Class RBAC.Builder
- java.lang.Object
-
- com.google.protobuf.AbstractMessageLite.Builder
-
- com.google.protobuf.AbstractMessage.Builder<BuilderType>
-
- com.google.protobuf.GeneratedMessageV3.Builder<RBAC.Builder>
-
- io.envoyproxy.envoy.config.rbac.v2.RBAC.Builder
-
- All Implemented Interfaces:
com.google.protobuf.Message.Builder,com.google.protobuf.MessageLite.Builder,com.google.protobuf.MessageLiteOrBuilder,com.google.protobuf.MessageOrBuilder,RBACOrBuilder,Cloneable
- Enclosing class:
- RBAC
public static final class RBAC.Builder extends com.google.protobuf.GeneratedMessageV3.Builder<RBAC.Builder> implements RBACOrBuilder
Role Based Access Control (RBAC) provides service-level and method-level access control for a service. RBAC policies are additive. The policies are examined in order. A request is allowed once a matching policy is found (suppose the `action` is ALLOW). Here is an example of RBAC configuration. It has two policies: * Service account "cluster.local/ns/default/sa/admin" has full access to the service, and so does "cluster.local/ns/default/sa/superuser". * Any user can read ("GET") the service at paths with prefix "/products", so long as the destination port is either 80 or 443. .. code-block:: yaml action: ALLOW policies: "service-admin": permissions: - any: true principals: - authenticated: principal_name: exact: "cluster.local/ns/default/sa/admin" - authenticated: principal_name: exact: "cluster.local/ns/default/sa/superuser" "product-viewer": permissions: - and_rules: rules: - header: { name: ":method", exact_match: "GET" } - url_path: path: { prefix: "/products" } - or_rules: rules: - destination_port: 80 - destination_port: 443 principals: - any: trueProtobuf typeenvoy.config.rbac.v2.RBAC
-
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Deprecated Methods Modifier and Type Method Description RBAC.BuilderaddRepeatedField(com.google.protobuf.Descriptors.FieldDescriptor field, Object value)RBACbuild()RBACbuildPartial()RBAC.Builderclear()RBAC.BuilderclearAction()The action to take if a policy matches.RBAC.BuilderclearField(com.google.protobuf.Descriptors.FieldDescriptor field)RBAC.BuilderclearOneof(com.google.protobuf.Descriptors.OneofDescriptor oneof)RBAC.BuilderclearPolicies()RBAC.Builderclone()booleancontainsPolicies(String key)Maps from policy name to policy.RBAC.ActiongetAction()The action to take if a policy matches.intgetActionValue()The action to take if a policy matches.RBACgetDefaultInstanceForType()static com.google.protobuf.Descriptors.DescriptorgetDescriptor()com.google.protobuf.Descriptors.DescriptorgetDescriptorForType()Map<String,Policy>getMutablePolicies()Deprecated.Map<String,Policy>getPolicies()Deprecated.intgetPoliciesCount()Maps from policy name to policy.Map<String,Policy>getPoliciesMap()Maps from policy name to policy.PolicygetPoliciesOrDefault(String key, Policy defaultValue)Maps from policy name to policy.PolicygetPoliciesOrThrow(String key)Maps from policy name to policy.protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTableinternalGetFieldAccessorTable()protected com.google.protobuf.MapFieldinternalGetMapField(int number)protected com.google.protobuf.MapFieldinternalGetMutableMapField(int number)booleanisInitialized()RBAC.BuildermergeFrom(com.google.protobuf.CodedInputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)RBAC.BuildermergeFrom(com.google.protobuf.Message other)RBAC.BuildermergeFrom(RBAC other)RBAC.BuildermergeUnknownFields(com.google.protobuf.UnknownFieldSet unknownFields)RBAC.BuilderputAllPolicies(Map<String,Policy> values)Maps from policy name to policy.RBAC.BuilderputPolicies(String key, Policy value)Maps from policy name to policy.RBAC.BuilderremovePolicies(String key)Maps from policy name to policy.RBAC.BuildersetAction(RBAC.Action value)The action to take if a policy matches.RBAC.BuildersetActionValue(int value)The action to take if a policy matches.RBAC.BuildersetField(com.google.protobuf.Descriptors.FieldDescriptor field, Object value)RBAC.BuildersetRepeatedField(com.google.protobuf.Descriptors.FieldDescriptor field, int index, Object value)RBAC.BuildersetUnknownFields(com.google.protobuf.UnknownFieldSet unknownFields)-
Methods inherited from class com.google.protobuf.GeneratedMessageV3.Builder
getAllFields, getField, getFieldBuilder, getOneofFieldDescriptor, getParentForChildren, getRepeatedField, getRepeatedFieldBuilder, getRepeatedFieldCount, getUnknownFields, hasField, hasOneof, isClean, markClean, newBuilderForField, onBuilt, onChanged, setUnknownFieldsProto3
-
Methods inherited from class com.google.protobuf.AbstractMessage.Builder
findInitializationErrors, getInitializationErrorString, internalMergeFrom, mergeFrom, mergeFrom, mergeFrom, mergeFrom, mergeFrom, mergeFrom, mergeFrom, mergeFrom, mergeFrom, newUninitializedMessageException, toString
-
Methods inherited from class com.google.protobuf.AbstractMessageLite.Builder
addAll, addAll, mergeDelimitedFrom, mergeDelimitedFrom, mergeFrom, newUninitializedMessageException
-
Methods inherited from class java.lang.Object
equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
-
-
-
-
Method Detail
-
getDescriptor
public static final com.google.protobuf.Descriptors.Descriptor getDescriptor()
-
internalGetMapField
protected com.google.protobuf.MapField internalGetMapField(int number)
- Overrides:
internalGetMapFieldin classcom.google.protobuf.GeneratedMessageV3.Builder<RBAC.Builder>
-
internalGetMutableMapField
protected com.google.protobuf.MapField internalGetMutableMapField(int number)
- Overrides:
internalGetMutableMapFieldin classcom.google.protobuf.GeneratedMessageV3.Builder<RBAC.Builder>
-
internalGetFieldAccessorTable
protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable internalGetFieldAccessorTable()
- Specified by:
internalGetFieldAccessorTablein classcom.google.protobuf.GeneratedMessageV3.Builder<RBAC.Builder>
-
clear
public RBAC.Builder clear()
- Specified by:
clearin interfacecom.google.protobuf.Message.Builder- Specified by:
clearin interfacecom.google.protobuf.MessageLite.Builder- Overrides:
clearin classcom.google.protobuf.GeneratedMessageV3.Builder<RBAC.Builder>
-
getDescriptorForType
public com.google.protobuf.Descriptors.Descriptor getDescriptorForType()
- Specified by:
getDescriptorForTypein interfacecom.google.protobuf.Message.Builder- Specified by:
getDescriptorForTypein interfacecom.google.protobuf.MessageOrBuilder- Overrides:
getDescriptorForTypein classcom.google.protobuf.GeneratedMessageV3.Builder<RBAC.Builder>
-
getDefaultInstanceForType
public RBAC getDefaultInstanceForType()
- Specified by:
getDefaultInstanceForTypein interfacecom.google.protobuf.MessageLiteOrBuilder- Specified by:
getDefaultInstanceForTypein interfacecom.google.protobuf.MessageOrBuilder
-
build
public RBAC build()
- Specified by:
buildin interfacecom.google.protobuf.Message.Builder- Specified by:
buildin interfacecom.google.protobuf.MessageLite.Builder
-
buildPartial
public RBAC buildPartial()
- Specified by:
buildPartialin interfacecom.google.protobuf.Message.Builder- Specified by:
buildPartialin interfacecom.google.protobuf.MessageLite.Builder
-
clone
public RBAC.Builder clone()
- Specified by:
clonein interfacecom.google.protobuf.Message.Builder- Specified by:
clonein interfacecom.google.protobuf.MessageLite.Builder- Overrides:
clonein classcom.google.protobuf.GeneratedMessageV3.Builder<RBAC.Builder>
-
setField
public RBAC.Builder setField(com.google.protobuf.Descriptors.FieldDescriptor field, Object value)
- Specified by:
setFieldin interfacecom.google.protobuf.Message.Builder- Overrides:
setFieldin classcom.google.protobuf.GeneratedMessageV3.Builder<RBAC.Builder>
-
clearField
public RBAC.Builder clearField(com.google.protobuf.Descriptors.FieldDescriptor field)
- Specified by:
clearFieldin interfacecom.google.protobuf.Message.Builder- Overrides:
clearFieldin classcom.google.protobuf.GeneratedMessageV3.Builder<RBAC.Builder>
-
clearOneof
public RBAC.Builder clearOneof(com.google.protobuf.Descriptors.OneofDescriptor oneof)
- Specified by:
clearOneofin interfacecom.google.protobuf.Message.Builder- Overrides:
clearOneofin classcom.google.protobuf.GeneratedMessageV3.Builder<RBAC.Builder>
-
setRepeatedField
public RBAC.Builder setRepeatedField(com.google.protobuf.Descriptors.FieldDescriptor field, int index, Object value)
- Specified by:
setRepeatedFieldin interfacecom.google.protobuf.Message.Builder- Overrides:
setRepeatedFieldin classcom.google.protobuf.GeneratedMessageV3.Builder<RBAC.Builder>
-
addRepeatedField
public RBAC.Builder addRepeatedField(com.google.protobuf.Descriptors.FieldDescriptor field, Object value)
- Specified by:
addRepeatedFieldin interfacecom.google.protobuf.Message.Builder- Overrides:
addRepeatedFieldin classcom.google.protobuf.GeneratedMessageV3.Builder<RBAC.Builder>
-
mergeFrom
public RBAC.Builder mergeFrom(com.google.protobuf.Message other)
- Specified by:
mergeFromin interfacecom.google.protobuf.Message.Builder- Overrides:
mergeFromin classcom.google.protobuf.AbstractMessage.Builder<RBAC.Builder>
-
mergeFrom
public RBAC.Builder mergeFrom(RBAC other)
-
isInitialized
public final boolean isInitialized()
- Specified by:
isInitializedin interfacecom.google.protobuf.MessageLiteOrBuilder- Overrides:
isInitializedin classcom.google.protobuf.GeneratedMessageV3.Builder<RBAC.Builder>
-
mergeFrom
public RBAC.Builder mergeFrom(com.google.protobuf.CodedInputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws IOException
- Specified by:
mergeFromin interfacecom.google.protobuf.Message.Builder- Specified by:
mergeFromin interfacecom.google.protobuf.MessageLite.Builder- Overrides:
mergeFromin classcom.google.protobuf.AbstractMessage.Builder<RBAC.Builder>- Throws:
IOException
-
getActionValue
public int getActionValue()
The action to take if a policy matches. The request is allowed if and only if: * `action` is "ALLOWED" and at least one policy matches * `action` is "DENY" and none of the policies match
.envoy.config.rbac.v2.RBAC.Action action = 1;- Specified by:
getActionValuein interfaceRBACOrBuilder- Returns:
- The enum numeric value on the wire for action.
-
setActionValue
public RBAC.Builder setActionValue(int value)
The action to take if a policy matches. The request is allowed if and only if: * `action` is "ALLOWED" and at least one policy matches * `action` is "DENY" and none of the policies match
.envoy.config.rbac.v2.RBAC.Action action = 1;- Parameters:
value- The enum numeric value on the wire for action to set.- Returns:
- This builder for chaining.
-
getAction
public RBAC.Action getAction()
The action to take if a policy matches. The request is allowed if and only if: * `action` is "ALLOWED" and at least one policy matches * `action` is "DENY" and none of the policies match
.envoy.config.rbac.v2.RBAC.Action action = 1;- Specified by:
getActionin interfaceRBACOrBuilder- Returns:
- The action.
-
setAction
public RBAC.Builder setAction(RBAC.Action value)
The action to take if a policy matches. The request is allowed if and only if: * `action` is "ALLOWED" and at least one policy matches * `action` is "DENY" and none of the policies match
.envoy.config.rbac.v2.RBAC.Action action = 1;- Parameters:
value- The action to set.- Returns:
- This builder for chaining.
-
clearAction
public RBAC.Builder clearAction()
The action to take if a policy matches. The request is allowed if and only if: * `action` is "ALLOWED" and at least one policy matches * `action` is "DENY" and none of the policies match
.envoy.config.rbac.v2.RBAC.Action action = 1;- Returns:
- This builder for chaining.
-
getPoliciesCount
public int getPoliciesCount()
Description copied from interface:RBACOrBuilderMaps from policy name to policy. A match occurs when at least one policy matches the request.
map<string, .envoy.config.rbac.v2.Policy> policies = 2;- Specified by:
getPoliciesCountin interfaceRBACOrBuilder
-
containsPolicies
public boolean containsPolicies(String key)
Maps from policy name to policy. A match occurs when at least one policy matches the request.
map<string, .envoy.config.rbac.v2.Policy> policies = 2;- Specified by:
containsPoliciesin interfaceRBACOrBuilder
-
getPolicies
@Deprecated public Map<String,Policy> getPolicies()
Deprecated.UsegetPoliciesMap()instead.- Specified by:
getPoliciesin interfaceRBACOrBuilder
-
getPoliciesMap
public Map<String,Policy> getPoliciesMap()
Maps from policy name to policy. A match occurs when at least one policy matches the request.
map<string, .envoy.config.rbac.v2.Policy> policies = 2;- Specified by:
getPoliciesMapin interfaceRBACOrBuilder
-
getPoliciesOrDefault
public Policy getPoliciesOrDefault(String key, Policy defaultValue)
Maps from policy name to policy. A match occurs when at least one policy matches the request.
map<string, .envoy.config.rbac.v2.Policy> policies = 2;- Specified by:
getPoliciesOrDefaultin interfaceRBACOrBuilder
-
getPoliciesOrThrow
public Policy getPoliciesOrThrow(String key)
Maps from policy name to policy. A match occurs when at least one policy matches the request.
map<string, .envoy.config.rbac.v2.Policy> policies = 2;- Specified by:
getPoliciesOrThrowin interfaceRBACOrBuilder
-
clearPolicies
public RBAC.Builder clearPolicies()
-
removePolicies
public RBAC.Builder removePolicies(String key)
Maps from policy name to policy. A match occurs when at least one policy matches the request.
map<string, .envoy.config.rbac.v2.Policy> policies = 2;
-
getMutablePolicies
@Deprecated public Map<String,Policy> getMutablePolicies()
Deprecated.Use alternate mutation accessors instead.
-
putPolicies
public RBAC.Builder putPolicies(String key, Policy value)
Maps from policy name to policy. A match occurs when at least one policy matches the request.
map<string, .envoy.config.rbac.v2.Policy> policies = 2;
-
putAllPolicies
public RBAC.Builder putAllPolicies(Map<String,Policy> values)
Maps from policy name to policy. A match occurs when at least one policy matches the request.
map<string, .envoy.config.rbac.v2.Policy> policies = 2;
-
setUnknownFields
public final RBAC.Builder setUnknownFields(com.google.protobuf.UnknownFieldSet unknownFields)
- Specified by:
setUnknownFieldsin interfacecom.google.protobuf.Message.Builder- Overrides:
setUnknownFieldsin classcom.google.protobuf.GeneratedMessageV3.Builder<RBAC.Builder>
-
mergeUnknownFields
public final RBAC.Builder mergeUnknownFields(com.google.protobuf.UnknownFieldSet unknownFields)
- Specified by:
mergeUnknownFieldsin interfacecom.google.protobuf.Message.Builder- Overrides:
mergeUnknownFieldsin classcom.google.protobuf.GeneratedMessageV3.Builder<RBAC.Builder>
-
-