Package io.envoyproxy.envoy.config.rbac.v2

Class Policy

  • All Implemented Interfaces:
    com.google.protobuf.Message, com.google.protobuf.MessageLite, com.google.protobuf.MessageLiteOrBuilder, com.google.protobuf.MessageOrBuilder, PolicyOrBuilder, Serializable
    public final class Policy
extends com.google.protobuf.GeneratedMessageV3
implements PolicyOrBuilder
     Policy specifies a role and the principals that are assigned/denied the role. A policy matches if
 and only if at least one of its permissions match the action taking place AND at least one of its
 principals match the downstream AND the condition is true if specified.
    Protobuf type envoy.config.rbac.v2.Policy
    See Also:
    Serialized Form

    • Nested Class Summary

      Nested Classes 
      Modifier and Type Class Description
      static class  Policy.Builder
      Policy specifies a role and the principals that are assigned/denied the role.

      • Nested classes/interfaces inherited from class com.google.protobuf.GeneratedMessageV3

        com.google.protobuf.GeneratedMessageV3.BuilderParent, com.google.protobuf.GeneratedMessageV3.ExtendableBuilder<MessageType extends com.google.protobuf.GeneratedMessageV3.ExtendableMessage,​BuilderType extends com.google.protobuf.GeneratedMessageV3.ExtendableBuilder<MessageType,​BuilderType>>, com.google.protobuf.GeneratedMessageV3.ExtendableMessage<MessageType extends com.google.protobuf.GeneratedMessageV3.ExtendableMessage>, com.google.protobuf.GeneratedMessageV3.ExtendableMessageOrBuilder<MessageType extends com.google.protobuf.GeneratedMessageV3.ExtendableMessage>, com.google.protobuf.GeneratedMessageV3.FieldAccessorTable, com.google.protobuf.GeneratedMessageV3.UnusedPrivateParameter

      • Nested classes/interfaces inherited from class com.google.protobuf.AbstractMessageLite

        com.google.protobuf.AbstractMessageLite.InternalOneOfEnum

    • Field Summary

      Fields 
      Modifier and Type Field Description
      static int CONDITION_FIELD_NUMBER  
      static int PERMISSIONS_FIELD_NUMBER  
      static int PRINCIPALS_FIELD_NUMBER  

      • Fields inherited from class com.google.protobuf.GeneratedMessageV3

        alwaysUseFieldBuilders, unknownFields

      • Fields inherited from class com.google.protobuf.AbstractMessage

        memoizedSize

      • Fields inherited from class com.google.protobuf.AbstractMessageLite

        memoizedHashCode

    • Method Detail

      • newInstance

        protected Object newInstance​(com.google.protobuf.GeneratedMessageV3.UnusedPrivateParameter unused)
        Overrides:
        newInstance in class com.google.protobuf.GeneratedMessageV3

      • getUnknownFields

        public final com.google.protobuf.UnknownFieldSet getUnknownFields()
        Specified by:
        getUnknownFields in interface com.google.protobuf.MessageOrBuilder
        Overrides:
        getUnknownFields in class com.google.protobuf.GeneratedMessageV3

      • getDescriptor

        public static final com.google.protobuf.Descriptors.Descriptor getDescriptor()

      • internalGetFieldAccessorTable

        protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable internalGetFieldAccessorTable()
        Specified by:
        internalGetFieldAccessorTable in class com.google.protobuf.GeneratedMessageV3

      • getPermissionsList

        public List<Permission> getPermissionsList()
         Required. The set of permissions that define a role. Each permission is matched with OR
 semantics. To match all actions for this policy, a single Permission with the `any` field set
 to true should be used.
        repeated .envoy.config.rbac.v2.Permission permissions = 1 [(.validate.rules) = { ... }
        Specified by:
        getPermissionsList in interface PolicyOrBuilder

      • getPermissionsOrBuilderList

        public List<? extends PermissionOrBuilder> getPermissionsOrBuilderList()
         Required. The set of permissions that define a role. Each permission is matched with OR
 semantics. To match all actions for this policy, a single Permission with the `any` field set
 to true should be used.
        repeated .envoy.config.rbac.v2.Permission permissions = 1 [(.validate.rules) = { ... }
        Specified by:
        getPermissionsOrBuilderList in interface PolicyOrBuilder

      • getPermissionsCount

        public int getPermissionsCount()
         Required. The set of permissions that define a role. Each permission is matched with OR
 semantics. To match all actions for this policy, a single Permission with the `any` field set
 to true should be used.
        repeated .envoy.config.rbac.v2.Permission permissions = 1 [(.validate.rules) = { ... }
        Specified by:
        getPermissionsCount in interface PolicyOrBuilder

      • getPermissions

        public Permission getPermissions​(int index)
         Required. The set of permissions that define a role. Each permission is matched with OR
 semantics. To match all actions for this policy, a single Permission with the `any` field set
 to true should be used.
        repeated .envoy.config.rbac.v2.Permission permissions = 1 [(.validate.rules) = { ... }
        Specified by:
        getPermissions in interface PolicyOrBuilder

      • getPermissionsOrBuilder

        public PermissionOrBuilder getPermissionsOrBuilder​(int index)
         Required. The set of permissions that define a role. Each permission is matched with OR
 semantics. To match all actions for this policy, a single Permission with the `any` field set
 to true should be used.
        repeated .envoy.config.rbac.v2.Permission permissions = 1 [(.validate.rules) = { ... }
        Specified by:
        getPermissionsOrBuilder in interface PolicyOrBuilder

      • getPrincipalsList

        public List<Principal> getPrincipalsList()
         Required. The set of principals that are assigned/denied the role based on “action”. Each
 principal is matched with OR semantics. To match all downstreams for this policy, a single
 Principal with the `any` field set to true should be used.
        repeated .envoy.config.rbac.v2.Principal principals = 2 [(.validate.rules) = { ... }
        Specified by:
        getPrincipalsList in interface PolicyOrBuilder

      • getPrincipalsOrBuilderList

        public List<? extends PrincipalOrBuilder> getPrincipalsOrBuilderList()
         Required. The set of principals that are assigned/denied the role based on “action”. Each
 principal is matched with OR semantics. To match all downstreams for this policy, a single
 Principal with the `any` field set to true should be used.
        repeated .envoy.config.rbac.v2.Principal principals = 2 [(.validate.rules) = { ... }
        Specified by:
        getPrincipalsOrBuilderList in interface PolicyOrBuilder

      • getPrincipalsCount

        public int getPrincipalsCount()
         Required. The set of principals that are assigned/denied the role based on “action”. Each
 principal is matched with OR semantics. To match all downstreams for this policy, a single
 Principal with the `any` field set to true should be used.
        repeated .envoy.config.rbac.v2.Principal principals = 2 [(.validate.rules) = { ... }
        Specified by:
        getPrincipalsCount in interface PolicyOrBuilder

      • getPrincipals

        public Principal getPrincipals​(int index)
         Required. The set of principals that are assigned/denied the role based on “action”. Each
 principal is matched with OR semantics. To match all downstreams for this policy, a single
 Principal with the `any` field set to true should be used.
        repeated .envoy.config.rbac.v2.Principal principals = 2 [(.validate.rules) = { ... }
        Specified by:
        getPrincipals in interface PolicyOrBuilder

      • getPrincipalsOrBuilder

        public PrincipalOrBuilder getPrincipalsOrBuilder​(int index)
         Required. The set of principals that are assigned/denied the role based on “action”. Each
 principal is matched with OR semantics. To match all downstreams for this policy, a single
 Principal with the `any` field set to true should be used.
        repeated .envoy.config.rbac.v2.Principal principals = 2 [(.validate.rules) = { ... }
        Specified by:
        getPrincipalsOrBuilder in interface PolicyOrBuilder

      • hasCondition

        public boolean hasCondition()
         An optional symbolic expression specifying an access control
 :ref:`condition <arch_overview_condition>`. The condition is combined
 with the permissions and the principals as a clause with AND semantics.
        .google.api.expr.v1alpha1.Expr condition = 3;
        Specified by:
        hasCondition in interface PolicyOrBuilder
        Returns:
        Whether the condition field is set.

      • getCondition

        public Expr getCondition()
         An optional symbolic expression specifying an access control
 :ref:`condition <arch_overview_condition>`. The condition is combined
 with the permissions and the principals as a clause with AND semantics.
        .google.api.expr.v1alpha1.Expr condition = 3;
        Specified by:
        getCondition in interface PolicyOrBuilder
        Returns:
        The condition.

      • getConditionOrBuilder

        public ExprOrBuilder getConditionOrBuilder()
         An optional symbolic expression specifying an access control
 :ref:`condition <arch_overview_condition>`. The condition is combined
 with the permissions and the principals as a clause with AND semantics.
        .google.api.expr.v1alpha1.Expr condition = 3;
        Specified by:
        getConditionOrBuilder in interface PolicyOrBuilder

      • isInitialized

        public final boolean isInitialized()
        Specified by:
        isInitialized in interface com.google.protobuf.MessageLiteOrBuilder
        Overrides:
        isInitialized in class com.google.protobuf.GeneratedMessageV3

      • writeTo

        public void writeTo​(com.google.protobuf.CodedOutputStream output)
             throws IOException
        Specified by:
        writeTo in interface com.google.protobuf.MessageLite
        Overrides:
        writeTo in class com.google.protobuf.GeneratedMessageV3
        Throws:
        IOException

      • getSerializedSize

        public int getSerializedSize()
        Specified by:
        getSerializedSize in interface com.google.protobuf.MessageLite
        Overrides:
        getSerializedSize in class com.google.protobuf.GeneratedMessageV3

      • equals

        public boolean equals​(Object obj)
        Specified by:
        equals in interface com.google.protobuf.Message
        Overrides:
        equals in class com.google.protobuf.AbstractMessage

      • hashCode

        public int hashCode()
        Specified by:
        hashCode in interface com.google.protobuf.Message
        Overrides:
        hashCode in class com.google.protobuf.AbstractMessage

      • parseFrom

        public static Policy parseFrom​(ByteBuffer data)
                        throws com.google.protobuf.InvalidProtocolBufferException
        Throws:
        com.google.protobuf.InvalidProtocolBufferException

      • parseFrom

        public static Policy parseFrom​(ByteBuffer data,
                               com.google.protobuf.ExtensionRegistryLite extensionRegistry)
                        throws com.google.protobuf.InvalidProtocolBufferException
        Throws:
        com.google.protobuf.InvalidProtocolBufferException

      • parseFrom

        public static Policy parseFrom​(com.google.protobuf.ByteString data)
                        throws com.google.protobuf.InvalidProtocolBufferException
        Throws:
        com.google.protobuf.InvalidProtocolBufferException

      • parseFrom

        public static Policy parseFrom​(com.google.protobuf.ByteString data,
                               com.google.protobuf.ExtensionRegistryLite extensionRegistry)
                        throws com.google.protobuf.InvalidProtocolBufferException
        Throws:
        com.google.protobuf.InvalidProtocolBufferException

      • parseFrom

        public static Policy parseFrom​(byte[] data)
                        throws com.google.protobuf.InvalidProtocolBufferException
        Throws:
        com.google.protobuf.InvalidProtocolBufferException

      • parseFrom

        public static Policy parseFrom​(byte[] data,
                               com.google.protobuf.ExtensionRegistryLite extensionRegistry)
                        throws com.google.protobuf.InvalidProtocolBufferException
        Throws:
        com.google.protobuf.InvalidProtocolBufferException

      • parseFrom

        public static Policy parseFrom​(com.google.protobuf.CodedInputStream input,
                               com.google.protobuf.ExtensionRegistryLite extensionRegistry)
                        throws IOException
        Throws:
        IOException

      • newBuilderForType

        public Policy.Builder newBuilderForType()
        Specified by:
        newBuilderForType in interface com.google.protobuf.Message
        Specified by:
        newBuilderForType in interface com.google.protobuf.MessageLite

      • toBuilder

        public Policy.Builder toBuilder()
        Specified by:
        toBuilder in interface com.google.protobuf.Message
        Specified by:
        toBuilder in interface com.google.protobuf.MessageLite

      • newBuilderForType

        protected Policy.Builder newBuilderForType​(com.google.protobuf.GeneratedMessageV3.BuilderParent parent)
        Specified by:
        newBuilderForType in class com.google.protobuf.GeneratedMessageV3

      • getDefaultInstance

        public static Policy getDefaultInstance()

      • parser

        public static com.google.protobuf.Parser<Policy> parser()

      • getParserForType

        public com.google.protobuf.Parser<Policy> getParserForType()
        Specified by:
        getParserForType in interface com.google.protobuf.Message
        Specified by:
        getParserForType in interface com.google.protobuf.MessageLite
        Overrides:
        getParserForType in class com.google.protobuf.GeneratedMessageV3

      • getDefaultInstanceForType

        public Policy getDefaultInstanceForType()
        Specified by:
        getDefaultInstanceForType in interface com.google.protobuf.MessageLiteOrBuilder
        Specified by:
        getDefaultInstanceForType in interface com.google.protobuf.MessageOrBuilder