public interface PermissionOrBuilder
extends com.google.protobuf.MessageOrBuilder
| Modifier and Type | Method and Description |
|---|---|
Permission.Set |
getAndRules()
A set of rules that all must match in order to define the action.
|
Permission.SetOrBuilder |
getAndRulesOrBuilder()
A set of rules that all must match in order to define the action.
|
boolean |
getAny()
When any is set, it matches any action.
|
CidrRange |
getDestinationIp()
A CIDR block that describes the destination IP.
|
CidrRangeOrBuilder |
getDestinationIpOrBuilder()
A CIDR block that describes the destination IP.
|
int |
getDestinationPort()
A port number that describes the destination port connecting to.
|
HeaderMatcher |
getHeader()
A header (or pseudo-header such as :path or :method) on the incoming HTTP request.
|
HeaderMatcherOrBuilder |
getHeaderOrBuilder()
A header (or pseudo-header such as :path or :method) on the incoming HTTP request.
|
MetadataMatcher |
getMetadata()
Metadata that describes additional information about the action.
|
MetadataMatcherOrBuilder |
getMetadataOrBuilder()
Metadata that describes additional information about the action.
|
Permission |
getNotRule()
Negates matching the provided permission.
|
PermissionOrBuilder |
getNotRuleOrBuilder()
Negates matching the provided permission.
|
Permission.Set |
getOrRules()
A set of rules where at least one must match in order to define the action.
|
Permission.SetOrBuilder |
getOrRulesOrBuilder()
A set of rules where at least one must match in order to define the action.
|
StringMatcher |
getRequestedServerName()
The request server from the client's connection request.
|
StringMatcherOrBuilder |
getRequestedServerNameOrBuilder()
The request server from the client's connection request.
|
Permission.RuleCase |
getRuleCase() |
PathMatcher |
getUrlPath()
A URL path on the incoming HTTP request.
|
PathMatcherOrBuilder |
getUrlPathOrBuilder()
A URL path on the incoming HTTP request.
|
boolean |
hasAndRules()
A set of rules that all must match in order to define the action.
|
boolean |
hasDestinationIp()
A CIDR block that describes the destination IP.
|
boolean |
hasHeader()
A header (or pseudo-header such as :path or :method) on the incoming HTTP request.
|
boolean |
hasMetadata()
Metadata that describes additional information about the action.
|
boolean |
hasNotRule()
Negates matching the provided permission.
|
boolean |
hasOrRules()
A set of rules where at least one must match in order to define the action.
|
boolean |
hasRequestedServerName()
The request server from the client's connection request.
|
boolean |
hasUrlPath()
A URL path on the incoming HTTP request.
|
findInitializationErrors, getAllFields, getDefaultInstanceForType, getDescriptorForType, getField, getInitializationErrorString, getOneofFieldDescriptor, getRepeatedField, getRepeatedFieldCount, getUnknownFields, hasField, hasOneofboolean hasAndRules()
A set of rules that all must match in order to define the action.
.envoy.config.rbac.v2.Permission.Set and_rules = 1;Permission.Set getAndRules()
A set of rules that all must match in order to define the action.
.envoy.config.rbac.v2.Permission.Set and_rules = 1;Permission.SetOrBuilder getAndRulesOrBuilder()
A set of rules that all must match in order to define the action.
.envoy.config.rbac.v2.Permission.Set and_rules = 1;boolean hasOrRules()
A set of rules where at least one must match in order to define the action.
.envoy.config.rbac.v2.Permission.Set or_rules = 2;Permission.Set getOrRules()
A set of rules where at least one must match in order to define the action.
.envoy.config.rbac.v2.Permission.Set or_rules = 2;Permission.SetOrBuilder getOrRulesOrBuilder()
A set of rules where at least one must match in order to define the action.
.envoy.config.rbac.v2.Permission.Set or_rules = 2;boolean getAny()
When any is set, it matches any action.
bool any = 3 [(.validate.rules) = { ... }boolean hasHeader()
A header (or pseudo-header such as :path or :method) on the incoming HTTP request. Only available for HTTP request. Note: the pseudo-header :path includes the query and fragment string. Use the `url_path` field if you want to match the URL path without the query and fragment string.
.envoy.api.v2.route.HeaderMatcher header = 4;HeaderMatcher getHeader()
A header (or pseudo-header such as :path or :method) on the incoming HTTP request. Only available for HTTP request. Note: the pseudo-header :path includes the query and fragment string. Use the `url_path` field if you want to match the URL path without the query and fragment string.
.envoy.api.v2.route.HeaderMatcher header = 4;HeaderMatcherOrBuilder getHeaderOrBuilder()
A header (or pseudo-header such as :path or :method) on the incoming HTTP request. Only available for HTTP request. Note: the pseudo-header :path includes the query and fragment string. Use the `url_path` field if you want to match the URL path without the query and fragment string.
.envoy.api.v2.route.HeaderMatcher header = 4;boolean hasUrlPath()
A URL path on the incoming HTTP request. Only available for HTTP.
.envoy.type.matcher.PathMatcher url_path = 10;PathMatcher getUrlPath()
A URL path on the incoming HTTP request. Only available for HTTP.
.envoy.type.matcher.PathMatcher url_path = 10;PathMatcherOrBuilder getUrlPathOrBuilder()
A URL path on the incoming HTTP request. Only available for HTTP.
.envoy.type.matcher.PathMatcher url_path = 10;boolean hasDestinationIp()
A CIDR block that describes the destination IP.
.envoy.api.v2.core.CidrRange destination_ip = 5;CidrRange getDestinationIp()
A CIDR block that describes the destination IP.
.envoy.api.v2.core.CidrRange destination_ip = 5;CidrRangeOrBuilder getDestinationIpOrBuilder()
A CIDR block that describes the destination IP.
.envoy.api.v2.core.CidrRange destination_ip = 5;int getDestinationPort()
A port number that describes the destination port connecting to.
uint32 destination_port = 6 [(.validate.rules) = { ... }boolean hasMetadata()
Metadata that describes additional information about the action.
.envoy.type.matcher.MetadataMatcher metadata = 7;MetadataMatcher getMetadata()
Metadata that describes additional information about the action.
.envoy.type.matcher.MetadataMatcher metadata = 7;MetadataMatcherOrBuilder getMetadataOrBuilder()
Metadata that describes additional information about the action.
.envoy.type.matcher.MetadataMatcher metadata = 7;boolean hasNotRule()
Negates matching the provided permission. For instance, if the value of `not_rule` would match, this permission would not match. Conversely, if the value of `not_rule` would not match, this permission would match.
.envoy.config.rbac.v2.Permission not_rule = 8;Permission getNotRule()
Negates matching the provided permission. For instance, if the value of `not_rule` would match, this permission would not match. Conversely, if the value of `not_rule` would not match, this permission would match.
.envoy.config.rbac.v2.Permission not_rule = 8;PermissionOrBuilder getNotRuleOrBuilder()
Negates matching the provided permission. For instance, if the value of `not_rule` would match, this permission would not match. Conversely, if the value of `not_rule` would not match, this permission would match.
.envoy.config.rbac.v2.Permission not_rule = 8;boolean hasRequestedServerName()
The request server from the client's connection request. This is
typically TLS SNI.
.. attention::
The behavior of this field may be affected by how Envoy is configured
as explained below.
* If the :ref:`TLS Inspector <config_listener_filters_tls_inspector>`
filter is not added, and if a `FilterChainMatch` is not defined for
the :ref:`server name <envoy_api_field_listener.FilterChainMatch.server_names>`,
a TLS connection's requested SNI server name will be treated as if it
wasn't present.
* A :ref:`listener filter <arch_overview_listener_filters>` may
overwrite a connection's requested server name within Envoy.
Please refer to :ref:`this FAQ entry <faq_how_to_setup_sni>` to learn to
setup SNI.
.envoy.type.matcher.StringMatcher requested_server_name = 9;StringMatcher getRequestedServerName()
The request server from the client's connection request. This is
typically TLS SNI.
.. attention::
The behavior of this field may be affected by how Envoy is configured
as explained below.
* If the :ref:`TLS Inspector <config_listener_filters_tls_inspector>`
filter is not added, and if a `FilterChainMatch` is not defined for
the :ref:`server name <envoy_api_field_listener.FilterChainMatch.server_names>`,
a TLS connection's requested SNI server name will be treated as if it
wasn't present.
* A :ref:`listener filter <arch_overview_listener_filters>` may
overwrite a connection's requested server name within Envoy.
Please refer to :ref:`this FAQ entry <faq_how_to_setup_sni>` to learn to
setup SNI.
.envoy.type.matcher.StringMatcher requested_server_name = 9;StringMatcherOrBuilder getRequestedServerNameOrBuilder()
The request server from the client's connection request. This is
typically TLS SNI.
.. attention::
The behavior of this field may be affected by how Envoy is configured
as explained below.
* If the :ref:`TLS Inspector <config_listener_filters_tls_inspector>`
filter is not added, and if a `FilterChainMatch` is not defined for
the :ref:`server name <envoy_api_field_listener.FilterChainMatch.server_names>`,
a TLS connection's requested SNI server name will be treated as if it
wasn't present.
* A :ref:`listener filter <arch_overview_listener_filters>` may
overwrite a connection's requested server name within Envoy.
Please refer to :ref:`this FAQ entry <faq_how_to_setup_sni>` to learn to
setup SNI.
.envoy.type.matcher.StringMatcher requested_server_name = 9;Permission.RuleCase getRuleCase()
Copyright © 2018–2021 The Envoy Project. All rights reserved.