role.proto

Package : rbac.enterprise.mesh.gloo.solo.io

Top

role.proto

Table of Contents

RoleBindingSpec

Field Type Label Description
subjects []core.skv2.solo.io.TypedObjectRef repeated Specify by reference the Kubernetes Users or Groups the Role should apply to.
roleRef core.skv2.solo.io.ObjectRef Specify by reference the Gloo Mesh Role to bind.

RoleBindingStatus

RoleSpec

A role represents a set of permissions for creating, updating, and deleting Gloo Mesh configuration objects. A role consists of a set of scopes for each policy type. Depending on the policy type, the permission granularity is defined at the field level or at the object level.

Field Type Label Description
trafficPolicyScopes []rbac.enterprise.mesh.gloo.solo.io.RoleSpec.TrafficPolicyScope repeated A set of TrafficPolicy configuration permissions. Permission granularity is defined at the field level.
virtualMeshScopes []rbac.enterprise.mesh.gloo.solo.io.RoleSpec.VirtualMeshScope repeated A set of VirtualMesh configuration permissions. Permission granularity is defined at the field level.
accessPolicyScopes []rbac.enterprise.mesh.gloo.solo.io.RoleSpec.AccessPolicyScope repeated A set of AccessPolicy configuration permissions. Permission granularity is defined at the object level.
virtualDestinationScopes []rbac.enterprise.mesh.gloo.solo.io.RoleSpec.VirtualDestinationScope repeated A set of VirtualDestination configuration permissions. Permission granularity is defined at the object level.
wasmDeploymentScopes []rbac.enterprise.mesh.gloo.solo.io.RoleSpec.WasmDeploymentScope repeated A set of WasmDeployment configuration permissions. Permission granularity is defined at the object level.
accessLogRecordScopes []rbac.enterprise.mesh.gloo.solo.io.RoleSpec.AccessLogRecordScope repeated A set of AccessLogRecord configuration permissions. Permission granularity is defined at the object level.

RoleSpec.AccessLogRecordScope

Represents permissions for configuring AccessLogRecords.

Field Type Label Description
workloadSelectors []common.mesh.gloo.solo.io.WorkloadSelector repeated A list of permitted Workload selectors.

RoleSpec.AccessPolicyScope

Represents permissions for configuring AccessPolicies.

Field Type Label Description
identitySelectors []common.mesh.gloo.solo.io.IdentitySelector repeated A list of permitted identity selectors.
destinationSelectors []common.mesh.gloo.solo.io.DestinationSelector repeated A list of permitted Destination selectors.

RoleSpec.TrafficPolicyScope

Represents permissions for configuring TrafficPolicies.

Field Type Label Description
trafficPolicyActions []rbac.enterprise.mesh.gloo.solo.io.RoleSpec.TrafficPolicyScope.TrafficPolicyActions repeated A list of permitted TrafficPolicy configuration actions.
destinationSelectors []common.mesh.gloo.solo.io.DestinationSelector repeated A list of permitted Destination selectors.
workloadSelectors []common.mesh.gloo.solo.io.WorkloadSelector repeated A list of permitted Workload selectors.

RoleSpec.VirtualDestinationScope

Represents permissions for configuring VirtualDestinations.

Field Type Label Description
virtualMeshRefs []core.skv2.solo.io.ObjectRef repeated A list of permitted virtual mesh references.
meshRefs []core.skv2.solo.io.ObjectRef repeated A list of permitted mesh references.
destinationSelectors []common.mesh.gloo.solo.io.DestinationSelector repeated A list of permitted backing service selectors.
destinations []networking.enterprise.mesh.gloo.solo.io.VirtualDestinationBackingDestination repeated A list of permitted backing Destinations.

RoleSpec.VirtualMeshScope

Represents permissions for configuring VirtualMeshes.

Field Type Label Description
virtualMeshActions []rbac.enterprise.mesh.gloo.solo.io.RoleSpec.VirtualMeshScope.VirtualMeshActions repeated A list of permitted VirtualMesh configuration actions.
meshRefs []core.skv2.solo.io.ObjectRef repeated A list of permitted mesh references.

RoleSpec.WasmDeploymentScope

Represents permissions for configuring WasmDeployments.

Field Type Label Description
workloadSelectors []common.mesh.gloo.solo.io.WorkloadSelector repeated A list of permitted Workload selectors.

RoleStatus

Field Type Label Description
observedGeneration int64 The observed generation of the Role. When this matches the Role's metadata.generation it indicates that Gloo Mesh has processed the latest version of the Role.

RoleSpec.TrafficPolicyScope.TrafficPolicyActions

Enums representing fields on the TrafficPolicy CRD.

Name Number Description
UNKNOWN_TRAFFIC_POLICY_ACTION 0
ALL 1
TRAFFIC_SHIFT 2
FAULT_INJECTION 3
REQUEST_TIMEOUT 4
RETRIES 5
CORS_POLICY 6
MIRROR 7
HEADER_MANIPULATION 8
OUTLIER_DETECTION 9
MTLS_CONFIG 10

RoleSpec.VirtualMeshScope.VirtualMeshActions

Enums representing fields on the VirtualMesh CRD.

Name Number Description
UNKNOWN_VIRTUAL_MESH_ACTION 0
ALL 1
MTLS_CONFIG 2
FEDERATION 3
GLOBAL_ACCESS_POLICY 4