fix: restore missing proto fields and fix compilation errors

3 weeks ago · b561310d6e
3 changed files with 269 additions and 68 deletions
--- a/weed/iam/filer_store.go
+++ b/weed/iam/filer_store.go
@ -251,19 +251,19 @@ func (s *FilerIamStorage) ListPolicies(ctx context.Context, limit int, offset st

 	// Pagination logic (memory based)
 	// Offset is name
-	startIdx := 0
-	if offset != "" {
-		for i, name := range policies {
-			if name > offset { // assuming sorted? Filer ListEntries returns sorted? Yes usually.
-				// Wait, ListEntries returns sorted, but ListPolicies appends them.
-				// I assume sorted.
-				startIdx = i
-				break
-			}
-		}
-		// If exact match found? Filer StartFrom is exclusive usually for strings?
-		// Let's assume naive slicing for now:
-	}
+	// startIdx := 0
+	// if offset != "" {
+	// 	for i, name := range policies {
+	// 		if name > offset { // assuming sorted? Filer ListEntries returns sorted? Yes usually.
+	// 			// Wait, ListEntries returns sorted, but ListPolicies appends them.
+	// 			// I assume sorted.
+	// 			// startIdx = i
+	// 			break
+	// 		}
+	// 	}
+	// 	// If exact match found? Filer StartFrom is exclusive usually for strings?
+	// 	// Let's assume naive slicing for now:
+	// }

 	// This is suboptimal but functional for MVP. To do it right I'd need to change PolicyStore.
 	return policies, nil
--- a/weed/pb/iam.proto
+++ b/weed/pb/iam.proto
@ -98,6 +98,8 @@ message ListPoliciesResponse {

 message S3ApiConfiguration {
    repeated Identity identities = 1;
+    repeated Account accounts = 2;
+    repeated ServiceAccount service_accounts = 3;
 }

 message Identity {
@ -105,11 +107,15 @@ message Identity {
    repeated Credential credentials = 2;
    repeated string actions = 3;
    Account account = 4;
+    bool disabled = 5;
+    repeated string service_account_ids = 6;
+    repeated string policy_names = 7;
 }

 message Credential {
    string access_key = 1;
    string secret_key = 2;
+    string status = 3;
 }

 message Account {
@ -118,6 +124,18 @@ message Account {
    string email_address = 3;
 }

+message ServiceAccount {
+    string id = 1;
+    string parent_user = 2;
+    string description = 3;
+    Credential credential = 4;
+    repeated string actions = 5;
+    int64 expiration = 6;
+    bool disabled = 7;
+    int64 created_at = 8;
+    string created_by = 9;
+}
+
 // Policy constants
 message Policy {
    string name = 1;
--- a/weed/pb/iam_pb/iam.pb.go
+++ b/weed/pb/iam_pb/iam.pb.go
@ -822,10 +822,12 @@ func (x *ListPoliciesResponse) GetNextOffset() string {
 }

 type S3ApiConfiguration struct {
-	state         protoimpl.MessageState `protogen:"open.v1"`
-	Identities    []*Identity            `protobuf:"bytes,1,rep,name=identities,proto3" json:"identities,omitempty"`
-	unknownFields protoimpl.UnknownFields
-	sizeCache     protoimpl.SizeCache
+	state           protoimpl.MessageState `protogen:"open.v1"`
+	Identities      []*Identity            `protobuf:"bytes,1,rep,name=identities,proto3" json:"identities,omitempty"`
+	Accounts        []*Account             `protobuf:"bytes,2,rep,name=accounts,proto3" json:"accounts,omitempty"`
+	ServiceAccounts []*ServiceAccount      `protobuf:"bytes,3,rep,name=service_accounts,json=serviceAccounts,proto3" json:"service_accounts,omitempty"`
+	unknownFields   protoimpl.UnknownFields
+	sizeCache       protoimpl.SizeCache
 }

 func (x *S3ApiConfiguration) Reset() {
@ -865,14 +867,31 @@ func (x *S3ApiConfiguration) GetIdentities() []*Identity {
 	return nil
 }

+func (x *S3ApiConfiguration) GetAccounts() []*Account {
+	if x != nil {
+		return x.Accounts
+	}
+	return nil
+}
+
+func (x *S3ApiConfiguration) GetServiceAccounts() []*ServiceAccount {
+	if x != nil {
+		return x.ServiceAccounts
+	}
+	return nil
+}
+
 type Identity struct {
-	state         protoimpl.MessageState `protogen:"open.v1"`
-	Name          string                 `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
-	Credentials   []*Credential          `protobuf:"bytes,2,rep,name=credentials,proto3" json:"credentials,omitempty"`
-	Actions       []string               `protobuf:"bytes,3,rep,name=actions,proto3" json:"actions,omitempty"`
-	Account       *Account               `protobuf:"bytes,4,opt,name=account,proto3" json:"account,omitempty"`
-	unknownFields protoimpl.UnknownFields
-	sizeCache     protoimpl.SizeCache
+	state             protoimpl.MessageState `protogen:"open.v1"`
+	Name              string                 `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	Credentials       []*Credential          `protobuf:"bytes,2,rep,name=credentials,proto3" json:"credentials,omitempty"`
+	Actions           []string               `protobuf:"bytes,3,rep,name=actions,proto3" json:"actions,omitempty"`
+	Account           *Account               `protobuf:"bytes,4,opt,name=account,proto3" json:"account,omitempty"`
+	Disabled          bool                   `protobuf:"varint,5,opt,name=disabled,proto3" json:"disabled,omitempty"`
+	ServiceAccountIds []string               `protobuf:"bytes,6,rep,name=service_account_ids,json=serviceAccountIds,proto3" json:"service_account_ids,omitempty"`
+	PolicyNames       []string               `protobuf:"bytes,7,rep,name=policy_names,json=policyNames,proto3" json:"policy_names,omitempty"`
+	unknownFields     protoimpl.UnknownFields
+	sizeCache         protoimpl.SizeCache
 }

 func (x *Identity) Reset() {
@ -933,10 +952,32 @@ func (x *Identity) GetAccount() *Account {
 	return nil
 }

+func (x *Identity) GetDisabled() bool {
+	if x != nil {
+		return x.Disabled
+	}
+	return false
+}
+
+func (x *Identity) GetServiceAccountIds() []string {
+	if x != nil {
+		return x.ServiceAccountIds
+	}
+	return nil
+}
+
+func (x *Identity) GetPolicyNames() []string {
+	if x != nil {
+		return x.PolicyNames
+	}
+	return nil
+}
+
 type Credential struct {
 	state         protoimpl.MessageState `protogen:"open.v1"`
 	AccessKey     string                 `protobuf:"bytes,1,opt,name=access_key,json=accessKey,proto3" json:"access_key,omitempty"`
 	SecretKey     string                 `protobuf:"bytes,2,opt,name=secret_key,json=secretKey,proto3" json:"secret_key,omitempty"`
+	Status        string                 `protobuf:"bytes,3,opt,name=status,proto3" json:"status,omitempty"`
 	unknownFields protoimpl.UnknownFields
 	sizeCache     protoimpl.SizeCache
 }
@ -985,6 +1026,13 @@ func (x *Credential) GetSecretKey() string {
 	return ""
 }

+func (x *Credential) GetStatus() string {
+	if x != nil {
+		return x.Status
+	}
+	return ""
+}
+
 type Account struct {
 	state         protoimpl.MessageState `protogen:"open.v1"`
 	Id            string                 `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
@ -1045,6 +1093,114 @@ func (x *Account) GetEmailAddress() string {
 	return ""
 }

+type ServiceAccount struct {
+	state         protoimpl.MessageState `protogen:"open.v1"`
+	Id            string                 `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
+	ParentUser    string                 `protobuf:"bytes,2,opt,name=parent_user,json=parentUser,proto3" json:"parent_user,omitempty"`
+	Description   string                 `protobuf:"bytes,3,opt,name=description,proto3" json:"description,omitempty"`
+	Credential    *Credential            `protobuf:"bytes,4,opt,name=credential,proto3" json:"credential,omitempty"`
+	Actions       []string               `protobuf:"bytes,5,rep,name=actions,proto3" json:"actions,omitempty"`
+	Expiration    int64                  `protobuf:"varint,6,opt,name=expiration,proto3" json:"expiration,omitempty"`
+	Disabled      bool                   `protobuf:"varint,7,opt,name=disabled,proto3" json:"disabled,omitempty"`
+	CreatedAt     int64                  `protobuf:"varint,8,opt,name=created_at,json=createdAt,proto3" json:"created_at,omitempty"`
+	CreatedBy     string                 `protobuf:"bytes,9,opt,name=created_by,json=createdBy,proto3" json:"created_by,omitempty"`
+	unknownFields protoimpl.UnknownFields
+	sizeCache     protoimpl.SizeCache
+}
+
+func (x *ServiceAccount) Reset() {
+	*x = ServiceAccount{}
+	mi := &file_iam_proto_msgTypes[22]
+	ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+	ms.StoreMessageInfo(mi)
+}
+
+func (x *ServiceAccount) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ServiceAccount) ProtoMessage() {}
+
+func (x *ServiceAccount) ProtoReflect() protoreflect.Message {
+	mi := &file_iam_proto_msgTypes[22]
+	if x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ServiceAccount.ProtoReflect.Descriptor instead.
+func (*ServiceAccount) Descriptor() ([]byte, []int) {
+	return file_iam_proto_rawDescGZIP(), []int{22}
+}
+
+func (x *ServiceAccount) GetId() string {
+	if x != nil {
+		return x.Id
+	}
+	return ""
+}
+
+func (x *ServiceAccount) GetParentUser() string {
+	if x != nil {
+		return x.ParentUser
+	}
+	return ""
+}
+
+func (x *ServiceAccount) GetDescription() string {
+	if x != nil {
+		return x.Description
+	}
+	return ""
+}
+
+func (x *ServiceAccount) GetCredential() *Credential {
+	if x != nil {
+		return x.Credential
+	}
+	return nil
+}
+
+func (x *ServiceAccount) GetActions() []string {
+	if x != nil {
+		return x.Actions
+	}
+	return nil
+}
+
+func (x *ServiceAccount) GetExpiration() int64 {
+	if x != nil {
+		return x.Expiration
+	}
+	return 0
+}
+
+func (x *ServiceAccount) GetDisabled() bool {
+	if x != nil {
+		return x.Disabled
+	}
+	return false
+}
+
+func (x *ServiceAccount) GetCreatedAt() int64 {
+	if x != nil {
+		return x.CreatedAt
+	}
+	return 0
+}
+
+func (x *ServiceAccount) GetCreatedBy() string {
+	if x != nil {
+		return x.CreatedBy
+	}
+	return ""
+}
+
 // Policy constants
 type Policy struct {
 	state         protoimpl.MessageState `protogen:"open.v1"`
@ -1058,7 +1214,7 @@ type Policy struct {

 func (x *Policy) Reset() {
 	*x = Policy{}
-	mi := &file_iam_proto_msgTypes[22]
+	mi := &file_iam_proto_msgTypes[23]
 	ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 	ms.StoreMessageInfo(mi)
 }
@ -1070,7 +1226,7 @@ func (x *Policy) String() string {
 func (*Policy) ProtoMessage() {}

 func (x *Policy) ProtoReflect() protoreflect.Message {
-	mi := &file_iam_proto_msgTypes[22]
+	mi := &file_iam_proto_msgTypes[23]
 	if x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		if ms.LoadMessageInfo() == nil {
@ -1083,7 +1239,7 @@ func (x *Policy) ProtoReflect() protoreflect.Message {

 // Deprecated: Use Policy.ProtoReflect.Descriptor instead.
 func (*Policy) Descriptor() ([]byte, []int) {
-	return file_iam_proto_rawDescGZIP(), []int{22}
+	return file_iam_proto_rawDescGZIP(), []int{23}
 }

 func (x *Policy) GetName() string {
@ -1134,7 +1290,7 @@ type Statement struct {

 func (x *Statement) Reset() {
 	*x = Statement{}
-	mi := &file_iam_proto_msgTypes[23]
+	mi := &file_iam_proto_msgTypes[24]
 	ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 	ms.StoreMessageInfo(mi)
 }
@ -1146,7 +1302,7 @@ func (x *Statement) String() string {
 func (*Statement) ProtoMessage() {}

 func (x *Statement) ProtoReflect() protoreflect.Message {
-	mi := &file_iam_proto_msgTypes[23]
+	mi := &file_iam_proto_msgTypes[24]
 	if x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		if ms.LoadMessageInfo() == nil {
@ -1159,7 +1315,7 @@ func (x *Statement) ProtoReflect() protoreflect.Message {

 // Deprecated: Use Statement.ProtoReflect.Descriptor instead.
 func (*Statement) Descriptor() ([]byte, []int) {
-	return file_iam_proto_rawDescGZIP(), []int{23}
+	return file_iam_proto_rawDescGZIP(), []int{24}
 }

 func (x *Statement) GetSid() string {
@ -1256,26 +1412,49 @@ const file_iam_proto_rawDesc = "" +
 	"\bpolicies\x18\x01 \x03(\v2\x0e.iam_pb.PolicyR\bpolicies\x12!\n" +
 	"\fis_truncated\x18\x02 \x01(\bR\visTruncated\x12\x1f\n" +
 	"\vnext_offset\x18\x03 \x01(\tR\n" +
-	"nextOffset\"F\n" +
+	"nextOffset\"\xb6\x01\n" +
 	"\x12S3ApiConfiguration\x120\n" +
 	"\n" +
 	"identities\x18\x01 \x03(\v2\x10.iam_pb.IdentityR\n" +
-	"identities\"\x99\x01\n" +
+	"identities\x12+\n" +
+	"\baccounts\x18\x02 \x03(\v2\x0f.iam_pb.AccountR\baccounts\x12A\n" +
+	"\x10service_accounts\x18\x03 \x03(\v2\x16.iam_pb.ServiceAccountR\x0fserviceAccounts\"\x88\x02\n" +
 	"\bIdentity\x12\x12\n" +
 	"\x04name\x18\x01 \x01(\tR\x04name\x124\n" +
 	"\vcredentials\x18\x02 \x03(\v2\x12.iam_pb.CredentialR\vcredentials\x12\x18\n" +
 	"\aactions\x18\x03 \x03(\tR\aactions\x12)\n" +
-	"\aaccount\x18\x04 \x01(\v2\x0f.iam_pb.AccountR\aaccount\"J\n" +
+	"\aaccount\x18\x04 \x01(\v2\x0f.iam_pb.AccountR\aaccount\x12\x1a\n" +
+	"\bdisabled\x18\x05 \x01(\bR\bdisabled\x12.\n" +
+	"\x13service_account_ids\x18\x06 \x03(\tR\x11serviceAccountIds\x12!\n" +
+	"\fpolicy_names\x18\a \x03(\tR\vpolicyNames\"b\n" +
 	"\n" +
 	"Credential\x12\x1d\n" +
 	"\n" +
 	"access_key\x18\x01 \x01(\tR\taccessKey\x12\x1d\n" +
 	"\n" +
-	"secret_key\x18\x02 \x01(\tR\tsecretKey\"a\n" +
+	"secret_key\x18\x02 \x01(\tR\tsecretKey\x12\x16\n" +
+	"\x06status\x18\x03 \x01(\tR\x06status\"a\n" +
 	"\aAccount\x12\x0e\n" +
 	"\x02id\x18\x01 \x01(\tR\x02id\x12!\n" +
 	"\fdisplay_name\x18\x02 \x01(\tR\vdisplayName\x12#\n" +
-	"\remail_address\x18\x03 \x01(\tR\femailAddress\"y\n" +
+	"\remail_address\x18\x03 \x01(\tR\femailAddress\"\xab\x02\n" +
+	"\x0eServiceAccount\x12\x0e\n" +
+	"\x02id\x18\x01 \x01(\tR\x02id\x12\x1f\n" +
+	"\vparent_user\x18\x02 \x01(\tR\n" +
+	"parentUser\x12 \n" +
+	"\vdescription\x18\x03 \x01(\tR\vdescription\x122\n" +
+	"\n" +
+	"credential\x18\x04 \x01(\v2\x12.iam_pb.CredentialR\n" +
+	"credential\x12\x18\n" +
+	"\aactions\x18\x05 \x03(\tR\aactions\x12\x1e\n" +
+	"\n" +
+	"expiration\x18\x06 \x01(\x03R\n" +
+	"expiration\x12\x1a\n" +
+	"\bdisabled\x18\a \x01(\bR\bdisabled\x12\x1d\n" +
+	"\n" +
+	"created_at\x18\b \x01(\x03R\tcreatedAt\x12\x1d\n" +
+	"\n" +
+	"created_by\x18\t \x01(\tR\tcreatedBy\"y\n" +
 	"\x06Policy\x12\x12\n" +
 	"\x04name\x18\x01 \x01(\tR\x04name\x12\x18\n" +
 	"\aversion\x18\x02 \x01(\tR\aversion\x12\x0e\n" +
@ -1316,7 +1495,7 @@ func file_iam_proto_rawDescGZIP() []byte {
 	return file_iam_proto_rawDescData
 }

-var file_iam_proto_msgTypes = make([]protoimpl.MessageInfo, 24)
+var file_iam_proto_msgTypes = make([]protoimpl.MessageInfo, 25)
 var file_iam_proto_goTypes = []any{
 	(*CreateIdentityRequest)(nil),  // 0: iam_pb.CreateIdentityRequest
 	(*CreateIdentityResponse)(nil), // 1: iam_pb.CreateIdentityResponse
@ -1340,44 +1519,48 @@ var file_iam_proto_goTypes = []any{
 	(*Identity)(nil),               // 19: iam_pb.Identity
 	(*Credential)(nil),             // 20: iam_pb.Credential
 	(*Account)(nil),                // 21: iam_pb.Account
-	(*Policy)(nil),                 // 22: iam_pb.Policy
-	(*Statement)(nil),              // 23: iam_pb.Statement
+	(*ServiceAccount)(nil),         // 22: iam_pb.ServiceAccount
+	(*Policy)(nil),                 // 23: iam_pb.Policy
+	(*Statement)(nil),              // 24: iam_pb.Statement
 }
 var file_iam_proto_depIdxs = []int32{
 	19, // 0: iam_pb.CreateIdentityRequest.identity:type_name -> iam_pb.Identity
 	19, // 1: iam_pb.UpdateIdentityRequest.identity:type_name -> iam_pb.Identity
 	19, // 2: iam_pb.GetIdentityResponse.identity:type_name -> iam_pb.Identity
 	19, // 3: iam_pb.ListIdentitiesResponse.identities:type_name -> iam_pb.Identity
-	22, // 4: iam_pb.CreatePolicyRequest.policy:type_name -> iam_pb.Policy
-	22, // 5: iam_pb.GetPolicyResponse.policy:type_name -> iam_pb.Policy
-	22, // 6: iam_pb.ListPoliciesResponse.policies:type_name -> iam_pb.Policy
+	23, // 4: iam_pb.CreatePolicyRequest.policy:type_name -> iam_pb.Policy
+	23, // 5: iam_pb.GetPolicyResponse.policy:type_name -> iam_pb.Policy
+	23, // 6: iam_pb.ListPoliciesResponse.policies:type_name -> iam_pb.Policy
 	19, // 7: iam_pb.S3ApiConfiguration.identities:type_name -> iam_pb.Identity
-	20, // 8: iam_pb.Identity.credentials:type_name -> iam_pb.Credential
-	21, // 9: iam_pb.Identity.account:type_name -> iam_pb.Account
-	23, // 10: iam_pb.Policy.statements:type_name -> iam_pb.Statement
-	0,  // 11: iam_pb.SeaweedIdentityAccessManagement.CreateIdentity:input_type -> iam_pb.CreateIdentityRequest
-	2,  // 12: iam_pb.SeaweedIdentityAccessManagement.UpdatesIdentity:input_type -> iam_pb.UpdateIdentityRequest
-	4,  // 13: iam_pb.SeaweedIdentityAccessManagement.GetIdentity:input_type -> iam_pb.GetIdentityRequest
-	6,  // 14: iam_pb.SeaweedIdentityAccessManagement.DeleteIdentity:input_type -> iam_pb.DeleteIdentityRequest
-	8,  // 15: iam_pb.SeaweedIdentityAccessManagement.ListIdentities:input_type -> iam_pb.ListIdentitiesRequest
-	10, // 16: iam_pb.SeaweedIdentityAccessManagement.CreatePolicy:input_type -> iam_pb.CreatePolicyRequest
-	12, // 17: iam_pb.SeaweedIdentityAccessManagement.GetPolicy:input_type -> iam_pb.GetPolicyRequest
-	14, // 18: iam_pb.SeaweedIdentityAccessManagement.DeletePolicy:input_type -> iam_pb.DeletePolicyRequest
-	16, // 19: iam_pb.SeaweedIdentityAccessManagement.ListPolicies:input_type -> iam_pb.ListPoliciesRequest
-	1,  // 20: iam_pb.SeaweedIdentityAccessManagement.CreateIdentity:output_type -> iam_pb.CreateIdentityResponse
-	3,  // 21: iam_pb.SeaweedIdentityAccessManagement.UpdatesIdentity:output_type -> iam_pb.UpdateIdentityResponse
-	5,  // 22: iam_pb.SeaweedIdentityAccessManagement.GetIdentity:output_type -> iam_pb.GetIdentityResponse
-	7,  // 23: iam_pb.SeaweedIdentityAccessManagement.DeleteIdentity:output_type -> iam_pb.DeleteIdentityResponse
-	9,  // 24: iam_pb.SeaweedIdentityAccessManagement.ListIdentities:output_type -> iam_pb.ListIdentitiesResponse
-	11, // 25: iam_pb.SeaweedIdentityAccessManagement.CreatePolicy:output_type -> iam_pb.CreatePolicyResponse
-	13, // 26: iam_pb.SeaweedIdentityAccessManagement.GetPolicy:output_type -> iam_pb.GetPolicyResponse
-	15, // 27: iam_pb.SeaweedIdentityAccessManagement.DeletePolicy:output_type -> iam_pb.DeletePolicyResponse
-	17, // 28: iam_pb.SeaweedIdentityAccessManagement.ListPolicies:output_type -> iam_pb.ListPoliciesResponse
-	20, // [20:29] is the sub-list for method output_type
-	11, // [11:20] is the sub-list for method input_type
-	11, // [11:11] is the sub-list for extension type_name
-	11, // [11:11] is the sub-list for extension extendee
-	0,  // [0:11] is the sub-list for field type_name
+	21, // 8: iam_pb.S3ApiConfiguration.accounts:type_name -> iam_pb.Account
+	22, // 9: iam_pb.S3ApiConfiguration.service_accounts:type_name -> iam_pb.ServiceAccount
+	20, // 10: iam_pb.Identity.credentials:type_name -> iam_pb.Credential
+	21, // 11: iam_pb.Identity.account:type_name -> iam_pb.Account
+	20, // 12: iam_pb.ServiceAccount.credential:type_name -> iam_pb.Credential
+	24, // 13: iam_pb.Policy.statements:type_name -> iam_pb.Statement
+	0,  // 14: iam_pb.SeaweedIdentityAccessManagement.CreateIdentity:input_type -> iam_pb.CreateIdentityRequest
+	2,  // 15: iam_pb.SeaweedIdentityAccessManagement.UpdatesIdentity:input_type -> iam_pb.UpdateIdentityRequest
+	4,  // 16: iam_pb.SeaweedIdentityAccessManagement.GetIdentity:input_type -> iam_pb.GetIdentityRequest
+	6,  // 17: iam_pb.SeaweedIdentityAccessManagement.DeleteIdentity:input_type -> iam_pb.DeleteIdentityRequest
+	8,  // 18: iam_pb.SeaweedIdentityAccessManagement.ListIdentities:input_type -> iam_pb.ListIdentitiesRequest
+	10, // 19: iam_pb.SeaweedIdentityAccessManagement.CreatePolicy:input_type -> iam_pb.CreatePolicyRequest
+	12, // 20: iam_pb.SeaweedIdentityAccessManagement.GetPolicy:input_type -> iam_pb.GetPolicyRequest
+	14, // 21: iam_pb.SeaweedIdentityAccessManagement.DeletePolicy:input_type -> iam_pb.DeletePolicyRequest
+	16, // 22: iam_pb.SeaweedIdentityAccessManagement.ListPolicies:input_type -> iam_pb.ListPoliciesRequest
+	1,  // 23: iam_pb.SeaweedIdentityAccessManagement.CreateIdentity:output_type -> iam_pb.CreateIdentityResponse
+	3,  // 24: iam_pb.SeaweedIdentityAccessManagement.UpdatesIdentity:output_type -> iam_pb.UpdateIdentityResponse
+	5,  // 25: iam_pb.SeaweedIdentityAccessManagement.GetIdentity:output_type -> iam_pb.GetIdentityResponse
+	7,  // 26: iam_pb.SeaweedIdentityAccessManagement.DeleteIdentity:output_type -> iam_pb.DeleteIdentityResponse
+	9,  // 27: iam_pb.SeaweedIdentityAccessManagement.ListIdentities:output_type -> iam_pb.ListIdentitiesResponse
+	11, // 28: iam_pb.SeaweedIdentityAccessManagement.CreatePolicy:output_type -> iam_pb.CreatePolicyResponse
+	13, // 29: iam_pb.SeaweedIdentityAccessManagement.GetPolicy:output_type -> iam_pb.GetPolicyResponse
+	15, // 30: iam_pb.SeaweedIdentityAccessManagement.DeletePolicy:output_type -> iam_pb.DeletePolicyResponse
+	17, // 31: iam_pb.SeaweedIdentityAccessManagement.ListPolicies:output_type -> iam_pb.ListPoliciesResponse
+	23, // [23:32] is the sub-list for method output_type
+	14, // [14:23] is the sub-list for method input_type
+	14, // [14:14] is the sub-list for extension type_name
+	14, // [14:14] is the sub-list for extension extendee
+	0,  // [0:14] is the sub-list for field type_name
 }

 func init() { file_iam_proto_init() }
@ -1391,7 +1574,7 @@ func file_iam_proto_init() {
 			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
 			RawDescriptor: unsafe.Slice(unsafe.StringData(file_iam_proto_rawDesc), len(file_iam_proto_rawDesc)),
 			NumEnums:      0,
-			NumMessages:   24,
+			NumMessages:   25,
 			NumExtensions: 0,
 			NumServices:   1,
 		},