policy.Builder addPermissions(int index, Permission.Builder builderForValue)
       Required. The set of permissions that define a role. Each permission is matched with OR
 semantics. To match all actions for this policy, a single Permission with the `any` field set
 to true should be used.
      repeated .envoy.config.rbac.v2.Permission permissions = 1 [(.validate.rules) = { ... }

    • addAllPermissions

      public Policy.Builder addAllPermissions(Iterable<? extends Permission> values)
       Required. The set of permissions that define a role. Each permission is matched with OR
 semantics. To match all actions for this policy, a single Permission with the `any` field set
 to true should be used.
      repeated .envoy.config.rbac.v2.Permission permissions = 1 [(.validate.rules) = { ... }

    • clearPermissions

      public Policy.Builder clearPermissions()
       Required. The set of permissions that define a role. Each permission is matched with OR
 semantics. To match all actions for this policy, a single Permission with the `any` field set
 to true should be used.
      repeated .envoy.config.rbac.v2.Permission permissions = 1 [(.validate.rules) = { ... }

    • removePermissions

      public Policy.Builder removePermissions(int index)
       Required. The set of permissions that define a role. Each permission is matched with OR
 semantics. To match all actions for this policy, a single Permission with the `any` field set
 to true should be used.
      repeated .envoy.config.rbac.v2.Permission permissions = 1 [(.validate.rules) = { ... }

    • getPermissionsBuilder

      public Permission.Builder getPermissionsBuilder(int index)
       Required. The set of permissions that define a role. Each permission is matched with OR
 semantics. To match all actions for this policy, a single Permission with the `any` field set
 to true should be used.
      repeated .envoy.config.rbac.v2.Permission permissions = 1 [(.validate.rules) = { ... }

    • getPermissionsOrBuilder

      public PermissionOrBuilder getPermissionsOrBuilder(int index)
       Required. The set of permissions that define a role. Each permission is matched with OR
 semantics. To match all actions for this policy, a single Permission with the `any` field set
 to true should be used.
      repeated .envoy.config.rbac.v2.Permission permissions = 1 [(.validate.rules) = { ... }
      Specified by:
      getPermissionsOrBuilder in interface PolicyOrBuilder

    • getPermissionsOrBuilderList

      public List<? extends PermissionOrBuilder> getPermissionsOrBuilderList()
       Required. The set of permissions that define a role. Each permission is matched with OR
 semantics. To match all actions for this policy, a single Permission with the `any` field set
 to true should be used.
      repeated .envoy.config.rbac.v2.Permission permissions = 1 [(.validate.rules) = { ... }
      Specified by:
      getPermissionsOrBuilderList in interface PolicyOrBuilder

    • addPermissionsBuilder

      public Permission.Builder addPermissionsBuilder()
       Required. The set of permissions that define a role. Each permission is matched with OR
 semantics. To match all actions for this policy, a single Permission with the `any` field set
 to true should be used.
      repeated .envoy.config.rbac.v2.Permission permissions = 1 [(.validate.rules) = { ... }

    • addPermissionsBuilder

      public Permission.Builder addPermissionsBuilder(int index)
       Required. The set of permissions that define a role. Each permission is matched with OR
 semantics. To match all actions for this policy, a single Permission with the `any` field set
 to true should be used.
      repeated .envoy.config.rbac.v2.Permission permissions = 1 [(.validate.rules) = { ... }

    • getPermissionsBuilderList

      public List<Permission.Builder> getPermissionsBuilderList()
       Required. The set of permissions that define a role. Each permission is matched with OR
 semantics. To match all actions for this policy, a single Permission with the `any` field set
 to true should be used.
      repeated .envoy.config.rbac.v2.Permission permissions = 1 [(.validate.rules) = { ... }

    • getPrincipalsList

      public List<Principal> getPrincipalsList()
       Required. The set of principals that are assigned/denied the role based on “action”. Each
 principal is matched with OR semantics. To match all downstreams for this policy, a single
 Principal with the `any` field set to true should be used.
      repeated .envoy.config.rbac.v2.Principal principals = 2 [(.validate.rules) = { ... }
      Specified by:
      getPrincipalsList in interface PolicyOrBuilder

    • getPrincipalsCount

      public int getPrincipalsCount()
       Required. The set of principals that are assigned/denied the role based on “action”. Each
 principal is matched with OR semantics. To match all downstreams for this policy, a single
 Principal with the `any` field set to true should be used.
      repeated .envoy.config.rbac.v2.Principal principals = 2 [(.validate.rules) = { ... }
      Specified by:
      getPrincipalsCount in interface PolicyOrBuilder

    • getPrincipals

      public Principal getPrincipals(int index)
       Required. The set of principals that are assigned/denied the role based on “action”. Each
 principal is matched with OR semantics. To match all downstreams for this policy, a single
 Principal with the `any` field set to true should be used.
      repeated .envoy.config.rbac.v2.Principal principals = 2 [(.validate.rules) = { ... }
      Specified by:
      getPrincipals in interface PolicyOrBuilder

    • setPrincipals

      public Policy.Builder setPrincipals(int index, Principal value)
       Required. The set of principals that are assigned/denied the role based on “action”. Each
 principal is matched with OR semantics. To match all downstreams for this policy, a single
 Principal with the `any` field set to true should be used.
      repeated .envoy.config.rbac.v2.Principal principals = 2 [(.validate.rules) = { ... }

    • setPrincipals

      public Policy.Builder setPrincipals(int index, Principal.Builder builderForValue)
       Required. The set of principals that are assigned/denied the role based on “action”. Each
 principal is matched with OR semantics. To match all downstreams for this policy, a single
 Principal with the `any` field set to true should be used.
      repeated .envoy.config.rbac.v2.Principal principals = 2 [(.validate.rules) = { ... }

    • addPrincipals

      public Policy.Builder addPrincipals(Principal value)
       Required. The set of principals that are assigned/denied the role based on “action”. Each
 principal is matched with OR semantics. To match all downstreams for this policy, a single
 Principal with the `any` field set to true should be used.
      repeated .envoy.config.rbac.v2.Principal principals = 2 [(.validate.rules) = { ... }

    • addPrincipals

      public Policy.Builder addPrincipals(int index, Principal value)
       Required. The set of principals that are assigned/denied the role based on “action”. Each
 principal is matched with OR semantics. To match all downstreams for this policy, a single
 Principal with the `any` field set to true should be used.
      repeated .envoy.config.rbac.v2.Principal principals = 2 [(.validate.rules) = { ... }

    • addPrincipals

      public Policy.Builder addPrincipals(Principal.Builder builderForValue)
       Required. The set of principals that are assigned/denied the role based on “action”. Each
 principal is matched with OR semantics. To match all downstreams for this policy, a single
 Principal with the `any` field set to true should be used.
      repeated .envoy.config.rbac.v2.Principal principals = 2 [(.validate.rules) = { ... }

    • addPrincipals

      public Policy.Builder addPrincipals(int index, Principal.Builder builderForValue)
       Required. The set of principals that are assigned/denied the role based on “action”. Each
 principal is matched with OR semantics. To match all downstreams for this policy, a single
 Principal with the `any` field set to true should be used.
      repeated .envoy.config.rbac.v2.Principal principals = 2 [(.validate.rules) = { ... }

    • addAllPrincipals

      public Policy.Builder addAllPrincipals(Iterable<? extends Principal> values)
       Required. The set of principals that are assigned/denied the role based on “action”. Each
 principal is matched with OR semantics. To match all downstreams for this policy, a single
 Principal with the `any` field set to true should be used.
      repeated .envoy.config.rbac.v2.Principal principals = 2 [(.validate.rules) = { ... }

    • clearPrincipals

      public Policy.Builder clearPrincipals()
       Required. The set of principals that are assigned/denied the role based on “action”. Each
 principal is matched with OR semantics. To match all downstreams for this policy, a single
 Principal with the `any` field set to true should be used.
      repeated .envoy.config.rbac.v2.Principal principals = 2 [(.validate.rules) = { ... }

    • removePrincipals

      public Policy.Builder removePrincipals(int index)
       Required. The set of principals that are assigned/denied the role based on “action”. Each
 principal is matched with OR semantics. To match all downstreams for this policy, a single
 Principal with the `any` field set to true should be used.
      repeated .envoy.config.rbac.v2.Principal principals = 2 [(.validate.rules) = { ... }

    • getPrincipalsBuilder

      public Principal.Builder getPrincipalsBuilder(int index)
       Required. The set of principals that are assigned/denied the role based on “action”. Each
 principal is matched with OR semantics. To match all downstreams for this policy, a single
 Principal with the `any` field set to true should be used.
      repeated .envoy.config.rbac.v2.Principal principals = 2 [(.validate.rules) = { ... }

    • getPrincipalsOrBuilder

      public PrincipalOrBuilder getPrincipalsOrBuilder(int index)
       Required. The set of principals that are assigned/denied the role based on “action”. Each
 principal is matched with OR semantics. To match all downstreams for this policy, a single
 Principal with the `any` field set to true should be used.
      repeated .envoy.config.rbac.v2.Principal principals = 2 [(.validate.rules) = { ... }
      Specified by:
      getPrincipalsOrBuilder in interface PolicyOrBuilder

    • getPrincipalsOrBuilderList

      public List<? extends PrincipalOrBuilder> getPrincipalsOrBuilderList()
       Required. The set of principals that are assigned/denied the role based on “action”. Each
 principal is matched with OR semantics. To match all downstreams for this policy, a single
 Principal with the `any` field set to true should be used.
      repeated .envoy.config.rbac.v2.Principal principals = 2 [(.validate.rules) = { ... }
      Specified by:
      getPrincipalsOrBuilderList in interface PolicyOrBuilder

    • addPrincipalsBuilder

      public Principal.Builder addPrincipalsBuilder()
       Required. The set of principals that are assigned/denied the role based on “action”. Each
 principal is matched with OR semantics. To match all downstreams for this policy, a single
 Principal with the `any` field set to true should be used.
      repeated .envoy.config.rbac.v2.Principal principals = 2 [(.validate.rules) = { ... }

    • addPrincipalsBuilder

      public Principal.Builder addPrincipalsBuilder(int index)
       Required. The set of principals that are assigned/denied the role based on “action”. Each
 principal is matched with OR semantics. To match all downstreams for this policy, a single
 Principal with the `any` field set to true should be used.
      repeated .envoy.config.rbac.v2.Principal principals = 2 [(.validate.rules) = { ... }

    • getPrincipalsBuilderList

      public List<Principal.Builder> getPrincipalsBuilderList()
       Required. The set of principals that are assigned/denied the role based on “action”. Each
 principal is matched with OR semantics. To match all downstreams for this policy, a single
 Principal with the `any` field set to true should be used.
      repeated .envoy.config.rbac.v2.Principal principals = 2 [(.validate.rules) = { ... }

    • hasCondition

      public boolean hasCondition()
       An optional symbolic expression specifying an access control
 :ref:`condition <arch_overview_condition>`. The condition is combined
 with the permissions and the principals as a clause with AND semantics.
      .google.api.expr.v1alpha1.Expr condition = 3;
      Specified by:
      hasCondition in interface PolicyOrBuilder
      Returns:
      Whether the condition field is set.

    • getCondition

      public Expr getCondition()
       An optional symbolic expression specifying an access control
 :ref:`condition <arch_overview_condition>`. The condition is combined
 with the permissions and the principals as a clause with AND semantics.
      .google.api.expr.v1alpha1.Expr condition = 3;
      Specified by:
      getCondition in interface PolicyOrBuilder
      Returns:
      The condition.

    • setCondition

      public Policy.Builder setCondition(Expr value)
       An optional symbolic expression specifying an access control
 :ref:`condition <arch_overview_condition>`. The condition is combined
 with the permissions and the principals as a clause with AND semantics.
      .google.api.expr.v1alpha1.Expr condition = 3;

    • setCondition

      public Policy.Builder setCondition(Expr.Builder builderForValue)
       An optional symbolic expression specifying an access control
 :ref:`condition <arch_overview_condition>`. The condition is combined
 with the permissions and the principals as a clause with AND semantics.
      .google.api.expr.v1alpha1.Expr condition = 3;

    • mergeCondition

      public Policy.Builder mergeCondition(Expr value)
       An optional symbolic expression specifying an access control
 :ref:`condition <arch_overview_condition>`. The condition is combined
 with the permissions and the principals as a clause with AND semantics.
      .google.api.expr.v1alpha1.Expr condition = 3;

    • clearCondition

      public Policy.Builder clearCondition()
       An optional symbolic expression specifying an access control
 :ref:`condition <arch_overview_condition>`. The condition is combined
 with the permissions and the principals as a clause with AND semantics.
      .google.api.expr.v1alpha1.Expr condition = 3;

    • getConditionBuilder

      public Expr.Builder getConditionBuilder()
       An optional symbolic expression specifying an access control
 :ref:`condition <arch_overview_condition>`. The condition is combined
 with the permissions and the principals as a clause with AND semantics.
      .google.api.expr.v1alpha1.Expr condition = 3;

    • getConditionOrBuilder

      public ExprOrBuilder getConditionOrBuilder()
       An optional symbolic expression specifying an access control
 :ref:`condition <arch_overview_condition>`. The condition is combined
 with the permissions and the principals as a clause with AND semantics.
      .google.api.expr.v1alpha1.Expr condition = 3;
      Specified by:
      getConditionOrBuilder in interface PolicyOrBuilder

    • setUnknownFields

      public final Policy.Builder setUnknownFields(com.google.protobuf.UnknownFieldSet unknownFields)
      Specified by:
      setUnknownFields in interface com.google.protobuf.Message.Builder
      Overrides:
      setUnknownFields in class com.google.protobuf.GeneratedMessageV3.Builder<Policy.Builder>

    • mergeUnknownFields

      public final Policy.Builder mergeUnknownFields(com.google.protobuf.UnknownFieldSet unknownFields)
      Specified by:
      mergeUnknownFields in interface com.google.protobuf.Message.Builder
      Overrides:
      mergeUnknownFields in class com.google.protobuf.GeneratedMessageV3.Builder<Policy.Builder>