rolestore

package
v2.43.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 5, 2026 License: Apache-2.0 Imports: 6 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type AWSRole 

type AWSRole struct {
	ID          string            `json:"id,omitempty"`
	DisplayName string            `json:"name,omitempty"`
	ARN         string            `json:"arn,omitempty"`
	Description string            `json:"description,omitempty"`
	Source      string            `json:"source,omitempty"`
	Status      string            `json:"status,omitempty"`
	Roles       []LinkedPrivXRole `json:"roles,omitempty"`
	Updated     string            `json:"updated,omitempty"`
}

AWSRole aws role definition.

type AWSRoleParams 

type AWSRoleParams struct {
	Refresh bool `url:"refresh,omitempty"`
}

AWSRoleParams aws role query parameter definition.

type AuthorizedKey 

type AuthorizedKey struct {
	ID                    string   `json:"id"`
	UserID                string   `json:"user_id,omitempty"`
	Username              string   `json:"username,omitempty"`
	Source                string   `json:"source,omitempty"`
	PublicKey             string   `json:"public_key,omitempty"`
	NotBefore             string   `json:"not_before,omitempty"`
	NotAfter              string   `json:"not_after,omitempty"`
	ExpiresIn             int64    `json:"expires_in,omitempty"`
	SourceAddress         []string `json:"source_address"`
	Fingerprints          []string `json:"fingerprints,omitempty"`
	EnableInteractiveAuth bool     `json:"enable_interactive_auth,omitempty"`
	Name                  string   `json:"name,omitempty"`
	Comment               string   `json:"comment,omitempty"`
	Created               string   `json:"created,omitempty"`
	Updated               string   `json:"updated,omitempty"`
	UpdatedBy             string   `json:"updated_by,omitempty"`
	Author                string   `json:"author,omitempty"`
}

AuthorizedKey authorized key definition.

type AuthorizedKeyResolve 

type AuthorizedKeyResolve struct {
	Username  string `json:"username,omitempty"`
	PublicKey string `json:"public_key,omitempty"`
}

AuthorizedKeyResolve authorized key resolve request definition.

type Bookmark 

type Bookmark struct {
	Id    string `json:"id"`
	URL   string `json:"url"`
	Title string `json:"title"`
	Icon  string `json:"icon"`
}

Bookmark bookmark user settings definition.

type ContextualLimit 

type ContextualLimit struct {
	Enabled   bool     `json:"enabled"`
	BlockRole bool     `json:"block_role,omitempty"`
	Validity  []string `json:"validity"`
	StartTime string   `json:"start_time"`
	EndTime   string   `json:"end_time"`
	TimeZone  string   `json:"timezone"`
	IPMasks   []string `json:"ip_masks"`
}

type Credential 

type Credential struct {
	ID           string `json:"id"`
	CredentialID string `json:"credential_id"`
	Name         string `json:"name,omitempty" diff:"name"`
	Comment      string `json:"comment,omitempty" diff:"comment"`
	LastUsed     string `json:"last_used,omitempty"`
	Created      string `json:"created,omitempty"`
	Author       string `json:"author,omitempty"`
	Updated      string `json:"updated,omitempty"`
	UpdatedBy    string `json:"updated_by,omitempty"`
}

Credential webauthn credential definition.

type CustomAttributeValidation 

type CustomAttributeValidation struct {
	FieldName     string `json:"field_name"`
	Type          string `json:"type"`
	ExpectedValue string `json:"expected_value"`
	Start         string `json:"start"`
	End           string `json:"end"`
}

CustomAttributeValidation identity provider custom attribute definition.

type IdentityProvider 

type IdentityProvider struct {
	ID                            string                      `json:"id"`
	Name                          string                      `json:"name"`
	TokenType                     string                      `json:"token_type"`
	JWTIssuer                     string                      `json:"jwt_issuer"`
	JWTAudience                   string                      `json:"jwt_audience"`
	JWTSubjectType                string                      `json:"jwt_subject_type"`
	JWTSubjectDNUsernameAttribute string                      `json:"jwt_subject_dn_username_attribute,omitempty"`
	CustomAttributes              []CustomAttributeValidation `json:"custom_attributes,omitempty"`
	PublicKeys                    []PublicKey                 `json:"public_keys,omitempty"`
	PublicKeyMethod               string                      `json:"public_key_method"`
	X5uTrustAnchor                string                      `json:"x5u_trust_anchor,omitempty"`
	X5uTLSTrustAnchor             string                      `json:"x5u_tls_trust_anchor,omitempty"`
	X5uPrefix                     string                      `json:"x5u_prefix,omitempty"`
	UsersDirectory                string                      `json:"users_directory"`
	Enabled                       bool                        `json:"enabled"`
	Author                        string                      `json:"author"`
	Created                       string                      `json:"created"`
	Updated                       string                      `json:"updated,omitempty"`
	UpdatedBy                     string                      `json:"updated_by,omitempty"`
}

IdentityProvider identity provider definition.

type IdentityProviderSearch 

type IdentityProviderSearch struct {
	Keywords string `json:"keywords,omitempty"`
}

IdentityProviderSearch identity provider search request definition.

type LinkedPrivXRole 

type LinkedPrivXRole struct {
	ID          string `json:"id,omitempty"`
	DisplayName string `json:"name,omitempty"`
}

type LogConfCollector 

type LogConfCollector struct {
	ID                  string `json:"id,omitempty"`
	Name                string `json:"name,omitempty"`
	Type                string `json:"type,omitempty"`
	Enabled             bool   `json:"enabled"`
	Updated             string `json:"updated,omitempty"`
	StatusCode          string `json:"status_code,omitempty"`
	StatusText          string `json:"status_text,omitempty"`
	AWSLogRegion        string `json:"aws_log_region,omitempty"`
	IAMAccessKeyID      string `json:"iam_access_key_id,omitempty"`
	IAMSecretAccessKey  string `json:"iam_secret_access_key,omitempty"`
	IAMSessionToken     string `json:"iam_session_token,omitempty"`
	Namespace           string `json:"azure_event_hubs_namespace,omitempty"`
	EventHubName        string `json:"azure_event_hub_name,omitempty"`
	TenantID            string `json:"azure_tenant_id,omitempty"`
	ClientID            string `json:"azure_client_id,omitempty"`
	ClientSecret        string `json:"azure_client_secret,omitempty"`
	SASConnectionString string `json:"azure_sas_connection_string,omitempty"`
}

LogConfCollector logconf collectors definition.

type MFAAction 

type MFAAction string

MFAAction definition for possible actions related to MFA. 

const (
	// Enumerated values for MFA actions.
	MFAActionEnable  MFAAction = "enable"
	MFAActionDisable MFAAction = "disable"
	MFAActionReset   MFAAction = "reset"
)

type MFASeed 

type MFASeed struct {
	Seed_string  string `json:"seed_string,omitempty"`
	Seed_qr_code string `json:"seed_qr_code,omitempty"`
}

type MFAStatus 

type MFAStatus struct {
	Status          string  `json:"user_mfa_status,omitempty"`
	TotpStatus      string  `json:"status,omitempty"`
	TotpMFASeed     MFASeed `json:"seed,omitempty"`
	MobileMfaStatus string  `json:"mobile_mfa_status"`
}

MFAStatus mfa status definition.

type PublicKey 

type PublicKey struct {
	KeyID     string `json:"key_id"`
	Comment   string `json:"comment,omitempty"`
	PublicKey string `json:"public_key,omitempty"`
}

PublicKey identity provider public key definition.

type Role 

type Role struct {
	ID                   string           `json:"id"`
	Type                 string           `json:"type,omitempty"`
	AwsArn               string           `json:"arn,omitempty"`
	Created              string           `json:"created,omitempty"`
	Name                 string           `json:"name,omitempty"`
	Updated              string           `json:"updated,omitempty"`
	Author               string           `json:"author,omitempty"`
	UpdatedBy            string           `json:"updatedby,omitempty"`
	Explicit             bool             `json:"explicit"`
	Implicit             bool             `json:"implicit"`
	System               bool             `json:"system"`
	GrantType            string           `json:"grant_type,omitempty"`
	GrantStart           string           `json:"grant_start,omitempty"`
	GrantEnd             string           `json:"grant_end,omitempty"`
	GrantValidityPeriods []ValidityPeriod `json:"grant_validity_periods,omitempty"`
	FloatingLength       int64            `json:"floating_length,omitempty"`
	Comment              string           `json:"comment,omitempty"`
	Tags                 []string         `json:"tags,omitempty"`
	AwsSource            string           `json:"source,omitempty"`
	Permissions          []string         `json:"permissions"`
	AccessGroupID        string           `json:"access_group_id"`
	CreatedByDirectory   string           `json:"owner_src"`
	PrincipalPublicKeys  []string         `json:"principal_public_key_strings,omitempty"`
	PermitAgent          bool             `json:"permit_agent,omitempty"`
	SourceRules          SourceRule       `json:"source_rules,omitempty"`
	Context              ContextualLimit  `json:"context"`
	MemberCount          *int             `json:"member_count,omitempty"`
	ExplicitMemberCount  *int             `json:"explicit_count,omitempty"`
}

Role PrivX role definition.

type RoleHandle 

type RoleHandle struct {
	ID      string `json:"id"`
	Name    string `json:"name"`
	Deleted bool   `json:"deleted,omitempty"`
}

RoleHandle role handle definition.

type RolePrincipalKey 

type RolePrincipalKey struct {
	ID        string `json:"id,omitempty"`
	PublicKey string `json:"public_key,omitempty"`
}

RolePrincipalKey role principal key definition.

type RolePrincipalKeyImport 

type RolePrincipalKeyImport struct {
	PrivateKey string `json:"private_key,omitempty"`
}

RolePrincipalKeyImport role principal key import request definition.

type RoleSearch 

type RoleSearch struct {
	Name []string `json:"name"`
}

RoleSearch role search request definition.

type RoleStore 

type RoleStore struct {
	// contains filtered or unexported fields
}

RoleStore is a role-store client instance.

func New 

func New(api restapi.Connector) *RoleStore

New role store client constructor.

func (*RoleStore) CreateCurrentUserAuthorizedKey 

func (c *RoleStore) CreateCurrentUserAuthorizedKey(key *AuthorizedKey) (response.Identifier, error)

CreateCurrentUserAuthorizedKey create authorized key for current user.

func (*RoleStore) CreateIdentityProvider 

func (c *RoleStore) CreateIdentityProvider(provider *IdentityProvider) (response.Identifier, error)

CreateIdentityProvider create a identity provider.

func (*RoleStore) CreateLogConfCollector 

func (c *RoleStore) CreateLogConfCollector(collector *LogConfCollector) (response.Identifier, error)

CreateLogConfCollector create logconf collector.

func (*RoleStore) CreatePrincipalKey 

func (c *RoleStore) CreatePrincipalKey(roleID string) (response.Identifier, error)

CreatePrincipalKey create principal key for role.

func (*RoleStore) CreateRole 

func (c *RoleStore) CreateRole(role *Role) (response.Identifier, error)

CreateRole creates role.

func (*RoleStore) CreateSource 

func (c *RoleStore) CreateSource(source *Source) (response.Identifier, error)

CreateSource create source.

func (*RoleStore) CreateUserAuthorizedKey 

func (c *RoleStore) CreateUserAuthorizedKey(userID string, key *AuthorizedKey) (response.Identifier, error)

CreateUserAuthorizedKey create authorized key for user.

func (*RoleStore) DeleteAWSRole 

func (c *RoleStore) DeleteAWSRole(awsRoleID string) error

DeleteAWSRole delete AWS role.

func (*RoleStore) DeleteCurrentUserAuthorizedKey 

func (c *RoleStore) DeleteCurrentUserAuthorizedKey(keyID string) error

DeleteCurrentUserAuthorizedKey delete current a user authorized key.

func (*RoleStore) DeleteIdentityProvider 

func (c *RoleStore) DeleteIdentityProvider(providerID string) error

DeleteIdentityProvider delete identity provider by id.

func (*RoleStore) DeleteLogConfCollector 

func (c *RoleStore) DeleteLogConfCollector(collectorID string) error

DeleteLogConfCollector delete logconf collector.

func (*RoleStore) DeletePrincipalKey 

func (c *RoleStore) DeletePrincipalKey(roleID, keyID string) error

DeletePrincipalKey delete roles principal key.

func (*RoleStore) DeleteRole 

func (c *RoleStore) DeleteRole(roleID string) error

DeleteRole delete role.

func (*RoleStore) DeleteSource 

func (c *RoleStore) DeleteSource(sourceID string) error

DeleteSource delete source.

func (*RoleStore) DeleteUserAuthorizedKey 

func (c *RoleStore) DeleteUserAuthorizedKey(userID, keyID string) error

DeleteUserAuthorizedKey delete a user authorized key.

func (*RoleStore) EvaluateRole 

func (c *RoleStore) EvaluateRole(role *Role) (*response.ResultSet[User], error)

EvaluateRole evaluate role definition.

func (*RoleStore) GetAWSRole 

func (c *RoleStore) GetAWSRole(awsRoleID string) (*AWSRole, error)

GetAWSRole get AWS role by id.

func (*RoleStore) GetAWSRoles 

func (c *RoleStore) GetAWSRoles(opts ...filters.Option) (*response.ResultSet[AWSRole], error)

MARK: AWS Roles GetAWSRoles get AWS roles.

func (*RoleStore) GetAWSToken 

func (c *RoleStore) GetAWSToken(roleID string, opts ...filters.Option) (*json.RawMessage, error)

GetAWSToken get AWS token for role.

func (*RoleStore) GetAuthorizedKeys 

func (c *RoleStore) GetAuthorizedKeys(opts ...filters.Option) (*response.ResultSet[AuthorizedKey], error)

MARK: Authorized Keys GetAuthorizedKeys get authorized keys.

func (*RoleStore) GetCurrentAWSRoles 

func (c *RoleStore) GetCurrentAWSRoles() (*response.ResultSet[AWSRole], error)

GetCurrentUserSettings get current user AWS roles.

func (*RoleStore) GetCurrentUserAuthorizedKey 

func (c *RoleStore) GetCurrentUserAuthorizedKey(keyID string) (*AuthorizedKey, error)

GetCurrentUserAuthorizedKey get current user authorized key by id.

func (*RoleStore) GetCurrentUserAuthorizedKeys 

func (c *RoleStore) GetCurrentUserAuthorizedKeys(opts ...filters.Option) (*response.ResultSet[AuthorizedKey], error)

GetCurrentUserAuthorizedKeys get current user authorized keys.

func (*RoleStore) GetCurrentUserInfo 

func (c *RoleStore) GetCurrentUserInfo() (*json.RawMessage, error)

GetCurrentUserInfo get current user and user settings.

func (*RoleStore) GetCurrentUserSettings 

func (c *RoleStore) GetCurrentUserSettings() (*json.RawMessage, error)

GetCurrentUserAndSettings get current user settings.

func (*RoleStore) GetIdentityProvider 

func (c *RoleStore) GetIdentityProvider(providerID string) (*IdentityProvider, error)

GetIdentityProvider get identity provider by id.

func (*RoleStore) GetIdentityProviders 

func (c *RoleStore) GetIdentityProviders(opts ...filters.Option) (*response.ResultSet[IdentityProvider], error)

MARK: Identity Providers GetIdentityProviders get identity providers.

func (*RoleStore) GetLinkedRoles 

func (c *RoleStore) GetLinkedRoles(awsRoleID string) (*response.ResultSet[LinkedPrivXRole], error)

GetLinkedRoles get AWS role granting PrivX roles.

func (*RoleStore) GetLogConfCollector 

func (c *RoleStore) GetLogConfCollector(collectorID string) (*LogConfCollector, error)

GetLogConfCollector get logconf collector by id.

func (*RoleStore) GetLogConfCollectors 

func (c *RoleStore) GetLogConfCollectors() (*response.ResultSet[LogConfCollector], error)

MARK: Logconf GetLogConfCollectors get logconf collectors.

func (*RoleStore) GetPrincipalKey 

func (c *RoleStore) GetPrincipalKey(roleID, keyID string) (RolePrincipalKey, error)

GetPrincipalKey get roles principal key.

func (*RoleStore) GetPrincipalKeys 

func (c *RoleStore) GetPrincipalKeys(roleID string) (*response.ResultSet[RolePrincipalKey], error)

GetPrincipalKeys get roles principal keys.

func (*RoleStore) GetRole 

func (c *RoleStore) GetRole(roleID string) (*Role, error)

GetRole get role by id.

func (*RoleStore) GetRoleMembers 

func (c *RoleStore) GetRoleMembers(roleID string, opts ...filters.Option) (*response.ResultSet[User], error)

GetRoleMembers gets users of the role.

func (*RoleStore) GetRoles 

func (c *RoleStore) GetRoles(opts ...filters.Option) (*response.ResultSet[Role], error)

GetRoles get roles.

func (*RoleStore) GetSource 

func (c *RoleStore) GetSource(sourceID string) (*Source, error)

GetSource get source by id.

func (*RoleStore) GetSources 

func (c *RoleStore) GetSources() (*response.ResultSet[Source], error)

MARK: Sources GetSources get sources.

func (*RoleStore) GetUser 

func (c *RoleStore) GetUser(userID string) (*User, error)

MARK: Users GetUser get user by id.

func (*RoleStore) GetUserAuthorizedKey 

func (c *RoleStore) GetUserAuthorizedKey(userID, keyID string) (*AuthorizedKey, error)

GetUserAuthorizedKey get user authorized key by id.

func (*RoleStore) GetUserRoles 

func (c *RoleStore) GetUserRoles(userID string) (*response.ResultSet[Role], error)

GetUserRoles get roles of user by id.

func (*RoleStore) GetUserSettings 

func (c *RoleStore) GetUserSettings(userID string) (*json.RawMessage, error)

GetUserSettings get user settings.

func (*RoleStore) GetUsersAuthorizedKeys 

func (c *RoleStore) GetUsersAuthorizedKeys(userID string, opts ...filters.Option) (*response.ResultSet[AuthorizedKey], error)

GetUsersAuthorizedKeys get users authorized keys.

func (*RoleStore) ImportPrincipalKey 

func (c *RoleStore) ImportPrincipalKey(roleID string, key RolePrincipalKeyImport) (response.Identifier, error)

ImportPrincipalKey import principal key for role.

func (*RoleStore) RefreshSources 

func (c *RoleStore) RefreshSources(sourceIDs []string) error

RefreshSources refresh sources.

func (*RoleStore) ResolveAuthorizedKey 

func (c *RoleStore) ResolveAuthorizedKey(resolve AuthorizedKeyResolve) (*AuthorizedKey, error)

ResolveAuthorizedKey resolve authorized key.

func (*RoleStore) ResolveRoles 

func (c *RoleStore) ResolveRoles(names []string) (*response.ResultSet[Role], error)

ResolveRoles resolve role names to role.

func (*RoleStore) ResolveUserRoles 

func (c *RoleStore) ResolveUserRoles(userID string) (*User, error)

ResolveUserRoles resolve user roles.

func (*RoleStore) SearchExternalUsers 

func (c *RoleStore) SearchExternalUsers(search UserSearch) (*response.ResultSet[User], error)

SearchExternalUsers search external users.

func (*RoleStore) SearchIdentityProviders 

func (c *RoleStore) SearchIdentityProviders(search IdentityProviderSearch, opts ...filters.Option) (*response.ResultSet[IdentityProvider], error)

SearchIdentityProviders search identity providers.

func (*RoleStore) SearchRoles 

func (c *RoleStore) SearchRoles(search RoleSearch, opts ...filters.Option) (*response.ResultSet[Role], error)

SearchRoles search roles.

func (*RoleStore) SearchUsers 

func (c *RoleStore) SearchUsers(search UserSearch, opts ...filters.Option) (*response.ResultSet[User], error)

SearchUsers search users.

func (*RoleStore) SetMFA 

func (c *RoleStore) SetMFA(userIDs []string, action MFAAction) error

SetMFA enable, disable or reset mfa authentication.

func (*RoleStore) Status 

func (c *RoleStore) Status() (*response.ServiceStatus, error)

MARK: Status Status get role store microservice status.

func (*RoleStore) UpdateAWSRole 

func (c *RoleStore) UpdateAWSRole(awsRoleID string, roles []LinkedPrivXRole) error

UpdateAWSRole update AWS role granting PrivX roles.

func (*RoleStore) UpdateCurrentUserAuthorizedKey 

func (c *RoleStore) UpdateCurrentUserAuthorizedKey(keyID string, key *AuthorizedKey) error

UpdateCurrentUserAuthorizedKey update current user authorized key.

func (*RoleStore) UpdateCurrentUserSettings 

func (c *RoleStore) UpdateCurrentUserSettings(settings *UserSettings) error

UpdateCurrentUserSettings update current user settings.

func (*RoleStore) UpdateIdentityProvider 

func (c *RoleStore) UpdateIdentityProvider(providerID string, provider *IdentityProvider) error

UpdateIdentityProvider update identity provider.

func (*RoleStore) UpdateLogConfCollector 

func (c *RoleStore) UpdateLogConfCollector(collectorID string, collector *LogConfCollector) error

UpdateLogConfCollector update logconf collector.

func (*RoleStore) UpdateRole 

func (c *RoleStore) UpdateRole(roleID string, role *Role) error

UpdateRole update role.

func (*RoleStore) UpdateSource 

func (c *RoleStore) UpdateSource(sourceID string, source *Source) error

UpdateSource update source.

func (*RoleStore) UpdateUserAuthorizedKey 

func (c *RoleStore) UpdateUserAuthorizedKey(userID, keyID string, key *AuthorizedKey) error

UpdateUserAuthorizedKey update user authorized key.

func (*RoleStore) UpdateUserRoles 

func (c *RoleStore) UpdateUserRoles(userID string, roles []Role) error

UpdateUserRoles update user roles by id.

func (*RoleStore) UpdateUserSettings 

func (c *RoleStore) UpdateUserSettings(userID string, settings *UserSettings) error

UpdateUserSettings update specific user's settings

type Source 

type Source struct {
	ID                          string                      `json:"id,omitempty"`
	Name                        string                      `json:"name,omitempty"`
	Created                     string                      `json:"created,omitempty"`
	Updated                     string                      `json:"updated,omitempty"`
	Author                      string                      `json:"author,omitempty"`
	UpdatedBy                   string                      `json:"updatedby,omitempty"`
	TTL                         int                         `json:"ttl,omitempty"`
	RegionFilter                []string                    `json:"region_filter,omitempty"`
	Comment                     string                      `json:"comment,omitempty"`
	Tags                        []string                    `json:"tags,omitempty"`
	StatusCode                  string                      `json:"status_code"`
	StatusText                  string                      `json:"status_text"`
	Connection                  SourceConnection            `json:"connection,omitempty"`
	UsernamePattern             []string                    `json:"username_pattern,omitempty"`
	ExternalUserMapping         []UserMapping               `json:"external_user_mapping,omitempty"`
	Enabled                     bool                        `json:"enabled"`
	SessionPasswordEnabled      bool                        `json:"session_password_enabled,omitempty"`
	SessionPasswordPolicy       *auth.SessionPasswordPolicy `json:"session_password_policy,omitempty"`
	ChildSessionAutoLogoutDelay int                         `json:"child_session_auto_logout_delay,omitempty"`
}

Source source definitions.

type SourceConnection 

type SourceConnection struct {
	Type                        string            `json:"type,omitempty"`
	AttributeMapping            map[string]string `json:"attribute_mapping"`
	MFAType                     string            `json:"mfa_type"`
	MFAAddress                  string            `json:"mfa_address"`
	MFAPort                     int               `json:"mfa_port"`
	ServiceAddressAutoUpdate    bool              `json:"service_address_auto_update"`
	UseInstanceTags             bool              `json:"use_instance_tags"`
	HostFilterTag               string            `json:"host_filter_tag,omitempty"`
	AWSRoleFilterName           string            `json:"aws_role_filter_name,omitempty"`
	EnableUserAuthentication    bool              `json:"enable_user_authentication,omitempty"`
	EnableMachineAuthentication bool              `json:"enable_machine_authentication,omitempty"`

	// AWS
	IAMAccessKeyID     string `json:"iam_access_key_id"`
	IAMSecretAccessKey string `json:"iam_secret_access_key"`
	IAMSessionToken    string `json:"iam_session_token"`
	IAMRoleARN         string `json:"iam_role_arn"`

	IAMFetchRoles          bool   `json:"iam_fetch_roles"`
	IAMFetchRolePathPrefix string `json:"iam_fetch_role_path_prefix"`
	IAMExternalID          string `json:"iam_external_id"`

	// Google Cloud
	GoogleCloudProjectIDs []string `json:"google_cloud_project_ids"`
	GoogleCloudConfigJSON string   `json:"google_cloud_config_json"`

	// Google GSuite
	GoogleGSuiteDomainAdminEmail string `json:"google_gsuite_domain_admin_email"`
	GoogleGSuiteDomain           string `json:"google_gsuite_domain"`

	// OpenStack
	OpenStackIdentityEndpoint string   `json:"openstack_endpoint"`
	OpenStackUsername         string   `json:"openstack_username"`
	OpenStackUserID           string   `json:"openstack_user_id"`
	OpenStackPassword         string   `json:"openstack_password"`
	OpenStackDomainName       string   `json:"openstack_domainname"`
	OpenStackDomainID         string   `json:"openstack_domain_id"`
	OpenStackTokenID          string   `json:"openstack_token_id"`
	OpenStackTenantIDs        []string `json:"openstack_tenant_ids"`
	OpenStackTenantNames      []string `json:"openstack_tenant_names"`
	OpenStackVersion          string   `json:"openstack_version"`
	OpenStackRegion           string   `json:"openstack_region"`

	// Azure
	AzureEndpoint       string `json:"azure_base_url"`
	AzureSubscriptionID string `json:"azure_subscription_id"`
	AzureTenantID       string `json:"azure_tenant_id"`
	AzureClientID       string `json:"azure_client_id"`
	AzureClientSecret   string `json:"azure_client_secret"`

	// Microsoft Graph API
	MsGraphEndpoint     string `json:"msgraph_base_url"`
	MsGraphTenantID     string `json:"msgraph_tenant_id"`
	MsGraphClientID     string `json:"msgraph_client_id"`
	MsGraphClientSecret string `json:"msgraph_client_secret"`
	MSGraphBatchSize    int    `json:"msgraph_batch_size"`
	MSGraphPageSize     int    `json:"msgraph_page_size"`

	// AD/LDAP
	Address                                 string `json:"address"`
	Port                                    int    `json:"port"`
	LdapBaseDN                              string `json:"ldap_base_dn"`
	LdapUserDNPattern                       string `json:"ldap_user_dn_pattern"`
	LdapUserFilter                          string `json:"ldap_user_filter"`
	LdapBindDN                              string `json:"ldap_bind_dn"`
	LdapBindPassword                        string `json:"ldap_bind_password"`
	LdapProtocol                            string `json:"ldap_protocol"`
	Certificates                            string `json:"root_certificates"`
	PasswordChangeEnabled                   bool   `json:"password_change_enabled"`
	ClientCertificateAuthenticationEnabled  bool   `json:"client_certificate_authentication_enabled"`
	ClientCAPEM                             string `json:"client_ca_pem"`
	ClientCertificateAuthenticationRequired bool   `json:"client_certificate_authentication_required"`

	// AD/LDAP/UKM
	SkipStrictCertCheck bool `json:"skip_strict_cert_check"`

	// OpenID Connect
	OIDCEnabled             bool     `json:"oidc_enabled"`
	OIDCIssuer              string   `json:"oidc_issuer"`
	OIDCAdditionalIssuer    string   `json:"oidc_additional_issuer"`
	OIDCClientID            string   `json:"oidc_client_id"`
	OIDCClientSecret        string   `json:"oidc_client_secret"`
	OIDCButtonTitle         string   `json:"oidc_button_title"`
	OIDCTagsAttributeName   string   `json:"oidc_tags_attribute_name"`
	OIDCAllowLoginTag       string   `json:"oidc_allow_login_tag"`
	OIDCAdditionalScopes    []string `json:"oidc_additional_scopes"`
	OIDCUseUserInfoEndpoint bool     `json:"oidc_use_userinfo_endpoint"`

	// User directory group filter
	GroupFilter []string `json:"group_filter"`

	// SCIM
	SCIMAuthenticationType string `json:"scim_authentication_type"`
	SCIMCreateRoles        bool   `json:"scim_create_roles"`
	SCIMUpdateSSHHostKeys  bool   `json:"scim_update_ssh_host_keys"`
	SCIMBasicUsername      string `json:"scim_username"`
	SCIMBasicPassword      string `json:"scim_password"`
	SCIMUserFilter         string `json:"scim_user_filter"`

	// VMWare ESXi/vCenter
	VMWareEndpoint       string `json:"vmware_url"`
	VMWareUsername       string `json:"vmware_username"`
	VMWarePassword       string `json:"vmware_password"`
	VMWareDataCenter     string `json:"vmware_datacenter"`
	VMWareUseVMBiosUUIDs bool   `json:"vmware_use_vmbios_uuids"`

	// UKM
	UKMEndpoint    string `json:"ukm_endpoint"`
	UKMToken       string `json:"ukm_token"`
	UKMTrustAnchor string `json:"um_ca_pem"`

	// Oracle Cloud
	OCIUser              string   `json:"oci_user"`
	OCITenancy           string   `json:"oci_tenancy"`
	OCIHomeRegion        string   `json:"oci_home_region"`
	OCIFingerprint       string   `json:"oci_fingerprint"`
	OCIPrivateKey        string   `json:"oci_private_key"`
	OCIPassphrase        string   `json:"oci_passphrase"`
	OCICompartmentFilter []string `json:"oci_compartment_filter,omitempty"`

	// Proxmox VE
	ProxmoxEndpoint       string `json:"proxmox_url"`
	ProxmoxTokenId        string `json:"proxmox_token_id"`
	ProxmoxSecret         string `json:"proxmox_secret"`
	ProxmoxUseSMBiosUUIDs bool   `json:"proxmox_use_smbios_uuids"`
}

SourceConnection source connection definition.

type SourceRule added in v2.41.0 

type SourceRule struct {
	Type         string       `json:"type,omitempty"`
	Source       string       `json:"source,omitempty"`
	SearchString string       `json:"search_string,omitempty"`
	Match        string       `json:"match,omitempty"`
	SourceRules  []SourceRule `json:"rules"`
}

type User 

type User struct {
	ID                     string          `json:"id,omitempty"`
	SourceUserID           string          `json:"source_user_id,omitempty"`
	Created                string          `json:"created,omitempty"`
	Updated                string          `json:"updated,omitempty"`
	Author                 string          `json:"author,omitempty"`
	UpdatedBy              string          `json:"updatedby,omitempty"`
	Principal              string          `json:"principal,omitempty"`
	Source                 string          `json:"source,omitempty"`
	SourceType             string          `json:"source_type,omitempty"`
	Comment                string          `json:"comment,omitempty"`
	Tags                   []string        `json:"tags,omitempty"`
	Roles                  []Role          `json:"roles"`
	Attributes             []UserAttribute `json:"attributes"`
	Permissions            []string        `json:"permissions"`
	FirstName              string          `json:"first_name,omitempty"`
	LastName               string          `json:"last_name,omitempty"`
	FullName               string          `json:"full_name,omitempty"`
	JobTitle               string          `json:"job_title,omitempty"`
	Company                string          `json:"company,omitempty"`
	Department             string          `json:"department,omitempty"`
	Email                  string          `json:"email,omitempty"`
	Telephone              string          `json:"telephone,omitempty"`
	DistinguishedName      string          `json:"distinguished_name,omitempty"`
	Locale                 string          `json:"locale,omitempty"`
	SamAccountName         string          `json:"samaccountname,omitempty"`
	WindowsAccount         string          `json:"windows_account,omitempty"`
	UnixAccount            string          `json:"unix_account,omitempty"`
	Password               string          `json:"password,omitempty"`
	MFA                    MFAStatus       `json:"mfa,omitempty"`
	Settings               json.RawMessage `json:"settings,omitempty"`
	ExternalID             string          `json:"external_id,omitempty"`
	AuthorizedKeys         []AuthorizedKey `json:"authorized_keys,omitempty"`
	WebAuthnCredentials    []Credential    `json:"webauthn_credentials,omitempty"`
	SessionPasswordEnabled bool            `json:"session_password_enabled,omitempty"`
	StaleAccessToken       bool            `json:"stale_access_token,omitempty"`
	CurrentSessionID       string          `json:"current_session_id,omitempty"`
	RefreshTimestamp       string
}

User user definition.

type UserAttribute 

type UserAttribute struct {
	Key   string `json:"key"`
	Value string `json:"value"`
}

UserAttribute user attribute definition.

type UserBookmarks 

type UserBookmarks struct {
	HostsBookmarks                   []Bookmark `json:"available-hosts,omitempty"`
	NetworkTargetsBookmarks          []Bookmark `json:"available-network-targets,omitempty"`
	SecretsBookmarks                 []Bookmark `json:"secrets,omitempty"`
	UserRequestsBookmarks            []Bookmark `json:"requests,omitempty"`
	ApprovalsBookmarks               []Bookmark `json:"approvals,omitempty"`
	ConnectionsBookmarks             []Bookmark `json:"connections,omitempty"`
	AuditEventBookmarks              []Bookmark `json:"audit-events,omitempty"`
	CertificatesBookmarks            []Bookmark `json:"certificates,omitempty"`
	AdminRolesBookmarks              []Bookmark `json:"roles,omitempty"`
	AdminUsersBookmarks              []Bookmark `json:"users,omitempty"`
	AdminHostsBookmarks              []Bookmark `json:"hosts,omitempty"`
	AdminNetworkTargetsBookmarks     []Bookmark `json:"network-targets,omitempty"`
	AdminDirectoriesBookmarks        []Bookmark `json:"sources,omitempty"`
	AdminAccessGroupsBookmarks       []Bookmark `json:"access-groups,omitempty"`
	AdminWorkflowsBookmarks          []Bookmark `json:"workflows,omitempty"`
	SessionsBookmarks                []Bookmark `json:"sessions,omitempty"`
	IdentityProviderClientsBookmarks []Bookmark `json:"identity-provider-clients,omitempty"`
	ExternalTokenProvidersBookmarks  []Bookmark `json:"external-token-providers,omitempty"`
	AWSRolesBookmarks                []Bookmark `json:"aws-roles,omitempty"`
	APIClientsBookmarks              []Bookmark `json:"api-clients,omitempty"`
	CommandWhitelistsBookmarks       []Bookmark `json:"command-whitelists,omitempty"`
}

UserBookmarks user bookmarks settings definition.

type UserConnectionHistory 

type UserConnectionHistory struct {
	Id          string `json:"id"`
	Time        string `json:"time"`
	Type        string `json:"type"`
	Target      string `json:"target"`
	TargetID    string `json:"targetId,omitempty"`
	Account     string `json:"account,omitempty"`
	Name        string `json:"name,omitempty"`
	Application string `json:"application,omitempty"`
}

UserConnectionHistory user connection history settings definition.

type UserLocale 

type UserLocale struct {
	Locale string `json:"locale,omitempty"`
}

UserLocale user locale settings definition.

type UserMapping 

type UserMapping struct {
	SourceID          string `json:"source_id,omitempty"`
	SourceSearchField string `json:"source_search_field,omitempty"`
}

UserMapping user mapping definition

type UserRDPClient 

type UserRDPClient struct {
	KeyboardLayout            string  `json:"keyboardLayout,omitempty"`
	Scale                     float32 `json:"scale,omitempty"`
	ScalingMode               string  `json:"scalingMode,omitempty"`
	ImageScalingAlgorithm     string  `json:"imageScalingAlgorithm,omitempty"`
	ClipboardSync             bool    `json:"clipboardSync,omitempty"`
	ClipboardSyncStartsPaused bool    `json:"clipboardSyncStartsPaused,omitempty"`
}

UserRDPClient user rdp client settings definition.

type UserSSHClient 

type UserSSHClient struct {
	FontSize          int    `json:"fontSize,omitempty"`
	Encoding          string `json:"encoding,omitempty"`
	Locale            string `json:"locale,omitempty"`
	Theme             string `json:"theme,omitempty"`
	CopyOnSelect      bool   `json:"copyOnSelect,omitempty"`
	PasteOnRightClick bool   `json:"pasteOnRightClick,omitempty"`
	SendCtrlV         bool   `json:"sendCtrlV,omitempty"`
	AltAsMeta         bool   `json:"altAsMeta,omitempty"`
	ClickableLinks    bool   `json:"clickableLinks,omitempty"`
	ScrollbackLength  int    `json:"scrollbackLength,omitempty"`
}

UserSSHClient user ssh client settings definition.

type UserSearch 

type UserSearch struct {
	Keywords string   `json:"keywords,omitempty"`
	Source   string   `json:"source,omitempty"`
	UserIDs  []string `json:"user_id,omitempty"`
}

UserSearch user search request definition.

type UserSettings 

type UserSettings struct {
	Locale            UserLocale              `json:"locale,omitempty"`
	RDPClient         UserRDPClient           `json:"rdpClient,omitempty"`
	SSHClient         UserSSHClient           `json:"sshClient,omitempty"`
	ConnectionHistory []UserConnectionHistory `json:"connectionHistory,omitempty"`
	Bookmarks         UserBookmarks           `json:"bookmarks,omitempty"`
}

UserSettings user settings update request definition.

type ValidityPeriod 

type ValidityPeriod struct {
	GrantStart string `json:"grant_start,omitempty"`
	GrantEnd   string `json:"grant_end,omitempty"`
}

ValidityPeriod validity period definition.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.