role.proto
Package : rbac.enterprise.mesh.gloo.solo.io
role.proto
Table of Contents
RoleBindingSpec
| Field | Type | Label | Description |
|---|---|---|---|
| subjects | []core.skv2.solo.io.TypedObjectRef | repeated | reference to users or groups to apply the Gloo Mesh Role to |
| roleRef | core.skv2.solo.io.ObjectRef | reference to a Gloo Mesh Role |
RoleBindingStatus
RoleSpec
A role represents a set of permissions for creating, updating, and deleting Gloo Mesh configuration. A role consists of a set of scopes for each policy type. The permission granularity is defined at the field level for TrafficPolicy and VirtualMesh and at the object level for AccessPolicy and FailoverService.
| Field | Type | Label | Description |
|---|---|---|---|
| trafficPolicyScopes | []rbac.enterprise.mesh.gloo.solo.io.RoleSpec.TrafficPolicyScope | repeated | A set of TrafficPolicy configuration permissions. Permission granularity is defined at the field level. |
| virtualMeshScopes | []rbac.enterprise.mesh.gloo.solo.io.RoleSpec.VirtualMeshScope | repeated | A set of VirtualMesh configuration permissions. Permission granularity is defined at the field level. |
| accessPolicyScopes | []rbac.enterprise.mesh.gloo.solo.io.RoleSpec.AccessPolicyScope | repeated | A set of AccessPolicy configuration permissions. Permission granularity is defined at the object level. |
| failoverServiceScopes | []rbac.enterprise.mesh.gloo.solo.io.RoleSpec.FailoverServiceScope | repeated | A set of FailoverService configuration permissions. Permission granularity is defined at the object level. |
| virtualDestinationScopes | []rbac.enterprise.mesh.gloo.solo.io.RoleSpec.VirtualDestinationScope | repeated | A set of VirtualDestination configuration permissions. Permission granularity is defined at the object level. |
| wasmDeploymentScopes | []rbac.enterprise.mesh.gloo.solo.io.RoleSpec.WasmDeploymentScope | repeated | A set of WasmDeployment configuration permissions. Permission granularity is defined at the object level. |
| accessLogRecordScopes | []rbac.enterprise.mesh.gloo.solo.io.RoleSpec.AccessLogRecordScope | repeated | A set of AccessLogRecord configuration permissions. Permission granularity is defined at the object level. |
RoleSpec.AccessLogRecordScope
Represents permissions for configuring AccessLogRecords.
| Field | Type | Label | Description |
|---|---|---|---|
| workloadSelectors | []networking.mesh.gloo.solo.io.WorkloadSelector | repeated | A list of permitted workload selectors. |
RoleSpec.AccessPolicyScope
Represents permissions for configuring AccessPolicies.
| Field | Type | Label | Description |
|---|---|---|---|
| identitySelectors | []networking.mesh.gloo.solo.io.IdentitySelector | repeated | A list of permitted identity selectors. |
| trafficTargetSelectors | []networking.mesh.gloo.solo.io.TrafficTargetSelector | repeated | A list of permitted traffic target selectors. |
RoleSpec.FailoverServiceScope
Represents permissions for configuring FailoverServices.
| Field | Type | Label | Description |
|---|---|---|---|
| meshRefs | []core.skv2.solo.io.ObjectRef | repeated | A list of permitted mesh references. |
| backingServices | []networking.mesh.gloo.solo.io.FailoverServiceSpec.BackingService | repeated | A list of permitted backing services. |
RoleSpec.TrafficPolicyScope
Represents permissions for configuring TrafficPolicies.
| Field | Type | Label | Description |
|---|---|---|---|
| trafficPolicyActions | []rbac.enterprise.mesh.gloo.solo.io.RoleSpec.TrafficPolicyScope.TrafficPolicyActions | repeated | A list of permitted TrafficPolicy configuration actions. |
| trafficTargetSelectors | []networking.mesh.gloo.solo.io.TrafficTargetSelector | repeated | A list of permitted traffic target selectors. |
| workloadSelectors | []networking.mesh.gloo.solo.io.WorkloadSelector | repeated | A list of permitted workload selectors. |
RoleSpec.VirtualDestinationScope
Represents permissions for configuring VirtualDestinations.
| Field | Type | Label | Description |
|---|---|---|---|
| virtualMeshRefs | []core.skv2.solo.io.ObjectRef | repeated | A list of permitted virtual mesh references. |
| meshRefs | []core.skv2.solo.io.ObjectRef | repeated | A list of permitted mesh references. |
| serviceSelectors | []networking.mesh.gloo.solo.io.TrafficTargetSelector | repeated | A list of permitted backing service selectors. |
| services | []networking.enterprise.mesh.gloo.solo.io.BackingService | repeated | A list of permitted backing services. |
RoleSpec.VirtualMeshScope
Represents permissions for configuring VirtualMeshes.
| Field | Type | Label | Description |
|---|---|---|---|
| virtualMeshActions | []rbac.enterprise.mesh.gloo.solo.io.RoleSpec.VirtualMeshScope.VirtualMeshActions | repeated | A list of permitted VirtualMesh configuration actions. |
| meshRefs | []core.skv2.solo.io.ObjectRef | repeated | A list of permitted mesh references. |
RoleSpec.WasmDeploymentScope
Represents permissions for configuring WasmDeployments.
| Field | Type | Label | Description |
|---|---|---|---|
| workloadSelectors | []networking.mesh.gloo.solo.io.WorkloadSelector | repeated | A list of permitted workload selectors. |
RoleStatus
| Field | Type | Label | Description |
|---|---|---|---|
| observedGeneration | int64 |
RoleSpec.TrafficPolicyScope.TrafficPolicyActions
Enums representing fields on the TrafficPolicy CRD.
| Name | Number | Description |
|---|---|---|
| UNKNOWN_TRAFFIC_POLICY_ACTION | 0 | |
| ALL | 1 | |
| TRAFFIC_SHIFT | 2 | |
| FAULT_INJECTION | 3 | |
| REQUEST_TIMEOUT | 4 | |
| RETRIES | 5 | |
| CORS_POLICY | 6 | |
| MIRROR | 7 | |
| HEADER_MANIPULATION | 8 | |
| OUTLIER_DETECTION | 9 | |
| MTLS_CONFIG | 10 |
RoleSpec.VirtualMeshScope.VirtualMeshActions
Enums representing fields on the VirtualMesh CRD.
| Name | Number | Description |
|---|---|---|
| UNKNOWN_VIRTUAL_MESH_ACTION | 0 | |
| ALL | 1 | |
| MTLS_CONFIG | 2 | |
| FEDERATION | 3 | |
| GLOBAL_ACCESS_POLICY | 4 |