role.proto

Package : rbac.enterprise.mesh.gloo.solo.io

Top

role.proto

Table of Contents

RoleBindingSpec

Field Type Label Description
subjects []core.skv2.solo.io.TypedObjectRef repeated reference to users or groups to apply the Gloo Mesh Role to
roleRef core.skv2.solo.io.ObjectRef reference to a Gloo Mesh Role

RoleBindingStatus

RoleSpec

A role represents a set of permissions for creating, updating, and deleting Gloo Mesh configuration. A role consists of a set of scopes for each policy type. The permission granularity is defined at the field level for TrafficPolicy and VirtualMesh and at the object level for AccessPolicy and FailoverService.

Field Type Label Description
trafficPolicyScopes []rbac.enterprise.mesh.gloo.solo.io.RoleSpec.TrafficPolicyScope repeated A set of TrafficPolicy configuration permissions. Permission granularity is defined at the field level.
virtualMeshScopes []rbac.enterprise.mesh.gloo.solo.io.RoleSpec.VirtualMeshScope repeated A set of VirtualMesh configuration permissions. Permission granularity is defined at the field level.
accessPolicyScopes []rbac.enterprise.mesh.gloo.solo.io.RoleSpec.AccessPolicyScope repeated A set of AccessPolicy configuration permissions. Permission granularity is defined at the object level.
failoverServiceScopes []rbac.enterprise.mesh.gloo.solo.io.RoleSpec.FailoverServiceScope repeated A set of FailoverService configuration permissions. Permission granularity is defined at the object level.
virtualDestinationScopes []rbac.enterprise.mesh.gloo.solo.io.RoleSpec.VirtualDestinationScope repeated A set of VirtualDestination configuration permissions. Permission granularity is defined at the object level.
wasmDeploymentScopes []rbac.enterprise.mesh.gloo.solo.io.RoleSpec.WasmDeploymentScope repeated A set of WasmDeployment configuration permissions. Permission granularity is defined at the object level.
accessLogRecordScopes []rbac.enterprise.mesh.gloo.solo.io.RoleSpec.AccessLogRecordScope repeated A set of AccessLogRecord configuration permissions. Permission granularity is defined at the object level.

RoleSpec.AccessLogRecordScope

Represents permissions for configuring AccessLogRecords.

Field Type Label Description
workloadSelectors []networking.mesh.gloo.solo.io.WorkloadSelector repeated A list of permitted workload selectors.

RoleSpec.AccessPolicyScope

Represents permissions for configuring AccessPolicies.

Field Type Label Description
identitySelectors []networking.mesh.gloo.solo.io.IdentitySelector repeated A list of permitted identity selectors.
trafficTargetSelectors []networking.mesh.gloo.solo.io.TrafficTargetSelector repeated A list of permitted traffic target selectors.

RoleSpec.FailoverServiceScope

Represents permissions for configuring FailoverServices.

Field Type Label Description
meshRefs []core.skv2.solo.io.ObjectRef repeated A list of permitted mesh references.
backingServices []networking.mesh.gloo.solo.io.FailoverServiceSpec.BackingService repeated A list of permitted backing services.

RoleSpec.TrafficPolicyScope

Represents permissions for configuring TrafficPolicies.

Field Type Label Description
trafficPolicyActions []rbac.enterprise.mesh.gloo.solo.io.RoleSpec.TrafficPolicyScope.TrafficPolicyActions repeated A list of permitted TrafficPolicy configuration actions.
trafficTargetSelectors []networking.mesh.gloo.solo.io.TrafficTargetSelector repeated A list of permitted traffic target selectors.
workloadSelectors []networking.mesh.gloo.solo.io.WorkloadSelector repeated A list of permitted workload selectors.

RoleSpec.VirtualDestinationScope

Represents permissions for configuring VirtualDestinations.

Field Type Label Description
virtualMeshRefs []core.skv2.solo.io.ObjectRef repeated A list of permitted virtual mesh references.
meshRefs []core.skv2.solo.io.ObjectRef repeated A list of permitted mesh references.
serviceSelectors []networking.mesh.gloo.solo.io.TrafficTargetSelector repeated A list of permitted backing service selectors.
services []networking.enterprise.mesh.gloo.solo.io.BackingService repeated A list of permitted backing services.

RoleSpec.VirtualMeshScope

Represents permissions for configuring VirtualMeshes.

Field Type Label Description
virtualMeshActions []rbac.enterprise.mesh.gloo.solo.io.RoleSpec.VirtualMeshScope.VirtualMeshActions repeated A list of permitted VirtualMesh configuration actions.
meshRefs []core.skv2.solo.io.ObjectRef repeated A list of permitted mesh references.

RoleSpec.WasmDeploymentScope

Represents permissions for configuring WasmDeployments.

Field Type Label Description
workloadSelectors []networking.mesh.gloo.solo.io.WorkloadSelector repeated A list of permitted workload selectors.

RoleStatus

Field Type Label Description
observedGeneration int64

RoleSpec.TrafficPolicyScope.TrafficPolicyActions

Enums representing fields on the TrafficPolicy CRD.

Name Number Description
UNKNOWN_TRAFFIC_POLICY_ACTION 0
ALL 1
TRAFFIC_SHIFT 2
FAULT_INJECTION 3
REQUEST_TIMEOUT 4
RETRIES 5
CORS_POLICY 6
MIRROR 7
HEADER_MANIPULATION 8
OUTLIER_DETECTION 9
MTLS_CONFIG 10

RoleSpec.VirtualMeshScope.VirtualMeshActions

Enums representing fields on the VirtualMesh CRD.

Name Number Description
UNKNOWN_VIRTUAL_MESH_ACTION 0
ALL 1
MTLS_CONFIG 2
FEDERATION 3
GLOBAL_ACCESS_POLICY 4