From 41244b17865856ea0f96fae390aad226b0110247 Mon Sep 17 00:00:00 2001 From: Chris Lu Date: Sat, 24 Jan 2026 23:46:23 -0800 Subject: [PATCH] iam: add RPC methods and messages to iam.proto --- weed/pb/iam.proto | 124 +++- weed/pb/iam_pb/iam.pb.go | 1230 ++++++++++++++++++++++++++++----- weed/pb/iam_pb/iam_grpc.pb.go | 357 +++++++++- 3 files changed, 1514 insertions(+), 197 deletions(-) diff --git a/weed/pb/iam.proto b/weed/pb/iam.proto index d485ce011..07cce83d5 100644 --- a/weed/pb/iam.proto +++ b/weed/pb/iam.proto @@ -9,15 +9,95 @@ option java_outer_classname = "IamProto"; ////////////////////////////////////////////////// service SeaweedIdentityAccessManagement { + rpc CreateIdentity(CreateIdentityRequest) returns (CreateIdentityResponse); + rpc UpdatesIdentity(UpdateIdentityRequest) returns (UpdateIdentityResponse); + rpc GetIdentity(GetIdentityRequest) returns (GetIdentityResponse); + rpc DeleteIdentity(DeleteIdentityRequest) returns (DeleteIdentityResponse); + rpc ListIdentities(ListIdentitiesRequest) returns (ListIdentitiesResponse); + rpc CreatePolicy(CreatePolicyRequest) returns (CreatePolicyResponse); + rpc GetPolicy(GetPolicyRequest) returns (GetPolicyResponse); + rpc DeletePolicy(DeletePolicyRequest) returns (DeletePolicyResponse); + rpc ListPolicies(ListPoliciesRequest) returns (ListPoliciesResponse); +} + +message CreateIdentityRequest { + Identity identity = 1; +} + +message CreateIdentityResponse { +} + +message UpdateIdentityRequest { + Identity identity = 1; +} + +message UpdateIdentityResponse { +} + +message GetIdentityRequest { + string name = 1; +} + +message GetIdentityResponse { + Identity identity = 1; +} + +message DeleteIdentityRequest { + string name = 1; +} + +message DeleteIdentityResponse { +} + +message ListIdentitiesRequest { + int32 limit = 1; + string offset = 2; +} + +message ListIdentitiesResponse { + repeated Identity identities = 1; + bool is_truncated = 2; + string next_offset = 3; +} + +message CreatePolicyRequest { + Policy policy = 1; +} + +message CreatePolicyResponse { +} + +message GetPolicyRequest { + string name = 1; +} + +message GetPolicyResponse { + Policy policy = 1; +} + +message DeletePolicyRequest { + string name = 1; +} + +message DeletePolicyResponse { +} + +message ListPoliciesRequest { + int32 limit = 1; + string offset = 2; +} + +message ListPoliciesResponse { + repeated Policy policies = 1; + bool is_truncated = 2; + string next_offset = 3; } ////////////////////////////////////////////////// message S3ApiConfiguration { repeated Identity identities = 1; - repeated Account accounts = 2; - repeated ServiceAccount service_accounts = 3; } message Identity { @@ -25,15 +105,11 @@ message Identity { repeated Credential credentials = 2; repeated string actions = 3; Account account = 4; - bool disabled = 5; // User status: false = enabled (default), true = disabled - repeated string service_account_ids = 6; // IDs of service accounts owned by this user - repeated string policy_names = 7; } message Credential { string access_key = 1; string secret_key = 2; - string status = 3; // Access key status: "Active" or "Inactive" } message Account { @@ -42,30 +118,30 @@ message Account { string email_address = 3; } -// ServiceAccount represents a service account - special credentials for applications. -// Service accounts are linked to a parent user and can have restricted permissions. -message ServiceAccount { - string id = 1; // Unique identifier (e.g., "sa-xxxxx") - string parent_user = 2; // Parent identity name - string description = 3; // Optional description - Credential credential = 4; // Access key/secret for this service account - repeated string actions = 5; // Allowed actions (subset of parent) - int64 expiration = 6; // Unix timestamp, 0 = no expiration - bool disabled = 7; // Status: false = enabled (default) - int64 created_at = 8; // Creation timestamp - string created_by = 9; // Who created this service account -} - -/* +// Policy constants message Policy { - repeated Statement statements = 1; + string name = 1; + string version = 2; + string id = 3; + repeated Statement statements = 4; } message Statement { - repeated Action action = 1; - repeated Resource resource = 2; + string sid = 1; + string effect = 2; + repeated string action = 3; + repeated string not_action = 4; + repeated string resource = 5; + repeated string not_resource = 6; + // Condition is a map of string to map of string to string + // This is a simplified representation, actual policy engine supports more complex structures + // but for proto we can start with bytes or string logic + // map> condition = 7; + // or store as json string + string condition_json = 7; } +/* message Action { string action = 1; } diff --git a/weed/pb/iam_pb/iam.pb.go b/weed/pb/iam_pb/iam.pb.go index 367afc5ef..9041c2bdd 100644 --- a/weed/pb/iam_pb/iam.pb.go +++ b/weed/pb/iam_pb/iam.pb.go @@ -1,39 +1,836 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: // protoc-gen-go v1.36.6 -// protoc v6.33.1 +// protoc v6.33.4 // source: iam.proto package iam_pb import ( + protoreflect "google.golang.org/protobuf/reflect/protoreflect" + protoimpl "google.golang.org/protobuf/runtime/protoimpl" reflect "reflect" sync "sync" unsafe "unsafe" +) + +const ( + // Verify that this generated code is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion) + // Verify that runtime/protoimpl is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) +) + +type CreateIdentityRequest struct { + state protoimpl.MessageState `protogen:"open.v1"` + Identity *Identity `protobuf:"bytes,1,opt,name=identity,proto3" json:"identity,omitempty"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache +} + +func (x *CreateIdentityRequest) Reset() { + *x = CreateIdentityRequest{} + mi := &file_iam_proto_msgTypes[0] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *CreateIdentityRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*CreateIdentityRequest) ProtoMessage() {} + +func (x *CreateIdentityRequest) ProtoReflect() protoreflect.Message { + mi := &file_iam_proto_msgTypes[0] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use CreateIdentityRequest.ProtoReflect.Descriptor instead. +func (*CreateIdentityRequest) Descriptor() ([]byte, []int) { + return file_iam_proto_rawDescGZIP(), []int{0} +} + +func (x *CreateIdentityRequest) GetIdentity() *Identity { + if x != nil { + return x.Identity + } + return nil +} + +type CreateIdentityResponse struct { + state protoimpl.MessageState `protogen:"open.v1"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache +} + +func (x *CreateIdentityResponse) Reset() { + *x = CreateIdentityResponse{} + mi := &file_iam_proto_msgTypes[1] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *CreateIdentityResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*CreateIdentityResponse) ProtoMessage() {} + +func (x *CreateIdentityResponse) ProtoReflect() protoreflect.Message { + mi := &file_iam_proto_msgTypes[1] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use CreateIdentityResponse.ProtoReflect.Descriptor instead. +func (*CreateIdentityResponse) Descriptor() ([]byte, []int) { + return file_iam_proto_rawDescGZIP(), []int{1} +} + +type UpdateIdentityRequest struct { + state protoimpl.MessageState `protogen:"open.v1"` + Identity *Identity `protobuf:"bytes,1,opt,name=identity,proto3" json:"identity,omitempty"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache +} + +func (x *UpdateIdentityRequest) Reset() { + *x = UpdateIdentityRequest{} + mi := &file_iam_proto_msgTypes[2] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *UpdateIdentityRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*UpdateIdentityRequest) ProtoMessage() {} + +func (x *UpdateIdentityRequest) ProtoReflect() protoreflect.Message { + mi := &file_iam_proto_msgTypes[2] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use UpdateIdentityRequest.ProtoReflect.Descriptor instead. +func (*UpdateIdentityRequest) Descriptor() ([]byte, []int) { + return file_iam_proto_rawDescGZIP(), []int{2} +} + +func (x *UpdateIdentityRequest) GetIdentity() *Identity { + if x != nil { + return x.Identity + } + return nil +} + +type UpdateIdentityResponse struct { + state protoimpl.MessageState `protogen:"open.v1"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache +} + +func (x *UpdateIdentityResponse) Reset() { + *x = UpdateIdentityResponse{} + mi := &file_iam_proto_msgTypes[3] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *UpdateIdentityResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*UpdateIdentityResponse) ProtoMessage() {} + +func (x *UpdateIdentityResponse) ProtoReflect() protoreflect.Message { + mi := &file_iam_proto_msgTypes[3] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use UpdateIdentityResponse.ProtoReflect.Descriptor instead. +func (*UpdateIdentityResponse) Descriptor() ([]byte, []int) { + return file_iam_proto_rawDescGZIP(), []int{3} +} + +type GetIdentityRequest struct { + state protoimpl.MessageState `protogen:"open.v1"` + Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache +} + +func (x *GetIdentityRequest) Reset() { + *x = GetIdentityRequest{} + mi := &file_iam_proto_msgTypes[4] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *GetIdentityRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*GetIdentityRequest) ProtoMessage() {} + +func (x *GetIdentityRequest) ProtoReflect() protoreflect.Message { + mi := &file_iam_proto_msgTypes[4] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use GetIdentityRequest.ProtoReflect.Descriptor instead. +func (*GetIdentityRequest) Descriptor() ([]byte, []int) { + return file_iam_proto_rawDescGZIP(), []int{4} +} + +func (x *GetIdentityRequest) GetName() string { + if x != nil { + return x.Name + } + return "" +} + +type GetIdentityResponse struct { + state protoimpl.MessageState `protogen:"open.v1"` + Identity *Identity `protobuf:"bytes,1,opt,name=identity,proto3" json:"identity,omitempty"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache +} + +func (x *GetIdentityResponse) Reset() { + *x = GetIdentityResponse{} + mi := &file_iam_proto_msgTypes[5] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *GetIdentityResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*GetIdentityResponse) ProtoMessage() {} + +func (x *GetIdentityResponse) ProtoReflect() protoreflect.Message { + mi := &file_iam_proto_msgTypes[5] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use GetIdentityResponse.ProtoReflect.Descriptor instead. +func (*GetIdentityResponse) Descriptor() ([]byte, []int) { + return file_iam_proto_rawDescGZIP(), []int{5} +} + +func (x *GetIdentityResponse) GetIdentity() *Identity { + if x != nil { + return x.Identity + } + return nil +} + +type DeleteIdentityRequest struct { + state protoimpl.MessageState `protogen:"open.v1"` + Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache +} + +func (x *DeleteIdentityRequest) Reset() { + *x = DeleteIdentityRequest{} + mi := &file_iam_proto_msgTypes[6] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *DeleteIdentityRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*DeleteIdentityRequest) ProtoMessage() {} + +func (x *DeleteIdentityRequest) ProtoReflect() protoreflect.Message { + mi := &file_iam_proto_msgTypes[6] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use DeleteIdentityRequest.ProtoReflect.Descriptor instead. +func (*DeleteIdentityRequest) Descriptor() ([]byte, []int) { + return file_iam_proto_rawDescGZIP(), []int{6} +} + +func (x *DeleteIdentityRequest) GetName() string { + if x != nil { + return x.Name + } + return "" +} + +type DeleteIdentityResponse struct { + state protoimpl.MessageState `protogen:"open.v1"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache +} + +func (x *DeleteIdentityResponse) Reset() { + *x = DeleteIdentityResponse{} + mi := &file_iam_proto_msgTypes[7] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *DeleteIdentityResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*DeleteIdentityResponse) ProtoMessage() {} + +func (x *DeleteIdentityResponse) ProtoReflect() protoreflect.Message { + mi := &file_iam_proto_msgTypes[7] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use DeleteIdentityResponse.ProtoReflect.Descriptor instead. +func (*DeleteIdentityResponse) Descriptor() ([]byte, []int) { + return file_iam_proto_rawDescGZIP(), []int{7} +} + +type ListIdentitiesRequest struct { + state protoimpl.MessageState `protogen:"open.v1"` + Limit int32 `protobuf:"varint,1,opt,name=limit,proto3" json:"limit,omitempty"` + Offset string `protobuf:"bytes,2,opt,name=offset,proto3" json:"offset,omitempty"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache +} + +func (x *ListIdentitiesRequest) Reset() { + *x = ListIdentitiesRequest{} + mi := &file_iam_proto_msgTypes[8] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *ListIdentitiesRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*ListIdentitiesRequest) ProtoMessage() {} + +func (x *ListIdentitiesRequest) ProtoReflect() protoreflect.Message { + mi := &file_iam_proto_msgTypes[8] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use ListIdentitiesRequest.ProtoReflect.Descriptor instead. +func (*ListIdentitiesRequest) Descriptor() ([]byte, []int) { + return file_iam_proto_rawDescGZIP(), []int{8} +} + +func (x *ListIdentitiesRequest) GetLimit() int32 { + if x != nil { + return x.Limit + } + return 0 +} + +func (x *ListIdentitiesRequest) GetOffset() string { + if x != nil { + return x.Offset + } + return "" +} + +type ListIdentitiesResponse struct { + state protoimpl.MessageState `protogen:"open.v1"` + Identities []*Identity `protobuf:"bytes,1,rep,name=identities,proto3" json:"identities,omitempty"` + IsTruncated bool `protobuf:"varint,2,opt,name=is_truncated,json=isTruncated,proto3" json:"is_truncated,omitempty"` + NextOffset string `protobuf:"bytes,3,opt,name=next_offset,json=nextOffset,proto3" json:"next_offset,omitempty"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache +} + +func (x *ListIdentitiesResponse) Reset() { + *x = ListIdentitiesResponse{} + mi := &file_iam_proto_msgTypes[9] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *ListIdentitiesResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*ListIdentitiesResponse) ProtoMessage() {} + +func (x *ListIdentitiesResponse) ProtoReflect() protoreflect.Message { + mi := &file_iam_proto_msgTypes[9] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use ListIdentitiesResponse.ProtoReflect.Descriptor instead. +func (*ListIdentitiesResponse) Descriptor() ([]byte, []int) { + return file_iam_proto_rawDescGZIP(), []int{9} +} + +func (x *ListIdentitiesResponse) GetIdentities() []*Identity { + if x != nil { + return x.Identities + } + return nil +} + +func (x *ListIdentitiesResponse) GetIsTruncated() bool { + if x != nil { + return x.IsTruncated + } + return false +} + +func (x *ListIdentitiesResponse) GetNextOffset() string { + if x != nil { + return x.NextOffset + } + return "" +} + +type CreatePolicyRequest struct { + state protoimpl.MessageState `protogen:"open.v1"` + Policy *Policy `protobuf:"bytes,1,opt,name=policy,proto3" json:"policy,omitempty"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache +} + +func (x *CreatePolicyRequest) Reset() { + *x = CreatePolicyRequest{} + mi := &file_iam_proto_msgTypes[10] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *CreatePolicyRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*CreatePolicyRequest) ProtoMessage() {} + +func (x *CreatePolicyRequest) ProtoReflect() protoreflect.Message { + mi := &file_iam_proto_msgTypes[10] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use CreatePolicyRequest.ProtoReflect.Descriptor instead. +func (*CreatePolicyRequest) Descriptor() ([]byte, []int) { + return file_iam_proto_rawDescGZIP(), []int{10} +} + +func (x *CreatePolicyRequest) GetPolicy() *Policy { + if x != nil { + return x.Policy + } + return nil +} + +type CreatePolicyResponse struct { + state protoimpl.MessageState `protogen:"open.v1"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache +} + +func (x *CreatePolicyResponse) Reset() { + *x = CreatePolicyResponse{} + mi := &file_iam_proto_msgTypes[11] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *CreatePolicyResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*CreatePolicyResponse) ProtoMessage() {} + +func (x *CreatePolicyResponse) ProtoReflect() protoreflect.Message { + mi := &file_iam_proto_msgTypes[11] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use CreatePolicyResponse.ProtoReflect.Descriptor instead. +func (*CreatePolicyResponse) Descriptor() ([]byte, []int) { + return file_iam_proto_rawDescGZIP(), []int{11} +} + +type GetPolicyRequest struct { + state protoimpl.MessageState `protogen:"open.v1"` + Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache +} + +func (x *GetPolicyRequest) Reset() { + *x = GetPolicyRequest{} + mi := &file_iam_proto_msgTypes[12] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *GetPolicyRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*GetPolicyRequest) ProtoMessage() {} + +func (x *GetPolicyRequest) ProtoReflect() protoreflect.Message { + mi := &file_iam_proto_msgTypes[12] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use GetPolicyRequest.ProtoReflect.Descriptor instead. +func (*GetPolicyRequest) Descriptor() ([]byte, []int) { + return file_iam_proto_rawDescGZIP(), []int{12} +} + +func (x *GetPolicyRequest) GetName() string { + if x != nil { + return x.Name + } + return "" +} + +type GetPolicyResponse struct { + state protoimpl.MessageState `protogen:"open.v1"` + Policy *Policy `protobuf:"bytes,1,opt,name=policy,proto3" json:"policy,omitempty"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache +} + +func (x *GetPolicyResponse) Reset() { + *x = GetPolicyResponse{} + mi := &file_iam_proto_msgTypes[13] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *GetPolicyResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} - protoreflect "google.golang.org/protobuf/reflect/protoreflect" - protoimpl "google.golang.org/protobuf/runtime/protoimpl" -) +func (*GetPolicyResponse) ProtoMessage() {} -const ( - // Verify that this generated code is sufficiently up-to-date. - _ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion) - // Verify that runtime/protoimpl is sufficiently up-to-date. - _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) -) +func (x *GetPolicyResponse) ProtoReflect() protoreflect.Message { + mi := &file_iam_proto_msgTypes[13] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use GetPolicyResponse.ProtoReflect.Descriptor instead. +func (*GetPolicyResponse) Descriptor() ([]byte, []int) { + return file_iam_proto_rawDescGZIP(), []int{13} +} + +func (x *GetPolicyResponse) GetPolicy() *Policy { + if x != nil { + return x.Policy + } + return nil +} + +type DeletePolicyRequest struct { + state protoimpl.MessageState `protogen:"open.v1"` + Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache +} + +func (x *DeletePolicyRequest) Reset() { + *x = DeletePolicyRequest{} + mi := &file_iam_proto_msgTypes[14] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *DeletePolicyRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*DeletePolicyRequest) ProtoMessage() {} + +func (x *DeletePolicyRequest) ProtoReflect() protoreflect.Message { + mi := &file_iam_proto_msgTypes[14] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use DeletePolicyRequest.ProtoReflect.Descriptor instead. +func (*DeletePolicyRequest) Descriptor() ([]byte, []int) { + return file_iam_proto_rawDescGZIP(), []int{14} +} + +func (x *DeletePolicyRequest) GetName() string { + if x != nil { + return x.Name + } + return "" +} + +type DeletePolicyResponse struct { + state protoimpl.MessageState `protogen:"open.v1"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache +} + +func (x *DeletePolicyResponse) Reset() { + *x = DeletePolicyResponse{} + mi := &file_iam_proto_msgTypes[15] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *DeletePolicyResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*DeletePolicyResponse) ProtoMessage() {} + +func (x *DeletePolicyResponse) ProtoReflect() protoreflect.Message { + mi := &file_iam_proto_msgTypes[15] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use DeletePolicyResponse.ProtoReflect.Descriptor instead. +func (*DeletePolicyResponse) Descriptor() ([]byte, []int) { + return file_iam_proto_rawDescGZIP(), []int{15} +} + +type ListPoliciesRequest struct { + state protoimpl.MessageState `protogen:"open.v1"` + Limit int32 `protobuf:"varint,1,opt,name=limit,proto3" json:"limit,omitempty"` + Offset string `protobuf:"bytes,2,opt,name=offset,proto3" json:"offset,omitempty"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache +} + +func (x *ListPoliciesRequest) Reset() { + *x = ListPoliciesRequest{} + mi := &file_iam_proto_msgTypes[16] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *ListPoliciesRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*ListPoliciesRequest) ProtoMessage() {} + +func (x *ListPoliciesRequest) ProtoReflect() protoreflect.Message { + mi := &file_iam_proto_msgTypes[16] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use ListPoliciesRequest.ProtoReflect.Descriptor instead. +func (*ListPoliciesRequest) Descriptor() ([]byte, []int) { + return file_iam_proto_rawDescGZIP(), []int{16} +} + +func (x *ListPoliciesRequest) GetLimit() int32 { + if x != nil { + return x.Limit + } + return 0 +} + +func (x *ListPoliciesRequest) GetOffset() string { + if x != nil { + return x.Offset + } + return "" +} + +type ListPoliciesResponse struct { + state protoimpl.MessageState `protogen:"open.v1"` + Policies []*Policy `protobuf:"bytes,1,rep,name=policies,proto3" json:"policies,omitempty"` + IsTruncated bool `protobuf:"varint,2,opt,name=is_truncated,json=isTruncated,proto3" json:"is_truncated,omitempty"` + NextOffset string `protobuf:"bytes,3,opt,name=next_offset,json=nextOffset,proto3" json:"next_offset,omitempty"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache +} + +func (x *ListPoliciesResponse) Reset() { + *x = ListPoliciesResponse{} + mi := &file_iam_proto_msgTypes[17] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *ListPoliciesResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*ListPoliciesResponse) ProtoMessage() {} + +func (x *ListPoliciesResponse) ProtoReflect() protoreflect.Message { + mi := &file_iam_proto_msgTypes[17] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use ListPoliciesResponse.ProtoReflect.Descriptor instead. +func (*ListPoliciesResponse) Descriptor() ([]byte, []int) { + return file_iam_proto_rawDescGZIP(), []int{17} +} + +func (x *ListPoliciesResponse) GetPolicies() []*Policy { + if x != nil { + return x.Policies + } + return nil +} + +func (x *ListPoliciesResponse) GetIsTruncated() bool { + if x != nil { + return x.IsTruncated + } + return false +} + +func (x *ListPoliciesResponse) GetNextOffset() string { + if x != nil { + return x.NextOffset + } + return "" +} type S3ApiConfiguration struct { - state protoimpl.MessageState `protogen:"open.v1"` - Identities []*Identity `protobuf:"bytes,1,rep,name=identities,proto3" json:"identities,omitempty"` - Accounts []*Account `protobuf:"bytes,2,rep,name=accounts,proto3" json:"accounts,omitempty"` - ServiceAccounts []*ServiceAccount `protobuf:"bytes,3,rep,name=service_accounts,json=serviceAccounts,proto3" json:"service_accounts,omitempty"` - unknownFields protoimpl.UnknownFields - sizeCache protoimpl.SizeCache + state protoimpl.MessageState `protogen:"open.v1"` + Identities []*Identity `protobuf:"bytes,1,rep,name=identities,proto3" json:"identities,omitempty"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache } func (x *S3ApiConfiguration) Reset() { *x = S3ApiConfiguration{} - mi := &file_iam_proto_msgTypes[0] + mi := &file_iam_proto_msgTypes[18] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -45,7 +842,7 @@ func (x *S3ApiConfiguration) String() string { func (*S3ApiConfiguration) ProtoMessage() {} func (x *S3ApiConfiguration) ProtoReflect() protoreflect.Message { - mi := &file_iam_proto_msgTypes[0] + mi := &file_iam_proto_msgTypes[18] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -58,7 +855,7 @@ func (x *S3ApiConfiguration) ProtoReflect() protoreflect.Message { // Deprecated: Use S3ApiConfiguration.ProtoReflect.Descriptor instead. func (*S3ApiConfiguration) Descriptor() ([]byte, []int) { - return file_iam_proto_rawDescGZIP(), []int{0} + return file_iam_proto_rawDescGZIP(), []int{18} } func (x *S3ApiConfiguration) GetIdentities() []*Identity { @@ -68,36 +865,19 @@ func (x *S3ApiConfiguration) GetIdentities() []*Identity { return nil } -func (x *S3ApiConfiguration) GetAccounts() []*Account { - if x != nil { - return x.Accounts - } - return nil -} - -func (x *S3ApiConfiguration) GetServiceAccounts() []*ServiceAccount { - if x != nil { - return x.ServiceAccounts - } - return nil -} - type Identity struct { - state protoimpl.MessageState `protogen:"open.v1"` - Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` - Credentials []*Credential `protobuf:"bytes,2,rep,name=credentials,proto3" json:"credentials,omitempty"` - Actions []string `protobuf:"bytes,3,rep,name=actions,proto3" json:"actions,omitempty"` - Account *Account `protobuf:"bytes,4,opt,name=account,proto3" json:"account,omitempty"` - Disabled bool `protobuf:"varint,5,opt,name=disabled,proto3" json:"disabled,omitempty"` // User status: false = enabled (default), true = disabled - ServiceAccountIds []string `protobuf:"bytes,6,rep,name=service_account_ids,json=serviceAccountIds,proto3" json:"service_account_ids,omitempty"` // IDs of service accounts owned by this user - PolicyNames []string `protobuf:"bytes,7,rep,name=policy_names,json=policyNames,proto3" json:"policy_names,omitempty"` - unknownFields protoimpl.UnknownFields - sizeCache protoimpl.SizeCache + state protoimpl.MessageState `protogen:"open.v1"` + Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` + Credentials []*Credential `protobuf:"bytes,2,rep,name=credentials,proto3" json:"credentials,omitempty"` + Actions []string `protobuf:"bytes,3,rep,name=actions,proto3" json:"actions,omitempty"` + Account *Account `protobuf:"bytes,4,opt,name=account,proto3" json:"account,omitempty"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache } func (x *Identity) Reset() { *x = Identity{} - mi := &file_iam_proto_msgTypes[1] + mi := &file_iam_proto_msgTypes[19] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -109,7 +889,7 @@ func (x *Identity) String() string { func (*Identity) ProtoMessage() {} func (x *Identity) ProtoReflect() protoreflect.Message { - mi := &file_iam_proto_msgTypes[1] + mi := &file_iam_proto_msgTypes[19] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -122,7 +902,7 @@ func (x *Identity) ProtoReflect() protoreflect.Message { // Deprecated: Use Identity.ProtoReflect.Descriptor instead. func (*Identity) Descriptor() ([]byte, []int) { - return file_iam_proto_rawDescGZIP(), []int{1} + return file_iam_proto_rawDescGZIP(), []int{19} } func (x *Identity) GetName() string { @@ -153,39 +933,17 @@ func (x *Identity) GetAccount() *Account { return nil } -func (x *Identity) GetDisabled() bool { - if x != nil { - return x.Disabled - } - return false -} - -func (x *Identity) GetServiceAccountIds() []string { - if x != nil { - return x.ServiceAccountIds - } - return nil -} - -func (x *Identity) GetPolicyNames() []string { - if x != nil { - return x.PolicyNames - } - return nil -} - type Credential struct { state protoimpl.MessageState `protogen:"open.v1"` AccessKey string `protobuf:"bytes,1,opt,name=access_key,json=accessKey,proto3" json:"access_key,omitempty"` SecretKey string `protobuf:"bytes,2,opt,name=secret_key,json=secretKey,proto3" json:"secret_key,omitempty"` - Status string `protobuf:"bytes,3,opt,name=status,proto3" json:"status,omitempty"` // Access key status: "Active" or "Inactive" unknownFields protoimpl.UnknownFields sizeCache protoimpl.SizeCache } func (x *Credential) Reset() { *x = Credential{} - mi := &file_iam_proto_msgTypes[2] + mi := &file_iam_proto_msgTypes[20] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -197,7 +955,7 @@ func (x *Credential) String() string { func (*Credential) ProtoMessage() {} func (x *Credential) ProtoReflect() protoreflect.Message { - mi := &file_iam_proto_msgTypes[2] + mi := &file_iam_proto_msgTypes[20] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -210,7 +968,7 @@ func (x *Credential) ProtoReflect() protoreflect.Message { // Deprecated: Use Credential.ProtoReflect.Descriptor instead. func (*Credential) Descriptor() ([]byte, []int) { - return file_iam_proto_rawDescGZIP(), []int{2} + return file_iam_proto_rawDescGZIP(), []int{20} } func (x *Credential) GetAccessKey() string { @@ -227,13 +985,6 @@ func (x *Credential) GetSecretKey() string { return "" } -func (x *Credential) GetStatus() string { - if x != nil { - return x.Status - } - return "" -} - type Account struct { state protoimpl.MessageState `protogen:"open.v1"` Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` @@ -245,7 +996,7 @@ type Account struct { func (x *Account) Reset() { *x = Account{} - mi := &file_iam_proto_msgTypes[3] + mi := &file_iam_proto_msgTypes[21] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -257,7 +1008,7 @@ func (x *Account) String() string { func (*Account) ProtoMessage() {} func (x *Account) ProtoReflect() protoreflect.Message { - mi := &file_iam_proto_msgTypes[3] + mi := &file_iam_proto_msgTypes[21] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -270,7 +1021,7 @@ func (x *Account) ProtoReflect() protoreflect.Message { // Deprecated: Use Account.ProtoReflect.Descriptor instead. func (*Account) Descriptor() ([]byte, []int) { - return file_iam_proto_rawDescGZIP(), []int{3} + return file_iam_proto_rawDescGZIP(), []int{21} } func (x *Account) GetId() string { @@ -294,38 +1045,32 @@ func (x *Account) GetEmailAddress() string { return "" } -// ServiceAccount represents a service account - special credentials for applications. -// Service accounts are linked to a parent user and can have restricted permissions. -type ServiceAccount struct { +// Policy constants +type Policy struct { state protoimpl.MessageState `protogen:"open.v1"` - Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` // Unique identifier (e.g., "sa-xxxxx") - ParentUser string `protobuf:"bytes,2,opt,name=parent_user,json=parentUser,proto3" json:"parent_user,omitempty"` // Parent identity name - Description string `protobuf:"bytes,3,opt,name=description,proto3" json:"description,omitempty"` // Optional description - Credential *Credential `protobuf:"bytes,4,opt,name=credential,proto3" json:"credential,omitempty"` // Access key/secret for this service account - Actions []string `protobuf:"bytes,5,rep,name=actions,proto3" json:"actions,omitempty"` // Allowed actions (subset of parent) - Expiration int64 `protobuf:"varint,6,opt,name=expiration,proto3" json:"expiration,omitempty"` // Unix timestamp, 0 = no expiration - Disabled bool `protobuf:"varint,7,opt,name=disabled,proto3" json:"disabled,omitempty"` // Status: false = enabled (default) - CreatedAt int64 `protobuf:"varint,8,opt,name=created_at,json=createdAt,proto3" json:"created_at,omitempty"` // Creation timestamp - CreatedBy string `protobuf:"bytes,9,opt,name=created_by,json=createdBy,proto3" json:"created_by,omitempty"` // Who created this service account + Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` + Version string `protobuf:"bytes,2,opt,name=version,proto3" json:"version,omitempty"` + Id string `protobuf:"bytes,3,opt,name=id,proto3" json:"id,omitempty"` + Statements []*Statement `protobuf:"bytes,4,rep,name=statements,proto3" json:"statements,omitempty"` unknownFields protoimpl.UnknownFields sizeCache protoimpl.SizeCache } -func (x *ServiceAccount) Reset() { - *x = ServiceAccount{} - mi := &file_iam_proto_msgTypes[4] +func (x *Policy) Reset() { + *x = Policy{} + mi := &file_iam_proto_msgTypes[22] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } -func (x *ServiceAccount) String() string { +func (x *Policy) String() string { return protoimpl.X.MessageStringOf(x) } -func (*ServiceAccount) ProtoMessage() {} +func (*Policy) ProtoMessage() {} -func (x *ServiceAccount) ProtoReflect() protoreflect.Message { - mi := &file_iam_proto_msgTypes[4] +func (x *Policy) ProtoReflect() protoreflect.Message { + mi := &file_iam_proto_msgTypes[22] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -336,70 +1081,132 @@ func (x *ServiceAccount) ProtoReflect() protoreflect.Message { return mi.MessageOf(x) } -// Deprecated: Use ServiceAccount.ProtoReflect.Descriptor instead. -func (*ServiceAccount) Descriptor() ([]byte, []int) { - return file_iam_proto_rawDescGZIP(), []int{4} +// Deprecated: Use Policy.ProtoReflect.Descriptor instead. +func (*Policy) Descriptor() ([]byte, []int) { + return file_iam_proto_rawDescGZIP(), []int{22} } -func (x *ServiceAccount) GetId() string { +func (x *Policy) GetName() string { if x != nil { - return x.Id + return x.Name } return "" } -func (x *ServiceAccount) GetParentUser() string { +func (x *Policy) GetVersion() string { if x != nil { - return x.ParentUser + return x.Version } return "" } -func (x *ServiceAccount) GetDescription() string { +func (x *Policy) GetId() string { if x != nil { - return x.Description + return x.Id } return "" } -func (x *ServiceAccount) GetCredential() *Credential { +func (x *Policy) GetStatements() []*Statement { if x != nil { - return x.Credential + return x.Statements } return nil } -func (x *ServiceAccount) GetActions() []string { +type Statement struct { + state protoimpl.MessageState `protogen:"open.v1"` + Sid string `protobuf:"bytes,1,opt,name=sid,proto3" json:"sid,omitempty"` + Effect string `protobuf:"bytes,2,opt,name=effect,proto3" json:"effect,omitempty"` + Action []string `protobuf:"bytes,3,rep,name=action,proto3" json:"action,omitempty"` + NotAction []string `protobuf:"bytes,4,rep,name=not_action,json=notAction,proto3" json:"not_action,omitempty"` + Resource []string `protobuf:"bytes,5,rep,name=resource,proto3" json:"resource,omitempty"` + NotResource []string `protobuf:"bytes,6,rep,name=not_resource,json=notResource,proto3" json:"not_resource,omitempty"` + // Condition is a map of string to map of string to string + // This is a simplified representation, actual policy engine supports more complex structures + // but for proto we can start with bytes or string logic + // map> condition = 7; + // or store as json string + ConditionJson string `protobuf:"bytes,7,opt,name=condition_json,json=conditionJson,proto3" json:"condition_json,omitempty"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache +} + +func (x *Statement) Reset() { + *x = Statement{} + mi := &file_iam_proto_msgTypes[23] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *Statement) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*Statement) ProtoMessage() {} + +func (x *Statement) ProtoReflect() protoreflect.Message { + mi := &file_iam_proto_msgTypes[23] if x != nil { - return x.Actions + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use Statement.ProtoReflect.Descriptor instead. +func (*Statement) Descriptor() ([]byte, []int) { + return file_iam_proto_rawDescGZIP(), []int{23} +} + +func (x *Statement) GetSid() string { + if x != nil { + return x.Sid + } + return "" +} + +func (x *Statement) GetEffect() string { + if x != nil { + return x.Effect + } + return "" +} + +func (x *Statement) GetAction() []string { + if x != nil { + return x.Action } return nil } -func (x *ServiceAccount) GetExpiration() int64 { +func (x *Statement) GetNotAction() []string { if x != nil { - return x.Expiration + return x.NotAction } - return 0 + return nil } -func (x *ServiceAccount) GetDisabled() bool { +func (x *Statement) GetResource() []string { if x != nil { - return x.Disabled + return x.Resource } - return false + return nil } -func (x *ServiceAccount) GetCreatedAt() int64 { +func (x *Statement) GetNotResource() []string { if x != nil { - return x.CreatedAt + return x.NotResource } - return 0 + return nil } -func (x *ServiceAccount) GetCreatedBy() string { +func (x *Statement) GetConditionJson() string { if x != nil { - return x.CreatedBy + return x.ConditionJson } return "" } @@ -408,50 +1215,93 @@ var File_iam_proto protoreflect.FileDescriptor const file_iam_proto_rawDesc = "" + "\n" + - "\tiam.proto\x12\x06iam_pb\"\xb6\x01\n" + + "\tiam.proto\x12\x06iam_pb\"E\n" + + "\x15CreateIdentityRequest\x12,\n" + + "\bidentity\x18\x01 \x01(\v2\x10.iam_pb.IdentityR\bidentity\"\x18\n" + + "\x16CreateIdentityResponse\"E\n" + + "\x15UpdateIdentityRequest\x12,\n" + + "\bidentity\x18\x01 \x01(\v2\x10.iam_pb.IdentityR\bidentity\"\x18\n" + + "\x16UpdateIdentityResponse\"(\n" + + "\x12GetIdentityRequest\x12\x12\n" + + "\x04name\x18\x01 \x01(\tR\x04name\"C\n" + + "\x13GetIdentityResponse\x12,\n" + + "\bidentity\x18\x01 \x01(\v2\x10.iam_pb.IdentityR\bidentity\"+\n" + + "\x15DeleteIdentityRequest\x12\x12\n" + + "\x04name\x18\x01 \x01(\tR\x04name\"\x18\n" + + "\x16DeleteIdentityResponse\"E\n" + + "\x15ListIdentitiesRequest\x12\x14\n" + + "\x05limit\x18\x01 \x01(\x05R\x05limit\x12\x16\n" + + "\x06offset\x18\x02 \x01(\tR\x06offset\"\x8e\x01\n" + + "\x16ListIdentitiesResponse\x120\n" + + "\n" + + "identities\x18\x01 \x03(\v2\x10.iam_pb.IdentityR\n" + + "identities\x12!\n" + + "\fis_truncated\x18\x02 \x01(\bR\visTruncated\x12\x1f\n" + + "\vnext_offset\x18\x03 \x01(\tR\n" + + "nextOffset\"=\n" + + "\x13CreatePolicyRequest\x12&\n" + + "\x06policy\x18\x01 \x01(\v2\x0e.iam_pb.PolicyR\x06policy\"\x16\n" + + "\x14CreatePolicyResponse\"&\n" + + "\x10GetPolicyRequest\x12\x12\n" + + "\x04name\x18\x01 \x01(\tR\x04name\";\n" + + "\x11GetPolicyResponse\x12&\n" + + "\x06policy\x18\x01 \x01(\v2\x0e.iam_pb.PolicyR\x06policy\")\n" + + "\x13DeletePolicyRequest\x12\x12\n" + + "\x04name\x18\x01 \x01(\tR\x04name\"\x16\n" + + "\x14DeletePolicyResponse\"C\n" + + "\x13ListPoliciesRequest\x12\x14\n" + + "\x05limit\x18\x01 \x01(\x05R\x05limit\x12\x16\n" + + "\x06offset\x18\x02 \x01(\tR\x06offset\"\x86\x01\n" + + "\x14ListPoliciesResponse\x12*\n" + + "\bpolicies\x18\x01 \x03(\v2\x0e.iam_pb.PolicyR\bpolicies\x12!\n" + + "\fis_truncated\x18\x02 \x01(\bR\visTruncated\x12\x1f\n" + + "\vnext_offset\x18\x03 \x01(\tR\n" + + "nextOffset\"F\n" + "\x12S3ApiConfiguration\x120\n" + "\n" + "identities\x18\x01 \x03(\v2\x10.iam_pb.IdentityR\n" + - "identities\x12+\n" + - "\baccounts\x18\x02 \x03(\v2\x0f.iam_pb.AccountR\baccounts\x12A\n" + - "\x10service_accounts\x18\x03 \x03(\v2\x16.iam_pb.ServiceAccountR\x0fserviceAccounts\"\x88\x02\n" + + "identities\"\x99\x01\n" + "\bIdentity\x12\x12\n" + "\x04name\x18\x01 \x01(\tR\x04name\x124\n" + "\vcredentials\x18\x02 \x03(\v2\x12.iam_pb.CredentialR\vcredentials\x12\x18\n" + "\aactions\x18\x03 \x03(\tR\aactions\x12)\n" + - "\aaccount\x18\x04 \x01(\v2\x0f.iam_pb.AccountR\aaccount\x12\x1a\n" + - "\bdisabled\x18\x05 \x01(\bR\bdisabled\x12.\n" + - "\x13service_account_ids\x18\x06 \x03(\tR\x11serviceAccountIds\x12!\n" + - "\fpolicy_names\x18\a \x03(\tR\vpolicyNames\"b\n" + + "\aaccount\x18\x04 \x01(\v2\x0f.iam_pb.AccountR\aaccount\"J\n" + "\n" + "Credential\x12\x1d\n" + "\n" + "access_key\x18\x01 \x01(\tR\taccessKey\x12\x1d\n" + "\n" + - "secret_key\x18\x02 \x01(\tR\tsecretKey\x12\x16\n" + - "\x06status\x18\x03 \x01(\tR\x06status\"a\n" + + "secret_key\x18\x02 \x01(\tR\tsecretKey\"a\n" + "\aAccount\x12\x0e\n" + "\x02id\x18\x01 \x01(\tR\x02id\x12!\n" + "\fdisplay_name\x18\x02 \x01(\tR\vdisplayName\x12#\n" + - "\remail_address\x18\x03 \x01(\tR\femailAddress\"\xab\x02\n" + - "\x0eServiceAccount\x12\x0e\n" + - "\x02id\x18\x01 \x01(\tR\x02id\x12\x1f\n" + - "\vparent_user\x18\x02 \x01(\tR\n" + - "parentUser\x12 \n" + - "\vdescription\x18\x03 \x01(\tR\vdescription\x122\n" + - "\n" + - "credential\x18\x04 \x01(\v2\x12.iam_pb.CredentialR\n" + - "credential\x12\x18\n" + - "\aactions\x18\x05 \x03(\tR\aactions\x12\x1e\n" + - "\n" + - "expiration\x18\x06 \x01(\x03R\n" + - "expiration\x12\x1a\n" + - "\bdisabled\x18\a \x01(\bR\bdisabled\x12\x1d\n" + + "\remail_address\x18\x03 \x01(\tR\femailAddress\"y\n" + + "\x06Policy\x12\x12\n" + + "\x04name\x18\x01 \x01(\tR\x04name\x12\x18\n" + + "\aversion\x18\x02 \x01(\tR\aversion\x12\x0e\n" + + "\x02id\x18\x03 \x01(\tR\x02id\x121\n" + "\n" + - "created_at\x18\b \x01(\x03R\tcreatedAt\x12\x1d\n" + + "statements\x18\x04 \x03(\v2\x11.iam_pb.StatementR\n" + + "statements\"\xd2\x01\n" + + "\tStatement\x12\x10\n" + + "\x03sid\x18\x01 \x01(\tR\x03sid\x12\x16\n" + + "\x06effect\x18\x02 \x01(\tR\x06effect\x12\x16\n" + + "\x06action\x18\x03 \x03(\tR\x06action\x12\x1d\n" + "\n" + - "created_by\x18\t \x01(\tR\tcreatedBy2!\n" + - "\x1fSeaweedIdentityAccessManagementBK\n" + + "not_action\x18\x04 \x03(\tR\tnotAction\x12\x1a\n" + + "\bresource\x18\x05 \x03(\tR\bresource\x12!\n" + + "\fnot_resource\x18\x06 \x03(\tR\vnotResource\x12%\n" + + "\x0econdition_json\x18\a \x01(\tR\rconditionJson2\xd1\x05\n" + + "\x1fSeaweedIdentityAccessManagement\x12O\n" + + "\x0eCreateIdentity\x12\x1d.iam_pb.CreateIdentityRequest\x1a\x1e.iam_pb.CreateIdentityResponse\x12P\n" + + "\x0fUpdatesIdentity\x12\x1d.iam_pb.UpdateIdentityRequest\x1a\x1e.iam_pb.UpdateIdentityResponse\x12F\n" + + "\vGetIdentity\x12\x1a.iam_pb.GetIdentityRequest\x1a\x1b.iam_pb.GetIdentityResponse\x12O\n" + + "\x0eDeleteIdentity\x12\x1d.iam_pb.DeleteIdentityRequest\x1a\x1e.iam_pb.DeleteIdentityResponse\x12O\n" + + "\x0eListIdentities\x12\x1d.iam_pb.ListIdentitiesRequest\x1a\x1e.iam_pb.ListIdentitiesResponse\x12I\n" + + "\fCreatePolicy\x12\x1b.iam_pb.CreatePolicyRequest\x1a\x1c.iam_pb.CreatePolicyResponse\x12@\n" + + "\tGetPolicy\x12\x18.iam_pb.GetPolicyRequest\x1a\x19.iam_pb.GetPolicyResponse\x12I\n" + + "\fDeletePolicy\x12\x1b.iam_pb.DeletePolicyRequest\x1a\x1c.iam_pb.DeletePolicyResponse\x12I\n" + + "\fListPolicies\x12\x1b.iam_pb.ListPoliciesRequest\x1a\x1c.iam_pb.ListPoliciesResponseBK\n" + "\x10seaweedfs.clientB\bIamProtoZ-github.com/seaweedfs/seaweedfs/weed/pb/iam_pbb\x06proto3" var ( @@ -466,26 +1316,68 @@ func file_iam_proto_rawDescGZIP() []byte { return file_iam_proto_rawDescData } -var file_iam_proto_msgTypes = make([]protoimpl.MessageInfo, 5) +var file_iam_proto_msgTypes = make([]protoimpl.MessageInfo, 24) var file_iam_proto_goTypes = []any{ - (*S3ApiConfiguration)(nil), // 0: iam_pb.S3ApiConfiguration - (*Identity)(nil), // 1: iam_pb.Identity - (*Credential)(nil), // 2: iam_pb.Credential - (*Account)(nil), // 3: iam_pb.Account - (*ServiceAccount)(nil), // 4: iam_pb.ServiceAccount + (*CreateIdentityRequest)(nil), // 0: iam_pb.CreateIdentityRequest + (*CreateIdentityResponse)(nil), // 1: iam_pb.CreateIdentityResponse + (*UpdateIdentityRequest)(nil), // 2: iam_pb.UpdateIdentityRequest + (*UpdateIdentityResponse)(nil), // 3: iam_pb.UpdateIdentityResponse + (*GetIdentityRequest)(nil), // 4: iam_pb.GetIdentityRequest + (*GetIdentityResponse)(nil), // 5: iam_pb.GetIdentityResponse + (*DeleteIdentityRequest)(nil), // 6: iam_pb.DeleteIdentityRequest + (*DeleteIdentityResponse)(nil), // 7: iam_pb.DeleteIdentityResponse + (*ListIdentitiesRequest)(nil), // 8: iam_pb.ListIdentitiesRequest + (*ListIdentitiesResponse)(nil), // 9: iam_pb.ListIdentitiesResponse + (*CreatePolicyRequest)(nil), // 10: iam_pb.CreatePolicyRequest + (*CreatePolicyResponse)(nil), // 11: iam_pb.CreatePolicyResponse + (*GetPolicyRequest)(nil), // 12: iam_pb.GetPolicyRequest + (*GetPolicyResponse)(nil), // 13: iam_pb.GetPolicyResponse + (*DeletePolicyRequest)(nil), // 14: iam_pb.DeletePolicyRequest + (*DeletePolicyResponse)(nil), // 15: iam_pb.DeletePolicyResponse + (*ListPoliciesRequest)(nil), // 16: iam_pb.ListPoliciesRequest + (*ListPoliciesResponse)(nil), // 17: iam_pb.ListPoliciesResponse + (*S3ApiConfiguration)(nil), // 18: iam_pb.S3ApiConfiguration + (*Identity)(nil), // 19: iam_pb.Identity + (*Credential)(nil), // 20: iam_pb.Credential + (*Account)(nil), // 21: iam_pb.Account + (*Policy)(nil), // 22: iam_pb.Policy + (*Statement)(nil), // 23: iam_pb.Statement } var file_iam_proto_depIdxs = []int32{ - 1, // 0: iam_pb.S3ApiConfiguration.identities:type_name -> iam_pb.Identity - 3, // 1: iam_pb.S3ApiConfiguration.accounts:type_name -> iam_pb.Account - 4, // 2: iam_pb.S3ApiConfiguration.service_accounts:type_name -> iam_pb.ServiceAccount - 2, // 3: iam_pb.Identity.credentials:type_name -> iam_pb.Credential - 3, // 4: iam_pb.Identity.account:type_name -> iam_pb.Account - 2, // 5: iam_pb.ServiceAccount.credential:type_name -> iam_pb.Credential - 6, // [6:6] is the sub-list for method output_type - 6, // [6:6] is the sub-list for method input_type - 6, // [6:6] is the sub-list for extension type_name - 6, // [6:6] is the sub-list for extension extendee - 0, // [0:6] is the sub-list for field type_name + 19, // 0: iam_pb.CreateIdentityRequest.identity:type_name -> iam_pb.Identity + 19, // 1: iam_pb.UpdateIdentityRequest.identity:type_name -> iam_pb.Identity + 19, // 2: iam_pb.GetIdentityResponse.identity:type_name -> iam_pb.Identity + 19, // 3: iam_pb.ListIdentitiesResponse.identities:type_name -> iam_pb.Identity + 22, // 4: iam_pb.CreatePolicyRequest.policy:type_name -> iam_pb.Policy + 22, // 5: iam_pb.GetPolicyResponse.policy:type_name -> iam_pb.Policy + 22, // 6: iam_pb.ListPoliciesResponse.policies:type_name -> iam_pb.Policy + 19, // 7: iam_pb.S3ApiConfiguration.identities:type_name -> iam_pb.Identity + 20, // 8: iam_pb.Identity.credentials:type_name -> iam_pb.Credential + 21, // 9: iam_pb.Identity.account:type_name -> iam_pb.Account + 23, // 10: iam_pb.Policy.statements:type_name -> iam_pb.Statement + 0, // 11: iam_pb.SeaweedIdentityAccessManagement.CreateIdentity:input_type -> iam_pb.CreateIdentityRequest + 2, // 12: iam_pb.SeaweedIdentityAccessManagement.UpdatesIdentity:input_type -> iam_pb.UpdateIdentityRequest + 4, // 13: iam_pb.SeaweedIdentityAccessManagement.GetIdentity:input_type -> iam_pb.GetIdentityRequest + 6, // 14: iam_pb.SeaweedIdentityAccessManagement.DeleteIdentity:input_type -> iam_pb.DeleteIdentityRequest + 8, // 15: iam_pb.SeaweedIdentityAccessManagement.ListIdentities:input_type -> iam_pb.ListIdentitiesRequest + 10, // 16: iam_pb.SeaweedIdentityAccessManagement.CreatePolicy:input_type -> iam_pb.CreatePolicyRequest + 12, // 17: iam_pb.SeaweedIdentityAccessManagement.GetPolicy:input_type -> iam_pb.GetPolicyRequest + 14, // 18: iam_pb.SeaweedIdentityAccessManagement.DeletePolicy:input_type -> iam_pb.DeletePolicyRequest + 16, // 19: iam_pb.SeaweedIdentityAccessManagement.ListPolicies:input_type -> iam_pb.ListPoliciesRequest + 1, // 20: iam_pb.SeaweedIdentityAccessManagement.CreateIdentity:output_type -> iam_pb.CreateIdentityResponse + 3, // 21: iam_pb.SeaweedIdentityAccessManagement.UpdatesIdentity:output_type -> iam_pb.UpdateIdentityResponse + 5, // 22: iam_pb.SeaweedIdentityAccessManagement.GetIdentity:output_type -> iam_pb.GetIdentityResponse + 7, // 23: iam_pb.SeaweedIdentityAccessManagement.DeleteIdentity:output_type -> iam_pb.DeleteIdentityResponse + 9, // 24: iam_pb.SeaweedIdentityAccessManagement.ListIdentities:output_type -> iam_pb.ListIdentitiesResponse + 11, // 25: iam_pb.SeaweedIdentityAccessManagement.CreatePolicy:output_type -> iam_pb.CreatePolicyResponse + 13, // 26: iam_pb.SeaweedIdentityAccessManagement.GetPolicy:output_type -> iam_pb.GetPolicyResponse + 15, // 27: iam_pb.SeaweedIdentityAccessManagement.DeletePolicy:output_type -> iam_pb.DeletePolicyResponse + 17, // 28: iam_pb.SeaweedIdentityAccessManagement.ListPolicies:output_type -> iam_pb.ListPoliciesResponse + 20, // [20:29] is the sub-list for method output_type + 11, // [11:20] is the sub-list for method input_type + 11, // [11:11] is the sub-list for extension type_name + 11, // [11:11] is the sub-list for extension extendee + 0, // [0:11] is the sub-list for field type_name } func init() { file_iam_proto_init() } @@ -499,7 +1391,7 @@ func file_iam_proto_init() { GoPackagePath: reflect.TypeOf(x{}).PkgPath(), RawDescriptor: unsafe.Slice(unsafe.StringData(file_iam_proto_rawDesc), len(file_iam_proto_rawDesc)), NumEnums: 0, - NumMessages: 5, + NumMessages: 24, NumExtensions: 0, NumServices: 1, }, diff --git a/weed/pb/iam_pb/iam_grpc.pb.go b/weed/pb/iam_pb/iam_grpc.pb.go index 12e70e9b6..eed0b6ed9 100644 --- a/weed/pb/iam_pb/iam_grpc.pb.go +++ b/weed/pb/iam_pb/iam_grpc.pb.go @@ -1,13 +1,16 @@ // Code generated by protoc-gen-go-grpc. DO NOT EDIT. // versions: // - protoc-gen-go-grpc v1.5.1 -// - protoc v6.33.1 +// - protoc v6.33.4 // source: iam.proto package iam_pb import ( + context "context" grpc "google.golang.org/grpc" + codes "google.golang.org/grpc/codes" + status "google.golang.org/grpc/status" ) // This is a compile-time assertion to ensure that this generated file @@ -15,10 +18,31 @@ import ( // Requires gRPC-Go v1.64.0 or later. const _ = grpc.SupportPackageIsVersion9 +const ( + SeaweedIdentityAccessManagement_CreateIdentity_FullMethodName = "/iam_pb.SeaweedIdentityAccessManagement/CreateIdentity" + SeaweedIdentityAccessManagement_UpdatesIdentity_FullMethodName = "/iam_pb.SeaweedIdentityAccessManagement/UpdatesIdentity" + SeaweedIdentityAccessManagement_GetIdentity_FullMethodName = "/iam_pb.SeaweedIdentityAccessManagement/GetIdentity" + SeaweedIdentityAccessManagement_DeleteIdentity_FullMethodName = "/iam_pb.SeaweedIdentityAccessManagement/DeleteIdentity" + SeaweedIdentityAccessManagement_ListIdentities_FullMethodName = "/iam_pb.SeaweedIdentityAccessManagement/ListIdentities" + SeaweedIdentityAccessManagement_CreatePolicy_FullMethodName = "/iam_pb.SeaweedIdentityAccessManagement/CreatePolicy" + SeaweedIdentityAccessManagement_GetPolicy_FullMethodName = "/iam_pb.SeaweedIdentityAccessManagement/GetPolicy" + SeaweedIdentityAccessManagement_DeletePolicy_FullMethodName = "/iam_pb.SeaweedIdentityAccessManagement/DeletePolicy" + SeaweedIdentityAccessManagement_ListPolicies_FullMethodName = "/iam_pb.SeaweedIdentityAccessManagement/ListPolicies" +) + // SeaweedIdentityAccessManagementClient is the client API for SeaweedIdentityAccessManagement service. // // For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream. type SeaweedIdentityAccessManagementClient interface { + CreateIdentity(ctx context.Context, in *CreateIdentityRequest, opts ...grpc.CallOption) (*CreateIdentityResponse, error) + UpdatesIdentity(ctx context.Context, in *UpdateIdentityRequest, opts ...grpc.CallOption) (*UpdateIdentityResponse, error) + GetIdentity(ctx context.Context, in *GetIdentityRequest, opts ...grpc.CallOption) (*GetIdentityResponse, error) + DeleteIdentity(ctx context.Context, in *DeleteIdentityRequest, opts ...grpc.CallOption) (*DeleteIdentityResponse, error) + ListIdentities(ctx context.Context, in *ListIdentitiesRequest, opts ...grpc.CallOption) (*ListIdentitiesResponse, error) + CreatePolicy(ctx context.Context, in *CreatePolicyRequest, opts ...grpc.CallOption) (*CreatePolicyResponse, error) + GetPolicy(ctx context.Context, in *GetPolicyRequest, opts ...grpc.CallOption) (*GetPolicyResponse, error) + DeletePolicy(ctx context.Context, in *DeletePolicyRequest, opts ...grpc.CallOption) (*DeletePolicyResponse, error) + ListPolicies(ctx context.Context, in *ListPoliciesRequest, opts ...grpc.CallOption) (*ListPoliciesResponse, error) } type seaweedIdentityAccessManagementClient struct { @@ -29,10 +53,109 @@ func NewSeaweedIdentityAccessManagementClient(cc grpc.ClientConnInterface) Seawe return &seaweedIdentityAccessManagementClient{cc} } +func (c *seaweedIdentityAccessManagementClient) CreateIdentity(ctx context.Context, in *CreateIdentityRequest, opts ...grpc.CallOption) (*CreateIdentityResponse, error) { + cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) + out := new(CreateIdentityResponse) + err := c.cc.Invoke(ctx, SeaweedIdentityAccessManagement_CreateIdentity_FullMethodName, in, out, cOpts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *seaweedIdentityAccessManagementClient) UpdatesIdentity(ctx context.Context, in *UpdateIdentityRequest, opts ...grpc.CallOption) (*UpdateIdentityResponse, error) { + cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) + out := new(UpdateIdentityResponse) + err := c.cc.Invoke(ctx, SeaweedIdentityAccessManagement_UpdatesIdentity_FullMethodName, in, out, cOpts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *seaweedIdentityAccessManagementClient) GetIdentity(ctx context.Context, in *GetIdentityRequest, opts ...grpc.CallOption) (*GetIdentityResponse, error) { + cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) + out := new(GetIdentityResponse) + err := c.cc.Invoke(ctx, SeaweedIdentityAccessManagement_GetIdentity_FullMethodName, in, out, cOpts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *seaweedIdentityAccessManagementClient) DeleteIdentity(ctx context.Context, in *DeleteIdentityRequest, opts ...grpc.CallOption) (*DeleteIdentityResponse, error) { + cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) + out := new(DeleteIdentityResponse) + err := c.cc.Invoke(ctx, SeaweedIdentityAccessManagement_DeleteIdentity_FullMethodName, in, out, cOpts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *seaweedIdentityAccessManagementClient) ListIdentities(ctx context.Context, in *ListIdentitiesRequest, opts ...grpc.CallOption) (*ListIdentitiesResponse, error) { + cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) + out := new(ListIdentitiesResponse) + err := c.cc.Invoke(ctx, SeaweedIdentityAccessManagement_ListIdentities_FullMethodName, in, out, cOpts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *seaweedIdentityAccessManagementClient) CreatePolicy(ctx context.Context, in *CreatePolicyRequest, opts ...grpc.CallOption) (*CreatePolicyResponse, error) { + cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) + out := new(CreatePolicyResponse) + err := c.cc.Invoke(ctx, SeaweedIdentityAccessManagement_CreatePolicy_FullMethodName, in, out, cOpts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *seaweedIdentityAccessManagementClient) GetPolicy(ctx context.Context, in *GetPolicyRequest, opts ...grpc.CallOption) (*GetPolicyResponse, error) { + cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) + out := new(GetPolicyResponse) + err := c.cc.Invoke(ctx, SeaweedIdentityAccessManagement_GetPolicy_FullMethodName, in, out, cOpts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *seaweedIdentityAccessManagementClient) DeletePolicy(ctx context.Context, in *DeletePolicyRequest, opts ...grpc.CallOption) (*DeletePolicyResponse, error) { + cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) + out := new(DeletePolicyResponse) + err := c.cc.Invoke(ctx, SeaweedIdentityAccessManagement_DeletePolicy_FullMethodName, in, out, cOpts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *seaweedIdentityAccessManagementClient) ListPolicies(ctx context.Context, in *ListPoliciesRequest, opts ...grpc.CallOption) (*ListPoliciesResponse, error) { + cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) + out := new(ListPoliciesResponse) + err := c.cc.Invoke(ctx, SeaweedIdentityAccessManagement_ListPolicies_FullMethodName, in, out, cOpts...) + if err != nil { + return nil, err + } + return out, nil +} + // SeaweedIdentityAccessManagementServer is the server API for SeaweedIdentityAccessManagement service. // All implementations must embed UnimplementedSeaweedIdentityAccessManagementServer // for forward compatibility. type SeaweedIdentityAccessManagementServer interface { + CreateIdentity(context.Context, *CreateIdentityRequest) (*CreateIdentityResponse, error) + UpdatesIdentity(context.Context, *UpdateIdentityRequest) (*UpdateIdentityResponse, error) + GetIdentity(context.Context, *GetIdentityRequest) (*GetIdentityResponse, error) + DeleteIdentity(context.Context, *DeleteIdentityRequest) (*DeleteIdentityResponse, error) + ListIdentities(context.Context, *ListIdentitiesRequest) (*ListIdentitiesResponse, error) + CreatePolicy(context.Context, *CreatePolicyRequest) (*CreatePolicyResponse, error) + GetPolicy(context.Context, *GetPolicyRequest) (*GetPolicyResponse, error) + DeletePolicy(context.Context, *DeletePolicyRequest) (*DeletePolicyResponse, error) + ListPolicies(context.Context, *ListPoliciesRequest) (*ListPoliciesResponse, error) mustEmbedUnimplementedSeaweedIdentityAccessManagementServer() } @@ -43,6 +166,33 @@ type SeaweedIdentityAccessManagementServer interface { // pointer dereference when methods are called. type UnimplementedSeaweedIdentityAccessManagementServer struct{} +func (UnimplementedSeaweedIdentityAccessManagementServer) CreateIdentity(context.Context, *CreateIdentityRequest) (*CreateIdentityResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method CreateIdentity not implemented") +} +func (UnimplementedSeaweedIdentityAccessManagementServer) UpdatesIdentity(context.Context, *UpdateIdentityRequest) (*UpdateIdentityResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method UpdatesIdentity not implemented") +} +func (UnimplementedSeaweedIdentityAccessManagementServer) GetIdentity(context.Context, *GetIdentityRequest) (*GetIdentityResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method GetIdentity not implemented") +} +func (UnimplementedSeaweedIdentityAccessManagementServer) DeleteIdentity(context.Context, *DeleteIdentityRequest) (*DeleteIdentityResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method DeleteIdentity not implemented") +} +func (UnimplementedSeaweedIdentityAccessManagementServer) ListIdentities(context.Context, *ListIdentitiesRequest) (*ListIdentitiesResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method ListIdentities not implemented") +} +func (UnimplementedSeaweedIdentityAccessManagementServer) CreatePolicy(context.Context, *CreatePolicyRequest) (*CreatePolicyResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method CreatePolicy not implemented") +} +func (UnimplementedSeaweedIdentityAccessManagementServer) GetPolicy(context.Context, *GetPolicyRequest) (*GetPolicyResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method GetPolicy not implemented") +} +func (UnimplementedSeaweedIdentityAccessManagementServer) DeletePolicy(context.Context, *DeletePolicyRequest) (*DeletePolicyResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method DeletePolicy not implemented") +} +func (UnimplementedSeaweedIdentityAccessManagementServer) ListPolicies(context.Context, *ListPoliciesRequest) (*ListPoliciesResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method ListPolicies not implemented") +} func (UnimplementedSeaweedIdentityAccessManagementServer) mustEmbedUnimplementedSeaweedIdentityAccessManagementServer() { } func (UnimplementedSeaweedIdentityAccessManagementServer) testEmbeddedByValue() {} @@ -65,13 +215,212 @@ func RegisterSeaweedIdentityAccessManagementServer(s grpc.ServiceRegistrar, srv s.RegisterService(&SeaweedIdentityAccessManagement_ServiceDesc, srv) } +func _SeaweedIdentityAccessManagement_CreateIdentity_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(CreateIdentityRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(SeaweedIdentityAccessManagementServer).CreateIdentity(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: SeaweedIdentityAccessManagement_CreateIdentity_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(SeaweedIdentityAccessManagementServer).CreateIdentity(ctx, req.(*CreateIdentityRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _SeaweedIdentityAccessManagement_UpdatesIdentity_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(UpdateIdentityRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(SeaweedIdentityAccessManagementServer).UpdatesIdentity(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: SeaweedIdentityAccessManagement_UpdatesIdentity_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(SeaweedIdentityAccessManagementServer).UpdatesIdentity(ctx, req.(*UpdateIdentityRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _SeaweedIdentityAccessManagement_GetIdentity_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(GetIdentityRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(SeaweedIdentityAccessManagementServer).GetIdentity(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: SeaweedIdentityAccessManagement_GetIdentity_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(SeaweedIdentityAccessManagementServer).GetIdentity(ctx, req.(*GetIdentityRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _SeaweedIdentityAccessManagement_DeleteIdentity_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(DeleteIdentityRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(SeaweedIdentityAccessManagementServer).DeleteIdentity(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: SeaweedIdentityAccessManagement_DeleteIdentity_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(SeaweedIdentityAccessManagementServer).DeleteIdentity(ctx, req.(*DeleteIdentityRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _SeaweedIdentityAccessManagement_ListIdentities_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(ListIdentitiesRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(SeaweedIdentityAccessManagementServer).ListIdentities(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: SeaweedIdentityAccessManagement_ListIdentities_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(SeaweedIdentityAccessManagementServer).ListIdentities(ctx, req.(*ListIdentitiesRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _SeaweedIdentityAccessManagement_CreatePolicy_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(CreatePolicyRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(SeaweedIdentityAccessManagementServer).CreatePolicy(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: SeaweedIdentityAccessManagement_CreatePolicy_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(SeaweedIdentityAccessManagementServer).CreatePolicy(ctx, req.(*CreatePolicyRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _SeaweedIdentityAccessManagement_GetPolicy_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(GetPolicyRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(SeaweedIdentityAccessManagementServer).GetPolicy(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: SeaweedIdentityAccessManagement_GetPolicy_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(SeaweedIdentityAccessManagementServer).GetPolicy(ctx, req.(*GetPolicyRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _SeaweedIdentityAccessManagement_DeletePolicy_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(DeletePolicyRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(SeaweedIdentityAccessManagementServer).DeletePolicy(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: SeaweedIdentityAccessManagement_DeletePolicy_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(SeaweedIdentityAccessManagementServer).DeletePolicy(ctx, req.(*DeletePolicyRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _SeaweedIdentityAccessManagement_ListPolicies_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(ListPoliciesRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(SeaweedIdentityAccessManagementServer).ListPolicies(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: SeaweedIdentityAccessManagement_ListPolicies_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(SeaweedIdentityAccessManagementServer).ListPolicies(ctx, req.(*ListPoliciesRequest)) + } + return interceptor(ctx, in, info, handler) +} + // SeaweedIdentityAccessManagement_ServiceDesc is the grpc.ServiceDesc for SeaweedIdentityAccessManagement service. // It's only intended for direct use with grpc.RegisterService, // and not to be introspected or modified (even as a copy) var SeaweedIdentityAccessManagement_ServiceDesc = grpc.ServiceDesc{ ServiceName: "iam_pb.SeaweedIdentityAccessManagement", HandlerType: (*SeaweedIdentityAccessManagementServer)(nil), - Methods: []grpc.MethodDesc{}, - Streams: []grpc.StreamDesc{}, - Metadata: "iam.proto", + Methods: []grpc.MethodDesc{ + { + MethodName: "CreateIdentity", + Handler: _SeaweedIdentityAccessManagement_CreateIdentity_Handler, + }, + { + MethodName: "UpdatesIdentity", + Handler: _SeaweedIdentityAccessManagement_UpdatesIdentity_Handler, + }, + { + MethodName: "GetIdentity", + Handler: _SeaweedIdentityAccessManagement_GetIdentity_Handler, + }, + { + MethodName: "DeleteIdentity", + Handler: _SeaweedIdentityAccessManagement_DeleteIdentity_Handler, + }, + { + MethodName: "ListIdentities", + Handler: _SeaweedIdentityAccessManagement_ListIdentities_Handler, + }, + { + MethodName: "CreatePolicy", + Handler: _SeaweedIdentityAccessManagement_CreatePolicy_Handler, + }, + { + MethodName: "GetPolicy", + Handler: _SeaweedIdentityAccessManagement_GetPolicy_Handler, + }, + { + MethodName: "DeletePolicy", + Handler: _SeaweedIdentityAccessManagement_DeletePolicy_Handler, + }, + { + MethodName: "ListPolicies", + Handler: _SeaweedIdentityAccessManagement_ListPolicies_Handler, + }, + }, + Streams: []grpc.StreamDesc{}, + Metadata: "iam.proto", }