From df6cb4d4f052c793bf4ba4a97874d8e1073e8985 Mon Sep 17 00:00:00 2001 From: michael sorens Date: Fri, 28 Feb 2020 09:15:43 -0800 Subject: [PATCH] Regenerate from protos after merge hab studio: compile_all_protobuf_components components/automate-chef-io: make sync_swagger_files Signed-off-by: michael sorens --- .../applications/applications.swagger.json | 28 +- api/external/nodes/manager/manager.pb.go | 540 +++++++++++---- .../nodes/manager/manager.swagger.json | 192 +++++- .../applications/applications.swagger.json | 28 +- .../auth/users/request/users.swagger.json | 15 - .../auth/users/response/users.swagger.json | 15 - .../auth/users/users.swagger.json | 256 ------- .../iam/v2/policy.swagger.json | 305 +++++--- .../iam/v2/teams.swagger.json | 6 - .../api/applications.pb.swagger.go | 28 +- .../api/iam/v2/common/policy.pb.go | 58 +- .../automate-gateway/api/iam/v2/policy.pb.go | 650 ++++++++++++++++-- .../api/iam/v2/policy.swagger.json | 305 +++++--- .../api/iam/v2/request/policy.pb.go | 158 +++-- .../api/iam_v2_policy.pb.swagger.go | 305 +++++--- .../api/manager.pb.swagger.go | 192 +++++- 16 files changed, 2161 insertions(+), 920 deletions(-) delete mode 100644 components/automate-chef-io/data/docs/api_chef_automate/auth/users/request/users.swagger.json delete mode 100644 components/automate-chef-io/data/docs/api_chef_automate/auth/users/response/users.swagger.json delete mode 100644 components/automate-chef-io/data/docs/api_chef_automate/auth/users/users.swagger.json diff --git a/api/external/applications/applications.swagger.json b/api/external/applications/applications.swagger.json index ca11b73f60b..8911aa5276e 100644 --- a/api/external/applications/applications.swagger.json +++ b/api/external/applications/applications.swagger.json @@ -14,7 +14,7 @@ "/applications/delete_disconnected_services": { "post": { "summary": "Remove Disconnected Services", - "description": "Removes services marked as disconnected based on the `threshold_seconds` setting.\nThis function is not used by the API or CLI and is here for testing purposes.\nThe functionality is currently covered by a periodically running job that can be configured using `UpdateDeleteDisconnectedServicesConfig`.\n\nAuthorization Action:\n\n```\napplications:serviceGroups:delete\n```", + "description": "Removes services marked as disconnected based on the `threshold_seconds` setting.\nThis function is not used by the API or CLI and is here for testing purposes.\nThe functionality is currently covered by a periodically running job that can be configured using `UpdateDeleteDisconnectedServicesConfig`.\n\nAuthorization Action:\n```\napplications:serviceGroups:delete\n```", "operationId": "DeleteDisconnectedServices", "responses": { "200": { @@ -42,7 +42,7 @@ "/applications/delete_services_by_id": { "post": { "summary": "Delete the services with the given IDs", - "description": "Authorization Action:\n\n```\napplications:serviceGroups:delete\n```", + "description": "Authorization Action:\n```\napplications:serviceGroups:delete\n```", "operationId": "DeleteServicesByID", "responses": { "200": { @@ -70,7 +70,7 @@ "/applications/disconnected_services": { "get": { "summary": "Mark Services as Disconnected", - "description": "Marks services as disconnected based on the `threshold_seconds` setting.\nThis function is not used by the API or CLI and is here for testing purposes.\nThe functionality is currently covered by a periodically running job that can be configured\nby utilizing the `UpdateDisconnectedServicesConfig` endpoint.\n\nAuthorization Action:\n\n```\napplications:serviceGroups:list\n```", + "description": "Marks services as disconnected based on the `threshold_seconds` setting.\nThis function is not used by the API or CLI and is here for testing purposes.\nThe functionality is currently covered by a periodically running job that can be configured\nby utilizing the `UpdateDisconnectedServicesConfig` endpoint.\n\nAuthorization Action:\n```\napplications:serviceGroups:list\n```", "operationId": "GetDisconnectedServices", "responses": { "200": { @@ -98,7 +98,7 @@ "/applications/service-groups": { "get": { "summary": "List Service Groups", - "description": "Lists service groups with name, health information, and application, environment, package, release metadata.\nAccepts pagination, sorting, search, and status filters.\n\nExample:\n```\napplications/service-groups?sorting.field=percent_ok\u0026sorting.order=ASC\u0026pagination.page=1\u0026pagination.size=25\n```\n\nAuthorization Action:\n\n```\napplications:serviceGroups:list\n```", + "description": "Lists service groups with name, health information, and application, environment, package, release metadata.\nAccepts pagination, sorting, search, and status filters.\n\nExample:\n```\napplications/service-groups?sorting.field=percent_ok\u0026sorting.order=ASC\u0026pagination.page=1\u0026pagination.size=25\n```\n\nAuthorization Action:\n```\napplications:serviceGroups:list\n```", "operationId": "GetServiceGroups", "responses": { "200": { @@ -164,7 +164,7 @@ "/applications/service-groups/{service_group_id}": { "get": { "summary": "List Services for a Service Group", - "description": "List the services for a service group with health status and service metadata.\nUses the service group ID generated by Chef Automate instead of the Chef Habitat- provided ID.\nSupports pagination and filtering.\n\nExample:\n```\napplications/service-groups/1dfff679054c60a10c51d059b6dbf81a765c46f8d3e8ce0752b22ffe8d4d9716?pagination.page=1\u0026pagination.size=25\n```\n\nAuthorization Action:\n\n```\napplications:serviceGroups:list\n```", + "description": "List the services for a service group with health status and service metadata.\nUses the service group ID generated by Chef Automate instead of the Chef Habitat- provided ID.\nSupports pagination and filtering.\n\nExample:\n```\napplications/service-groups/1dfff679054c60a10c51d059b6dbf81a765c46f8d3e8ce0752b22ffe8d4d9716?pagination.page=1\u0026pagination.size=25\n```\n\nAuthorization Action:\n```\napplications:serviceGroups:list\n```", "operationId": "GetServicesBySG", "responses": { "200": { @@ -237,7 +237,7 @@ "/applications/service_groups_health_counts": { "get": { "summary": "List Service Groups Health Counts", - "description": "Lists the total service group health reports by critical, warning, ok and unknown responses. Supports search and status filtering.\n\nAuthorization Action:\n\n```\napplications:serviceGroups:list\n```", + "description": "Lists the total service group health reports by critical, warning, ok and unknown responses. Supports search and status filtering.\n\nAuthorization Action:\n```\napplications:serviceGroups:list\n```", "operationId": "GetServiceGroupsHealthCounts", "responses": { "200": { @@ -268,7 +268,7 @@ "/applications/services": { "get": { "summary": "List Services", - "description": "Lists service health status and service metadata for services.\nSupports pagination and search and status filtering. For a list of services for a specific service-group see \"List Services for a Service Group\" (GetServicesBySG endpoint).\n\nAuthorization Action:\n\n```\napplications:serviceGroups:list\n```", + "description": "Lists service health status and service metadata for services.\nSupports pagination and search and status filtering. For a list of services for a specific service-group see \"List Services for a Service Group\" (GetServicesBySG endpoint).\n\nAuthorization Action:\n```\napplications:serviceGroups:list\n```", "operationId": "GetServices", "responses": { "200": { @@ -334,7 +334,7 @@ "/applications/services-distinct-values": { "get": { "summary": "List Filter Values", - "description": "Lists all of the possible filter values for a given valid field.\nLimit the returned values by providing at one or more characters in the `query_fragment` parameter.\nSupports wildcard (* and ?)\n\n\nAuthorization Action:\n\n```\napplications:serviceGroups:list\n```", + "description": "Lists all of the possible filter values for a given valid field.\nLimit the returned values by providing at one or more characters in the `query_fragment` parameter.\nSupports wildcard (* and ?)\n\n\nAuthorization Action:\n```\napplications:serviceGroups:list\n```", "operationId": "GetServicesDistinctValues", "responses": { "200": { @@ -379,7 +379,7 @@ "/applications/stats": { "get": { "summary": "Show Summary", - "description": "Shows a summary of service-groups, services, deployments, and supervisors.\nUsed for telemetry.\nDoes not support filtering.\n\nAuthorization Action:\n\n```\napplications:serviceGroups:list\n```", + "description": "Shows a summary of service-groups, services, deployments, and supervisors.\nUsed for telemetry.\nDoes not support filtering.\n\nAuthorization Action:\n```\napplications:serviceGroups:list\n```", "operationId": "GetServicesStats", "responses": { "200": { @@ -397,7 +397,7 @@ "/applications/version": { "get": { "summary": "Show Version", - "description": "Displays the current version of the applications-service\n\nAuthorization Action:\n\n```\nsystem:serviceVersion:get\n```", + "description": "Displays the current version of the applications-service\n\nAuthorization Action:\n```\nsystem:serviceVersion:get\n```", "operationId": "GetVersion", "responses": { "200": { @@ -415,7 +415,7 @@ "/retention/service_groups/delete_disconnected_services/config": { "get": { "summary": "Show 'Remove Disconnected Services' Configuration", - "description": "Displays configuration for the task that deletes services marked as disconnected\nafter 'threshold'. Threshold is a string that follows Elasticsearch's date math expressions.\nThis job is disabled if running is set to false.\n\nAuthorization Action:\n\n```\nretention:serviceGroups:get\n```", + "description": "Displays configuration for the task that deletes services marked as disconnected\nafter 'threshold'. Threshold is a string that follows Elasticsearch's date math expressions.\nThis job is disabled if running is set to false.\n\nAuthorization Action:\n```\nretention:serviceGroups:get\n```", "operationId": "GetDeleteDisconnectedServicesConfig", "responses": { "200": { @@ -431,7 +431,7 @@ }, "post": { "summary": "Change 'Remove Disconnected Services' Configuration", - "description": "Updates configuration information for the task that deletes services marked as disconnected\nafter 'threshold'. Threshold is a string that follows Elasticsearch's date math expressions.\nThis job can be disabled by setting `\"running\": false`.\n\nExample:\n```\nservice_groups/delete_disconnected_services/config\" -d\n'{\n\"threshold\": \"1d\",\n\"running\":true\n}'\n```\n\nAuthorization Action:\n\n```\nretention:serviceGroups:update\n```", + "description": "Updates configuration information for the task that deletes services marked as disconnected\nafter 'threshold'. Threshold is a string that follows Elasticsearch's date math expressions.\nThis job can be disabled by setting `\"running\": false`.\n\nExample:\n```\nservice_groups/delete_disconnected_services/config\" -d\n'{\n\"threshold\": \"1d\",\n\"running\":true\n}'\n```\n\nAuthorization Action:\n```\nretention:serviceGroups:update\n```", "operationId": "UpdateDeleteDisconnectedServicesConfig", "responses": { "200": { @@ -459,7 +459,7 @@ "/retention/service_groups/disconnected_services/config": { "get": { "summary": "Show 'Disconnected Services' configuration", - "description": "Returns the configuration for the task that marks services as disconnected. The `threshold` setting defines the period of time between the last report from a node and the moment when Chef Automate marks it as disconnected. `Threshold` is a string that follows Elasticsearch's date math expressions.\nThis task is always enabled, cannot be disabled. Because this task runs continuously, the response does not return information about its status.\n\nAuthorization Action:\n\n```\nretention:serviceGroups:get\n```", + "description": "Returns the configuration for the task that marks services as disconnected. The `threshold` setting defines the period of time between the last report from a node and the moment when Chef Automate marks it as disconnected. `Threshold` is a string that follows Elasticsearch's date math expressions.\nThis task is always enabled, cannot be disabled. Because this task runs continuously, the response does not return information about its status.\n\nAuthorization Action:\n```\nretention:serviceGroups:get\n```", "operationId": "GetDisconnectedServicesConfig", "responses": { "200": { @@ -475,7 +475,7 @@ }, "post": { "summary": "Change 'Disconnected Services' Configuration", - "description": "Changes the configuration for the task that marks services as disconnected after\n'threshold'. Threshold is a string that follows Elasticsearch's date math expressions.\nThis job cannot be disabled, and therefore no information about running is accepted.\n\nExample:\n```\n/retention/service_groups/disconnected_services/config\n'{\n\"threshold\": \"15m\"\n}'\n```\n\nAuthorization Action:\n\n```\nretention:serviceGroups:update\n```", + "description": "Changes the configuration for the task that marks services as disconnected after\n'threshold'. Threshold is a string that follows Elasticsearch's date math expressions.\nThis job cannot be disabled, and therefore no information about running is accepted.\n\nExample:\n```\n/retention/service_groups/disconnected_services/config\n'{\n\"threshold\": \"15m\"\n}'\n```\n\nAuthorization Action:\n```\nretention:serviceGroups:update\n```", "operationId": "UpdateDisconnectedServicesConfig", "responses": { "200": { diff --git a/api/external/nodes/manager/manager.pb.go b/api/external/nodes/manager/manager.pb.go index 6f37c1b97c6..e887bde7935 100644 --- a/api/external/nodes/manager/manager.pb.go +++ b/api/external/nodes/manager/manager.pb.go @@ -12,6 +12,7 @@ import ( proto "github.com/golang/protobuf/proto" empty "github.com/golang/protobuf/ptypes/empty" timestamp "github.com/golang/protobuf/ptypes/timestamp" + _ "github.com/grpc-ecosystem/grpc-gateway/protoc-gen-swagger/options" _ "google.golang.org/genproto/googleapis/api/annotations" grpc "google.golang.org/grpc" codes "google.golang.org/grpc/codes" @@ -30,6 +31,7 @@ var _ = math.Inf // proto package needs to be updated. const _ = proto.ProtoPackageIsVersion3 // please upgrade the proto package +// Sort the results in ascending or descending order. type Query_OrderType int32 const ( @@ -87,6 +89,7 @@ func (m *ConnectResponse) XXX_DiscardUnknown() { var xxx_messageInfo_ConnectResponse proto.InternalMessageInfo type Id struct { + // UUID for the node manager. Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` @@ -126,6 +129,7 @@ func (m *Id) GetId() string { } type Ids struct { + // List of node manager UUIDs. Ids []*Id `protobuf:"bytes,1,rep,name=ids,proto3" json:"ids,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` @@ -165,14 +169,21 @@ func (m *Ids) GetIds() []*Id { } type Query struct { - FilterMap []*query.Filter `protobuf:"bytes,25,rep,name=filter_map,json=filterMap,proto3" json:"filter_map,omitempty"` - Order Query_OrderType `protobuf:"varint,21,opt,name=order,proto3,enum=chef.automate.api.nodes.manager.v1.Query_OrderType" json:"order,omitempty"` - Sort string `protobuf:"bytes,22,opt,name=sort,proto3" json:"sort,omitempty"` - Page int32 `protobuf:"varint,23,opt,name=page,proto3" json:"page,omitempty"` - PerPage int32 `protobuf:"varint,24,opt,name=per_page,json=perPage,proto3" json:"per_page,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` + // Filters for the query: "manager_type". + FilterMap []*query.Filter `protobuf:"bytes,25,rep,name=filter_map,json=filterMap,proto3" json:"filter_map,omitempty"` + Order Query_OrderType `protobuf:"varint,21,opt,name=order,proto3,enum=chef.automate.api.nodes.manager.v1.Query_OrderType" json:"order,omitempty"` + // Field to use for sorting. + // Valid fields are: name, type, status, status_message, date_added. + Sort string `protobuf:"bytes,22,opt,name=sort,proto3" json:"sort,omitempty"` + // Starting page for the list. For example, if your query returns 100 pages, + // and you know you're looking for a node manager somewhere in the middle, + // you might want to start on page 50. + Page int32 `protobuf:"varint,23,opt,name=page,proto3" json:"page,omitempty"` + // Number of results on each page. + PerPage int32 `protobuf:"varint,24,opt,name=per_page,json=perPage,proto3" json:"per_page,omitempty"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` } func (m *Query) Reset() { *m = Query{} } @@ -236,6 +247,7 @@ func (m *Query) GetPerPage() int32 { } type Fields struct { + // One or more fields: regions, tags, name, subscription_id. Fields []string `protobuf:"bytes,1,rep,name=fields,proto3" json:"fields,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` @@ -275,8 +287,11 @@ func (m *Fields) GetFields() []string { } type FieldQuery struct { - Query *Query `protobuf:"bytes,20,opt,name=query,proto3" json:"query,omitempty"` - Field string `protobuf:"bytes,21,opt,name=field,proto3" json:"field,omitempty"` + // Query details (filters) to be applied to the results. + Query *Query `protobuf:"bytes,20,opt,name=query,proto3" json:"query,omitempty"` + // Possible search fields: regions, tags, name, subscription_id. + Field string `protobuf:"bytes,21,opt,name=field,proto3" json:"field,omitempty"` + // Node manager ID. NodeManagerId string `protobuf:"bytes,22,opt,name=node_manager_id,json=nodeManagerId,proto3" json:"node_manager_id,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` @@ -330,7 +345,9 @@ func (m *FieldQuery) GetNodeManagerId() string { } type Nodes struct { - Nodes []string `protobuf:"bytes,1,rep,name=nodes,proto3" json:"nodes,omitempty"` + // List of node names matching the request. + Nodes []string `protobuf:"bytes,1,rep,name=nodes,proto3" json:"nodes,omitempty"` + // Total count of node names matching the request. Total int32 `protobuf:"varint,20,opt,name=total,proto3" json:"total,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` @@ -377,7 +394,9 @@ func (m *Nodes) GetTotal() int32 { } type NodeQuery struct { - Query *Query `protobuf:"bytes,20,opt,name=query,proto3" json:"query,omitempty"` + // Valid search filters: manager_type. + Query *Query `protobuf:"bytes,20,opt,name=query,proto3" json:"query,omitempty"` + // Node manager ID. NodeManagerId string `protobuf:"bytes,21,opt,name=node_manager_id,json=nodeManagerId,proto3" json:"node_manager_id,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` @@ -424,18 +443,34 @@ func (m *NodeQuery) GetNodeManagerId() string { } type NodeManager struct { - Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` - Name string `protobuf:"bytes,2,opt,name=name,proto3" json:"name,omitempty"` - Type string `protobuf:"bytes,3,opt,name=type,proto3" json:"type,omitempty"` - CredentialId string `protobuf:"bytes,20,opt,name=credential_id,json=credentialId,proto3" json:"credential_id,omitempty"` - InstanceCredentials []*CredentialsByTags `protobuf:"bytes,21,rep,name=instance_credentials,json=instanceCredentials,proto3" json:"instance_credentials,omitempty"` - Status string `protobuf:"bytes,22,opt,name=status,proto3" json:"status,omitempty"` - AccountId string `protobuf:"bytes,24,opt,name=account_id,json=accountId,proto3" json:"account_id,omitempty"` - DateAdded *timestamp.Timestamp `protobuf:"bytes,25,opt,name=date_added,json=dateAdded,proto3" json:"date_added,omitempty"` - CredentialData []*query.Kv `protobuf:"bytes,26,rep,name=credential_data,json=credentialData,proto3" json:"credential_data,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` + // UUID for the nodemanager. + Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` + // User defined name for the node manager. + Name string `protobuf:"bytes,2,opt,name=name,proto3" json:"name,omitempty"` + // Type of nodemanager (aws-ec2, azure-vm, aws-api, azure-api, gcp). + Type string `protobuf:"bytes,3,opt,name=type,proto3" json:"type,omitempty"` + // Use either 'credential_id' OR 'credential_data'. + // 'credential_data' will overwrite values in 'credential_id'. + // The 'credential_id' is the UUID of credential with the information + // you need to connect to aws, azure, or gcp. + CredentialId string `protobuf:"bytes,20,opt,name=credential_id,json=credentialId,proto3" json:"credential_id,omitempty"` + // List of tag and credential UUID associations for making node managers. + // These are ssh, winrm, and sudo creds used to access instances. + InstanceCredentials []*CredentialsByTags `protobuf:"bytes,21,rep,name=instance_credentials,json=instanceCredentials,proto3" json:"instance_credentials,omitempty"` + // Status of the nodemanager (reachable, unreachable). + Status string `protobuf:"bytes,22,opt,name=status,proto3" json:"status,omitempty"` + // Account id associated with the nodemanager. + AccountId string `protobuf:"bytes,24,opt,name=account_id,json=accountId,proto3" json:"account_id,omitempty"` + // Date the nodemanager was created. + DateAdded *timestamp.Timestamp `protobuf:"bytes,25,opt,name=date_added,json=dateAdded,proto3" json:"date_added,omitempty"` + // Use either 'credential_data' OR 'credential_id'. + // 'credential_data' will overwrite values in 'credential_id'. + // Use 'credential_data' when you have not yet created node credentials + // and provide credential data (such as AWS_ACCESS_KEY) inline. + CredentialData []*query.Kv `protobuf:"bytes,26,rep,name=credential_data,json=credentialData,proto3" json:"credential_data,omitempty"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` } func (m *NodeManager) Reset() { *m = NodeManager{} } @@ -527,8 +562,11 @@ func (m *NodeManager) GetCredentialData() []*query.Kv { } type CredentialsByTags struct { - TagKey string `protobuf:"bytes,20,opt,name=tag_key,json=tagKey,proto3" json:"tag_key,omitempty"` - TagValue string `protobuf:"bytes,21,opt,name=tag_value,json=tagValue,proto3" json:"tag_value,omitempty"` + // Tag key to match on. + TagKey string `protobuf:"bytes,20,opt,name=tag_key,json=tagKey,proto3" json:"tag_key,omitempty"` + // Tag value to match on. + TagValue string `protobuf:"bytes,21,opt,name=tag_value,json=tagValue,proto3" json:"tag_value,omitempty"` + // List of credential ids to associate with the key/value pair. CredentialIds []string `protobuf:"bytes,22,rep,name=credential_ids,json=credentialIds,proto3" json:"credential_ids,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` @@ -582,11 +620,13 @@ func (m *CredentialsByTags) GetCredentialIds() []string { } type NodeManagers struct { - Managers []*NodeManager `protobuf:"bytes,1,rep,name=managers,proto3" json:"managers,omitempty"` - Total int32 `protobuf:"varint,20,opt,name=total,proto3" json:"total,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` + // List of nodemanagers. + Managers []*NodeManager `protobuf:"bytes,1,rep,name=managers,proto3" json:"managers,omitempty"` + // Total count of nodemanagers. + Total int32 `protobuf:"varint,20,opt,name=total,proto3" json:"total,omitempty"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` } func (m *NodeManagers) Reset() { *m = NodeManagers{} } @@ -648,91 +688,119 @@ func init() { } var fileDescriptor_35873baec8b363ec = []byte{ - // 1332 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xb4, 0x58, 0xcf, 0x6f, 0x1b, 0x45, - 0x14, 0x66, 0x9d, 0xd8, 0x89, 0x5f, 0x9a, 0xa4, 0x1d, 0x9c, 0x64, 0xe3, 0x50, 0xb0, 0x16, 0x5a, - 0x52, 0x23, 0xef, 0xb6, 0x49, 0x2b, 0xd1, 0x5c, 0x4a, 0x9b, 0xa6, 0x92, 0x15, 0x5a, 0x60, 0x13, - 0x40, 0xe2, 0x62, 0x4d, 0x77, 0x5f, 0xec, 0x15, 0xde, 0x1f, 0xdd, 0x19, 0xa7, 0x58, 0xa8, 0x42, - 0xca, 0x05, 0x29, 0x20, 0x71, 0xe8, 0x8d, 0x0b, 0x67, 0xfe, 0x00, 0x4b, 0x9c, 0xb8, 0x83, 0x84, - 0x84, 0xc4, 0x9f, 0x00, 0x37, 0x2e, 0x70, 0xe7, 0x80, 0x66, 0x66, 0x1d, 0xdb, 0xc9, 0xba, 0xd9, - 0x40, 0x7b, 0xca, 0xce, 0xfb, 0x35, 0xef, 0xfb, 0xbe, 0xf1, 0xdb, 0xd9, 0xc0, 0x2a, 0x8d, 0x3c, - 0x0b, 0x3f, 0xe3, 0x18, 0x07, 0xb4, 0x6d, 0x05, 0xa1, 0x8b, 0xcc, 0xf2, 0x69, 0x40, 0x9b, 0x18, - 0xf7, 0xff, 0x9a, 0x51, 0x1c, 0xf2, 0x90, 0x18, 0x4e, 0x0b, 0xf7, 0x4c, 0xda, 0xe1, 0xa1, 0x4f, - 0x39, 0x9a, 0x34, 0xf2, 0x4c, 0x19, 0x6e, 0xf6, 0xc3, 0xf6, 0xaf, 0x95, 0x5f, 0x69, 0x86, 0x61, - 0xb3, 0x8d, 0x96, 0x28, 0x4a, 0x83, 0x20, 0xe4, 0x94, 0x7b, 0x61, 0xc0, 0x54, 0x85, 0xf2, 0x4a, - 0xe2, 0x95, 0xab, 0x87, 0x9d, 0x3d, 0x0b, 0xfd, 0x88, 0x77, 0x13, 0xe7, 0x6b, 0xc7, 0x9d, 0xdc, - 0xf3, 0x91, 0x71, 0xea, 0x47, 0x49, 0xc0, 0x3b, 0x4e, 0xe8, 0x47, 0x61, 0x80, 0x01, 0x67, 0x56, - 0xbf, 0x8b, 0x5a, 0x33, 0x8e, 0x1c, 0x95, 0xe2, 0xd4, 0x9a, 0x18, 0xd4, 0xa2, 0xb0, 0xed, 0x39, - 0xdd, 0x31, 0xfb, 0x9f, 0xa5, 0x82, 0x47, 0xfd, 0x94, 0x0a, 0xd5, 0x11, 0xb6, 0x9c, 0xd0, 0xf7, - 0xc3, 0xc0, 0x7a, 0xd4, 0xc1, 0xb8, 0x6b, 0x45, 0x34, 0xa6, 0x3e, 0x72, 0x8c, 0x93, 0x58, 0xe3, - 0x02, 0xcc, 0x6f, 0x86, 0x41, 0x80, 0x0e, 0xb7, 0x91, 0x45, 0x61, 0xc0, 0xd0, 0x28, 0x41, 0xae, - 0xee, 0x92, 0x39, 0xc8, 0x79, 0xae, 0xae, 0x55, 0xb4, 0xd5, 0xa2, 0x9d, 0xf3, 0x5c, 0xe3, 0x16, - 0x4c, 0xd4, 0x5d, 0x46, 0xde, 0x86, 0x09, 0xcf, 0x65, 0xba, 0x56, 0x99, 0x58, 0x9d, 0x59, 0xbb, - 0x6c, 0x9e, 0xce, 0xb6, 0x59, 0x77, 0x6d, 0x91, 0x62, 0xfc, 0xa3, 0x41, 0xfe, 0x03, 0xd1, 0x04, - 0xd9, 0x02, 0xd8, 0xf3, 0xda, 0x1c, 0xe3, 0x86, 0x4f, 0x23, 0x7d, 0x79, 0x6c, 0x29, 0xd5, 0xb9, - 0x29, 0x3b, 0x37, 0xef, 0xc9, 0x0c, 0xbb, 0xa8, 0x32, 0xef, 0xd3, 0x88, 0xd4, 0x21, 0x1f, 0xc6, - 0x2e, 0xc6, 0xfa, 0x42, 0x45, 0x5b, 0x9d, 0x5b, 0x5b, 0xcf, 0xd2, 0x8c, 0x6c, 0xc0, 0x7c, 0x4f, - 0xa4, 0xed, 0x76, 0x23, 0xb4, 0x55, 0x05, 0x42, 0x60, 0x92, 0x85, 0x31, 0xd7, 0x17, 0x25, 0x5c, - 0xf9, 0x2c, 0x6c, 0x11, 0x6d, 0xa2, 0xbe, 0x54, 0xd1, 0x56, 0xf3, 0xb6, 0x7c, 0x26, 0xcb, 0x30, - 0x1d, 0x61, 0xdc, 0x90, 0x76, 0x5d, 0xda, 0xa7, 0x22, 0x8c, 0xdf, 0xa7, 0x4d, 0x34, 0x5e, 0x85, - 0xe2, 0x51, 0x59, 0x32, 0x05, 0x13, 0xb7, 0x77, 0x36, 0xcf, 0xbf, 0x44, 0xa6, 0x61, 0xf2, 0xee, - 0xd6, 0xce, 0xe6, 0x79, 0xcd, 0xa8, 0x40, 0xe1, 0x9e, 0x87, 0x6d, 0x97, 0x91, 0x45, 0x28, 0xec, - 0xc9, 0x27, 0xc9, 0x62, 0xd1, 0x4e, 0x56, 0xc6, 0x57, 0x1a, 0x80, 0x0c, 0x51, 0x2c, 0xdd, 0x82, - 0xbc, 0x44, 0xae, 0x97, 0x2a, 0xda, 0xea, 0xcc, 0xda, 0x95, 0xcc, 0xf0, 0x6c, 0x95, 0x47, 0x4a, - 0x90, 0x97, 0x95, 0x25, 0x3f, 0x45, 0x5b, 0x2d, 0xc8, 0x65, 0x98, 0x17, 0x69, 0x8d, 0x24, 0xab, - 0xe1, 0xb9, 0x09, 0xea, 0x59, 0x61, 0xbe, 0xaf, 0xac, 0x75, 0xd7, 0x58, 0x87, 0xfc, 0x03, 0x51, - 0x5e, 0x94, 0x91, 0xfb, 0x24, 0xdd, 0xaa, 0x85, 0xb0, 0xf2, 0x90, 0xd3, 0xb6, 0xec, 0x2e, 0x6f, - 0xab, 0x85, 0xc1, 0xa1, 0x28, 0x92, 0x9e, 0x13, 0x80, 0x94, 0x56, 0x17, 0xd2, 0x5a, 0x7d, 0x3a, - 0x01, 0x33, 0x0f, 0x06, 0x96, 0xe3, 0x47, 0x57, 0x28, 0x19, 0x50, 0x1f, 0xf5, 0x9c, 0x52, 0x57, - 0x3c, 0x0b, 0x1b, 0xef, 0x46, 0xa8, 0x4f, 0x28, 0x9b, 0x78, 0x26, 0xaf, 0xc3, 0xac, 0x13, 0xa3, - 0x8b, 0x01, 0xf7, 0x68, 0x5b, 0xec, 0x56, 0x92, 0xce, 0x73, 0x03, 0x63, 0xdd, 0x25, 0x2d, 0x28, - 0x79, 0x01, 0xe3, 0x34, 0x70, 0xb0, 0x31, 0x70, 0x30, 0x7d, 0x41, 0x1e, 0xe3, 0x1b, 0x59, 0x40, - 0x6e, 0x0e, 0xd2, 0xee, 0x74, 0x77, 0x69, 0x93, 0xd9, 0x2f, 0xf7, 0x4b, 0x0e, 0xb9, 0xc4, 0x39, - 0x61, 0x9c, 0xf2, 0x0e, 0x4b, 0x04, 0x4a, 0x56, 0xe4, 0x22, 0x00, 0x75, 0x9c, 0xb0, 0x13, 0x70, - 0xd1, 0xa3, 0x2e, 0x7d, 0xc5, 0xc4, 0x52, 0x77, 0xc9, 0x4d, 0x00, 0x97, 0x72, 0x6c, 0x50, 0xd7, - 0x45, 0x57, 0x5f, 0x96, 0xdc, 0x97, 0x4d, 0x35, 0xb7, 0xcc, 0xfe, 0xdc, 0x32, 0x77, 0xfb, 0x73, - 0xcb, 0x2e, 0x8a, 0xe8, 0xdb, 0x22, 0x98, 0x6c, 0xc3, 0xfc, 0x10, 0x01, 0x2e, 0xe5, 0x54, 0x2f, - 0x4b, 0x58, 0xc6, 0x69, 0xbf, 0xce, 0xed, 0x7d, 0x7b, 0x6e, 0x90, 0x7a, 0x97, 0x72, 0x6a, 0x44, - 0x70, 0xe1, 0x04, 0x50, 0xb2, 0x04, 0x53, 0x9c, 0x36, 0x1b, 0x9f, 0x62, 0x37, 0x21, 0xb7, 0xc0, - 0x69, 0x73, 0x1b, 0xbb, 0x64, 0x05, 0x8a, 0xc2, 0xb1, 0x4f, 0xdb, 0x1d, 0x4c, 0x54, 0x9e, 0xe6, - 0xb4, 0xf9, 0x91, 0x58, 0x93, 0x4b, 0x30, 0x37, 0x22, 0x8c, 0x60, 0x44, 0x9c, 0xc5, 0xd9, 0x61, - 0x65, 0x98, 0xf1, 0x08, 0xce, 0x0d, 0x1d, 0x03, 0x46, 0xb6, 0x61, 0x3a, 0x61, 0xbd, 0x3f, 0xb0, - 0xac, 0x2c, 0xf2, 0x0c, 0xd5, 0xb0, 0x8f, 0x0a, 0xa4, 0x1f, 0xf8, 0xb5, 0x6f, 0x4b, 0x40, 0x86, - 0xe2, 0x77, 0x30, 0xde, 0xf7, 0x1c, 0x24, 0x3f, 0x69, 0x50, 0xd8, 0x8c, 0x91, 0x72, 0x24, 0x67, - 0xdd, 0xb2, 0xfc, 0x66, 0xb6, 0xa1, 0xca, 0x0c, 0x3c, 0xe8, 0xe9, 0x8b, 0x70, 0x4e, 0xf8, 0x8e, - 0xba, 0x2c, 0x38, 0x72, 0xd7, 0xc3, 0x9e, 0x6e, 0x01, 0xf1, 0x82, 0xbd, 0x98, 0x6e, 0x04, 0xc3, - 0x94, 0x2c, 0x9f, 0xb4, 0x6d, 0xa8, 0x94, 0x83, 0xdf, 0xfe, 0x78, 0x9a, 0x23, 0xc6, 0xac, 0x35, - 0x5c, 0x6f, 0x43, 0xab, 0x92, 0x5f, 0x35, 0x98, 0xb4, 0x91, 0xba, 0x24, 0xe3, 0xb4, 0x2f, 0x9f, - 0x15, 0xb1, 0x11, 0x1e, 0xf4, 0xf4, 0x65, 0xb8, 0x30, 0xb2, 0xf1, 0xe7, 0x9e, 0xfb, 0x84, 0x4c, - 0xc6, 0x48, 0xdd, 0xc3, 0x9e, 0x7e, 0x0d, 0x96, 0x52, 0xfa, 0x96, 0x21, 0x8b, 0x29, 0x8e, 0x26, - 0x72, 0x89, 0x66, 0x89, 0x2c, 0x8c, 0xa0, 0xb1, 0x3c, 0xd7, 0x92, 0x49, 0x3f, 0x6b, 0x50, 0xf8, - 0x30, 0x72, 0xff, 0x93, 0x3c, 0x8b, 0x27, 0x7e, 0x4a, 0x5b, 0xe2, 0x7e, 0x60, 0x3c, 0x3e, 0xe8, - 0xe9, 0x2b, 0x69, 0x20, 0x0a, 0x1d, 0xb9, 0xd3, 0x61, 0x4f, 0xbf, 0x3e, 0x1e, 0x46, 0x9a, 0x2e, - 0x2a, 0x4f, 0x22, 0x29, 0x97, 0xd3, 0x91, 0x08, 0x7d, 0x7e, 0xd4, 0xa0, 0x70, 0x17, 0xdb, 0xc8, - 0x31, 0xb3, 0x42, 0xe3, 0x30, 0xf0, 0xb1, 0x18, 0x5c, 0xb9, 0xc1, 0xd9, 0x31, 0xa8, 0x3c, 0xa5, - 0x46, 0x75, 0x8c, 0x1a, 0xbf, 0x6b, 0x30, 0xaf, 0x00, 0x7c, 0xec, 0xf1, 0x96, 0x7a, 0xe9, 0x64, - 0x45, 0x92, 0xf9, 0xc7, 0xf2, 0xc5, 0x8b, 0x84, 0x66, 0x54, 0x2b, 0xa9, 0xd0, 0xac, 0xc7, 0x1e, - 0x6f, 0xd5, 0xd4, 0x0b, 0xf3, 0x4f, 0x0d, 0xca, 0xa3, 0x28, 0x77, 0x38, 0xe5, 0xb8, 0xc3, 0xc3, - 0x28, 0x42, 0xf7, 0x7f, 0x4b, 0xf7, 0xb5, 0xf6, 0x22, 0x01, 0x5a, 0xd5, 0xda, 0x29, 0x00, 0x6b, - 0xe2, 0xe5, 0x84, 0x16, 0x4b, 0xe0, 0xfc, 0xad, 0xc1, 0xc5, 0x14, 0xb4, 0xbb, 0x18, 0xfb, 0x5e, - 0x40, 0xf9, 0x73, 0x00, 0xfc, 0xcd, 0x0b, 0x05, 0xbc, 0x56, 0xbd, 0x9a, 0x0d, 0x30, 0x1f, 0x20, - 0xfa, 0x45, 0x83, 0xc9, 0x77, 0x3d, 0xc6, 0x49, 0xf6, 0x9b, 0x4e, 0xf9, 0xea, 0x19, 0xc7, 0x0f, - 0x33, 0x5a, 0x07, 0x3d, 0xbd, 0x74, 0x6c, 0xea, 0x4f, 0xb6, 0x3d, 0xc6, 0x0f, 0x7b, 0x7a, 0x2d, - 0x75, 0xe6, 0xa7, 0x71, 0x20, 0x12, 0x24, 0xd0, 0x65, 0xa3, 0x34, 0x0a, 0x94, 0x21, 0x8d, 0x9d, - 0x96, 0x18, 0x2c, 0xdf, 0xe7, 0xe0, 0xfc, 0x8e, 0x5c, 0x89, 0x06, 0x92, 0xcb, 0xab, 0x99, 0xa5, - 0xe1, 0xc1, 0x2d, 0xb6, 0x5c, 0xcd, 0x1c, 0xcf, 0x8c, 0x1f, 0x84, 0xa4, 0x16, 0x5c, 0x1a, 0x95, - 0xf4, 0xd8, 0x15, 0xf0, 0xc9, 0x86, 0xba, 0x2e, 0x93, 0x82, 0xea, 0xf4, 0xb0, 0xa7, 0xdf, 0x83, - 0xb7, 0xd2, 0x64, 0x1e, 0x97, 0xf8, 0x4c, 0x3e, 0x6e, 0x18, 0x29, 0xc2, 0x1f, 0xaf, 0x94, 0x90, - 0x54, 0x53, 0x05, 0x05, 0x57, 0xdf, 0xe5, 0x60, 0x66, 0xc0, 0x15, 0x23, 0xb5, 0xac, 0xba, 0x2a, - 0x96, 0xae, 0x64, 0x0d, 0x67, 0x46, 0x4f, 0x90, 0x64, 0xc2, 0x1b, 0xa7, 0x90, 0xa4, 0x86, 0xce, - 0x80, 0xa3, 0x2d, 0xa8, 0x66, 0xe2, 0x48, 0xe5, 0x3d, 0x93, 0xa2, 0xeb, 0x86, 0x95, 0x9d, 0x22, - 0x59, 0x4f, 0x30, 0xf4, 0x97, 0x06, 0x53, 0xc9, 0x97, 0x66, 0xe6, 0xdf, 0x7e, 0xa6, 0x4f, 0xba, - 0xe3, 0x9f, 0xaf, 0x5f, 0x0a, 0x82, 0x2a, 0xb0, 0x74, 0x62, 0x30, 0x24, 0xd8, 0xf2, 0x31, 0xc6, - 0x9d, 0xe0, 0xb0, 0xa7, 0xdf, 0x84, 0x8b, 0x63, 0xa6, 0x43, 0x12, 0xa9, 0xa7, 0xb8, 0x65, 0xb2, - 0xa4, 0xa1, 0x62, 0xac, 0x8c, 0xd2, 0x20, 0x5d, 0x43, 0x6f, 0xe6, 0x3b, 0x37, 0x3e, 0x59, 0x6f, - 0x7a, 0xbc, 0xd5, 0x79, 0x28, 0xee, 0xca, 0x96, 0x80, 0x72, 0xf4, 0x41, 0x6f, 0x8d, 0xff, 0x87, - 0xc6, 0xc3, 0x82, 0x9c, 0x74, 0xeb, 0xff, 0x06, 0x00, 0x00, 0xff, 0xff, 0x89, 0x5f, 0x37, 0x73, - 0xf5, 0x10, 0x00, 0x00, + // 1778 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xb4, 0x58, 0xcf, 0x6f, 0x23, 0x49, + 0x15, 0xa6, 0xed, 0xd8, 0x19, 0xbf, 0x99, 0x64, 0x66, 0x8a, 0xfc, 0xe8, 0x78, 0x18, 0x68, 0x15, + 0xec, 0x6e, 0x26, 0xc4, 0xee, 0x89, 0x93, 0xd9, 0x21, 0x46, 0xcb, 0xe2, 0x75, 0x1c, 0x64, 0xb2, + 0x49, 0x66, 0xdb, 0x09, 0x3b, 0xc3, 0x6a, 0x64, 0xd5, 0x74, 0x57, 0x9c, 0xd6, 0xd8, 0xdd, 0x4d, + 0x57, 0x79, 0xb2, 0x26, 0x8a, 0x90, 0x72, 0x01, 0x45, 0x20, 0xa4, 0x70, 0xe3, 0x00, 0x17, 0x2e, + 0xfc, 0x01, 0x96, 0x38, 0x71, 0x40, 0xe2, 0x00, 0x12, 0x12, 0x32, 0x7f, 0x02, 0x48, 0x1c, 0xb8, + 0xc0, 0x8d, 0x03, 0x07, 0x54, 0xd5, 0xed, 0xf8, 0x47, 0xec, 0x49, 0x07, 0x76, 0x72, 0x49, 0x57, + 0xd5, 0x7b, 0x5f, 0xbd, 0xef, 0x7b, 0xf5, 0x9e, 0xab, 0x1b, 0x16, 0x89, 0x67, 0xeb, 0xf4, 0x53, + 0x4e, 0x7d, 0x87, 0xd4, 0x75, 0xc7, 0xb5, 0x28, 0xd3, 0x1b, 0xc4, 0x21, 0x35, 0xea, 0x77, 0xff, + 0x67, 0x3d, 0xdf, 0xe5, 0x2e, 0xc2, 0xe6, 0x21, 0x3d, 0xc8, 0x92, 0x26, 0x77, 0x1b, 0x84, 0xd3, + 0x2c, 0xf1, 0xec, 0xac, 0x34, 0xcf, 0x76, 0xcd, 0x5e, 0xad, 0xa4, 0xbf, 0x50, 0x73, 0xdd, 0x5a, + 0x9d, 0xea, 0x02, 0x94, 0x38, 0x8e, 0xcb, 0x09, 0xb7, 0x5d, 0x87, 0x05, 0x08, 0xe9, 0x7b, 0xe1, + 0xaa, 0x1c, 0xbd, 0x68, 0x1e, 0xe8, 0xb4, 0xe1, 0xf1, 0x56, 0xb8, 0xf8, 0xa5, 0xe1, 0x45, 0x6e, + 0x37, 0x28, 0xe3, 0xa4, 0xe1, 0x85, 0x06, 0xdf, 0x34, 0xdd, 0x86, 0xe7, 0x3a, 0xd4, 0xe1, 0x4c, + 0xef, 0x46, 0x91, 0xa9, 0xf9, 0x9e, 0x19, 0xb8, 0x98, 0x99, 0x1a, 0x75, 0x32, 0x9e, 0x5b, 0xb7, + 0xcd, 0xd6, 0x98, 0xfd, 0xaf, 0x83, 0x60, 0x93, 0xc6, 0x08, 0x84, 0xa5, 0x01, 0xb5, 0x4c, 0xb7, + 0xd1, 0x70, 0x1d, 0xfd, 0x7b, 0x4d, 0xea, 0xb7, 0x74, 0x8f, 0xf8, 0xa4, 0x41, 0x39, 0xf5, 0xbb, + 0xb6, 0xcb, 0x7d, 0xa0, 0xec, 0x88, 0xd4, 0x84, 0xa2, 0xae, 0x27, 0xd1, 0x2e, 0x23, 0xe3, 0xbb, + 0x70, 0xbb, 0xe8, 0x3a, 0x0e, 0x35, 0xb9, 0x41, 0x99, 0xe7, 0x3a, 0x8c, 0xe2, 0x3d, 0x88, 0x95, + 0x2d, 0x34, 0x0d, 0x31, 0xdb, 0x52, 0x15, 0x4d, 0x59, 0x4c, 0x19, 0x31, 0xdb, 0xca, 0x7f, 0xe3, + 0xbc, 0xf0, 0x75, 0x48, 0x74, 0x94, 0x98, 0x6d, 0xe5, 0x72, 0xe8, 0xe1, 0x31, 0x6e, 0x36, 0x6d, + 0x0b, 0xe7, 0x35, 0x6c, 0x5a, 0xab, 0xc4, 0x5a, 0xb5, 0xd6, 0x33, 0xb9, 0xc7, 0x8f, 0xdf, 0xcd, + 0xac, 0xd1, 0x83, 0x95, 0x0c, 0x59, 0x7f, 0xb8, 0x96, 0x59, 0x33, 0x73, 0xb9, 0x75, 0x6b, 0xe5, + 0xdd, 0xb5, 0x1c, 0xa5, 0xf8, 0x04, 0xbf, 0x0f, 0xf1, 0xb2, 0xc5, 0xd0, 0xd7, 0x20, 0x6e, 0x5b, + 0x4c, 0x55, 0xb4, 0xf8, 0xe2, 0xcd, 0xdc, 0xdb, 0xd9, 0xab, 0x73, 0x9b, 0x2d, 0x5b, 0x86, 0x70, + 0xc1, 0x7f, 0x8f, 0x41, 0xe2, 0x23, 0x41, 0x19, 0x95, 0x00, 0x0e, 0xec, 0x3a, 0xa7, 0x7e, 0xb5, + 0x41, 0x3c, 0x75, 0x61, 0x2c, 0x54, 0xa0, 0x53, 0x56, 0xea, 0x94, 0xdd, 0x94, 0x1e, 0x46, 0x2a, + 0xf0, 0xdc, 0x26, 0x1e, 0x2a, 0x43, 0xc2, 0xf5, 0x2d, 0xea, 0xab, 0xb3, 0x9a, 0xb2, 0x38, 0x9d, + 0x5b, 0x8d, 0x12, 0x8c, 0x0c, 0x20, 0xbb, 0x2b, 0xdc, 0xf6, 0x5a, 0x1e, 0x35, 0x02, 0x04, 0x84, + 0x60, 0x82, 0xb9, 0x3e, 0x57, 0xe7, 0xa4, 0x5c, 0xf2, 0x59, 0xcc, 0x79, 0xa4, 0x46, 0xd5, 0x79, + 0x4d, 0x59, 0x4c, 0x18, 0xf2, 0x19, 0x2d, 0xc0, 0x0d, 0x8f, 0xfa, 0x55, 0x39, 0xaf, 0xca, 0xf9, + 0x49, 0x8f, 0xfa, 0x4f, 0x48, 0x8d, 0xe2, 0x2f, 0x42, 0xea, 0x02, 0x16, 0x4d, 0x42, 0xbc, 0x50, + 0x29, 0xde, 0xf9, 0x1c, 0xba, 0x01, 0x13, 0x1b, 0xa5, 0x4a, 0xf1, 0x8e, 0x92, 0xb7, 0xcf, 0x0b, + 0x07, 0x30, 0xd5, 0x51, 0xfa, 0xa8, 0xe7, 0xf6, 0x51, 0xe5, 0x18, 0xf7, 0xc6, 0x38, 0xaf, 0x7d, + 0x72, 0x8c, 0x5f, 0xd2, 0x96, 0x48, 0x4b, 0x18, 0x74, 0x95, 0xb7, 0x3c, 0x8a, 0x97, 0xf1, 0x2b, + 0x52, 0x6f, 0x52, 0x86, 0xf3, 0x9f, 0x60, 0x72, 0xc4, 0x32, 0xd4, 0xcc, 0xe1, 0xe7, 0x27, 0xcf, + 0x97, 0xb1, 0x88, 0x54, 0x58, 0x5b, 0x84, 0xd3, 0x2a, 0xb1, 0x2c, 0x6a, 0xe1, 0x13, 0xac, 0x41, + 0x72, 0xd3, 0xa6, 0x75, 0x8b, 0xa1, 0x39, 0x48, 0x1e, 0xc8, 0x27, 0x99, 0xb0, 0x94, 0x11, 0x8e, + 0xf0, 0xaf, 0x14, 0x00, 0x69, 0x12, 0x24, 0xe4, 0x7d, 0x48, 0x48, 0x91, 0xd5, 0x19, 0x4d, 0x59, + 0xbc, 0x99, 0x7b, 0x10, 0x59, 0x49, 0x23, 0xf0, 0x43, 0x33, 0x90, 0x90, 0xc8, 0x32, 0x15, 0x29, + 0x23, 0x18, 0xa0, 0xb7, 0xe1, 0xb6, 0x70, 0xab, 0x76, 0xa9, 0xd8, 0x56, 0x28, 0xf0, 0x94, 0x98, + 0xde, 0x0e, 0x66, 0xcb, 0x56, 0x7e, 0xfe, 0xbc, 0x30, 0x03, 0xa8, 0xa3, 0x0c, 0x5b, 0xe3, 0x55, + 0x48, 0xec, 0x88, 0x7d, 0x05, 0xbe, 0x0c, 0x20, 0xa4, 0x11, 0x0c, 0xc4, 0x2c, 0x77, 0x39, 0xa9, + 0xcb, 0xb0, 0x13, 0x46, 0x30, 0xc0, 0x3f, 0x51, 0x20, 0x25, 0xbc, 0x3e, 0x23, 0x6a, 0x23, 0x48, + 0xcc, 0x5e, 0x8b, 0xc4, 0xf9, 0x24, 0xdc, 0xdc, 0xe9, 0x99, 0x0e, 0x17, 0xa6, 0x38, 0x67, 0x0e, + 0x69, 0x50, 0x35, 0x16, 0x9c, 0x3d, 0xf1, 0x2c, 0xe6, 0x44, 0xde, 0xd5, 0x78, 0x30, 0x27, 0x9e, + 0xd1, 0x97, 0x61, 0xca, 0xf4, 0xa9, 0x45, 0x1d, 0x6e, 0x93, 0xba, 0x08, 0x63, 0x46, 0x2e, 0xde, + 0xea, 0x4d, 0x96, 0x2d, 0x74, 0x08, 0x33, 0xb6, 0xc3, 0x38, 0x71, 0x4c, 0x5a, 0xed, 0x2d, 0x30, + 0x75, 0x56, 0x16, 0xd9, 0xa3, 0x28, 0xec, 0x8b, 0x3d, 0xb7, 0x0f, 0x5a, 0x7b, 0xa4, 0xc6, 0x8c, + 0xcf, 0x77, 0x21, 0xfb, 0x96, 0xc4, 0xd1, 0x62, 0x9c, 0xf0, 0x26, 0x0b, 0x73, 0x1a, 0x8e, 0xd0, + 0x7d, 0x00, 0x62, 0x9a, 0x6e, 0xd3, 0xe1, 0x22, 0x46, 0x55, 0xae, 0xa5, 0xc2, 0x99, 0xb2, 0x85, + 0xd6, 0x01, 0x7a, 0x67, 0x55, 0x5d, 0x90, 0x49, 0x49, 0x67, 0x83, 0x1e, 0x9e, 0xed, 0xf6, 0xf0, + 0xec, 0x5e, 0xb7, 0x87, 0x1b, 0x29, 0x61, 0x5d, 0x10, 0xc6, 0x68, 0x0b, 0x6e, 0xf7, 0x09, 0x60, + 0x11, 0x4e, 0xd4, 0xb4, 0xa4, 0x85, 0xaf, 0xea, 0x1d, 0x5b, 0xaf, 0x8c, 0xe9, 0x9e, 0xeb, 0x06, + 0xe1, 0x24, 0xff, 0x9f, 0xf8, 0x79, 0xe1, 0xdf, 0x71, 0xc8, 0xca, 0x86, 0xd8, 0x51, 0x06, 0xa5, + 0xed, 0x28, 0xc3, 0x3b, 0x75, 0x14, 0x99, 0x84, 0xdc, 0xef, 0xe3, 0xe8, 0x77, 0xf1, 0x63, 0xdc, + 0x63, 0x28, 0x8a, 0x6f, 0x25, 0xb7, 0xba, 0xf6, 0xa8, 0xf4, 0xb4, 0xb0, 0xfd, 0xe4, 0xc3, 0x12, + 0x5e, 0xc6, 0x43, 0xae, 0x03, 0x55, 0x5d, 0xf8, 0xb8, 0x52, 0x2d, 0x14, 0x8b, 0xa5, 0x4a, 0xa5, + 0xba, 0x55, 0x7a, 0x56, 0x2d, 0x6f, 0x74, 0x4b, 0x5b, 0x2e, 0x6e, 0x95, 0x0b, 0xe5, 0xdd, 0xca, + 0xe6, 0xee, 0xc6, 0xce, 0xce, 0xe3, 0x2e, 0xde, 0xc9, 0xf2, 0x80, 0x73, 0xa5, 0x54, 0x34, 0x4a, + 0x7b, 0x7d, 0x18, 0xfd, 0x00, 0x47, 0xdf, 0x26, 0x75, 0xff, 0xe9, 0x3e, 0x77, 0x36, 0x4b, 0xdb, + 0x65, 0x7d, 0xeb, 0xf1, 0xf6, 0x46, 0x69, 0xe7, 0x5b, 0xfa, 0x8b, 0x27, 0x9f, 0x1a, 0x07, 0x76, + 0xf1, 0x59, 0x88, 0x28, 0x7c, 0x2e, 0x81, 0x56, 0x2a, 0xe5, 0xdd, 0x9d, 0xea, 0xde, 0xee, 0x56, + 0x69, 0x67, 0x20, 0xa2, 0x8f, 0xdc, 0x8d, 0x67, 0x4f, 0xad, 0xef, 0x97, 0x9e, 0xec, 0xe9, 0x17, + 0x7f, 0x47, 0x21, 0x10, 0x7f, 0xef, 0x3d, 0x2c, 0x7a, 0x50, 0x1f, 0xdf, 0xf2, 0x86, 0x6c, 0x5d, + 0xad, 0x4c, 0x6f, 0x2e, 0xb3, 0xbf, 0x2f, 0x59, 0xbe, 0xfe, 0xc7, 0x66, 0x25, 0xc4, 0xec, 0x1a, + 0x8f, 0x38, 0xc3, 0x42, 0xc7, 0xe7, 0xcb, 0x58, 0xd4, 0x47, 0xb0, 0x89, 0x46, 0x8e, 0x98, 0x46, + 0x3c, 0x5b, 0xb3, 0x1d, 0x4e, 0x6b, 0xbe, 0xfc, 0x59, 0xd4, 0x8e, 0x6c, 0x7e, 0xa8, 0x31, 0xca, + 0x98, 0x18, 0x70, 0xf7, 0x25, 0x75, 0xf0, 0x32, 0x96, 0x3d, 0x34, 0xaf, 0x5d, 0xb4, 0xce, 0x13, + 0xfc, 0x0b, 0x05, 0xee, 0x5e, 0x3a, 0xe8, 0x68, 0x1e, 0x26, 0x39, 0xa9, 0x55, 0x5f, 0xd2, 0x56, + 0x58, 0x5c, 0x49, 0x4e, 0x6a, 0x5b, 0xb4, 0x85, 0xee, 0x41, 0x4a, 0x2c, 0x48, 0x5d, 0xc2, 0xf2, + 0xbf, 0xc1, 0x49, 0xed, 0x3b, 0x62, 0x8c, 0xde, 0x82, 0xe9, 0x81, 0xd3, 0x23, 0x2a, 0x42, 0x74, + 0xa9, 0xa9, 0xfe, 0xca, 0x64, 0xf9, 0xe5, 0xf3, 0xc2, 0x03, 0x78, 0xa7, 0xa3, 0x74, 0xb7, 0xe8, + 0x28, 0x3d, 0xcc, 0x8e, 0x32, 0x04, 0x81, 0x7f, 0xa4, 0xc0, 0xad, 0xbe, 0xae, 0xc1, 0xd0, 0x16, + 0xdc, 0x08, 0x8b, 0xb4, 0xfb, 0xeb, 0xab, 0x47, 0xa9, 0xe6, 0x3e, 0x0c, 0xe3, 0x02, 0x60, 0x74, + 0xe7, 0xcc, 0xcf, 0x9e, 0x17, 0x50, 0xee, 0x0e, 0x9a, 0x3e, 0xc6, 0x41, 0x27, 0x15, 0x47, 0x1b, + 0x9f, 0xe4, 0x7e, 0x3e, 0x03, 0xa8, 0x0f, 0xa6, 0x42, 0xfd, 0x57, 0xb6, 0x49, 0xd1, 0x1f, 0x14, + 0x48, 0x16, 0x7d, 0x4a, 0x38, 0x45, 0xd7, 0x8d, 0x24, 0xfd, 0x4e, 0xb4, 0x8b, 0x03, 0xc3, 0xf4, + 0xb4, 0xad, 0xce, 0xc1, 0x2d, 0xb1, 0x76, 0x11, 0x7c, 0xd2, 0x94, 0xbb, 0x9e, 0xb5, 0x55, 0x1d, + 0x90, 0xed, 0x1c, 0xf8, 0x24, 0xef, 0xf4, 0x2b, 0xb5, 0x70, 0x79, 0x2e, 0x1f, 0xb8, 0x9c, 0xfe, + 0xe5, 0x6f, 0x3f, 0x8b, 0x21, 0x3c, 0xa5, 0xf7, 0xe3, 0xe5, 0x95, 0x25, 0xf4, 0x67, 0x05, 0x26, + 0x0c, 0x4a, 0x2c, 0x14, 0xf1, 0x46, 0x93, 0xbe, 0x2e, 0x63, 0xec, 0x9e, 0xb6, 0xd5, 0x05, 0xb8, + 0x3b, 0xb0, 0xf1, 0xb1, 0x6d, 0x9d, 0xa0, 0x09, 0x9f, 0x12, 0xeb, 0xac, 0xad, 0xae, 0xc0, 0xfc, + 0x88, 0xb8, 0xa5, 0xc9, 0xdc, 0x88, 0x85, 0x1a, 0xe5, 0x92, 0xcd, 0x3c, 0x9a, 0x1d, 0x60, 0xa3, + 0xdb, 0x96, 0x2e, 0x9d, 0xfe, 0xa8, 0x40, 0x72, 0xdf, 0xb3, 0xfe, 0xa7, 0xf4, 0xcc, 0x5d, 0x6a, + 0xc8, 0x25, 0x71, 0xe3, 0xc6, 0x47, 0xa7, 0x6d, 0xf5, 0xde, 0x28, 0x12, 0xc9, 0xa6, 0xdc, 0xe9, + 0xac, 0xad, 0xae, 0x8d, 0xa7, 0x31, 0x2a, 0x2f, 0x81, 0x9f, 0x64, 0x92, 0x4e, 0x8f, 0x66, 0x22, + 0xf2, 0xf3, 0x5b, 0x05, 0x92, 0x1b, 0xb4, 0x4e, 0x39, 0x8d, 0x9c, 0xa1, 0x71, 0x1c, 0xf8, 0x58, + 0x0e, 0x96, 0xdc, 0xe0, 0xfa, 0x1c, 0x02, 0xbf, 0x20, 0x1b, 0x4b, 0x63, 0xb2, 0xf1, 0x57, 0x05, + 0x6e, 0x07, 0x04, 0x3e, 0xb6, 0xf9, 0x61, 0x70, 0xa9, 0x89, 0xca, 0x24, 0x72, 0xb1, 0xfc, 0xe0, + 0x4d, 0x52, 0xc3, 0x4b, 0xda, 0x48, 0x6a, 0xba, 0xe8, 0xb8, 0x99, 0xe0, 0x42, 0xf6, 0x0f, 0x05, + 0xd2, 0x83, 0x2c, 0x2b, 0x9c, 0x70, 0x5a, 0xe1, 0xae, 0xe7, 0x51, 0xeb, 0xff, 0x4e, 0xdd, 0x8f, + 0x95, 0x37, 0x49, 0x50, 0x5f, 0xca, 0x5c, 0x41, 0x30, 0x23, 0xae, 0x38, 0x54, 0x67, 0x21, 0x9d, + 0x7f, 0x29, 0x70, 0x7f, 0x04, 0xdb, 0x3d, 0xea, 0x37, 0x6c, 0x87, 0xf0, 0xcf, 0x80, 0xf0, 0x4f, + 0xdf, 0x28, 0xe1, 0xdc, 0xd2, 0xc3, 0x68, 0x84, 0x79, 0x8f, 0xd1, 0x9f, 0x14, 0x98, 0xf8, 0xd0, + 0x66, 0x1c, 0x45, 0xbf, 0x48, 0xa7, 0x1f, 0x5e, 0xb3, 0xfd, 0x30, 0x7c, 0x78, 0xda, 0x56, 0x67, + 0x86, 0xba, 0xfe, 0x44, 0xdd, 0x66, 0xfc, 0xac, 0xad, 0x66, 0x46, 0xf6, 0xfc, 0x51, 0x1a, 0x08, + 0x07, 0x49, 0x74, 0x01, 0xcf, 0x0c, 0x12, 0x65, 0x94, 0xf8, 0xe6, 0xa1, 0x68, 0x2c, 0xbf, 0x8e, + 0xc1, 0x9d, 0x8a, 0x1c, 0x89, 0x00, 0xc2, 0xb7, 0xa6, 0x6c, 0x94, 0x80, 0x7b, 0xaf, 0x4f, 0xe9, + 0xa5, 0xc8, 0xf6, 0x0c, 0xff, 0x46, 0xa4, 0x54, 0x87, 0xb7, 0x06, 0x53, 0x3a, 0xf4, 0xce, 0x70, + 0x92, 0x0f, 0xde, 0xd3, 0x50, 0x32, 0x88, 0xf4, 0xac, 0xad, 0x6e, 0xc2, 0x57, 0x47, 0xa5, 0x79, + 0x9c, 0xe3, 0x6b, 0xf5, 0x78, 0x84, 0x47, 0x24, 0x7e, 0x18, 0x29, 0x14, 0x29, 0x13, 0x00, 0x0a, + 0xad, 0x7e, 0x19, 0x83, 0x9b, 0x3d, 0xad, 0x18, 0xca, 0x44, 0xcd, 0x6b, 0xa0, 0xd2, 0x83, 0xa8, + 0xe6, 0x0c, 0xb7, 0x85, 0x48, 0x59, 0xf8, 0xca, 0x15, 0x22, 0x05, 0x4d, 0xa7, 0xa7, 0x51, 0x09, + 0x96, 0x22, 0x69, 0x14, 0xf8, 0xbd, 0x56, 0xa2, 0x35, 0xac, 0x47, 0x97, 0x48, 0xe2, 0x09, 0x85, + 0xfe, 0xa9, 0xc0, 0x64, 0xf8, 0x35, 0x26, 0x72, 0xed, 0x47, 0xfa, 0x6c, 0x31, 0xfc, 0x89, 0xe7, + 0x87, 0x42, 0x20, 0x0d, 0xe6, 0x2f, 0x35, 0x86, 0x90, 0x5b, 0xc2, 0xa7, 0x7e, 0xd3, 0x39, 0x6b, + 0xab, 0xeb, 0x70, 0x7f, 0x4c, 0x77, 0x08, 0x2d, 0xd5, 0x11, 0xcb, 0xd2, 0x59, 0xca, 0xa0, 0xe1, + 0x7b, 0x83, 0x32, 0xc8, 0xa5, 0xbe, 0x5f, 0xe6, 0x0f, 0x1e, 0x7d, 0x77, 0xb5, 0x66, 0xf3, 0xc3, + 0xe6, 0x0b, 0xf1, 0xc6, 0xa5, 0x0b, 0x2a, 0x17, 0x9f, 0xc8, 0xf4, 0xf1, 0x9f, 0x08, 0x5f, 0x24, + 0x65, 0xa7, 0x5b, 0xfd, 0x6f, 0x00, 0x00, 0x00, 0xff, 0xff, 0x00, 0x71, 0x74, 0x10, 0x47, 0x14, + 0x00, 0x00, } // Reference imports to suppress errors if they are not otherwise used. @@ -747,16 +815,136 @@ const _ = grpc.SupportPackageIsVersion6 // // For semantics around ctx use and closing/ending streaming RPCs, please refer to https://godoc.org/google.golang.org/grpc#ClientConn.NewStream. type NodeManagerServiceClient interface { + // + //Create a Node Manager + // + //Creates a node manager given a name, credential id *or* credential data, and type. + // + // + //Authorization Action: + // + //``` + //infra:nodeManagers:create + //``` Create(ctx context.Context, in *NodeManager, opts ...grpc.CallOption) (*Ids, error) + // + //View a Node Manager + // + //List the details of a node manager. + // + //Authorization Action: + // + //``` + //infra:nodeManagers:get + //``` Read(ctx context.Context, in *Id, opts ...grpc.CallOption) (*NodeManager, error) + // + //Update a Node Manager + // + //Update a node manager's metadata, such as its name, associated credential id, or data. + //This is a PUT operation and it overwrites ALL of the existing node manager metadata. Include all fields, because a PUT operation overwrites any missing fields to empty (""). + // + //Authorization Action: + // + //``` + //infra:nodeManagers:update + //``` Update(ctx context.Context, in *NodeManager, opts ...grpc.CallOption) (*empty.Empty, error) + // + //Delete a Node Manager + // + //Delete a single node manager. This deletes the node manager itself and + //reassigns its associated nodes to the Automate node manager. + // + //Authorization Action: + // + //``` + //infra:nodeManagers:delete + //``` Delete(ctx context.Context, in *Id, opts ...grpc.CallOption) (*empty.Empty, error) + // + //Delete a Node Manager and Delete Nodes + // + //Delete a node manager and all of its associated nodes. + // + //Authorization Action: + // + //``` + //infra:nodeManagers:delete + //``` DeleteWithNodes(ctx context.Context, in *Id, opts ...grpc.CallOption) (*Ids, error) + // + //Delete a Node Manager and Stop Nodes + // + //Delete a node manager and update its associated nodes to `stopped`. + // + //Authorization Action: + // + //``` + //infra:nodeManagers:delete + //``` DeleteWithNodeStateStopped(ctx context.Context, in *Id, opts ...grpc.CallOption) (*empty.Empty, error) + // + //Delete a Node Manager and Terminate Nodes + // + //Delete a node manager and update its associated nodes to `terminated`. + // + //Authorization Action: + // + //``` + //infra:nodeManagers:delete + //``` DeleteWithNodeStateTerminated(ctx context.Context, in *Id, opts ...grpc.CallOption) (*empty.Empty, error) + // + //List all Node Managers + // + //Returns a list of node managers. + //Supports filtering, sorting, and pagination. + // + //Valid filtering fields: manager_type + // + // + //Authorization Action: + // + //``` + //infra:nodeManagers:list + //``` List(ctx context.Context, in *Query, opts ...grpc.CallOption) (*NodeManagers, error) + // + //Search Node Fields + // + //Searches the available values for a given field across all nodes associated with the nodemanager id. + // + // + //Authorization Action: + // + //``` + //infra:nodeManagers:list + //``` SearchNodeFields(ctx context.Context, in *FieldQuery, opts ...grpc.CallOption) (*Fields, error) + // + //Search nodes + // + //Searches the available nodes for a single node manager by id. + // + // + //Authorization Action: + // + //``` + //infra:nodeManagers:list + //``` SearchNodes(ctx context.Context, in *NodeQuery, opts ...grpc.CallOption) (*Nodes, error) + // + //Connect + // + //Attempts to reach the API for the given nodemanager id to validate the + //credentials associated with the nodemanager. + // + //Authorization Action: + // + //``` + //infra:nodeManagers:rerun + //``` Connect(ctx context.Context, in *Id, opts ...grpc.CallOption) (*ConnectResponse, error) } @@ -869,16 +1057,136 @@ func (c *nodeManagerServiceClient) Connect(ctx context.Context, in *Id, opts ... // NodeManagerServiceServer is the server API for NodeManagerService service. type NodeManagerServiceServer interface { + // + //Create a Node Manager + // + //Creates a node manager given a name, credential id *or* credential data, and type. + // + // + //Authorization Action: + // + //``` + //infra:nodeManagers:create + //``` Create(context.Context, *NodeManager) (*Ids, error) + // + //View a Node Manager + // + //List the details of a node manager. + // + //Authorization Action: + // + //``` + //infra:nodeManagers:get + //``` Read(context.Context, *Id) (*NodeManager, error) + // + //Update a Node Manager + // + //Update a node manager's metadata, such as its name, associated credential id, or data. + //This is a PUT operation and it overwrites ALL of the existing node manager metadata. Include all fields, because a PUT operation overwrites any missing fields to empty (""). + // + //Authorization Action: + // + //``` + //infra:nodeManagers:update + //``` Update(context.Context, *NodeManager) (*empty.Empty, error) + // + //Delete a Node Manager + // + //Delete a single node manager. This deletes the node manager itself and + //reassigns its associated nodes to the Automate node manager. + // + //Authorization Action: + // + //``` + //infra:nodeManagers:delete + //``` Delete(context.Context, *Id) (*empty.Empty, error) + // + //Delete a Node Manager and Delete Nodes + // + //Delete a node manager and all of its associated nodes. + // + //Authorization Action: + // + //``` + //infra:nodeManagers:delete + //``` DeleteWithNodes(context.Context, *Id) (*Ids, error) + // + //Delete a Node Manager and Stop Nodes + // + //Delete a node manager and update its associated nodes to `stopped`. + // + //Authorization Action: + // + //``` + //infra:nodeManagers:delete + //``` DeleteWithNodeStateStopped(context.Context, *Id) (*empty.Empty, error) + // + //Delete a Node Manager and Terminate Nodes + // + //Delete a node manager and update its associated nodes to `terminated`. + // + //Authorization Action: + // + //``` + //infra:nodeManagers:delete + //``` DeleteWithNodeStateTerminated(context.Context, *Id) (*empty.Empty, error) + // + //List all Node Managers + // + //Returns a list of node managers. + //Supports filtering, sorting, and pagination. + // + //Valid filtering fields: manager_type + // + // + //Authorization Action: + // + //``` + //infra:nodeManagers:list + //``` List(context.Context, *Query) (*NodeManagers, error) + // + //Search Node Fields + // + //Searches the available values for a given field across all nodes associated with the nodemanager id. + // + // + //Authorization Action: + // + //``` + //infra:nodeManagers:list + //``` SearchNodeFields(context.Context, *FieldQuery) (*Fields, error) + // + //Search nodes + // + //Searches the available nodes for a single node manager by id. + // + // + //Authorization Action: + // + //``` + //infra:nodeManagers:list + //``` SearchNodes(context.Context, *NodeQuery) (*Nodes, error) + // + //Connect + // + //Attempts to reach the API for the given nodemanager id to validate the + //credentials associated with the nodemanager. + // + //Authorization Action: + // + //``` + //infra:nodeManagers:rerun + //``` Connect(context.Context, *Id) (*ConnectResponse, error) } diff --git a/api/external/nodes/manager/manager.swagger.json b/api/external/nodes/manager/manager.swagger.json index fb18e2fd0f5..6365449f31d 100644 --- a/api/external/nodes/manager/manager.swagger.json +++ b/api/external/nodes/manager/manager.swagger.json @@ -13,6 +13,8 @@ "paths": { "/nodemanagers": { "post": { + "summary": "Create a Node Manager", + "description": "Creates a node manager given a name, credential id *or* credential data, and type.\n\n\nAuthorization Action:\n\n```\ninfra:nodeManagers:create\n```", "operationId": "Create", "responses": { "200": { @@ -39,6 +41,8 @@ }, "/nodemanagers/id/{id}": { "get": { + "summary": "View a Node Manager", + "description": "List the details of a node manager.\n\nAuthorization Action:\n\n```\ninfra:nodeManagers:get\n```", "operationId": "Read", "responses": { "200": { @@ -51,6 +55,7 @@ "parameters": [ { "name": "id", + "description": "UUID for the node manager.", "in": "path", "required": true, "type": "string" @@ -61,6 +66,8 @@ ] }, "delete": { + "summary": "Delete a Node Manager", + "description": "Delete a single node manager. This deletes the node manager itself and\nreassigns its associated nodes to the Automate node manager.\n\nAuthorization Action:\n\n```\ninfra:nodeManagers:delete\n```", "operationId": "Delete", "responses": { "200": { @@ -73,6 +80,7 @@ "parameters": [ { "name": "id", + "description": "UUID for the node manager.", "in": "path", "required": true, "type": "string" @@ -83,6 +91,8 @@ ] }, "put": { + "summary": "Update a Node Manager", + "description": "Update a node manager's metadata, such as its name, associated credential id, or data.\nThis is a PUT operation and it overwrites ALL of the existing node manager metadata. Include all fields, because a PUT operation overwrites any missing fields to empty (\"\").\n\nAuthorization Action:\n\n```\ninfra:nodeManagers:update\n```", "operationId": "Update", "responses": { "200": { @@ -95,6 +105,7 @@ "parameters": [ { "name": "id", + "description": "UUID for the nodemanager.", "in": "path", "required": true, "type": "string" @@ -115,6 +126,8 @@ }, "/nodemanagers/id/{id}/with-node-state/stopped": { "delete": { + "summary": "Delete a Node Manager and Stop Nodes", + "description": "Delete a node manager and update its associated nodes to `stopped`.\n\nAuthorization Action:\n\n```\ninfra:nodeManagers:delete\n```", "operationId": "DeleteWithNodeStateStopped", "responses": { "200": { @@ -127,6 +140,7 @@ "parameters": [ { "name": "id", + "description": "UUID for the node manager.", "in": "path", "required": true, "type": "string" @@ -139,6 +153,8 @@ }, "/nodemanagers/id/{id}/with-node-state/terminated": { "delete": { + "summary": "Delete a Node Manager and Terminate Nodes", + "description": "Delete a node manager and update its associated nodes to `terminated`.\n\nAuthorization Action:\n\n```\ninfra:nodeManagers:delete\n```", "operationId": "DeleteWithNodeStateTerminated", "responses": { "200": { @@ -151,6 +167,7 @@ "parameters": [ { "name": "id", + "description": "UUID for the node manager.", "in": "path", "required": true, "type": "string" @@ -163,6 +180,8 @@ }, "/nodemanagers/id/{id}/with-nodes": { "delete": { + "summary": "Delete a Node Manager and Delete Nodes", + "description": "Delete a node manager and all of its associated nodes.\n\nAuthorization Action:\n\n```\ninfra:nodeManagers:delete\n```", "operationId": "DeleteWithNodes", "responses": { "200": { @@ -175,6 +194,7 @@ "parameters": [ { "name": "id", + "description": "UUID for the node manager.", "in": "path", "required": true, "type": "string" @@ -187,6 +207,8 @@ }, "/nodemanagers/id/{node_manager_id}/search-fields": { "post": { + "summary": "Search Node Fields", + "description": "Searches the available values for a given field across all nodes associated with the nodemanager id.\n\n\nAuthorization Action:\n\n```\ninfra:nodeManagers:list\n```", "operationId": "SearchNodeFields", "responses": { "200": { @@ -199,6 +221,7 @@ "parameters": [ { "name": "node_manager_id", + "description": "Node manager ID.", "in": "path", "required": true, "type": "string" @@ -219,6 +242,8 @@ }, "/nodemanagers/id/{node_manager_id}/search-nodes": { "post": { + "summary": "Search nodes", + "description": "Searches the available nodes for a single node manager by id.\n\n\nAuthorization Action:\n\n```\ninfra:nodeManagers:list\n```", "operationId": "SearchNodes", "responses": { "200": { @@ -231,6 +256,7 @@ "parameters": [ { "name": "node_manager_id", + "description": "Node manager ID.", "in": "path", "required": true, "type": "string" @@ -251,6 +277,8 @@ }, "/nodemanagers/rerun/id/{id}": { "post": { + "summary": "Connect", + "description": "Attempts to reach the API for the given nodemanager id to validate the\ncredentials associated with the nodemanager.\n\nAuthorization Action:\n\n```\ninfra:nodeManagers:rerun\n```", "operationId": "Connect", "responses": { "200": { @@ -263,6 +291,7 @@ "parameters": [ { "name": "id", + "description": "UUID for the node manager.", "in": "path", "required": true, "type": "string" @@ -283,6 +312,8 @@ }, "/nodemanagers/search": { "post": { + "summary": "List all Node Managers", + "description": "Returns a list of node managers.\nSupports filtering, sorting, and pagination.\n\nValid filtering fields: manager_type\n\n\nAuthorization Action:\n\n```\ninfra:nodeManagers:list\n```", "operationId": "List", "responses": { "200": { @@ -350,32 +381,46 @@ "type": "object", "properties": { "tag_key": { - "type": "string" + "type": "string", + "description": "Tag key to match on." }, "tag_value": { - "type": "string" + "type": "string", + "description": "Tag value to match on." }, "credential_ids": { "type": "array", "items": { "type": "string" - } + }, + "description": "List of credential ids to associate with the key/value pair." } - } + }, + "required": [ + "tag_key", + "tag_value", + "credential_ids" + ] }, "chef.automate.api.nodes.manager.v1.FieldQuery": { "type": "object", "properties": { "query": { - "$ref": "#/definitions/chef.automate.api.nodes.manager.v1.Query" + "$ref": "#/definitions/chef.automate.api.nodes.manager.v1.Query", + "description": "Query details (filters) to be applied to the results." }, "field": { - "type": "string" + "type": "string", + "description": "Possible search fields: regions, tags, name, subscription_id." }, "node_manager_id": { - "type": "string" + "type": "string", + "description": "Node manager ID." } - } + }, + "required": [ + "node_manager_id" + ] }, "chef.automate.api.nodes.manager.v1.Fields": { "type": "object", @@ -384,17 +429,25 @@ "type": "array", "items": { "type": "string" - } + }, + "description": "One or more fields: regions, tags, name, subscription_id." } } }, "chef.automate.api.nodes.manager.v1.Id": { "type": "object", + "example": { + "uuid": "cd3ad3d9-2776-4ef1-a904-4c229d1642ee" + }, "properties": { "id": { - "type": "string" + "type": "string", + "description": "UUID for the node manager." } - } + }, + "required": [ + "id" + ] }, "chef.automate.api.nodes.manager.v1.Ids": { "type": "object", @@ -403,61 +456,104 @@ "type": "array", "items": { "$ref": "#/definitions/chef.automate.api.nodes.manager.v1.Id" - } + }, + "description": "List of node manager UUIDs." } } }, "chef.automate.api.nodes.manager.v1.NodeManager": { "type": "object", + "example": { + "account_id": "12345EXAMPLE", + "credential_data": [ + { + "key": "AWS_ACCESS_KEY_ID", + "value": "AKIAIOSFODNN7EXAMPLE" + }, + { + "key": "AWS_SECRET_ACCESS_KEY", + "value": "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY" + }, + { + "key": "AWS_SESSION_TOKEN", + "value": "AQoDYXdzEPT//////////wEXAMPLEt==" + } + ], + "credential_ID": "my-credential-UUID", + "id": "cd3ad3d9-2776-4ef1-a904-1EXAMPLEUUID", + "instance_credentials": [], + "name": "my aws api integration with session token", + "type": "aws-ec2" + }, "properties": { "id": { - "type": "string" + "type": "string", + "description": "UUID for the nodemanager." }, "name": { - "type": "string" + "type": "string", + "description": "User defined name for the node manager." }, "type": { - "type": "string" + "type": "string", + "description": "Type of nodemanager (aws-ec2, azure-vm, aws-api, azure-api, gcp)." }, "credential_id": { - "type": "string" + "type": "string", + "description": "Use either 'credential_id' OR 'credential_data'.\n'credential_data' will overwrite values in 'credential_id'.\nThe 'credential_id' is the UUID of credential with the information\nyou need to connect to aws, azure, or gcp." }, "instance_credentials": { "type": "array", "items": { "$ref": "#/definitions/chef.automate.api.nodes.manager.v1.CredentialsByTags" - } + }, + "description": "List of tag and credential UUID associations for making node managers.\nThese are ssh, winrm, and sudo creds used to access instances." }, "status": { - "type": "string" + "type": "string", + "description": "Status of the nodemanager (reachable, unreachable)." }, "account_id": { - "type": "string" + "type": "string", + "description": "Account id associated with the nodemanager." }, "date_added": { "type": "string", - "format": "date-time" + "format": "date-time", + "description": "Date the nodemanager was created." }, "credential_data": { "type": "array", "items": { "$ref": "#/definitions/chef.automate.api.common.query.Kv" - } + }, + "description": "Use either 'credential_data' OR 'credential_id'.\n'credential_data' will overwrite values in 'credential_id'.\nUse 'credential_data' when you have not yet created node credentials\nand provide credential data (such as AWS_ACCESS_KEY) inline." } - } + }, + "required": [ + "id", + "credential_id", + "credential_data", + "type" + ] }, "chef.automate.api.nodes.manager.v1.NodeManagers": { "type": "object", + "example": { + "total": "1" + }, "properties": { "managers": { "type": "array", "items": { "$ref": "#/definitions/chef.automate.api.nodes.manager.v1.NodeManager" - } + }, + "description": "List of nodemanagers." }, "total": { "type": "integer", - "format": "int32" + "format": "int32", + "description": "Total count of nodemanagers." } } }, @@ -465,12 +561,17 @@ "type": "object", "properties": { "query": { - "$ref": "#/definitions/chef.automate.api.nodes.manager.v1.Query" + "$ref": "#/definitions/chef.automate.api.nodes.manager.v1.Query", + "description": "Valid search filters: manager_type." }, "node_manager_id": { - "type": "string" + "type": "string", + "description": "Node manager ID." } - } + }, + "required": [ + "node_manager_id" + ] }, "chef.automate.api.nodes.manager.v1.Nodes": { "type": "object", @@ -479,38 +580,58 @@ "type": "array", "items": { "type": "string" - } + }, + "description": "List of node names matching the request." }, "total": { "type": "integer", - "format": "int32" + "format": "int32", + "description": "Total count of node names matching the request." } } }, "chef.automate.api.nodes.manager.v1.Query": { "type": "object", + "example": { + "filter_map": [ + { + "key": "manager_type", + "values": [ + "aws-ec2" + ] + } + ], + "sort": "date_added" + }, "properties": { "filter_map": { "type": "array", "items": { "$ref": "#/definitions/chef.automate.api.common.query.Filter" - } + }, + "description": "Filters for the query: \"manager_type\"." }, "order": { "$ref": "#/definitions/chef.automate.api.nodes.manager.v1.Query.OrderType" }, "sort": { - "type": "string" + "type": "string", + "description": "Field to use for sorting.\nValid fields are: name, type, status, status_message, date_added." }, "page": { "type": "integer", - "format": "int32" + "format": "int32", + "description": "Starting page for the list. For example, if your query returns 100 pages,\nand you know you're looking for a node manager somewhere in the middle,\nyou might want to start on page 50." }, "per_page": { "type": "integer", - "format": "int32" + "format": "int32", + "description": "Number of results on each page." } - } + }, + "required": [ + "filter_map" + ] }, "chef.automate.api.nodes.manager.v1.Query.OrderType": { "type": "string", @@ -518,7 +639,8 @@ "ASC", "DESC" ], - "default": "ASC" + "default": "ASC", + "description": "Sort the results in ascending or descending order." } } } diff --git a/components/automate-chef-io/data/docs/api_chef_automate/applications/applications.swagger.json b/components/automate-chef-io/data/docs/api_chef_automate/applications/applications.swagger.json index ca11b73f60b..8911aa5276e 100644 --- a/components/automate-chef-io/data/docs/api_chef_automate/applications/applications.swagger.json +++ b/components/automate-chef-io/data/docs/api_chef_automate/applications/applications.swagger.json @@ -14,7 +14,7 @@ "/applications/delete_disconnected_services": { "post": { "summary": "Remove Disconnected Services", - "description": "Removes services marked as disconnected based on the `threshold_seconds` setting.\nThis function is not used by the API or CLI and is here for testing purposes.\nThe functionality is currently covered by a periodically running job that can be configured using `UpdateDeleteDisconnectedServicesConfig`.\n\nAuthorization Action:\n\n```\napplications:serviceGroups:delete\n```", + "description": "Removes services marked as disconnected based on the `threshold_seconds` setting.\nThis function is not used by the API or CLI and is here for testing purposes.\nThe functionality is currently covered by a periodically running job that can be configured using `UpdateDeleteDisconnectedServicesConfig`.\n\nAuthorization Action:\n```\napplications:serviceGroups:delete\n```", "operationId": "DeleteDisconnectedServices", "responses": { "200": { @@ -42,7 +42,7 @@ "/applications/delete_services_by_id": { "post": { "summary": "Delete the services with the given IDs", - "description": "Authorization Action:\n\n```\napplications:serviceGroups:delete\n```", + "description": "Authorization Action:\n```\napplications:serviceGroups:delete\n```", "operationId": "DeleteServicesByID", "responses": { "200": { @@ -70,7 +70,7 @@ "/applications/disconnected_services": { "get": { "summary": "Mark Services as Disconnected", - "description": "Marks services as disconnected based on the `threshold_seconds` setting.\nThis function is not used by the API or CLI and is here for testing purposes.\nThe functionality is currently covered by a periodically running job that can be configured\nby utilizing the `UpdateDisconnectedServicesConfig` endpoint.\n\nAuthorization Action:\n\n```\napplications:serviceGroups:list\n```", + "description": "Marks services as disconnected based on the `threshold_seconds` setting.\nThis function is not used by the API or CLI and is here for testing purposes.\nThe functionality is currently covered by a periodically running job that can be configured\nby utilizing the `UpdateDisconnectedServicesConfig` endpoint.\n\nAuthorization Action:\n```\napplications:serviceGroups:list\n```", "operationId": "GetDisconnectedServices", "responses": { "200": { @@ -98,7 +98,7 @@ "/applications/service-groups": { "get": { "summary": "List Service Groups", - "description": "Lists service groups with name, health information, and application, environment, package, release metadata.\nAccepts pagination, sorting, search, and status filters.\n\nExample:\n```\napplications/service-groups?sorting.field=percent_ok\u0026sorting.order=ASC\u0026pagination.page=1\u0026pagination.size=25\n```\n\nAuthorization Action:\n\n```\napplications:serviceGroups:list\n```", + "description": "Lists service groups with name, health information, and application, environment, package, release metadata.\nAccepts pagination, sorting, search, and status filters.\n\nExample:\n```\napplications/service-groups?sorting.field=percent_ok\u0026sorting.order=ASC\u0026pagination.page=1\u0026pagination.size=25\n```\n\nAuthorization Action:\n```\napplications:serviceGroups:list\n```", "operationId": "GetServiceGroups", "responses": { "200": { @@ -164,7 +164,7 @@ "/applications/service-groups/{service_group_id}": { "get": { "summary": "List Services for a Service Group", - "description": "List the services for a service group with health status and service metadata.\nUses the service group ID generated by Chef Automate instead of the Chef Habitat- provided ID.\nSupports pagination and filtering.\n\nExample:\n```\napplications/service-groups/1dfff679054c60a10c51d059b6dbf81a765c46f8d3e8ce0752b22ffe8d4d9716?pagination.page=1\u0026pagination.size=25\n```\n\nAuthorization Action:\n\n```\napplications:serviceGroups:list\n```", + "description": "List the services for a service group with health status and service metadata.\nUses the service group ID generated by Chef Automate instead of the Chef Habitat- provided ID.\nSupports pagination and filtering.\n\nExample:\n```\napplications/service-groups/1dfff679054c60a10c51d059b6dbf81a765c46f8d3e8ce0752b22ffe8d4d9716?pagination.page=1\u0026pagination.size=25\n```\n\nAuthorization Action:\n```\napplications:serviceGroups:list\n```", "operationId": "GetServicesBySG", "responses": { "200": { @@ -237,7 +237,7 @@ "/applications/service_groups_health_counts": { "get": { "summary": "List Service Groups Health Counts", - "description": "Lists the total service group health reports by critical, warning, ok and unknown responses. Supports search and status filtering.\n\nAuthorization Action:\n\n```\napplications:serviceGroups:list\n```", + "description": "Lists the total service group health reports by critical, warning, ok and unknown responses. Supports search and status filtering.\n\nAuthorization Action:\n```\napplications:serviceGroups:list\n```", "operationId": "GetServiceGroupsHealthCounts", "responses": { "200": { @@ -268,7 +268,7 @@ "/applications/services": { "get": { "summary": "List Services", - "description": "Lists service health status and service metadata for services.\nSupports pagination and search and status filtering. For a list of services for a specific service-group see \"List Services for a Service Group\" (GetServicesBySG endpoint).\n\nAuthorization Action:\n\n```\napplications:serviceGroups:list\n```", + "description": "Lists service health status and service metadata for services.\nSupports pagination and search and status filtering. For a list of services for a specific service-group see \"List Services for a Service Group\" (GetServicesBySG endpoint).\n\nAuthorization Action:\n```\napplications:serviceGroups:list\n```", "operationId": "GetServices", "responses": { "200": { @@ -334,7 +334,7 @@ "/applications/services-distinct-values": { "get": { "summary": "List Filter Values", - "description": "Lists all of the possible filter values for a given valid field.\nLimit the returned values by providing at one or more characters in the `query_fragment` parameter.\nSupports wildcard (* and ?)\n\n\nAuthorization Action:\n\n```\napplications:serviceGroups:list\n```", + "description": "Lists all of the possible filter values for a given valid field.\nLimit the returned values by providing at one or more characters in the `query_fragment` parameter.\nSupports wildcard (* and ?)\n\n\nAuthorization Action:\n```\napplications:serviceGroups:list\n```", "operationId": "GetServicesDistinctValues", "responses": { "200": { @@ -379,7 +379,7 @@ "/applications/stats": { "get": { "summary": "Show Summary", - "description": "Shows a summary of service-groups, services, deployments, and supervisors.\nUsed for telemetry.\nDoes not support filtering.\n\nAuthorization Action:\n\n```\napplications:serviceGroups:list\n```", + "description": "Shows a summary of service-groups, services, deployments, and supervisors.\nUsed for telemetry.\nDoes not support filtering.\n\nAuthorization Action:\n```\napplications:serviceGroups:list\n```", "operationId": "GetServicesStats", "responses": { "200": { @@ -397,7 +397,7 @@ "/applications/version": { "get": { "summary": "Show Version", - "description": "Displays the current version of the applications-service\n\nAuthorization Action:\n\n```\nsystem:serviceVersion:get\n```", + "description": "Displays the current version of the applications-service\n\nAuthorization Action:\n```\nsystem:serviceVersion:get\n```", "operationId": "GetVersion", "responses": { "200": { @@ -415,7 +415,7 @@ "/retention/service_groups/delete_disconnected_services/config": { "get": { "summary": "Show 'Remove Disconnected Services' Configuration", - "description": "Displays configuration for the task that deletes services marked as disconnected\nafter 'threshold'. Threshold is a string that follows Elasticsearch's date math expressions.\nThis job is disabled if running is set to false.\n\nAuthorization Action:\n\n```\nretention:serviceGroups:get\n```", + "description": "Displays configuration for the task that deletes services marked as disconnected\nafter 'threshold'. Threshold is a string that follows Elasticsearch's date math expressions.\nThis job is disabled if running is set to false.\n\nAuthorization Action:\n```\nretention:serviceGroups:get\n```", "operationId": "GetDeleteDisconnectedServicesConfig", "responses": { "200": { @@ -431,7 +431,7 @@ }, "post": { "summary": "Change 'Remove Disconnected Services' Configuration", - "description": "Updates configuration information for the task that deletes services marked as disconnected\nafter 'threshold'. Threshold is a string that follows Elasticsearch's date math expressions.\nThis job can be disabled by setting `\"running\": false`.\n\nExample:\n```\nservice_groups/delete_disconnected_services/config\" -d\n'{\n\"threshold\": \"1d\",\n\"running\":true\n}'\n```\n\nAuthorization Action:\n\n```\nretention:serviceGroups:update\n```", + "description": "Updates configuration information for the task that deletes services marked as disconnected\nafter 'threshold'. Threshold is a string that follows Elasticsearch's date math expressions.\nThis job can be disabled by setting `\"running\": false`.\n\nExample:\n```\nservice_groups/delete_disconnected_services/config\" -d\n'{\n\"threshold\": \"1d\",\n\"running\":true\n}'\n```\n\nAuthorization Action:\n```\nretention:serviceGroups:update\n```", "operationId": "UpdateDeleteDisconnectedServicesConfig", "responses": { "200": { @@ -459,7 +459,7 @@ "/retention/service_groups/disconnected_services/config": { "get": { "summary": "Show 'Disconnected Services' configuration", - "description": "Returns the configuration for the task that marks services as disconnected. The `threshold` setting defines the period of time between the last report from a node and the moment when Chef Automate marks it as disconnected. `Threshold` is a string that follows Elasticsearch's date math expressions.\nThis task is always enabled, cannot be disabled. Because this task runs continuously, the response does not return information about its status.\n\nAuthorization Action:\n\n```\nretention:serviceGroups:get\n```", + "description": "Returns the configuration for the task that marks services as disconnected. The `threshold` setting defines the period of time between the last report from a node and the moment when Chef Automate marks it as disconnected. `Threshold` is a string that follows Elasticsearch's date math expressions.\nThis task is always enabled, cannot be disabled. Because this task runs continuously, the response does not return information about its status.\n\nAuthorization Action:\n```\nretention:serviceGroups:get\n```", "operationId": "GetDisconnectedServicesConfig", "responses": { "200": { @@ -475,7 +475,7 @@ }, "post": { "summary": "Change 'Disconnected Services' Configuration", - "description": "Changes the configuration for the task that marks services as disconnected after\n'threshold'. Threshold is a string that follows Elasticsearch's date math expressions.\nThis job cannot be disabled, and therefore no information about running is accepted.\n\nExample:\n```\n/retention/service_groups/disconnected_services/config\n'{\n\"threshold\": \"15m\"\n}'\n```\n\nAuthorization Action:\n\n```\nretention:serviceGroups:update\n```", + "description": "Changes the configuration for the task that marks services as disconnected after\n'threshold'. Threshold is a string that follows Elasticsearch's date math expressions.\nThis job cannot be disabled, and therefore no information about running is accepted.\n\nExample:\n```\n/retention/service_groups/disconnected_services/config\n'{\n\"threshold\": \"15m\"\n}'\n```\n\nAuthorization Action:\n```\nretention:serviceGroups:update\n```", "operationId": "UpdateDisconnectedServicesConfig", "responses": { "200": { diff --git a/components/automate-chef-io/data/docs/api_chef_automate/auth/users/request/users.swagger.json b/components/automate-chef-io/data/docs/api_chef_automate/auth/users/request/users.swagger.json deleted file mode 100644 index 8a3889b6eb8..00000000000 --- a/components/automate-chef-io/data/docs/api_chef_automate/auth/users/request/users.swagger.json +++ /dev/null @@ -1,15 +0,0 @@ -{ - "swagger": "2.0", - "info": { - "title": "components/automate-gateway/api/auth/users/request/users.proto", - "version": "version not set" - }, - "consumes": [ - "application/json" - ], - "produces": [ - "application/json" - ], - "paths": {}, - "definitions": {} -} diff --git a/components/automate-chef-io/data/docs/api_chef_automate/auth/users/response/users.swagger.json b/components/automate-chef-io/data/docs/api_chef_automate/auth/users/response/users.swagger.json deleted file mode 100644 index b1a99761019..00000000000 --- a/components/automate-chef-io/data/docs/api_chef_automate/auth/users/response/users.swagger.json +++ /dev/null @@ -1,15 +0,0 @@ -{ - "swagger": "2.0", - "info": { - "title": "components/automate-gateway/api/auth/users/response/users.proto", - "version": "version not set" - }, - "consumes": [ - "application/json" - ], - "produces": [ - "application/json" - ], - "paths": {}, - "definitions": {} -} diff --git a/components/automate-chef-io/data/docs/api_chef_automate/auth/users/users.swagger.json b/components/automate-chef-io/data/docs/api_chef_automate/auth/users/users.swagger.json deleted file mode 100644 index 5ad1467acc3..00000000000 --- a/components/automate-chef-io/data/docs/api_chef_automate/auth/users/users.swagger.json +++ /dev/null @@ -1,256 +0,0 @@ -{ - "swagger": "2.0", - "info": { - "title": "components/automate-gateway/api/auth/users/users.proto", - "version": "version not set" - }, - "consumes": [ - "application/json" - ], - "produces": [ - "application/json" - ], - "paths": { - "/auth/users": { - "get": { - "operationId": "GetUsers", - "responses": { - "200": { - "description": "A successful response.", - "schema": { - "$ref": "#/definitions/chef.automate.api.users.response.Users" - } - } - }, - "tags": [ - "UsersMgmt" - ] - }, - "post": { - "operationId": "CreateUser", - "responses": { - "200": { - "description": "A successful response.", - "schema": { - "$ref": "#/definitions/chef.automate.api.users.response.User" - } - } - }, - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/chef.automate.api.users.request.CreateUser" - } - } - ], - "tags": [ - "UsersMgmt" - ] - } - }, - "/auth/users/{username}": { - "get": { - "operationId": "GetUserByUsername", - "responses": { - "200": { - "description": "A successful response.", - "schema": { - "$ref": "#/definitions/chef.automate.api.users.response.User" - } - } - }, - "parameters": [ - { - "name": "username", - "in": "path", - "required": true, - "type": "string" - } - ], - "tags": [ - "UsersMgmt" - ] - }, - "delete": { - "operationId": "DeleteUserByUsername", - "responses": { - "200": { - "description": "A successful response.", - "schema": { - "$ref": "#/definitions/chef.automate.api.users.response.DeleteUserResp" - } - } - }, - "parameters": [ - { - "name": "username", - "in": "path", - "required": true, - "type": "string" - } - ], - "tags": [ - "UsersMgmt" - ] - }, - "put": { - "operationId": "UpdateUser", - "responses": { - "200": { - "description": "A successful response.", - "schema": { - "$ref": "#/definitions/chef.automate.api.users.response.User" - } - } - }, - "parameters": [ - { - "name": "username", - "in": "path", - "required": true, - "type": "string" - }, - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/chef.automate.api.users.request.UpdateUser" - } - } - ], - "tags": [ - "UsersMgmt" - ] - } - }, - "/users/{username}": { - "put": { - "operationId": "UpdateSelf", - "responses": { - "200": { - "description": "A successful response.", - "schema": { - "$ref": "#/definitions/chef.automate.api.users.response.User" - } - } - }, - "parameters": [ - { - "name": "username", - "in": "path", - "required": true, - "type": "string" - }, - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/chef.automate.api.users.request.UpdateSelf" - } - } - ], - "tags": [ - "UsersMgmt" - ] - } - } - }, - "definitions": { - "chef.automate.api.users.request.CreateUser": { - "type": "object", - "properties": { - "id": { - "type": "string" - }, - "name": { - "type": "string" - }, - "email": { - "type": "string" - }, - "username": { - "type": "string" - }, - "password": { - "type": "string" - } - } - }, - "chef.automate.api.users.request.UpdateSelf": { - "type": "object", - "properties": { - "id": { - "type": "string" - }, - "name": { - "type": "string" - }, - "password": { - "type": "string" - }, - "username": { - "type": "string" - }, - "previous_password": { - "type": "string" - } - } - }, - "chef.automate.api.users.request.UpdateUser": { - "type": "object", - "properties": { - "id": { - "type": "string" - }, - "email": { - "type": "string" - }, - "name": { - "type": "string" - }, - "password": { - "type": "string" - }, - "username": { - "type": "string" - } - } - }, - "chef.automate.api.users.response.DeleteUserResp": { - "type": "object" - }, - "chef.automate.api.users.response.User": { - "type": "object", - "properties": { - "id": { - "type": "string" - }, - "name": { - "type": "string" - }, - "email": { - "type": "string" - }, - "username": { - "type": "string" - } - } - }, - "chef.automate.api.users.response.Users": { - "type": "object", - "properties": { - "users": { - "type": "array", - "items": { - "$ref": "#/definitions/chef.automate.api.users.response.User" - } - } - } - } - } -} diff --git a/components/automate-chef-io/data/docs/api_chef_automate/iam/v2/policy.swagger.json b/components/automate-chef-io/data/docs/api_chef_automate/iam/v2/policy.swagger.json index 8fbc6413ad1..e8b77a749a9 100644 --- a/components/automate-chef-io/data/docs/api_chef_automate/iam/v2/policy.swagger.json +++ b/components/automate-chef-io/data/docs/api_chef_automate/iam/v2/policy.swagger.json @@ -23,12 +23,14 @@ } }, "tags": [ - "Policies" + "hidden" ] } }, "/iam/v2/policies": { "get": { + "summary": "List all policies", + "description": "List all policies.\n\nAuthorization Action:\n```\niam:policies:list\n```", "operationId": "ListPolicies", "responses": { "200": { @@ -39,10 +41,12 @@ } }, "tags": [ - "Policies" + "policies" ] }, "post": { + "summary": "Create a custom policy", + "description": "Creates a custom IAM policy used to control permissions in Automate.\nA policy is composed of one or more statements that grant permissions to a set of members.\nEach statement contains a role as well as a list of projects.\n\nThe role defines a set of actions that the statement is scoped to.\nThe project list defines the set of resources that the statement is scoped to.\nPass `\"projects\": [\"*\"]` to scope a statement to every project.\n\nA policy's *top-level* projects list defines which projects the policy belongs to (for filtering policies by their projects),\nwhereas the *statement-level* projects list defines which projects the statement applies to.\n\nThis example creates a new policy not associated with any project (because the top-level `projects` property is empty) that grants the `viewer` role\non a few projects for all LDAP teams and a custom role `qa` on a specific project.\n\nExample:\n```\n{\n\"name\": \"My Viewer Policy\",\n\"id\": \"viewer-policy\",\n\"members\": [\"team:ldap:*\"],\n\"statements\" : [\n{\n\"role\": \"viewer\",\n\"projects\": [\"project1\", \"project2\"]\n},\n{\n\"role\": \"qa\",\n\"projects\": [\"acceptanceProject\"]\n}\n],\n\"projects\": []\n}\n```\n\nAuthorization Action:\n```\niam:policies:create\n```", "operationId": "CreatePolicy", "responses": { "200": { @@ -63,12 +67,14 @@ } ], "tags": [ - "Policies" + "policies" ] } }, "/iam/v2/policies/{id}": { "get": { + "summary": "Get a policy", + "description": "Returns the details for a policy.\n\nAuthorization Action:\n```\niam:policies:get\n```", "operationId": "GetPolicy", "responses": { "200": { @@ -81,16 +87,19 @@ "parameters": [ { "name": "id", + "description": "ID of the policy.", "in": "path", "required": true, "type": "string" } ], "tags": [ - "Policies" + "policies" ] }, "delete": { + "summary": "Delete a custom policy", + "description": "Delete a specified custom policy. You cannot delete Chef-managed policies.\n\nAuthorization Action:\n```\niam:policies:delete\n```", "operationId": "DeletePolicy", "responses": { "200": { @@ -103,16 +112,19 @@ "parameters": [ { "name": "id", + "description": "ID of the policy.", "in": "path", "required": true, "type": "string" } ], "tags": [ - "Policies" + "policies" ] }, "put": { + "summary": "Update a custom policy", + "description": "This operation overwrites all fields excepting ID,\nincluding those omitted from the request, so be sure to specify all properties.\nProperties that you do not include are reset to empty values.\nThe only exception is the policy ID, which is immutable; it can only be set at creation time.\n\nWhile you can use this endpoint to update members on a policy, if that is the only\nproperty you wish to modify you might find it more convenient to use one of these endpoints instead:\nAdd policy members, Remove policy members, or Replace policy members.\n\nAuthorization Action:\n```\niam:policies:update\n```", "operationId": "UpdatePolicy", "responses": { "200": { @@ -125,6 +137,7 @@ "parameters": [ { "name": "id", + "description": "Unique ID. Cannot be changed.", "in": "path", "required": true, "type": "string" @@ -139,12 +152,14 @@ } ], "tags": [ - "Policies" + "policies" ] } }, "/iam/v2/policies/{id}/members": { "get": { + "summary": "List policy members", + "description": "List all members of a specific policy.\n\nAuthorization Action:\n```\niam:policyMembers:get\n```", "operationId": "ListPolicyMembers", "responses": { "200": { @@ -157,16 +172,19 @@ "parameters": [ { "name": "id", + "description": "ID of the policy.", "in": "path", "required": true, "type": "string" } ], "tags": [ - "Policies" + "policies" ] }, "put": { + "summary": "Replace policy members", + "description": "Replace the entire member list of a specific policy with a new list.\nYou may use this endpoint to update members of either Custom or Chef-managed policies.\n\nEnsure each element of the members array is in the correct\n[Member Expression](https://automate.chef.io/docs/iam-v2-guide/#member-expressions) format.\n\nAuthorization Action:\n```\niam:policyMembers:update\n```", "operationId": "ReplacePolicyMembers", "responses": { "200": { @@ -179,6 +197,7 @@ "parameters": [ { "name": "id", + "description": "ID of the policy.", "in": "path", "required": true, "type": "string" @@ -193,12 +212,14 @@ } ], "tags": [ - "Policies" + "policies" ] } }, "/iam/v2/policies/{id}/members:add": { "post": { + "summary": "Add policy members", + "description": "Add members to the member list of a specific policy.\nYou may use this endpoint to update members of either Custom or Chef-managed policies.\n\nEnsure each element of the members array is in the correct\n[Member Expression](https://automate.chef.io/docs/iam-v2-guide/#member-expressions) format.\n\nAuthorization Action:\n```\niam:policyMembers:create\n```", "operationId": "AddPolicyMembers", "responses": { "200": { @@ -211,6 +232,7 @@ "parameters": [ { "name": "id", + "description": "ID of the policy.", "in": "path", "required": true, "type": "string" @@ -225,12 +247,14 @@ } ], "tags": [ - "Policies" + "policies" ] } }, "/iam/v2/policies/{id}/members:remove": { "post": { + "summary": "Remove policy members", + "description": "Remove members from the member list of a specific policy. Silently ignores\nmembers that are not already part of the member list.\nYou may use this endpoint to update members of either Custom or Chef-managed policies.\n\nEnsure each element of the members array is in the correct\n[Member Expression](https://automate.chef.io/docs/iam-v2-guide/#member-expressions) format.\n\nThe removed members will still exist within Chef Automate, but are no longer associated with this policy.\n\nAuthorization Action:\n```\niam:policyMembers:delete\n```", "operationId": "RemovePolicyMembers", "responses": { "200": { @@ -243,6 +267,7 @@ "parameters": [ { "name": "id", + "description": "ID of the policy.", "in": "path", "required": true, "type": "string" @@ -257,12 +282,14 @@ } ], "tags": [ - "Policies" + "policies" ] } }, "/iam/v2/policy_version": { "get": { + "summary": "Get IAM version", + "description": "Returns the major and minor version of IAM that your automate installation is running.\n\nAuthorization Action:\n```\niam:policies:get\n```", "operationId": "GetPolicyVersion", "responses": { "200": { @@ -273,12 +300,14 @@ } }, "tags": [ - "Policies" + "policies" ] } }, "/iam/v2/projects": { "get": { + "summary": "List all projects", + "description": "List all projects.\n\nAuthorization Action:\n```\niam:projects:list\n```", "operationId": "ListProjects", "responses": { "200": { @@ -289,10 +318,12 @@ } }, "tags": [ - "Policies" + "projects" ] }, "post": { + "summary": "Create a project", + "description": "Creates a new project to be used in the policies that control permissions in Automate.\n\nA project defines the scope of resources in a policy statement. Resources can be in more than one project.\n\nAuthorization Action:\n```\niam:projects:create\n```", "operationId": "CreateProject", "responses": { "200": { @@ -313,12 +344,14 @@ } ], "tags": [ - "Policies" + "projects" ] } }, "/iam/v2/projects/{id}": { "get": { + "summary": "Get a project", + "description": "Returns the details for a project.\n\nAuthorization Action:\n```\niam:projects:get\n```", "operationId": "GetProject", "responses": { "200": { @@ -331,16 +364,19 @@ "parameters": [ { "name": "id", + "description": "ID of the project.", "in": "path", "required": true, "type": "string" } ], "tags": [ - "Policies" + "projects" ] }, "delete": { + "summary": "Delete a project", + "description": "Delete a project from any resources tagged with it.\n\nAlso deletes this project from any project list in any policy statements.\nIf the resulting project list for a given statement is empty, it is deleted.\nIf the resulting policy has no statements, it is also deleted.\n\nAuthorization Action:\n```\niam:projects:delete\n```", "operationId": "DeleteProject", "responses": { "200": { @@ -353,16 +389,19 @@ "parameters": [ { "name": "id", + "description": "ID of the project.", "in": "path", "required": true, "type": "string" } ], "tags": [ - "Policies" + "projects" ] }, "put": { + "summary": "Update a project", + "description": "Updates the name of an existing project.\n\nAuthorization Action:\n```\niam:projects:update\n```", "operationId": "UpdateProject", "responses": { "200": { @@ -375,6 +414,7 @@ "parameters": [ { "name": "id", + "description": "Unique ID. Cannot be changed.", "in": "path", "required": true, "type": "string" @@ -389,12 +429,14 @@ } ], "tags": [ - "Policies" + "projects" ] } }, "/iam/v2/roles": { "get": { + "summary": "List all roles", + "description": "List all *Chef-managed* and *Custom* roles.\n\nAuthorization Action:\n```\niam:roles:list\n```", "operationId": "ListRoles", "responses": { "200": { @@ -405,10 +447,12 @@ } }, "tags": [ - "Policies" + "roles" ] }, "post": { + "summary": "Create a custom role", + "description": "Creates a new role to be used in the policies that control permissions in Automate.\n\nA role defines the scope of actions in a policy statement.\n\nAuthorization Action:\n```\niam:roles:create\n```", "operationId": "CreateRole", "responses": { "200": { @@ -429,12 +473,14 @@ } ], "tags": [ - "Policies" + "roles" ] } }, "/iam/v2/roles/{id}": { "get": { + "summary": "Get a role", + "description": "Returns the details for a role.\n\nAuthorization Action:\n```\niam:roles:get\n```", "operationId": "GetRole", "responses": { "200": { @@ -447,16 +493,19 @@ "parameters": [ { "name": "id", + "description": "ID of the role.", "in": "path", "required": true, "type": "string" } ], "tags": [ - "Policies" + "roles" ] }, "delete": { + "summary": "Delete a custom role", + "description": "Delete a specified custom role (you cannot delete Chef-managed roles) and remove it from any statements that may have been using it.\nIf such a statement has no other associated actions, the statement is deleted as well.\nSimilarly, if that statement removal results in a policy with no other statements,\nthat policy is removed as well.\n\nAuthorization Action:\n```\niam:roles:delete\n```", "operationId": "DeleteRole", "responses": { "200": { @@ -469,16 +518,19 @@ "parameters": [ { "name": "id", + "description": "ID of the role.", "in": "path", "required": true, "type": "string" } ], "tags": [ - "Policies" + "roles" ] }, "put": { + "summary": "Update a custom role", + "description": "This operation overwrites all fields excepting ID,\nincluding those omitted from the request, so be sure to specify all properties.\nProperties that you do not include are reset to empty values.\n\nAuthorization Action:\n```\niam:roles:update\n```", "operationId": "UpdateRole", "responses": { "200": { @@ -491,6 +543,7 @@ "parameters": [ { "name": "id", + "description": "Unique ID. Cannot be changed.", "in": "path", "required": true, "type": "string" @@ -505,7 +558,7 @@ } ], "tags": [ - "Policies" + "roles" ] } } @@ -515,15 +568,21 @@ "type": "object", "properties": { "id": { - "type": "string" + "type": "string", + "description": "ID of the policy." }, "members": { "type": "array", "items": { "type": "string" - } + }, + "description": "List of members to add to the policy." } - } + }, + "required": [ + "id", + "members" + ] }, "chef.automate.api.iam.v2.AddPolicyMembersResp": { "type": "object", @@ -532,7 +591,8 @@ "type": "array", "items": { "type": "string" - } + }, + "description": "Resulting list of policy members." } } }, @@ -540,31 +600,41 @@ "type": "object", "properties": { "id": { - "type": "string" + "type": "string", + "description": "Unique ID. Cannot be changed." }, "name": { - "type": "string" + "type": "string", + "description": "Name for the policy." }, "members": { "type": "array", "items": { "type": "string" - } + }, + "description": "Members affected by this policy." }, "statements": { "type": "array", "items": { "$ref": "#/definitions/chef.automate.api.iam.v2.Statement" - } + }, + "description": "Statements for the policy." }, "projects": { "type": "array", "items": { "type": "string" - } + }, + "description": "List of projects this policy belongs to." } }, - "description": "Does not contain type as the enduser can only create 'custom' policies." + "description": "Does not contain type as the enduser can only create 'custom' policies.", + "required": [ + "id", + "name", + "statements" + ] }, "chef.automate.api.iam.v2.CreatePolicyResp": { "type": "object", @@ -578,12 +648,18 @@ "type": "object", "properties": { "id": { - "type": "string" + "type": "string", + "description": "Unique ID. Cannot be changed." }, "name": { - "type": "string" + "type": "string", + "description": "Name for the new project." } - } + }, + "required": [ + "id", + "name" + ] }, "chef.automate.api.iam.v2.CreateProjectResp": { "type": "object", @@ -597,25 +673,34 @@ "type": "object", "properties": { "id": { - "type": "string" + "type": "string", + "description": "Unique ID. Cannot be changed." }, "name": { - "type": "string" + "type": "string", + "description": "Name for the role." }, "actions": { "type": "array", "items": { "type": "string" - } + }, + "description": "List of actions that this role scopes to." }, "projects": { "type": "array", "items": { "type": "string" - } + }, + "description": "List of projects this role belongs to." } }, - "description": "Does not contain type as the enduser can only create 'custom' roles." + "description": "Does not contain type as the enduser can only create 'custom' roles.", + "required": [ + "id", + "name", + "actions" + ] }, "chef.automate.api.iam.v2.CreateRoleResp": { "type": "object", @@ -684,7 +769,8 @@ "type": "array", "items": { "type": "string" - } + }, + "description": "List of policy members." } } }, @@ -714,31 +800,37 @@ "type": "object", "properties": { "name": { - "type": "string" + "type": "string", + "description": "Name for the policy." }, "id": { - "type": "string" + "type": "string", + "description": "Unique ID. Cannot be changed." }, "type": { - "$ref": "#/definitions/chef.automate.api.iam.v2.Type" + "$ref": "#/definitions/chef.automate.api.iam.v2.Type", + "description": "This doc-comment is ignored for an enum." }, "members": { "type": "array", "items": { "type": "string" - } + }, + "description": "Members affected by this policy. May be empty." }, "statements": { "type": "array", "items": { "$ref": "#/definitions/chef.automate.api.iam.v2.Statement" - } + }, + "description": "Statements for the policy. Will contain one or more." }, "projects": { "type": "array", "items": { "type": "string" - } + }, + "description": "List of projects this policy belongs to. May be empty." } } }, @@ -746,16 +838,20 @@ "type": "object", "properties": { "name": { - "type": "string" + "type": "string", + "description": "Name for the project." }, "id": { - "type": "string" + "type": "string", + "description": "Unique ID. Cannot be changed." }, "type": { - "$ref": "#/definitions/chef.automate.api.iam.v2.Type" + "$ref": "#/definitions/chef.automate.api.iam.v2.Type", + "description": "Whether this policy is user created (`CUSTOM`) or chef managed (`CHEF_MANAGED`)." }, "status": { - "$ref": "#/definitions/chef.automate.api.iam.v2.ProjectRulesStatus" + "$ref": "#/definitions/chef.automate.api.iam.v2.ProjectRulesStatus", + "description": "The current status of the rules for this project." } } }, @@ -773,15 +869,21 @@ "type": "object", "properties": { "id": { - "type": "string" + "type": "string", + "description": "ID of the policy." }, "members": { "type": "array", "items": { "type": "string" - } + }, + "description": "List of members to remove from the policy." } - } + }, + "required": [ + "id", + "members" + ] }, "chef.automate.api.iam.v2.RemovePolicyMembersResp": { "type": "object", @@ -790,7 +892,8 @@ "type": "array", "items": { "type": "string" - } + }, + "description": "Resulting list of policy members." } } }, @@ -798,15 +901,20 @@ "type": "object", "properties": { "id": { - "type": "string" + "type": "string", + "description": "ID of the policy." }, "members": { "type": "array", "items": { "type": "string" - } + }, + "description": "List of members that replaces previous policy member list." } - } + }, + "required": [ + "id" + ] }, "chef.automate.api.iam.v2.ReplacePolicyMembersResp": { "type": "object", @@ -815,7 +923,8 @@ "type": "array", "items": { "type": "string" - } + }, + "description": "Resulting list of policy members." } } }, @@ -823,25 +932,30 @@ "type": "object", "properties": { "name": { - "type": "string" + "type": "string", + "description": "Name for the role." }, "id": { - "type": "string" + "type": "string", + "description": "Unique ID. Cannot be changed." }, "type": { - "$ref": "#/definitions/chef.automate.api.iam.v2.Type" + "$ref": "#/definitions/chef.automate.api.iam.v2.Type", + "description": "Whether this policy is user created (`CUSTOM`) or chef managed (`CHEF_MANAGED`)." }, "actions": { "type": "array", "items": { "type": "string" - } + }, + "description": "List of actions this role scopes to. Will contain one or more." }, "projects": { "type": "array", "items": { "type": "string" - } + }, + "description": "List of projects this role belongs to. May be empty." } } }, @@ -849,31 +963,33 @@ "type": "object", "properties": { "effect": { - "$ref": "#/definitions/chef.automate.api.iam.v2.Statement.Effect" + "$ref": "#/definitions/chef.automate.api.iam.v2.Statement.Effect", + "description": "This doc-comment is ignored for an enum." }, "actions": { "type": "array", "items": { "type": "string" }, - "title": "inline definitions" + "description": "Actions defined inline. May be empty.\nBest practices recommend that you use custom roles rather than inline actions where practical." }, "role": { "type": "string", - "title": "references" + "description": "The role defines a set of actions that the statement is scoped to." }, "resources": { "type": "array", "items": { "type": "string" }, - "title": "Note: these are for display only, not to be set in CreatePolicy/UpdatePolicy" + "description": "DEPRECATED: Resources defined inline. Use projects instead." }, "projects": { "type": "array", "items": { "type": "string" - } + }, + "description": "The project list defines the set of resources that the statement is scoped to. May be empty." } } }, @@ -897,31 +1013,41 @@ "type": "object", "properties": { "id": { - "type": "string" + "type": "string", + "description": "Unique ID. Cannot be changed." }, "members": { "type": "array", "items": { "type": "string" - } + }, + "description": "Members affected by this policy." }, "statements": { "type": "array", "items": { "$ref": "#/definitions/chef.automate.api.iam.v2.Statement" - } + }, + "description": "Statements for the policy." }, "name": { - "type": "string" + "type": "string", + "description": "Name for this policy." }, "projects": { "type": "array", "items": { "type": "string" - } + }, + "description": "List of projects this policy belongs to." } }, - "description": "Does not contain type as the enduser can only create 'custom' policies." + "description": "Does not contain type as the enduser can only create 'custom' policies.", + "required": [ + "id", + "name", + "statements" + ] }, "chef.automate.api.iam.v2.UpdatePolicyResp": { "type": "object", @@ -935,12 +1061,18 @@ "type": "object", "properties": { "id": { - "type": "string" + "type": "string", + "description": "Unique ID. Cannot be changed." }, "name": { - "type": "string" + "type": "string", + "description": "Name for the project." } - } + }, + "required": [ + "id", + "name" + ] }, "chef.automate.api.iam.v2.UpdateProjectResp": { "type": "object", @@ -954,24 +1086,33 @@ "type": "object", "properties": { "id": { - "type": "string" + "type": "string", + "description": "Unique ID. Cannot be changed." }, "name": { - "type": "string" + "type": "string", + "description": "Name for the role." }, "actions": { "type": "array", "items": { "type": "string" - } + }, + "description": "List of actions that this role scopes to." }, "projects": { "type": "array", "items": { "type": "string" - } + }, + "description": "List of projects this role belongs to." } - } + }, + "required": [ + "id", + "name", + "actions" + ] }, "chef.automate.api.iam.v2.UpdateRoleResp": { "type": "object", diff --git a/components/automate-chef-io/data/docs/api_chef_automate/iam/v2/teams.swagger.json b/components/automate-chef-io/data/docs/api_chef_automate/iam/v2/teams.swagger.json index b538b6a9928..6790d4dca47 100644 --- a/components/automate-chef-io/data/docs/api_chef_automate/iam/v2/teams.swagger.json +++ b/components/automate-chef-io/data/docs/api_chef_automate/iam/v2/teams.swagger.json @@ -270,9 +270,6 @@ } } }, - "chef.automate.api.iam.v2.ApplyV2DataMigrationsResp": { - "type": "object" - }, "chef.automate.api.iam.v2.CreateTeamReq": { "type": "object", "properties": { @@ -380,9 +377,6 @@ } } }, - "chef.automate.api.iam.v2.ResetAllTeamProjectsResp": { - "type": "object" - }, "chef.automate.api.iam.v2.Team": { "type": "object", "properties": { diff --git a/components/automate-gateway/api/applications.pb.swagger.go b/components/automate-gateway/api/applications.pb.swagger.go index d674ac8a82a..81e8c7899cf 100644 --- a/components/automate-gateway/api/applications.pb.swagger.go +++ b/components/automate-gateway/api/applications.pb.swagger.go @@ -17,7 +17,7 @@ func init() { "/applications/delete_disconnected_services": { "post": { "summary": "Remove Disconnected Services", - "description": "Removes services marked as disconnected based on the ` + "`" + `threshold_seconds` + "`" + ` setting.\nThis function is not used by the API or CLI and is here for testing purposes.\nThe functionality is currently covered by a periodically running job that can be configured using ` + "`" + `UpdateDeleteDisconnectedServicesConfig` + "`" + `.\n\nAuthorization Action:\n\n` + "`" + `` + "`" + `` + "`" + `\napplications:serviceGroups:delete\n` + "`" + `` + "`" + `` + "`" + `", + "description": "Removes services marked as disconnected based on the ` + "`" + `threshold_seconds` + "`" + ` setting.\nThis function is not used by the API or CLI and is here for testing purposes.\nThe functionality is currently covered by a periodically running job that can be configured using ` + "`" + `UpdateDeleteDisconnectedServicesConfig` + "`" + `.\n\nAuthorization Action:\n` + "`" + `` + "`" + `` + "`" + `\napplications:serviceGroups:delete\n` + "`" + `` + "`" + `` + "`" + `", "operationId": "DeleteDisconnectedServices", "responses": { "200": { @@ -45,7 +45,7 @@ func init() { "/applications/delete_services_by_id": { "post": { "summary": "Delete the services with the given IDs", - "description": "Authorization Action:\n\n` + "`" + `` + "`" + `` + "`" + `\napplications:serviceGroups:delete\n` + "`" + `` + "`" + `` + "`" + `", + "description": "Authorization Action:\n` + "`" + `` + "`" + `` + "`" + `\napplications:serviceGroups:delete\n` + "`" + `` + "`" + `` + "`" + `", "operationId": "DeleteServicesByID", "responses": { "200": { @@ -73,7 +73,7 @@ func init() { "/applications/disconnected_services": { "get": { "summary": "Mark Services as Disconnected", - "description": "Marks services as disconnected based on the ` + "`" + `threshold_seconds` + "`" + ` setting.\nThis function is not used by the API or CLI and is here for testing purposes.\nThe functionality is currently covered by a periodically running job that can be configured\nby utilizing the ` + "`" + `UpdateDisconnectedServicesConfig` + "`" + ` endpoint.\n\nAuthorization Action:\n\n` + "`" + `` + "`" + `` + "`" + `\napplications:serviceGroups:list\n` + "`" + `` + "`" + `` + "`" + `", + "description": "Marks services as disconnected based on the ` + "`" + `threshold_seconds` + "`" + ` setting.\nThis function is not used by the API or CLI and is here for testing purposes.\nThe functionality is currently covered by a periodically running job that can be configured\nby utilizing the ` + "`" + `UpdateDisconnectedServicesConfig` + "`" + ` endpoint.\n\nAuthorization Action:\n` + "`" + `` + "`" + `` + "`" + `\napplications:serviceGroups:list\n` + "`" + `` + "`" + `` + "`" + `", "operationId": "GetDisconnectedServices", "responses": { "200": { @@ -101,7 +101,7 @@ func init() { "/applications/service-groups": { "get": { "summary": "List Service Groups", - "description": "Lists service groups with name, health information, and application, environment, package, release metadata.\nAccepts pagination, sorting, search, and status filters.\n\nExample:\n` + "`" + `` + "`" + `` + "`" + `\napplications/service-groups?sorting.field=percent_ok\u0026sorting.order=ASC\u0026pagination.page=1\u0026pagination.size=25\n` + "`" + `` + "`" + `` + "`" + `\n\nAuthorization Action:\n\n` + "`" + `` + "`" + `` + "`" + `\napplications:serviceGroups:list\n` + "`" + `` + "`" + `` + "`" + `", + "description": "Lists service groups with name, health information, and application, environment, package, release metadata.\nAccepts pagination, sorting, search, and status filters.\n\nExample:\n` + "`" + `` + "`" + `` + "`" + `\napplications/service-groups?sorting.field=percent_ok\u0026sorting.order=ASC\u0026pagination.page=1\u0026pagination.size=25\n` + "`" + `` + "`" + `` + "`" + `\n\nAuthorization Action:\n` + "`" + `` + "`" + `` + "`" + `\napplications:serviceGroups:list\n` + "`" + `` + "`" + `` + "`" + `", "operationId": "GetServiceGroups", "responses": { "200": { @@ -167,7 +167,7 @@ func init() { "/applications/service-groups/{service_group_id}": { "get": { "summary": "List Services for a Service Group", - "description": "List the services for a service group with health status and service metadata.\nUses the service group ID generated by Chef Automate instead of the Chef Habitat- provided ID.\nSupports pagination and filtering.\n\nExample:\n` + "`" + `` + "`" + `` + "`" + `\napplications/service-groups/1dfff679054c60a10c51d059b6dbf81a765c46f8d3e8ce0752b22ffe8d4d9716?pagination.page=1\u0026pagination.size=25\n` + "`" + `` + "`" + `` + "`" + `\n\nAuthorization Action:\n\n` + "`" + `` + "`" + `` + "`" + `\napplications:serviceGroups:list\n` + "`" + `` + "`" + `` + "`" + `", + "description": "List the services for a service group with health status and service metadata.\nUses the service group ID generated by Chef Automate instead of the Chef Habitat- provided ID.\nSupports pagination and filtering.\n\nExample:\n` + "`" + `` + "`" + `` + "`" + `\napplications/service-groups/1dfff679054c60a10c51d059b6dbf81a765c46f8d3e8ce0752b22ffe8d4d9716?pagination.page=1\u0026pagination.size=25\n` + "`" + `` + "`" + `` + "`" + `\n\nAuthorization Action:\n` + "`" + `` + "`" + `` + "`" + `\napplications:serviceGroups:list\n` + "`" + `` + "`" + `` + "`" + `", "operationId": "GetServicesBySG", "responses": { "200": { @@ -240,7 +240,7 @@ func init() { "/applications/service_groups_health_counts": { "get": { "summary": "List Service Groups Health Counts", - "description": "Lists the total service group health reports by critical, warning, ok and unknown responses. Supports search and status filtering.\n\nAuthorization Action:\n\n` + "`" + `` + "`" + `` + "`" + `\napplications:serviceGroups:list\n` + "`" + `` + "`" + `` + "`" + `", + "description": "Lists the total service group health reports by critical, warning, ok and unknown responses. Supports search and status filtering.\n\nAuthorization Action:\n` + "`" + `` + "`" + `` + "`" + `\napplications:serviceGroups:list\n` + "`" + `` + "`" + `` + "`" + `", "operationId": "GetServiceGroupsHealthCounts", "responses": { "200": { @@ -271,7 +271,7 @@ func init() { "/applications/services": { "get": { "summary": "List Services", - "description": "Lists service health status and service metadata for services.\nSupports pagination and search and status filtering. For a list of services for a specific service-group see \"List Services for a Service Group\" (GetServicesBySG endpoint).\n\nAuthorization Action:\n\n` + "`" + `` + "`" + `` + "`" + `\napplications:serviceGroups:list\n` + "`" + `` + "`" + `` + "`" + `", + "description": "Lists service health status and service metadata for services.\nSupports pagination and search and status filtering. For a list of services for a specific service-group see \"List Services for a Service Group\" (GetServicesBySG endpoint).\n\nAuthorization Action:\n` + "`" + `` + "`" + `` + "`" + `\napplications:serviceGroups:list\n` + "`" + `` + "`" + `` + "`" + `", "operationId": "GetServices", "responses": { "200": { @@ -337,7 +337,7 @@ func init() { "/applications/services-distinct-values": { "get": { "summary": "List Filter Values", - "description": "Lists all of the possible filter values for a given valid field.\nLimit the returned values by providing at one or more characters in the ` + "`" + `query_fragment` + "`" + ` parameter.\nSupports wildcard (* and ?)\n\n\nAuthorization Action:\n\n` + "`" + `` + "`" + `` + "`" + `\napplications:serviceGroups:list\n` + "`" + `` + "`" + `` + "`" + `", + "description": "Lists all of the possible filter values for a given valid field.\nLimit the returned values by providing at one or more characters in the ` + "`" + `query_fragment` + "`" + ` parameter.\nSupports wildcard (* and ?)\n\n\nAuthorization Action:\n` + "`" + `` + "`" + `` + "`" + `\napplications:serviceGroups:list\n` + "`" + `` + "`" + `` + "`" + `", "operationId": "GetServicesDistinctValues", "responses": { "200": { @@ -382,7 +382,7 @@ func init() { "/applications/stats": { "get": { "summary": "Show Summary", - "description": "Shows a summary of service-groups, services, deployments, and supervisors.\nUsed for telemetry.\nDoes not support filtering.\n\nAuthorization Action:\n\n` + "`" + `` + "`" + `` + "`" + `\napplications:serviceGroups:list\n` + "`" + `` + "`" + `` + "`" + `", + "description": "Shows a summary of service-groups, services, deployments, and supervisors.\nUsed for telemetry.\nDoes not support filtering.\n\nAuthorization Action:\n` + "`" + `` + "`" + `` + "`" + `\napplications:serviceGroups:list\n` + "`" + `` + "`" + `` + "`" + `", "operationId": "GetServicesStats", "responses": { "200": { @@ -400,7 +400,7 @@ func init() { "/applications/version": { "get": { "summary": "Show Version", - "description": "Displays the current version of the applications-service\n\nAuthorization Action:\n\n` + "`" + `` + "`" + `` + "`" + `\nsystem:serviceVersion:get\n` + "`" + `` + "`" + `` + "`" + `", + "description": "Displays the current version of the applications-service\n\nAuthorization Action:\n` + "`" + `` + "`" + `` + "`" + `\nsystem:serviceVersion:get\n` + "`" + `` + "`" + `` + "`" + `", "operationId": "GetVersion", "responses": { "200": { @@ -418,7 +418,7 @@ func init() { "/retention/service_groups/delete_disconnected_services/config": { "get": { "summary": "Show 'Remove Disconnected Services' Configuration", - "description": "Displays configuration for the task that deletes services marked as disconnected\nafter 'threshold'. Threshold is a string that follows Elasticsearch's date math expressions.\nThis job is disabled if running is set to false.\n\nAuthorization Action:\n\n` + "`" + `` + "`" + `` + "`" + `\nretention:serviceGroups:get\n` + "`" + `` + "`" + `` + "`" + `", + "description": "Displays configuration for the task that deletes services marked as disconnected\nafter 'threshold'. Threshold is a string that follows Elasticsearch's date math expressions.\nThis job is disabled if running is set to false.\n\nAuthorization Action:\n` + "`" + `` + "`" + `` + "`" + `\nretention:serviceGroups:get\n` + "`" + `` + "`" + `` + "`" + `", "operationId": "GetDeleteDisconnectedServicesConfig", "responses": { "200": { @@ -434,7 +434,7 @@ func init() { }, "post": { "summary": "Change 'Remove Disconnected Services' Configuration", - "description": "Updates configuration information for the task that deletes services marked as disconnected\nafter 'threshold'. Threshold is a string that follows Elasticsearch's date math expressions.\nThis job can be disabled by setting ` + "`" + `\"running\": false` + "`" + `.\n\nExample:\n` + "`" + `` + "`" + `` + "`" + `\nservice_groups/delete_disconnected_services/config\" -d\n'{\n\"threshold\": \"1d\",\n\"running\":true\n}'\n` + "`" + `` + "`" + `` + "`" + `\n\nAuthorization Action:\n\n` + "`" + `` + "`" + `` + "`" + `\nretention:serviceGroups:update\n` + "`" + `` + "`" + `` + "`" + `", + "description": "Updates configuration information for the task that deletes services marked as disconnected\nafter 'threshold'. Threshold is a string that follows Elasticsearch's date math expressions.\nThis job can be disabled by setting ` + "`" + `\"running\": false` + "`" + `.\n\nExample:\n` + "`" + `` + "`" + `` + "`" + `\nservice_groups/delete_disconnected_services/config\" -d\n'{\n\"threshold\": \"1d\",\n\"running\":true\n}'\n` + "`" + `` + "`" + `` + "`" + `\n\nAuthorization Action:\n` + "`" + `` + "`" + `` + "`" + `\nretention:serviceGroups:update\n` + "`" + `` + "`" + `` + "`" + `", "operationId": "UpdateDeleteDisconnectedServicesConfig", "responses": { "200": { @@ -462,7 +462,7 @@ func init() { "/retention/service_groups/disconnected_services/config": { "get": { "summary": "Show 'Disconnected Services' configuration", - "description": "Returns the configuration for the task that marks services as disconnected. The ` + "`" + `threshold` + "`" + ` setting defines the period of time between the last report from a node and the moment when Chef Automate marks it as disconnected. ` + "`" + `Threshold` + "`" + ` is a string that follows Elasticsearch's date math expressions.\nThis task is always enabled, cannot be disabled. Because this task runs continuously, the response does not return information about its status.\n\nAuthorization Action:\n\n` + "`" + `` + "`" + `` + "`" + `\nretention:serviceGroups:get\n` + "`" + `` + "`" + `` + "`" + `", + "description": "Returns the configuration for the task that marks services as disconnected. The ` + "`" + `threshold` + "`" + ` setting defines the period of time between the last report from a node and the moment when Chef Automate marks it as disconnected. ` + "`" + `Threshold` + "`" + ` is a string that follows Elasticsearch's date math expressions.\nThis task is always enabled, cannot be disabled. Because this task runs continuously, the response does not return information about its status.\n\nAuthorization Action:\n` + "`" + `` + "`" + `` + "`" + `\nretention:serviceGroups:get\n` + "`" + `` + "`" + `` + "`" + `", "operationId": "GetDisconnectedServicesConfig", "responses": { "200": { @@ -478,7 +478,7 @@ func init() { }, "post": { "summary": "Change 'Disconnected Services' Configuration", - "description": "Changes the configuration for the task that marks services as disconnected after\n'threshold'. Threshold is a string that follows Elasticsearch's date math expressions.\nThis job cannot be disabled, and therefore no information about running is accepted.\n\nExample:\n` + "`" + `` + "`" + `` + "`" + `\n/retention/service_groups/disconnected_services/config\n'{\n\"threshold\": \"15m\"\n}'\n` + "`" + `` + "`" + `` + "`" + `\n\nAuthorization Action:\n\n` + "`" + `` + "`" + `` + "`" + `\nretention:serviceGroups:update\n` + "`" + `` + "`" + `` + "`" + `", + "description": "Changes the configuration for the task that marks services as disconnected after\n'threshold'. Threshold is a string that follows Elasticsearch's date math expressions.\nThis job cannot be disabled, and therefore no information about running is accepted.\n\nExample:\n` + "`" + `` + "`" + `` + "`" + `\n/retention/service_groups/disconnected_services/config\n'{\n\"threshold\": \"15m\"\n}'\n` + "`" + `` + "`" + `` + "`" + `\n\nAuthorization Action:\n` + "`" + `` + "`" + `` + "`" + `\nretention:serviceGroups:update\n` + "`" + `` + "`" + `` + "`" + `", "operationId": "UpdateDisconnectedServicesConfig", "responses": { "200": { diff --git a/components/automate-gateway/api/iam/v2/common/policy.pb.go b/components/automate-gateway/api/iam/v2/common/policy.pb.go index b0915cae390..4255243fd53 100644 --- a/components/automate-gateway/api/iam/v2/common/policy.pb.go +++ b/components/automate-gateway/api/iam/v2/common/policy.pb.go @@ -99,15 +99,21 @@ func (Version_VersionNumber) EnumDescriptor() ([]byte, []int) { } type Policy struct { - Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` - Id string `protobuf:"bytes,2,opt,name=id,proto3" json:"id,omitempty"` - Type Type `protobuf:"varint,3,opt,name=type,proto3,enum=chef.automate.api.iam.v2.Type" json:"type,omitempty"` - Members []string `protobuf:"bytes,4,rep,name=members,proto3" json:"members,omitempty"` - Statements []*Statement `protobuf:"bytes,5,rep,name=statements,proto3" json:"statements,omitempty"` - Projects []string `protobuf:"bytes,6,rep,name=projects,proto3" json:"projects,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` + // Name for the policy. + Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` + // Unique ID. Cannot be changed. + Id string `protobuf:"bytes,2,opt,name=id,proto3" json:"id,omitempty"` + // This doc-comment is ignored for an enum. + Type Type `protobuf:"varint,3,opt,name=type,proto3,enum=chef.automate.api.iam.v2.Type" json:"type,omitempty"` + // Members affected by this policy. May be empty. + Members []string `protobuf:"bytes,4,rep,name=members,proto3" json:"members,omitempty"` + // Statements for the policy. Will contain one or more. + Statements []*Statement `protobuf:"bytes,5,rep,name=statements,proto3" json:"statements,omitempty"` + // List of projects this policy belongs to. May be empty. + Projects []string `protobuf:"bytes,6,rep,name=projects,proto3" json:"projects,omitempty"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` } func (m *Policy) Reset() { *m = Policy{} } @@ -178,13 +184,16 @@ func (m *Policy) GetProjects() []string { } type Statement struct { + // This doc-comment is ignored for an enum. Effect Statement_Effect `protobuf:"varint,1,opt,name=effect,proto3,enum=chef.automate.api.iam.v2.Statement_Effect" json:"effect,omitempty"` - // inline definitions + // Actions defined inline. May be empty. + // Best practices recommend that you use custom roles rather than inline actions where practical. Actions []string `protobuf:"bytes,3,rep,name=actions,proto3" json:"actions,omitempty"` - // references + // The role defines a set of actions that the statement is scoped to. Role string `protobuf:"bytes,4,opt,name=role,proto3" json:"role,omitempty"` - // Note: these are for display only, not to be set in CreatePolicy/UpdatePolicy - Resources []string `protobuf:"bytes,5,rep,name=resources,proto3" json:"resources,omitempty"` + // DEPRECATED: Resources defined inline. Use projects instead. + Resources []string `protobuf:"bytes,5,rep,name=resources,proto3" json:"resources,omitempty"` + // The project list defines the set of resources that the statement is scoped to. May be empty. Projects []string `protobuf:"bytes,6,rep,name=projects,proto3" json:"projects,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` @@ -252,10 +261,15 @@ func (m *Statement) GetProjects() []string { } type Role struct { - Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` - Id string `protobuf:"bytes,2,opt,name=id,proto3" json:"id,omitempty"` - Type Type `protobuf:"varint,3,opt,name=type,proto3,enum=chef.automate.api.iam.v2.Type" json:"type,omitempty"` - Actions []string `protobuf:"bytes,4,rep,name=actions,proto3" json:"actions,omitempty"` + // Name for the role. + Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` + // Unique ID. Cannot be changed. + Id string `protobuf:"bytes,2,opt,name=id,proto3" json:"id,omitempty"` + // Whether this policy is user created (`CUSTOM`) or chef managed (`CHEF_MANAGED`). + Type Type `protobuf:"varint,3,opt,name=type,proto3,enum=chef.automate.api.iam.v2.Type" json:"type,omitempty"` + // List of actions this role scopes to. Will contain one or more. + Actions []string `protobuf:"bytes,4,rep,name=actions,proto3" json:"actions,omitempty"` + // List of projects this role belongs to. May be empty. Projects []string `protobuf:"bytes,5,rep,name=projects,proto3" json:"projects,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` @@ -323,9 +337,13 @@ func (m *Role) GetProjects() []string { } type Project struct { - Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` - Id string `protobuf:"bytes,2,opt,name=id,proto3" json:"id,omitempty"` - Type Type `protobuf:"varint,3,opt,name=type,proto3,enum=chef.automate.api.iam.v2.Type" json:"type,omitempty"` + // Name for the project. + Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` + // Unique ID. Cannot be changed. + Id string `protobuf:"bytes,2,opt,name=id,proto3" json:"id,omitempty"` + // Whether this policy is user created (`CUSTOM`) or chef managed (`CHEF_MANAGED`). + Type Type `protobuf:"varint,3,opt,name=type,proto3,enum=chef.automate.api.iam.v2.Type" json:"type,omitempty"` + // The current status of the rules for this project. Status ProjectRulesStatus `protobuf:"varint,4,opt,name=status,proto3,enum=chef.automate.api.iam.v2.ProjectRulesStatus" json:"status,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` diff --git a/components/automate-gateway/api/iam/v2/policy.pb.go b/components/automate-gateway/api/iam/v2/policy.pb.go index 39f6560fcb9..62dac335542 100644 --- a/components/automate-gateway/api/iam/v2/policy.pb.go +++ b/components/automate-gateway/api/iam/v2/policy.pb.go @@ -11,6 +11,7 @@ import ( _ "github.com/chef/automate/components/automate-grpc/protoc-gen-policy/api" _ "github.com/chef/automate/components/automate-grpc/protoc-gen-policy/iam" proto "github.com/golang/protobuf/proto" + _ "github.com/grpc-ecosystem/grpc-gateway/protoc-gen-swagger/options" _ "google.golang.org/genproto/googleapis/api/annotations" grpc "google.golang.org/grpc" codes "google.golang.org/grpc/codes" @@ -34,82 +35,85 @@ func init() { } var fileDescriptor_2710c589a501c81d = []byte{ - // 1194 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xb4, 0x98, 0xcd, 0x6b, 0x24, 0xc5, - 0x1b, 0xc7, 0xa9, 0xfc, 0x7e, 0xc6, 0xa4, 0x9c, 0xd9, 0x4c, 0x9e, 0x24, 0xa6, 0x9d, 0x35, 0x2c, - 0x36, 0x71, 0x5f, 0x46, 0xd3, 0xed, 0x66, 0x6f, 0x51, 0xd0, 0xa8, 0xb0, 0x08, 0x0a, 0x12, 0x50, - 0xd0, 0x83, 0xa1, 0xd3, 0x53, 0x4e, 0x5a, 0x7b, 0xba, 0x2b, 0x5d, 0x9d, 0x48, 0x10, 0x0f, 0x3b, - 0xe0, 0x61, 0x07, 0x56, 0x04, 0xfd, 0x43, 0xbc, 0x34, 0x82, 0x77, 0x85, 0x85, 0x05, 0x0f, 0x5e, - 0x84, 0x80, 0x27, 0xff, 0x08, 0x8f, 0x52, 0xfd, 0x5a, 0xd5, 0x6f, 0xd5, 0xb3, 0xe0, 0xb1, 0xab, - 0xbe, 0xd5, 0xf5, 0x7c, 0x9e, 0xe7, 0xa9, 0xea, 0xe7, 0x69, 0x7c, 0xcf, 0xf6, 0xa7, 0xd4, 0xf7, - 0x88, 0x17, 0x32, 0xd3, 0x3a, 0x0f, 0xfd, 0xa9, 0x15, 0x92, 0xbd, 0x89, 0x15, 0x92, 0xaf, 0xac, - 0x4b, 0xd3, 0xa2, 0x8e, 0xe9, 0x58, 0x53, 0xf3, 0x62, 0xdf, 0xa4, 0xbe, 0xeb, 0xd8, 0x97, 0x06, - 0x0d, 0xfc, 0xd0, 0x07, 0xcd, 0x3e, 0x25, 0x9f, 0x1b, 0x99, 0xdc, 0xb0, 0xa8, 0x63, 0x38, 0xd6, - 0xd4, 0xb8, 0xd8, 0x1f, 0xbe, 0x38, 0xf1, 0xfd, 0x89, 0x4b, 0xe2, 0x95, 0x96, 0xe7, 0xf9, 0xa1, - 0x15, 0x3a, 0xbe, 0xc7, 0x92, 0x75, 0xc3, 0xd7, 0x3b, 0x6e, 0x16, 0x90, 0xb3, 0x73, 0xc2, 0x42, - 0x69, 0xd3, 0xe1, 0x1b, 0x9d, 0x17, 0x33, 0xea, 0x7b, 0x8c, 0xc8, 0xab, 0xdf, 0xaa, 0x5d, 0x1d, - 0x50, 0xdb, 0x8c, 0xe7, 0xed, 0xbd, 0x09, 0xf1, 0xf6, 0x92, 0x15, 0x0d, 0xc6, 0x2f, 0xf2, 0x06, - 0x6e, 0x4a, 0xe5, 0x0d, 0xfb, 0xdf, 0xed, 0xe2, 0x95, 0x0f, 0xb9, 0xc0, 0x21, 0x0c, 0x9e, 0x20, - 0xdc, 0x7b, 0x27, 0x20, 0x56, 0x48, 0xe2, 0xa1, 0x4b, 0xb8, 0x63, 0x34, 0x79, 0xd5, 0x10, 0x75, - 0x47, 0xe4, 0x6c, 0x38, 0xea, 0x2a, 0x65, 0x54, 0x27, 0xb3, 0x48, 0x5b, 0xc3, 0x7d, 0xeb, 0x3c, - 0x3c, 0x3d, 0xa0, 0xe9, 0xe6, 0xb3, 0x48, 0x5b, 0x81, 0x65, 0x3b, 0x96, 0xce, 0x23, 0xed, 0x1a, - 0xee, 0x39, 0xd6, 0x34, 0x9f, 0x9d, 0x47, 0xda, 0x16, 0x6c, 0x88, 0x23, 0x07, 0x89, 0x74, 0xf6, - 0xc7, 0xdf, 0x3f, 0x2c, 0x6d, 0xe9, 0x03, 0x29, 0x27, 0xf8, 0x34, 0x1a, 0xc1, 0x63, 0x84, 0x57, - 0xef, 0x93, 0x30, 0x65, 0xb9, 0xd9, 0x6c, 0x60, 0x2e, 0xe2, 0x20, 0xb7, 0x3a, 0xe9, 0x18, 0xd5, - 0xbf, 0x9c, 0x45, 0xda, 0x26, 0x06, 0x89, 0xe2, 0xe0, 0x6b, 0x67, 0xfc, 0xcd, 0x2c, 0xd2, 0x9e, - 0x81, 0xff, 0x4d, 0x48, 0x38, 0x8f, 0xb4, 0x0d, 0xbc, 0x2e, 0x59, 0xcd, 0xe7, 0xe7, 0x91, 0x06, - 0x30, 0x90, 0x86, 0x27, 0x24, 0x8c, 0x49, 0xb6, 0x61, 0xab, 0x4c, 0x62, 0xf2, 0x25, 0xf0, 0x2b, - 0xc2, 0xbd, 0xf7, 0x1d, 0x16, 0xe6, 0xb1, 0x6a, 0x09, 0x8d, 0xa8, 0x53, 0x84, 0x46, 0x96, 0x32, - 0xaa, 0x7f, 0x56, 0x1f, 0x9a, 0x65, 0xf8, 0x7f, 0x40, 0xac, 0x71, 0x6d, 0x60, 0x36, 0x40, 0x46, - 0x74, 0x1d, 0x96, 0xc0, 0x00, 0x54, 0xc2, 0x02, 0x7f, 0x22, 0xdc, 0x7b, 0x97, 0xb8, 0xa4, 0x4b, - 0x8a, 0x89, 0x3a, 0x05, 0x87, 0x2c, 0x65, 0x54, 0x3f, 0x6b, 0x09, 0xce, 0x0a, 0x2c, 0x8f, 0x63, - 0x7d, 0x73, 0x7c, 0xca, 0xc9, 0x96, 0xe8, 0x93, 0x10, 0x8d, 0x1a, 0x42, 0x74, 0x85, 0x70, 0xef, - 0x23, 0x3a, 0xee, 0x74, 0x7a, 0x44, 0x9d, 0x02, 0x4d, 0x96, 0x32, 0xaa, 0x87, 0xed, 0x68, 0xe7, - 0xb1, 0xbe, 0x3b, 0x5a, 0xa2, 0x8f, 0xd1, 0x86, 0xc3, 0x7a, 0x34, 0x7e, 0x98, 0xae, 0x10, 0x1e, - 0xe4, 0xf9, 0xff, 0x31, 0x09, 0x98, 0xe3, 0x7b, 0xb0, 0xd7, 0xe1, 0xac, 0xa4, 0x5a, 0x4e, 0x69, - 0x2c, 0x22, 0x67, 0x54, 0x3f, 0x55, 0x25, 0xa3, 0x88, 0x98, 0xad, 0x6c, 0x39, 0x5d, 0x1a, 0x3c, - 0x2f, 0x7f, 0x3b, 0x8e, 0x2f, 0x52, 0x90, 0x7f, 0x10, 0x5e, 0xcf, 0xcf, 0xc2, 0xe5, 0x07, 0x64, - 0x7a, 0x42, 0x02, 0x06, 0x46, 0x87, 0x83, 0x93, 0x89, 0x39, 0x9f, 0xb9, 0x90, 0x9e, 0x51, 0xfd, - 0x01, 0x6a, 0x89, 0x65, 0x81, 0x79, 0x1d, 0xbf, 0x50, 0x89, 0xe4, 0xc1, 0x34, 0x79, 0xcf, 0x3c, - 0xd2, 0xb6, 0x61, 0xab, 0xf0, 0x42, 0xfa, 0xfa, 0x9c, 0xf9, 0x06, 0xec, 0xd4, 0xc6, 0xd4, 0x4c, - 0xd7, 0xc3, 0xc3, 0x25, 0xbc, 0x79, 0x44, 0xa8, 0x6b, 0xd9, 0x44, 0xa6, 0xbf, 0xdb, 0x4c, 0x53, - 0xa7, 0xe7, 0x0e, 0xd8, 0x5f, 0x74, 0x09, 0xa3, 0xfa, 0x43, 0xd4, 0x31, 0x9f, 0x15, 0x5e, 0x18, - 0x82, 0x56, 0xf5, 0x82, 0x90, 0xdc, 0xfa, 0xb0, 0xdd, 0x11, 0x3c, 0xc9, 0x1f, 0x2d, 0xe1, 0x8d, - 0x23, 0x32, 0xf5, 0x2f, 0x4a, 0xae, 0x78, 0xad, 0x8d, 0xab, 0x22, 0xe7, 0x9e, 0xb8, 0xbb, 0xe0, - 0x0a, 0x46, 0xf5, 0xef, 0x51, 0xc7, 0x3b, 0xeb, 0x69, 0x1c, 0x21, 0x5c, 0x60, 0x77, 0xf4, 0xdd, - 0x76, 0x47, 0x04, 0xb1, 0x81, 0xdc, 0x1f, 0x0f, 0x96, 0xf0, 0xe0, 0x70, 0x3c, 0x96, 0x9d, 0xd1, - 0x72, 0xe8, 0xcb, 0x5a, 0xc5, 0xa1, 0xaf, 0xca, 0x19, 0xd5, 0x1f, 0x29, 0xdc, 0x90, 0x97, 0x08, - 0x4f, 0xe3, 0x06, 0xa1, 0x68, 0xb8, 0xa9, 0xbf, 0xd4, 0xee, 0x06, 0x6b, 0x3c, 0xe6, 0x3e, 0xf8, - 0x05, 0x61, 0x9c, 0x54, 0x30, 0x47, 0xbe, 0x4b, 0xe0, 0x96, 0xaa, 0xce, 0xe1, 0x2a, 0xce, 0x7d, - 0xbb, 0x9b, 0x90, 0x51, 0xfd, 0x93, 0x59, 0xa4, 0xf5, 0x30, 0x8e, 0x81, 0x03, 0xdf, 0xad, 0xd4, - 0x42, 0xcf, 0xe1, 0x55, 0x4e, 0x12, 0x4f, 0x15, 0xb7, 0x5b, 0xfc, 0x28, 0x02, 0x81, 0xde, 0xcf, - 0xeb, 0xcd, 0x78, 0x0e, 0x8d, 0xe0, 0x27, 0x84, 0x57, 0xf9, 0xd5, 0xc3, 0xf7, 0x62, 0x6d, 0x25, - 0x50, 0x2e, 0x52, 0x94, 0x40, 0x82, 0x8e, 0x51, 0xfd, 0xa8, 0xc6, 0xf2, 0xe2, 0xda, 0x2a, 0xd9, - 0x3d, 0x80, 0x6b, 0x85, 0xdd, 0x79, 0x91, 0xb0, 0x06, 0xb2, 0xd5, 0xf0, 0x33, 0xc2, 0xcf, 0xde, - 0x27, 0xf1, 0x26, 0xb0, 0xdb, 0xfa, 0xc1, 0xc8, 0x3c, 0xfd, 0x72, 0x07, 0x15, 0xa3, 0xfa, 0xf1, - 0x2c, 0xd2, 0xd6, 0xf1, 0x5a, 0x61, 0x6c, 0xa5, 0x58, 0x1b, 0x60, 0xc1, 0xc2, 0xf4, 0x73, 0xb9, - 0x06, 0xfd, 0x62, 0x2c, 0xbb, 0x54, 0x37, 0x01, 0x24, 0xa3, 0x93, 0x02, 0xe0, 0x37, 0x84, 0x71, - 0x52, 0x88, 0xa8, 0x32, 0xa5, 0x50, 0x29, 0x32, 0x45, 0x14, 0xa6, 0x85, 0x73, 0x2d, 0x82, 0x78, - 0x3d, 0xd4, 0x51, 0x48, 0x39, 0x23, 0xdc, 0x05, 0x9b, 0xa3, 0x3a, 0x90, 0xc7, 0x08, 0xe3, 0xa4, - 0xec, 0x50, 0x81, 0x14, 0x2a, 0x05, 0x88, 0x28, 0x4c, 0xbf, 0xec, 0x4d, 0x20, 0xf9, 0x85, 0xaf, - 0x04, 0x11, 0x6e, 0xf7, 0xed, 0x61, 0x0d, 0x08, 0x3f, 0x01, 0xbf, 0x23, 0xdc, 0x4f, 0x1b, 0x90, - 0xc0, 0xff, 0x82, 0xd8, 0x21, 0xa8, 0x3b, 0x95, 0x44, 0xc8, 0x89, 0x5e, 0xe9, 0xac, 0x2d, 0xb7, - 0x35, 0xc9, 0x78, 0x53, 0x5b, 0x93, 0xce, 0x0a, 0xe5, 0x58, 0x3a, 0xd2, 0xd4, 0xd6, 0x64, 0xd3, - 0x68, 0x04, 0x7f, 0x21, 0xdc, 0x4f, 0x8b, 0x42, 0x35, 0x91, 0x24, 0x54, 0x10, 0x95, 0xb4, 0xe5, - 0x52, 0x33, 0x33, 0xa1, 0xa5, 0xd4, 0x14, 0x25, 0x35, 0x6c, 0x0d, 0xa5, 0x66, 0x3a, 0x9d, 0x87, - 0xec, 0x09, 0xc2, 0x98, 0xd7, 0x83, 0x29, 0x9d, 0xa2, 0x21, 0x2b, 0xd0, 0x6e, 0x77, 0x13, 0x96, - 0x5b, 0xb7, 0x12, 0x57, 0xa5, 0x75, 0x2b, 0x41, 0x65, 0xc5, 0x65, 0x36, 0x5c, 0xd7, 0xba, 0x89, - 0x44, 0x45, 0xeb, 0x96, 0x8e, 0x2a, 0x5b, 0xb7, 0x54, 0xd7, 0xa5, 0x75, 0xcb, 0xa5, 0xe5, 0xd6, - 0xad, 0x48, 0xbf, 0x6a, 0xeb, 0x56, 0x24, 0x5f, 0xd6, 0xba, 0x65, 0x2c, 0xb5, 0xad, 0x5b, 0x66, - 0xf6, 0x15, 0xc2, 0xfd, 0xb4, 0xcf, 0x52, 0xe7, 0x9d, 0x24, 0x54, 0xe4, 0x5d, 0x49, 0x5b, 0xee, - 0xde, 0xaa, 0x79, 0x57, 0xe9, 0xde, 0x14, 0x79, 0xd7, 0xd0, 0xbd, 0x49, 0x51, 0xfa, 0x76, 0x09, - 0x6f, 0xbd, 0xe7, 0x85, 0x81, 0xcf, 0x28, 0xb1, 0xc3, 0x43, 0xd7, 0xfd, 0xaf, 0xc3, 0xf5, 0x23, - 0xaf, 0x73, 0x5e, 0xc5, 0x23, 0x0e, 0x79, 0xec, 0xe4, 0x3b, 0x3b, 0xbe, 0x77, 0x50, 0x3c, 0x1d, - 0x5b, 0xae, 0x7b, 0x5c, 0x1b, 0xcc, 0xf4, 0x72, 0x2c, 0xa4, 0xf3, 0x48, 0xbb, 0x01, 0x3b, 0xf2, - 0x18, 0x4f, 0x4e, 0x01, 0x25, 0xf6, 0xc0, 0x0e, 0x5c, 0xcf, 0x3c, 0x20, 0xec, 0x93, 0xed, 0xf1, - 0xf6, 0xe1, 0xa7, 0x6f, 0x4e, 0x9c, 0xf0, 0xf4, 0xfc, 0xc4, 0xb0, 0xfd, 0xa9, 0xc9, 0x71, 0xf2, - 0x3f, 0x4b, 0x66, 0xb7, 0xbf, 0x5d, 0x27, 0xcb, 0xf1, 0xaf, 0xa5, 0x7b, 0xff, 0x06, 0x00, 0x00, - 0xff, 0xff, 0xdf, 0xb6, 0x9d, 0xbc, 0xc8, 0x13, 0x00, 0x00, + // 1242 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xb4, 0x98, 0xcf, 0x8b, 0x1c, 0x45, + 0x14, 0xc7, 0xa9, 0xd1, 0x6c, 0x36, 0xcf, 0x99, 0xec, 0x6c, 0xed, 0xae, 0xdb, 0x4e, 0x5c, 0x82, + 0x4d, 0xdc, 0x24, 0x63, 0x76, 0xda, 0x6c, 0x6e, 0xab, 0xa0, 0xa3, 0x42, 0x10, 0x14, 0x64, 0x41, + 0x0f, 0x22, 0x2c, 0xbd, 0x3d, 0xe5, 0x6c, 0x6b, 0x4f, 0x57, 0xa5, 0xab, 0x67, 0xe3, 0x22, 0x0a, + 0x2e, 0x78, 0x99, 0x43, 0x08, 0x2b, 0xe4, 0x10, 0x10, 0xff, 0x8a, 0xb9, 0x78, 0x13, 0xfc, 0x03, + 0xc4, 0x80, 0x10, 0xf0, 0xa8, 0x10, 0xc1, 0x3f, 0x42, 0xaa, 0x7f, 0x56, 0x4d, 0xf7, 0x74, 0xf5, + 0x2c, 0x78, 0x1a, 0xa6, 0xea, 0xfb, 0xba, 0xea, 0xf3, 0xde, 0xab, 0xea, 0xf7, 0x1a, 0xee, 0x38, + 0x74, 0xc4, 0xa8, 0x4f, 0xfc, 0x90, 0x5b, 0xf6, 0x38, 0xa4, 0x23, 0x3b, 0x24, 0x3b, 0x43, 0x3b, + 0x24, 0xf7, 0xed, 0x13, 0xcb, 0x66, 0xae, 0xe5, 0xda, 0x23, 0xeb, 0x78, 0xd7, 0x62, 0xd4, 0x73, + 0x9d, 0x93, 0x1e, 0x0b, 0x68, 0x48, 0xb1, 0xe1, 0x1c, 0x91, 0xcf, 0x7b, 0xa9, 0xbc, 0x67, 0x33, + 0xb7, 0xe7, 0xda, 0xa3, 0xde, 0xf1, 0x6e, 0xe7, 0xe5, 0x21, 0xa5, 0x43, 0x8f, 0x44, 0x96, 0xb6, + 0xef, 0xd3, 0xd0, 0x0e, 0x5d, 0xea, 0xf3, 0xd8, 0xae, 0x73, 0x2b, 0xfa, 0x71, 0x76, 0x86, 0xc4, + 0xdf, 0xe1, 0xf7, 0xed, 0xe1, 0x90, 0x04, 0x16, 0x65, 0x91, 0xa2, 0x44, 0xfd, 0x46, 0xcd, 0xad, + 0x05, 0xe4, 0xde, 0x98, 0xf0, 0x50, 0xd9, 0x62, 0xe7, 0xcd, 0xda, 0xc6, 0x9c, 0x51, 0x9f, 0x13, + 0xd5, 0xfa, 0xed, 0x52, 0xeb, 0x80, 0x39, 0x96, 0x44, 0x10, 0x5b, 0xcc, 0x41, 0x5d, 0xe4, 0x09, + 0x62, 0x2b, 0x85, 0x27, 0xec, 0x3e, 0xdc, 0x86, 0xe5, 0x8f, 0x84, 0xc0, 0x25, 0x1c, 0x3f, 0x45, + 0xd0, 0x7c, 0x37, 0x20, 0x76, 0x48, 0xa2, 0xa1, 0x13, 0x7c, 0xb3, 0x37, 0x2f, 0x06, 0x3d, 0x59, + 0xb7, 0x4f, 0xee, 0x75, 0xba, 0x75, 0xa5, 0x9c, 0x99, 0xc1, 0x59, 0x1f, 0x60, 0x99, 0x25, 0xcb, + 0x9e, 0x4e, 0x8d, 0x15, 0x68, 0xd9, 0xe3, 0xf0, 0x68, 0x4f, 0x1a, 0x5a, 0xc6, 0x4b, 0x4e, 0x64, + 0x37, 0x99, 0x1a, 0x97, 0xa1, 0xe9, 0xda, 0xa3, 0x6c, 0x76, 0x32, 0x35, 0x36, 0xf0, 0x9a, 0x3c, + 0xb2, 0x17, 0x4b, 0x4f, 0x9f, 0xfc, 0xf5, 0x43, 0x63, 0xc3, 0x6c, 0x2b, 0xe9, 0x24, 0xa6, 0x51, + 0x17, 0xff, 0x81, 0xe0, 0xd2, 0x5d, 0x12, 0x26, 0x60, 0xdb, 0xf3, 0x77, 0x9b, 0x89, 0x04, 0xd5, + 0xf5, 0x5a, 0x3a, 0xce, 0xcc, 0xaf, 0x66, 0x91, 0xd6, 0x01, 0x2b, 0x48, 0x7b, 0x5f, 0xbb, 0x83, + 0x6f, 0x4e, 0xa7, 0xc6, 0x05, 0xfc, 0xdc, 0x90, 0x84, 0x93, 0xa9, 0xb1, 0x06, 0xab, 0x0a, 0x82, + 0x98, 0x9f, 0x4c, 0x0d, 0x8c, 0xdb, 0xca, 0xf0, 0x90, 0x84, 0x11, 0xd6, 0x26, 0xde, 0x98, 0xc5, + 0xb2, 0x84, 0x09, 0xfe, 0x1d, 0x41, 0xf3, 0x03, 0x97, 0x87, 0x59, 0x14, 0x2b, 0x82, 0x26, 0xeb, + 0x34, 0x41, 0x53, 0xa5, 0x9c, 0x99, 0x5f, 0xd6, 0x08, 0xda, 0x12, 0x7e, 0x3e, 0x20, 0xf6, 0xa0, + 0x34, 0x64, 0x6b, 0x58, 0xe5, 0xf5, 0x5c, 0x1e, 0x93, 0x61, 0x5c, 0x08, 0x18, 0xfe, 0x1b, 0x41, + 0xf3, 0x3d, 0xe2, 0x91, 0x3a, 0x99, 0x28, 0xeb, 0x34, 0x50, 0xaa, 0x94, 0x33, 0xf3, 0xdb, 0xba, + 0x61, 0x5b, 0xc6, 0x4b, 0x83, 0xc8, 0x78, 0x7e, 0xe4, 0x66, 0x73, 0x32, 0xd6, 0xc7, 0xc1, 0xeb, + 0xce, 0x09, 0xde, 0x3f, 0x08, 0x9a, 0x1f, 0xb3, 0x41, 0xad, 0x13, 0x27, 0xeb, 0x34, 0x9c, 0xaa, + 0x94, 0x33, 0xf3, 0x3b, 0xb4, 0x00, 0xe8, 0x38, 0xb2, 0xae, 0x0f, 0x1a, 0xeb, 0x23, 0xd0, 0x4e, + 0xa7, 0x1c, 0x54, 0x9c, 0xc0, 0x67, 0x08, 0xda, 0xd9, 0xa1, 0xf9, 0x84, 0x04, 0xdc, 0xa5, 0x3e, + 0xde, 0xa9, 0x71, 0xc0, 0x12, 0xad, 0x60, 0xee, 0x2d, 0x22, 0xe7, 0xcc, 0x1c, 0x2f, 0x94, 0xb4, + 0x32, 0x6f, 0xfa, 0x98, 0x8a, 0x23, 0x69, 0xe0, 0x17, 0xd5, 0x17, 0xd7, 0xc1, 0x71, 0x42, 0xf5, + 0x7d, 0x03, 0x56, 0xb3, 0x03, 0x74, 0xf2, 0x21, 0x19, 0x1d, 0x92, 0x80, 0xe3, 0x5e, 0x8d, 0xd3, + 0x96, 0x8a, 0x05, 0xac, 0xb5, 0x90, 0x9e, 0x33, 0xf3, 0x41, 0xed, 0x28, 0xe7, 0xcc, 0x57, 0xe0, + 0xa5, 0x42, 0x8c, 0xf7, 0x46, 0xf1, 0x43, 0x27, 0x53, 0x63, 0x13, 0x6f, 0xe4, 0x2e, 0x49, 0xd6, + 0xca, 0x1c, 0x70, 0x15, 0x6f, 0x95, 0x46, 0xdb, 0x4a, 0xec, 0xf1, 0xa3, 0x06, 0xac, 0xef, 0x13, + 0xe6, 0xd9, 0x0e, 0x51, 0x5d, 0x71, 0x7b, 0x3e, 0x5a, 0x99, 0x5e, 0x78, 0x63, 0x77, 0x51, 0x13, + 0xce, 0xcc, 0x47, 0xe7, 0x4a, 0x7b, 0x8d, 0x4b, 0x3a, 0xd8, 0x28, 0xba, 0x44, 0x3a, 0x03, 0x66, + 0xa7, 0xda, 0x2b, 0xe2, 0x2c, 0x3c, 0x6e, 0xc0, 0xda, 0x3e, 0x19, 0xd1, 0xe3, 0x19, 0xbf, 0xbc, + 0x5e, 0x05, 0x59, 0x90, 0x0b, 0xb7, 0xdc, 0x5e, 0xd0, 0x82, 0x33, 0xf3, 0x47, 0x74, 0x9e, 0x5b, + 0xef, 0x3c, 0x5e, 0x91, 0xae, 0xc0, 0x9b, 0xe6, 0xb5, 0x6a, 0xaf, 0x04, 0xd1, 0x6e, 0x85, 0x73, + 0x1e, 0x34, 0xa0, 0xdd, 0x1f, 0x0c, 0x54, 0xcf, 0x54, 0x5c, 0x14, 0xb3, 0x5a, 0xcd, 0x45, 0x51, + 0x94, 0x73, 0x66, 0x3e, 0x5e, 0xc4, 0x27, 0x59, 0x61, 0x72, 0x1e, 0x9f, 0x48, 0xa5, 0xca, 0xb6, + 0xf9, 0x4a, 0xb5, 0x4f, 0xec, 0xc1, 0x40, 0x38, 0xe4, 0x57, 0x04, 0x10, 0x17, 0x51, 0xfb, 0xd4, + 0x23, 0xf8, 0xba, 0xae, 0xd4, 0x12, 0x2a, 0xe1, 0x84, 0x1b, 0xf5, 0x84, 0x9c, 0x99, 0xce, 0x59, + 0xff, 0x22, 0x5c, 0x08, 0xa8, 0x17, 0xa1, 0x37, 0x01, 0x22, 0xf4, 0xf4, 0xbf, 0x8c, 0xfc, 0x02, + 0x5c, 0x12, 0x4c, 0xd1, 0x54, 0x7e, 0x37, 0x46, 0x7f, 0x65, 0x34, 0x6c, 0xb6, 0xb2, 0xe2, 0x37, + 0x9a, 0x43, 0x5d, 0xfc, 0x33, 0x82, 0x4b, 0xe2, 0xe2, 0x12, 0xab, 0xf2, 0xaa, 0x12, 0x2c, 0x13, + 0x69, 0x4a, 0x30, 0x49, 0xc7, 0x99, 0xf9, 0x59, 0x25, 0x43, 0x7e, 0xe3, 0xcd, 0x10, 0xb4, 0xf1, + 0xe5, 0x9c, 0x20, 0x2b, 0x4a, 0x56, 0xb0, 0xba, 0x7f, 0xfc, 0x0b, 0x82, 0x8b, 0x77, 0x49, 0xb4, + 0x1c, 0xbe, 0x56, 0xf9, 0x16, 0x4a, 0xbd, 0xff, 0x6a, 0x0d, 0x15, 0x67, 0xa6, 0xab, 0x6c, 0x7b, + 0x15, 0x56, 0xf2, 0x6d, 0x17, 0x6a, 0xc6, 0x36, 0x48, 0x7b, 0x4d, 0xde, 0xc6, 0x2b, 0xb8, 0x95, + 0x8f, 0xa5, 0x37, 0xf3, 0x3a, 0xc6, 0xca, 0xf6, 0xe3, 0x6a, 0xe3, 0x37, 0x04, 0x10, 0x97, 0x40, + 0xba, 0x3c, 0xca, 0x55, 0x9a, 0x3c, 0x92, 0x85, 0x9c, 0x99, 0x54, 0x0f, 0x23, 0xdf, 0x29, 0x65, + 0x3c, 0x4a, 0x46, 0x49, 0x17, 0xc8, 0x7a, 0xb7, 0x0c, 0xe9, 0x09, 0x02, 0x88, 0xab, 0x1d, 0x1d, + 0x52, 0xae, 0xd2, 0x20, 0xc9, 0xc2, 0xb8, 0x59, 0xa9, 0x81, 0x94, 0xbd, 0x3c, 0xb4, 0x48, 0xd2, + 0x9b, 0x62, 0xb3, 0x53, 0x82, 0x24, 0x4e, 0xca, 0x9f, 0x08, 0x5a, 0x49, 0xd7, 0x14, 0xd0, 0x2f, + 0x88, 0x13, 0x62, 0x7d, 0x7b, 0x15, 0x0b, 0x05, 0xdb, 0x6b, 0xb5, 0xb5, 0x79, 0x2f, 0x16, 0x8f, + 0x28, 0x15, 0x52, 0x3e, 0x54, 0xd6, 0x8b, 0x25, 0xb3, 0x52, 0x39, 0x98, 0x8c, 0xcc, 0xeb, 0xc5, + 0xd2, 0x69, 0xd4, 0xc5, 0xff, 0x22, 0x68, 0x25, 0x25, 0xaa, 0x1e, 0x4f, 0x11, 0x6a, 0xf0, 0x66, + 0xb4, 0x52, 0xe1, 0x9b, 0xc3, 0x64, 0xf7, 0x7a, 0xba, 0xa1, 0x8a, 0xc2, 0x57, 0x96, 0x94, 0x90, + 0xce, 0x29, 0x7c, 0x93, 0xe9, 0x2c, 0x9a, 0x4f, 0x11, 0x80, 0xa8, 0x4e, 0x13, 0x56, 0x4d, 0x4f, + 0x99, 0x83, 0xde, 0xa8, 0x27, 0xcc, 0xbb, 0x4f, 0x3d, 0x64, 0xa1, 0xfb, 0x9c, 0x21, 0x4c, 0x4b, + 0xdd, 0x74, 0xb8, 0xac, 0xfb, 0x94, 0xf1, 0xf2, 0xee, 0x33, 0x19, 0xd5, 0x76, 0x9f, 0x89, 0xae, + 0x4e, 0xf7, 0x99, 0x49, 0xf3, 0xee, 0xb3, 0x32, 0x4d, 0x8b, 0xdd, 0x67, 0x9e, 0xa4, 0x69, 0xf7, + 0x99, 0x82, 0x95, 0x76, 0x9f, 0x29, 0xc3, 0x33, 0x04, 0xad, 0xa4, 0x55, 0xd4, 0xe7, 0xa7, 0x22, + 0xd4, 0xe4, 0xe7, 0x8c, 0x36, 0x6f, 0x40, 0x6b, 0xa5, 0x67, 0xa1, 0x01, 0xd5, 0xa4, 0xe7, 0x9c, + 0x06, 0x54, 0x89, 0xdf, 0xc3, 0x06, 0x6c, 0xbc, 0xef, 0x87, 0x01, 0xe5, 0x8c, 0x38, 0x61, 0xdf, + 0xf3, 0xfe, 0xef, 0x40, 0xfe, 0x84, 0xce, 0xfa, 0xcb, 0xb0, 0x74, 0xe4, 0x0e, 0x06, 0xc4, 0x3f, + 0x9d, 0x1a, 0xb7, 0xa0, 0x2b, 0x78, 0x0f, 0xdc, 0x6c, 0x13, 0x2e, 0xf5, 0xf7, 0xf2, 0x7f, 0x07, + 0xb6, 0xe7, 0x1d, 0x94, 0x06, 0x39, 0xb9, 0x69, 0x73, 0xe9, 0x64, 0x6a, 0x5c, 0xc5, 0x5b, 0xea, + 0x98, 0xc8, 0x60, 0x89, 0x2a, 0x72, 0xc6, 0x16, 0xbe, 0x92, 0x3a, 0x43, 0x5a, 0x27, 0x5d, 0xe3, + 0x9d, 0xfe, 0xa7, 0x6f, 0x0d, 0xdd, 0xf0, 0x68, 0x7c, 0xd8, 0x73, 0xe8, 0xc8, 0x12, 0x64, 0xd9, + 0xb7, 0x35, 0xab, 0xde, 0xf7, 0xbe, 0xc3, 0xa5, 0xe8, 0xe3, 0xda, 0x9d, 0xff, 0x02, 0x00, 0x00, + 0xff, 0xff, 0x6e, 0xb6, 0xb3, 0xf3, 0xf8, 0x14, 0x00, 0x00, } // Reference imports to suppress errors if they are not otherwise used. @@ -124,25 +128,272 @@ const _ = grpc.SupportPackageIsVersion6 // // For semantics around ctx use and closing/ending streaming RPCs, please refer to https://godoc.org/google.golang.org/grpc#ClientConn.NewStream. type PoliciesClient interface { + // + //Create a custom policy + // + //Creates a custom IAM policy used to control permissions in Automate. + //A policy is composed of one or more statements that grant permissions to a set of members. + //Each statement contains a role as well as a list of projects. + // + //The role defines a set of actions that the statement is scoped to. + //The project list defines the set of resources that the statement is scoped to. + //Pass `"projects": ["*"]` to scope a statement to every project. + // + //A policy's *top-level* projects list defines which projects the policy belongs to (for filtering policies by their projects), + //whereas the *statement-level* projects list defines which projects the statement applies to. + // + //This example creates a new policy not associated with any project (because the top-level `projects` property is empty) that grants the `viewer` role + //on a few projects for all LDAP teams and a custom role `qa` on a specific project. + // + //Example: + //``` + //{ + //"name": "My Viewer Policy", + //"id": "viewer-policy", + //"members": ["team:ldap:*"], + //"statements" : [ + //{ + //"role": "viewer", + //"projects": ["project1", "project2"] + //}, + //{ + //"role": "qa", + //"projects": ["acceptanceProject"] + //} + //], + //"projects": [] + //} + //``` + // + //Authorization Action: + //``` + //iam:policies:create + //``` CreatePolicy(ctx context.Context, in *request.CreatePolicyReq, opts ...grpc.CallOption) (*response.CreatePolicyResp, error) + // + //Get a policy + // + //Returns the details for a policy. + // + //Authorization Action: + //``` + //iam:policies:get + //``` GetPolicy(ctx context.Context, in *request.GetPolicyReq, opts ...grpc.CallOption) (*response.GetPolicyResp, error) + // + //List all policies + // + //List all policies. + // + //Authorization Action: + //``` + //iam:policies:list + //``` ListPolicies(ctx context.Context, in *request.ListPoliciesReq, opts ...grpc.CallOption) (*response.ListPoliciesResp, error) + // + //Delete a custom policy + // + //Delete a specified custom policy. You cannot delete Chef-managed policies. + // + //Authorization Action: + //``` + //iam:policies:delete + //``` DeletePolicy(ctx context.Context, in *request.DeletePolicyReq, opts ...grpc.CallOption) (*response.DeletePolicyResp, error) + // + //Update a custom policy + // + //This operation overwrites all fields excepting ID, + //including those omitted from the request, so be sure to specify all properties. + //Properties that you do not include are reset to empty values. + //The only exception is the policy ID, which is immutable; it can only be set at creation time. + // + //While you can use this endpoint to update members on a policy, if that is the only + //property you wish to modify you might find it more convenient to use one of these endpoints instead: + //Add policy members, Remove policy members, or Replace policy members. + // + //Authorization Action: + //``` + //iam:policies:update + //``` UpdatePolicy(ctx context.Context, in *request.UpdatePolicyReq, opts ...grpc.CallOption) (*response.UpdatePolicyResp, error) + // + //Get IAM version + // + //Returns the major and minor version of IAM that your automate installation is running. + // + //Authorization Action: + //``` + //iam:policies:get + //``` GetPolicyVersion(ctx context.Context, in *request.GetPolicyVersionReq, opts ...grpc.CallOption) (*response.GetPolicyVersionResp, error) + // + //List policy members + // + //List all members of a specific policy. + // + //Authorization Action: + //``` + //iam:policyMembers:get + //``` ListPolicyMembers(ctx context.Context, in *request.ListPolicyMembersReq, opts ...grpc.CallOption) (*response.ListPolicyMembersResp, error) + // + //Replace policy members + // + //Replace the entire member list of a specific policy with a new list. + //You may use this endpoint to update members of either Custom or Chef-managed policies. + // + //Ensure each element of the members array is in the correct + //[Member Expression](https://automate.chef.io/docs/iam-v2-guide/#member-expressions) format. + // + //Authorization Action: + //``` + //iam:policyMembers:update + //``` ReplacePolicyMembers(ctx context.Context, in *request.ReplacePolicyMembersReq, opts ...grpc.CallOption) (*response.ReplacePolicyMembersResp, error) + // + //Remove policy members + // + //Remove members from the member list of a specific policy. Silently ignores + //members that are not already part of the member list. + //You may use this endpoint to update members of either Custom or Chef-managed policies. + // + //Ensure each element of the members array is in the correct + //[Member Expression](https://automate.chef.io/docs/iam-v2-guide/#member-expressions) format. + // + //The removed members will still exist within Chef Automate, but are no longer associated with this policy. + // + //Authorization Action: + //``` + //iam:policyMembers:delete + //``` RemovePolicyMembers(ctx context.Context, in *request.RemovePolicyMembersReq, opts ...grpc.CallOption) (*response.RemovePolicyMembersResp, error) + // + //Add policy members + // + //Add members to the member list of a specific policy. + //You may use this endpoint to update members of either Custom or Chef-managed policies. + // + //Ensure each element of the members array is in the correct + //[Member Expression](https://automate.chef.io/docs/iam-v2-guide/#member-expressions) format. + // + //Authorization Action: + //``` + //iam:policyMembers:create + //``` AddPolicyMembers(ctx context.Context, in *request.AddPolicyMembersReq, opts ...grpc.CallOption) (*response.AddPolicyMembersResp, error) + // + //Create a custom role + // + //Creates a new role to be used in the policies that control permissions in Automate. + // + //A role defines the scope of actions in a policy statement. + // + //Authorization Action: + //``` + //iam:roles:create + //``` CreateRole(ctx context.Context, in *request.CreateRoleReq, opts ...grpc.CallOption) (*response.CreateRoleResp, error) + // + //List all roles + // + //List all *Chef-managed* and *Custom* roles. + // + //Authorization Action: + //``` + //iam:roles:list + //``` ListRoles(ctx context.Context, in *request.ListRolesReq, opts ...grpc.CallOption) (*response.ListRolesResp, error) + // + //Get a role + // + //Returns the details for a role. + // + //Authorization Action: + //``` + //iam:roles:get + //``` GetRole(ctx context.Context, in *request.GetRoleReq, opts ...grpc.CallOption) (*response.GetRoleResp, error) + // + //Delete a custom role + // + //Delete a specified custom role (you cannot delete Chef-managed roles) and remove it from any statements that may have been using it. + //If such a statement has no other associated actions, the statement is deleted as well. + //Similarly, if that statement removal results in a policy with no other statements, + //that policy is removed as well. + // + //Authorization Action: + //``` + //iam:roles:delete + //``` DeleteRole(ctx context.Context, in *request.DeleteRoleReq, opts ...grpc.CallOption) (*response.DeleteRoleResp, error) + // + //Update a custom role + // + //This operation overwrites all fields excepting ID, + //including those omitted from the request, so be sure to specify all properties. + //Properties that you do not include are reset to empty values. + // + //Authorization Action: + //``` + //iam:roles:update + //``` UpdateRole(ctx context.Context, in *request.UpdateRoleReq, opts ...grpc.CallOption) (*response.UpdateRoleResp, error) + // + //Create a project + // + //Creates a new project to be used in the policies that control permissions in Automate. + // + //A project defines the scope of resources in a policy statement. Resources can be in more than one project. + // + //Authorization Action: + //``` + //iam:projects:create + //``` CreateProject(ctx context.Context, in *request.CreateProjectReq, opts ...grpc.CallOption) (*response.CreateProjectResp, error) + // + //Update a project + // + //Updates the name of an existing project. + // + //Authorization Action: + //``` + //iam:projects:update + //``` UpdateProject(ctx context.Context, in *request.UpdateProjectReq, opts ...grpc.CallOption) (*response.UpdateProjectResp, error) + // + //Get a project + // + //Returns the details for a project. + // + //Authorization Action: + //``` + //iam:projects:get + //``` GetProject(ctx context.Context, in *request.GetProjectReq, opts ...grpc.CallOption) (*response.GetProjectResp, error) + // + //List all projects + // + //List all projects. + // + //Authorization Action: + //``` + //iam:projects:list + //``` ListProjects(ctx context.Context, in *request.ListProjectsReq, opts ...grpc.CallOption) (*response.ListProjectsResp, error) + // + //Delete a project + // + //Delete a project from any resources tagged with it. + // + //Also deletes this project from any project list in any policy statements. + //If the resulting project list for a given statement is empty, it is deleted. + //If the resulting policy has no statements, it is also deleted. + // + //Authorization Action: + //``` + //iam:projects:delete + //``` DeleteProject(ctx context.Context, in *request.DeleteProjectReq, opts ...grpc.CallOption) (*response.DeleteProjectResp, error) IntrospectAllProjects(ctx context.Context, in *request.ListProjectsReq, opts ...grpc.CallOption) (*response.ListProjectsResp, error) } @@ -346,25 +597,272 @@ func (c *policiesClient) IntrospectAllProjects(ctx context.Context, in *request. // PoliciesServer is the server API for Policies service. type PoliciesServer interface { + // + //Create a custom policy + // + //Creates a custom IAM policy used to control permissions in Automate. + //A policy is composed of one or more statements that grant permissions to a set of members. + //Each statement contains a role as well as a list of projects. + // + //The role defines a set of actions that the statement is scoped to. + //The project list defines the set of resources that the statement is scoped to. + //Pass `"projects": ["*"]` to scope a statement to every project. + // + //A policy's *top-level* projects list defines which projects the policy belongs to (for filtering policies by their projects), + //whereas the *statement-level* projects list defines which projects the statement applies to. + // + //This example creates a new policy not associated with any project (because the top-level `projects` property is empty) that grants the `viewer` role + //on a few projects for all LDAP teams and a custom role `qa` on a specific project. + // + //Example: + //``` + //{ + //"name": "My Viewer Policy", + //"id": "viewer-policy", + //"members": ["team:ldap:*"], + //"statements" : [ + //{ + //"role": "viewer", + //"projects": ["project1", "project2"] + //}, + //{ + //"role": "qa", + //"projects": ["acceptanceProject"] + //} + //], + //"projects": [] + //} + //``` + // + //Authorization Action: + //``` + //iam:policies:create + //``` CreatePolicy(context.Context, *request.CreatePolicyReq) (*response.CreatePolicyResp, error) + // + //Get a policy + // + //Returns the details for a policy. + // + //Authorization Action: + //``` + //iam:policies:get + //``` GetPolicy(context.Context, *request.GetPolicyReq) (*response.GetPolicyResp, error) + // + //List all policies + // + //List all policies. + // + //Authorization Action: + //``` + //iam:policies:list + //``` ListPolicies(context.Context, *request.ListPoliciesReq) (*response.ListPoliciesResp, error) + // + //Delete a custom policy + // + //Delete a specified custom policy. You cannot delete Chef-managed policies. + // + //Authorization Action: + //``` + //iam:policies:delete + //``` DeletePolicy(context.Context, *request.DeletePolicyReq) (*response.DeletePolicyResp, error) + // + //Update a custom policy + // + //This operation overwrites all fields excepting ID, + //including those omitted from the request, so be sure to specify all properties. + //Properties that you do not include are reset to empty values. + //The only exception is the policy ID, which is immutable; it can only be set at creation time. + // + //While you can use this endpoint to update members on a policy, if that is the only + //property you wish to modify you might find it more convenient to use one of these endpoints instead: + //Add policy members, Remove policy members, or Replace policy members. + // + //Authorization Action: + //``` + //iam:policies:update + //``` UpdatePolicy(context.Context, *request.UpdatePolicyReq) (*response.UpdatePolicyResp, error) + // + //Get IAM version + // + //Returns the major and minor version of IAM that your automate installation is running. + // + //Authorization Action: + //``` + //iam:policies:get + //``` GetPolicyVersion(context.Context, *request.GetPolicyVersionReq) (*response.GetPolicyVersionResp, error) + // + //List policy members + // + //List all members of a specific policy. + // + //Authorization Action: + //``` + //iam:policyMembers:get + //``` ListPolicyMembers(context.Context, *request.ListPolicyMembersReq) (*response.ListPolicyMembersResp, error) + // + //Replace policy members + // + //Replace the entire member list of a specific policy with a new list. + //You may use this endpoint to update members of either Custom or Chef-managed policies. + // + //Ensure each element of the members array is in the correct + //[Member Expression](https://automate.chef.io/docs/iam-v2-guide/#member-expressions) format. + // + //Authorization Action: + //``` + //iam:policyMembers:update + //``` ReplacePolicyMembers(context.Context, *request.ReplacePolicyMembersReq) (*response.ReplacePolicyMembersResp, error) + // + //Remove policy members + // + //Remove members from the member list of a specific policy. Silently ignores + //members that are not already part of the member list. + //You may use this endpoint to update members of either Custom or Chef-managed policies. + // + //Ensure each element of the members array is in the correct + //[Member Expression](https://automate.chef.io/docs/iam-v2-guide/#member-expressions) format. + // + //The removed members will still exist within Chef Automate, but are no longer associated with this policy. + // + //Authorization Action: + //``` + //iam:policyMembers:delete + //``` RemovePolicyMembers(context.Context, *request.RemovePolicyMembersReq) (*response.RemovePolicyMembersResp, error) + // + //Add policy members + // + //Add members to the member list of a specific policy. + //You may use this endpoint to update members of either Custom or Chef-managed policies. + // + //Ensure each element of the members array is in the correct + //[Member Expression](https://automate.chef.io/docs/iam-v2-guide/#member-expressions) format. + // + //Authorization Action: + //``` + //iam:policyMembers:create + //``` AddPolicyMembers(context.Context, *request.AddPolicyMembersReq) (*response.AddPolicyMembersResp, error) + // + //Create a custom role + // + //Creates a new role to be used in the policies that control permissions in Automate. + // + //A role defines the scope of actions in a policy statement. + // + //Authorization Action: + //``` + //iam:roles:create + //``` CreateRole(context.Context, *request.CreateRoleReq) (*response.CreateRoleResp, error) + // + //List all roles + // + //List all *Chef-managed* and *Custom* roles. + // + //Authorization Action: + //``` + //iam:roles:list + //``` ListRoles(context.Context, *request.ListRolesReq) (*response.ListRolesResp, error) + // + //Get a role + // + //Returns the details for a role. + // + //Authorization Action: + //``` + //iam:roles:get + //``` GetRole(context.Context, *request.GetRoleReq) (*response.GetRoleResp, error) + // + //Delete a custom role + // + //Delete a specified custom role (you cannot delete Chef-managed roles) and remove it from any statements that may have been using it. + //If such a statement has no other associated actions, the statement is deleted as well. + //Similarly, if that statement removal results in a policy with no other statements, + //that policy is removed as well. + // + //Authorization Action: + //``` + //iam:roles:delete + //``` DeleteRole(context.Context, *request.DeleteRoleReq) (*response.DeleteRoleResp, error) + // + //Update a custom role + // + //This operation overwrites all fields excepting ID, + //including those omitted from the request, so be sure to specify all properties. + //Properties that you do not include are reset to empty values. + // + //Authorization Action: + //``` + //iam:roles:update + //``` UpdateRole(context.Context, *request.UpdateRoleReq) (*response.UpdateRoleResp, error) + // + //Create a project + // + //Creates a new project to be used in the policies that control permissions in Automate. + // + //A project defines the scope of resources in a policy statement. Resources can be in more than one project. + // + //Authorization Action: + //``` + //iam:projects:create + //``` CreateProject(context.Context, *request.CreateProjectReq) (*response.CreateProjectResp, error) + // + //Update a project + // + //Updates the name of an existing project. + // + //Authorization Action: + //``` + //iam:projects:update + //``` UpdateProject(context.Context, *request.UpdateProjectReq) (*response.UpdateProjectResp, error) + // + //Get a project + // + //Returns the details for a project. + // + //Authorization Action: + //``` + //iam:projects:get + //``` GetProject(context.Context, *request.GetProjectReq) (*response.GetProjectResp, error) + // + //List all projects + // + //List all projects. + // + //Authorization Action: + //``` + //iam:projects:list + //``` ListProjects(context.Context, *request.ListProjectsReq) (*response.ListProjectsResp, error) + // + //Delete a project + // + //Delete a project from any resources tagged with it. + // + //Also deletes this project from any project list in any policy statements. + //If the resulting project list for a given statement is empty, it is deleted. + //If the resulting policy has no statements, it is also deleted. + // + //Authorization Action: + //``` + //iam:projects:delete + //``` DeleteProject(context.Context, *request.DeleteProjectReq) (*response.DeleteProjectResp, error) IntrospectAllProjects(context.Context, *request.ListProjectsReq) (*response.ListProjectsResp, error) } diff --git a/components/automate-gateway/api/iam/v2/policy.swagger.json b/components/automate-gateway/api/iam/v2/policy.swagger.json index 8fbc6413ad1..e8b77a749a9 100644 --- a/components/automate-gateway/api/iam/v2/policy.swagger.json +++ b/components/automate-gateway/api/iam/v2/policy.swagger.json @@ -23,12 +23,14 @@ } }, "tags": [ - "Policies" + "hidden" ] } }, "/iam/v2/policies": { "get": { + "summary": "List all policies", + "description": "List all policies.\n\nAuthorization Action:\n```\niam:policies:list\n```", "operationId": "ListPolicies", "responses": { "200": { @@ -39,10 +41,12 @@ } }, "tags": [ - "Policies" + "policies" ] }, "post": { + "summary": "Create a custom policy", + "description": "Creates a custom IAM policy used to control permissions in Automate.\nA policy is composed of one or more statements that grant permissions to a set of members.\nEach statement contains a role as well as a list of projects.\n\nThe role defines a set of actions that the statement is scoped to.\nThe project list defines the set of resources that the statement is scoped to.\nPass `\"projects\": [\"*\"]` to scope a statement to every project.\n\nA policy's *top-level* projects list defines which projects the policy belongs to (for filtering policies by their projects),\nwhereas the *statement-level* projects list defines which projects the statement applies to.\n\nThis example creates a new policy not associated with any project (because the top-level `projects` property is empty) that grants the `viewer` role\non a few projects for all LDAP teams and a custom role `qa` on a specific project.\n\nExample:\n```\n{\n\"name\": \"My Viewer Policy\",\n\"id\": \"viewer-policy\",\n\"members\": [\"team:ldap:*\"],\n\"statements\" : [\n{\n\"role\": \"viewer\",\n\"projects\": [\"project1\", \"project2\"]\n},\n{\n\"role\": \"qa\",\n\"projects\": [\"acceptanceProject\"]\n}\n],\n\"projects\": []\n}\n```\n\nAuthorization Action:\n```\niam:policies:create\n```", "operationId": "CreatePolicy", "responses": { "200": { @@ -63,12 +67,14 @@ } ], "tags": [ - "Policies" + "policies" ] } }, "/iam/v2/policies/{id}": { "get": { + "summary": "Get a policy", + "description": "Returns the details for a policy.\n\nAuthorization Action:\n```\niam:policies:get\n```", "operationId": "GetPolicy", "responses": { "200": { @@ -81,16 +87,19 @@ "parameters": [ { "name": "id", + "description": "ID of the policy.", "in": "path", "required": true, "type": "string" } ], "tags": [ - "Policies" + "policies" ] }, "delete": { + "summary": "Delete a custom policy", + "description": "Delete a specified custom policy. You cannot delete Chef-managed policies.\n\nAuthorization Action:\n```\niam:policies:delete\n```", "operationId": "DeletePolicy", "responses": { "200": { @@ -103,16 +112,19 @@ "parameters": [ { "name": "id", + "description": "ID of the policy.", "in": "path", "required": true, "type": "string" } ], "tags": [ - "Policies" + "policies" ] }, "put": { + "summary": "Update a custom policy", + "description": "This operation overwrites all fields excepting ID,\nincluding those omitted from the request, so be sure to specify all properties.\nProperties that you do not include are reset to empty values.\nThe only exception is the policy ID, which is immutable; it can only be set at creation time.\n\nWhile you can use this endpoint to update members on a policy, if that is the only\nproperty you wish to modify you might find it more convenient to use one of these endpoints instead:\nAdd policy members, Remove policy members, or Replace policy members.\n\nAuthorization Action:\n```\niam:policies:update\n```", "operationId": "UpdatePolicy", "responses": { "200": { @@ -125,6 +137,7 @@ "parameters": [ { "name": "id", + "description": "Unique ID. Cannot be changed.", "in": "path", "required": true, "type": "string" @@ -139,12 +152,14 @@ } ], "tags": [ - "Policies" + "policies" ] } }, "/iam/v2/policies/{id}/members": { "get": { + "summary": "List policy members", + "description": "List all members of a specific policy.\n\nAuthorization Action:\n```\niam:policyMembers:get\n```", "operationId": "ListPolicyMembers", "responses": { "200": { @@ -157,16 +172,19 @@ "parameters": [ { "name": "id", + "description": "ID of the policy.", "in": "path", "required": true, "type": "string" } ], "tags": [ - "Policies" + "policies" ] }, "put": { + "summary": "Replace policy members", + "description": "Replace the entire member list of a specific policy with a new list.\nYou may use this endpoint to update members of either Custom or Chef-managed policies.\n\nEnsure each element of the members array is in the correct\n[Member Expression](https://automate.chef.io/docs/iam-v2-guide/#member-expressions) format.\n\nAuthorization Action:\n```\niam:policyMembers:update\n```", "operationId": "ReplacePolicyMembers", "responses": { "200": { @@ -179,6 +197,7 @@ "parameters": [ { "name": "id", + "description": "ID of the policy.", "in": "path", "required": true, "type": "string" @@ -193,12 +212,14 @@ } ], "tags": [ - "Policies" + "policies" ] } }, "/iam/v2/policies/{id}/members:add": { "post": { + "summary": "Add policy members", + "description": "Add members to the member list of a specific policy.\nYou may use this endpoint to update members of either Custom or Chef-managed policies.\n\nEnsure each element of the members array is in the correct\n[Member Expression](https://automate.chef.io/docs/iam-v2-guide/#member-expressions) format.\n\nAuthorization Action:\n```\niam:policyMembers:create\n```", "operationId": "AddPolicyMembers", "responses": { "200": { @@ -211,6 +232,7 @@ "parameters": [ { "name": "id", + "description": "ID of the policy.", "in": "path", "required": true, "type": "string" @@ -225,12 +247,14 @@ } ], "tags": [ - "Policies" + "policies" ] } }, "/iam/v2/policies/{id}/members:remove": { "post": { + "summary": "Remove policy members", + "description": "Remove members from the member list of a specific policy. Silently ignores\nmembers that are not already part of the member list.\nYou may use this endpoint to update members of either Custom or Chef-managed policies.\n\nEnsure each element of the members array is in the correct\n[Member Expression](https://automate.chef.io/docs/iam-v2-guide/#member-expressions) format.\n\nThe removed members will still exist within Chef Automate, but are no longer associated with this policy.\n\nAuthorization Action:\n```\niam:policyMembers:delete\n```", "operationId": "RemovePolicyMembers", "responses": { "200": { @@ -243,6 +267,7 @@ "parameters": [ { "name": "id", + "description": "ID of the policy.", "in": "path", "required": true, "type": "string" @@ -257,12 +282,14 @@ } ], "tags": [ - "Policies" + "policies" ] } }, "/iam/v2/policy_version": { "get": { + "summary": "Get IAM version", + "description": "Returns the major and minor version of IAM that your automate installation is running.\n\nAuthorization Action:\n```\niam:policies:get\n```", "operationId": "GetPolicyVersion", "responses": { "200": { @@ -273,12 +300,14 @@ } }, "tags": [ - "Policies" + "policies" ] } }, "/iam/v2/projects": { "get": { + "summary": "List all projects", + "description": "List all projects.\n\nAuthorization Action:\n```\niam:projects:list\n```", "operationId": "ListProjects", "responses": { "200": { @@ -289,10 +318,12 @@ } }, "tags": [ - "Policies" + "projects" ] }, "post": { + "summary": "Create a project", + "description": "Creates a new project to be used in the policies that control permissions in Automate.\n\nA project defines the scope of resources in a policy statement. Resources can be in more than one project.\n\nAuthorization Action:\n```\niam:projects:create\n```", "operationId": "CreateProject", "responses": { "200": { @@ -313,12 +344,14 @@ } ], "tags": [ - "Policies" + "projects" ] } }, "/iam/v2/projects/{id}": { "get": { + "summary": "Get a project", + "description": "Returns the details for a project.\n\nAuthorization Action:\n```\niam:projects:get\n```", "operationId": "GetProject", "responses": { "200": { @@ -331,16 +364,19 @@ "parameters": [ { "name": "id", + "description": "ID of the project.", "in": "path", "required": true, "type": "string" } ], "tags": [ - "Policies" + "projects" ] }, "delete": { + "summary": "Delete a project", + "description": "Delete a project from any resources tagged with it.\n\nAlso deletes this project from any project list in any policy statements.\nIf the resulting project list for a given statement is empty, it is deleted.\nIf the resulting policy has no statements, it is also deleted.\n\nAuthorization Action:\n```\niam:projects:delete\n```", "operationId": "DeleteProject", "responses": { "200": { @@ -353,16 +389,19 @@ "parameters": [ { "name": "id", + "description": "ID of the project.", "in": "path", "required": true, "type": "string" } ], "tags": [ - "Policies" + "projects" ] }, "put": { + "summary": "Update a project", + "description": "Updates the name of an existing project.\n\nAuthorization Action:\n```\niam:projects:update\n```", "operationId": "UpdateProject", "responses": { "200": { @@ -375,6 +414,7 @@ "parameters": [ { "name": "id", + "description": "Unique ID. Cannot be changed.", "in": "path", "required": true, "type": "string" @@ -389,12 +429,14 @@ } ], "tags": [ - "Policies" + "projects" ] } }, "/iam/v2/roles": { "get": { + "summary": "List all roles", + "description": "List all *Chef-managed* and *Custom* roles.\n\nAuthorization Action:\n```\niam:roles:list\n```", "operationId": "ListRoles", "responses": { "200": { @@ -405,10 +447,12 @@ } }, "tags": [ - "Policies" + "roles" ] }, "post": { + "summary": "Create a custom role", + "description": "Creates a new role to be used in the policies that control permissions in Automate.\n\nA role defines the scope of actions in a policy statement.\n\nAuthorization Action:\n```\niam:roles:create\n```", "operationId": "CreateRole", "responses": { "200": { @@ -429,12 +473,14 @@ } ], "tags": [ - "Policies" + "roles" ] } }, "/iam/v2/roles/{id}": { "get": { + "summary": "Get a role", + "description": "Returns the details for a role.\n\nAuthorization Action:\n```\niam:roles:get\n```", "operationId": "GetRole", "responses": { "200": { @@ -447,16 +493,19 @@ "parameters": [ { "name": "id", + "description": "ID of the role.", "in": "path", "required": true, "type": "string" } ], "tags": [ - "Policies" + "roles" ] }, "delete": { + "summary": "Delete a custom role", + "description": "Delete a specified custom role (you cannot delete Chef-managed roles) and remove it from any statements that may have been using it.\nIf such a statement has no other associated actions, the statement is deleted as well.\nSimilarly, if that statement removal results in a policy with no other statements,\nthat policy is removed as well.\n\nAuthorization Action:\n```\niam:roles:delete\n```", "operationId": "DeleteRole", "responses": { "200": { @@ -469,16 +518,19 @@ "parameters": [ { "name": "id", + "description": "ID of the role.", "in": "path", "required": true, "type": "string" } ], "tags": [ - "Policies" + "roles" ] }, "put": { + "summary": "Update a custom role", + "description": "This operation overwrites all fields excepting ID,\nincluding those omitted from the request, so be sure to specify all properties.\nProperties that you do not include are reset to empty values.\n\nAuthorization Action:\n```\niam:roles:update\n```", "operationId": "UpdateRole", "responses": { "200": { @@ -491,6 +543,7 @@ "parameters": [ { "name": "id", + "description": "Unique ID. Cannot be changed.", "in": "path", "required": true, "type": "string" @@ -505,7 +558,7 @@ } ], "tags": [ - "Policies" + "roles" ] } } @@ -515,15 +568,21 @@ "type": "object", "properties": { "id": { - "type": "string" + "type": "string", + "description": "ID of the policy." }, "members": { "type": "array", "items": { "type": "string" - } + }, + "description": "List of members to add to the policy." } - } + }, + "required": [ + "id", + "members" + ] }, "chef.automate.api.iam.v2.AddPolicyMembersResp": { "type": "object", @@ -532,7 +591,8 @@ "type": "array", "items": { "type": "string" - } + }, + "description": "Resulting list of policy members." } } }, @@ -540,31 +600,41 @@ "type": "object", "properties": { "id": { - "type": "string" + "type": "string", + "description": "Unique ID. Cannot be changed." }, "name": { - "type": "string" + "type": "string", + "description": "Name for the policy." }, "members": { "type": "array", "items": { "type": "string" - } + }, + "description": "Members affected by this policy." }, "statements": { "type": "array", "items": { "$ref": "#/definitions/chef.automate.api.iam.v2.Statement" - } + }, + "description": "Statements for the policy." }, "projects": { "type": "array", "items": { "type": "string" - } + }, + "description": "List of projects this policy belongs to." } }, - "description": "Does not contain type as the enduser can only create 'custom' policies." + "description": "Does not contain type as the enduser can only create 'custom' policies.", + "required": [ + "id", + "name", + "statements" + ] }, "chef.automate.api.iam.v2.CreatePolicyResp": { "type": "object", @@ -578,12 +648,18 @@ "type": "object", "properties": { "id": { - "type": "string" + "type": "string", + "description": "Unique ID. Cannot be changed." }, "name": { - "type": "string" + "type": "string", + "description": "Name for the new project." } - } + }, + "required": [ + "id", + "name" + ] }, "chef.automate.api.iam.v2.CreateProjectResp": { "type": "object", @@ -597,25 +673,34 @@ "type": "object", "properties": { "id": { - "type": "string" + "type": "string", + "description": "Unique ID. Cannot be changed." }, "name": { - "type": "string" + "type": "string", + "description": "Name for the role." }, "actions": { "type": "array", "items": { "type": "string" - } + }, + "description": "List of actions that this role scopes to." }, "projects": { "type": "array", "items": { "type": "string" - } + }, + "description": "List of projects this role belongs to." } }, - "description": "Does not contain type as the enduser can only create 'custom' roles." + "description": "Does not contain type as the enduser can only create 'custom' roles.", + "required": [ + "id", + "name", + "actions" + ] }, "chef.automate.api.iam.v2.CreateRoleResp": { "type": "object", @@ -684,7 +769,8 @@ "type": "array", "items": { "type": "string" - } + }, + "description": "List of policy members." } } }, @@ -714,31 +800,37 @@ "type": "object", "properties": { "name": { - "type": "string" + "type": "string", + "description": "Name for the policy." }, "id": { - "type": "string" + "type": "string", + "description": "Unique ID. Cannot be changed." }, "type": { - "$ref": "#/definitions/chef.automate.api.iam.v2.Type" + "$ref": "#/definitions/chef.automate.api.iam.v2.Type", + "description": "This doc-comment is ignored for an enum." }, "members": { "type": "array", "items": { "type": "string" - } + }, + "description": "Members affected by this policy. May be empty." }, "statements": { "type": "array", "items": { "$ref": "#/definitions/chef.automate.api.iam.v2.Statement" - } + }, + "description": "Statements for the policy. Will contain one or more." }, "projects": { "type": "array", "items": { "type": "string" - } + }, + "description": "List of projects this policy belongs to. May be empty." } } }, @@ -746,16 +838,20 @@ "type": "object", "properties": { "name": { - "type": "string" + "type": "string", + "description": "Name for the project." }, "id": { - "type": "string" + "type": "string", + "description": "Unique ID. Cannot be changed." }, "type": { - "$ref": "#/definitions/chef.automate.api.iam.v2.Type" + "$ref": "#/definitions/chef.automate.api.iam.v2.Type", + "description": "Whether this policy is user created (`CUSTOM`) or chef managed (`CHEF_MANAGED`)." }, "status": { - "$ref": "#/definitions/chef.automate.api.iam.v2.ProjectRulesStatus" + "$ref": "#/definitions/chef.automate.api.iam.v2.ProjectRulesStatus", + "description": "The current status of the rules for this project." } } }, @@ -773,15 +869,21 @@ "type": "object", "properties": { "id": { - "type": "string" + "type": "string", + "description": "ID of the policy." }, "members": { "type": "array", "items": { "type": "string" - } + }, + "description": "List of members to remove from the policy." } - } + }, + "required": [ + "id", + "members" + ] }, "chef.automate.api.iam.v2.RemovePolicyMembersResp": { "type": "object", @@ -790,7 +892,8 @@ "type": "array", "items": { "type": "string" - } + }, + "description": "Resulting list of policy members." } } }, @@ -798,15 +901,20 @@ "type": "object", "properties": { "id": { - "type": "string" + "type": "string", + "description": "ID of the policy." }, "members": { "type": "array", "items": { "type": "string" - } + }, + "description": "List of members that replaces previous policy member list." } - } + }, + "required": [ + "id" + ] }, "chef.automate.api.iam.v2.ReplacePolicyMembersResp": { "type": "object", @@ -815,7 +923,8 @@ "type": "array", "items": { "type": "string" - } + }, + "description": "Resulting list of policy members." } } }, @@ -823,25 +932,30 @@ "type": "object", "properties": { "name": { - "type": "string" + "type": "string", + "description": "Name for the role." }, "id": { - "type": "string" + "type": "string", + "description": "Unique ID. Cannot be changed." }, "type": { - "$ref": "#/definitions/chef.automate.api.iam.v2.Type" + "$ref": "#/definitions/chef.automate.api.iam.v2.Type", + "description": "Whether this policy is user created (`CUSTOM`) or chef managed (`CHEF_MANAGED`)." }, "actions": { "type": "array", "items": { "type": "string" - } + }, + "description": "List of actions this role scopes to. Will contain one or more." }, "projects": { "type": "array", "items": { "type": "string" - } + }, + "description": "List of projects this role belongs to. May be empty." } } }, @@ -849,31 +963,33 @@ "type": "object", "properties": { "effect": { - "$ref": "#/definitions/chef.automate.api.iam.v2.Statement.Effect" + "$ref": "#/definitions/chef.automate.api.iam.v2.Statement.Effect", + "description": "This doc-comment is ignored for an enum." }, "actions": { "type": "array", "items": { "type": "string" }, - "title": "inline definitions" + "description": "Actions defined inline. May be empty.\nBest practices recommend that you use custom roles rather than inline actions where practical." }, "role": { "type": "string", - "title": "references" + "description": "The role defines a set of actions that the statement is scoped to." }, "resources": { "type": "array", "items": { "type": "string" }, - "title": "Note: these are for display only, not to be set in CreatePolicy/UpdatePolicy" + "description": "DEPRECATED: Resources defined inline. Use projects instead." }, "projects": { "type": "array", "items": { "type": "string" - } + }, + "description": "The project list defines the set of resources that the statement is scoped to. May be empty." } } }, @@ -897,31 +1013,41 @@ "type": "object", "properties": { "id": { - "type": "string" + "type": "string", + "description": "Unique ID. Cannot be changed." }, "members": { "type": "array", "items": { "type": "string" - } + }, + "description": "Members affected by this policy." }, "statements": { "type": "array", "items": { "$ref": "#/definitions/chef.automate.api.iam.v2.Statement" - } + }, + "description": "Statements for the policy." }, "name": { - "type": "string" + "type": "string", + "description": "Name for this policy." }, "projects": { "type": "array", "items": { "type": "string" - } + }, + "description": "List of projects this policy belongs to." } }, - "description": "Does not contain type as the enduser can only create 'custom' policies." + "description": "Does not contain type as the enduser can only create 'custom' policies.", + "required": [ + "id", + "name", + "statements" + ] }, "chef.automate.api.iam.v2.UpdatePolicyResp": { "type": "object", @@ -935,12 +1061,18 @@ "type": "object", "properties": { "id": { - "type": "string" + "type": "string", + "description": "Unique ID. Cannot be changed." }, "name": { - "type": "string" + "type": "string", + "description": "Name for the project." } - } + }, + "required": [ + "id", + "name" + ] }, "chef.automate.api.iam.v2.UpdateProjectResp": { "type": "object", @@ -954,24 +1086,33 @@ "type": "object", "properties": { "id": { - "type": "string" + "type": "string", + "description": "Unique ID. Cannot be changed." }, "name": { - "type": "string" + "type": "string", + "description": "Name for the role." }, "actions": { "type": "array", "items": { "type": "string" - } + }, + "description": "List of actions that this role scopes to." }, "projects": { "type": "array", "items": { "type": "string" - } + }, + "description": "List of projects this role belongs to." } - } + }, + "required": [ + "id", + "name", + "actions" + ] }, "chef.automate.api.iam.v2.UpdateRoleResp": { "type": "object", diff --git a/components/automate-gateway/api/iam/v2/request/policy.pb.go b/components/automate-gateway/api/iam/v2/request/policy.pb.go index 773dbdcc739..aa9c21731f2 100644 --- a/components/automate-gateway/api/iam/v2/request/policy.pb.go +++ b/components/automate-gateway/api/iam/v2/request/policy.pb.go @@ -7,6 +7,7 @@ import ( fmt "fmt" common "github.com/chef/automate/components/automate-gateway/api/iam/v2/common" proto "github.com/golang/protobuf/proto" + _ "github.com/grpc-ecosystem/grpc-gateway/protoc-gen-swagger/options" math "math" ) @@ -23,14 +24,19 @@ const _ = proto.ProtoPackageIsVersion3 // please upgrade the proto package // Does not contain type as the enduser can only create 'custom' policies. type CreatePolicyReq struct { - Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` - Name string `protobuf:"bytes,2,opt,name=name,proto3" json:"name,omitempty"` - Members []string `protobuf:"bytes,3,rep,name=members,proto3" json:"members,omitempty"` - Statements []*common.Statement `protobuf:"bytes,4,rep,name=statements,proto3" json:"statements,omitempty"` - Projects []string `protobuf:"bytes,5,rep,name=projects,proto3" json:"projects,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` + // Unique ID. Cannot be changed. + Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` + // Name for the policy. + Name string `protobuf:"bytes,2,opt,name=name,proto3" json:"name,omitempty"` + // Members affected by this policy. + Members []string `protobuf:"bytes,3,rep,name=members,proto3" json:"members,omitempty"` + // Statements for the policy. + Statements []*common.Statement `protobuf:"bytes,4,rep,name=statements,proto3" json:"statements,omitempty"` + // List of projects this policy belongs to. + Projects []string `protobuf:"bytes,5,rep,name=projects,proto3" json:"projects,omitempty"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` } func (m *CreatePolicyReq) Reset() { *m = CreatePolicyReq{} } @@ -94,6 +100,7 @@ func (m *CreatePolicyReq) GetProjects() []string { } type DeletePolicyReq struct { + // ID of the policy. Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` @@ -164,7 +171,9 @@ func (m *ListPoliciesReq) XXX_DiscardUnknown() { var xxx_messageInfo_ListPoliciesReq proto.InternalMessageInfo type AddPolicyMembersReq struct { - Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` + // ID of the policy. + Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` + // List of members to add to the policy. Members []string `protobuf:"bytes,2,rep,name=members,proto3" json:"members,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` @@ -211,6 +220,7 @@ func (m *AddPolicyMembersReq) GetMembers() []string { } type GetPolicyReq struct { + // ID of the policy. Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` @@ -251,14 +261,19 @@ func (m *GetPolicyReq) GetId() string { // Does not contain type as the enduser can only create 'custom' policies. type UpdatePolicyReq struct { - Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` - Members []string `protobuf:"bytes,2,rep,name=members,proto3" json:"members,omitempty"` - Statements []*common.Statement `protobuf:"bytes,3,rep,name=statements,proto3" json:"statements,omitempty"` - Name string `protobuf:"bytes,8,opt,name=name,proto3" json:"name,omitempty"` - Projects []string `protobuf:"bytes,9,rep,name=projects,proto3" json:"projects,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` + // Unique ID. Cannot be changed. + Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` + // Members affected by this policy. + Members []string `protobuf:"bytes,2,rep,name=members,proto3" json:"members,omitempty"` + // Statements for the policy. + Statements []*common.Statement `protobuf:"bytes,3,rep,name=statements,proto3" json:"statements,omitempty"` + // Name for this policy. + Name string `protobuf:"bytes,8,opt,name=name,proto3" json:"name,omitempty"` + // List of projects this policy belongs to. + Projects []string `protobuf:"bytes,9,rep,name=projects,proto3" json:"projects,omitempty"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` } func (m *UpdatePolicyReq) Reset() { *m = UpdatePolicyReq{} } @@ -384,6 +399,7 @@ func (m *ResetToV1Req) XXX_DiscardUnknown() { var xxx_messageInfo_ResetToV1Req proto.InternalMessageInfo type ListPolicyMembersReq struct { + // ID of the policy. Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` @@ -423,7 +439,9 @@ func (m *ListPolicyMembersReq) GetId() string { } type ReplacePolicyMembersReq struct { - Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` + // ID of the policy. + Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` + // List of members that replaces previous policy member list. Members []string `protobuf:"bytes,2,rep,name=members,proto3" json:"members,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` @@ -470,7 +488,9 @@ func (m *ReplacePolicyMembersReq) GetMembers() []string { } type RemovePolicyMembersReq struct { - Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` + // ID of the policy. + Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` + // List of members to remove from the policy. Members []string `protobuf:"bytes,2,rep,name=members,proto3" json:"members,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` @@ -518,9 +538,13 @@ func (m *RemovePolicyMembersReq) GetMembers() []string { // Does not contain type as the enduser can only create 'custom' roles. type CreateRoleReq struct { - Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` - Name string `protobuf:"bytes,2,opt,name=name,proto3" json:"name,omitempty"` - Actions []string `protobuf:"bytes,3,rep,name=actions,proto3" json:"actions,omitempty"` + // Unique ID. Cannot be changed. + Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` + // Name for the role. + Name string `protobuf:"bytes,2,opt,name=name,proto3" json:"name,omitempty"` + // List of actions that this role scopes to. + Actions []string `protobuf:"bytes,3,rep,name=actions,proto3" json:"actions,omitempty"` + // List of projects this role belongs to. Projects []string `protobuf:"bytes,4,rep,name=projects,proto3" json:"projects,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` @@ -581,6 +605,7 @@ func (m *CreateRoleReq) GetProjects() []string { } type GetRoleReq struct { + // ID of the role. Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` @@ -620,6 +645,7 @@ func (m *GetRoleReq) GetId() string { } type DeleteRoleReq struct { + // ID of the role. Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` @@ -659,9 +685,13 @@ func (m *DeleteRoleReq) GetId() string { } type UpdateRoleReq struct { - Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` - Name string `protobuf:"bytes,2,opt,name=name,proto3" json:"name,omitempty"` - Actions []string `protobuf:"bytes,3,rep,name=actions,proto3" json:"actions,omitempty"` + // Unique ID. Cannot be changed. + Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` + // Name for the role. + Name string `protobuf:"bytes,2,opt,name=name,proto3" json:"name,omitempty"` + // List of actions that this role scopes to. + Actions []string `protobuf:"bytes,3,rep,name=actions,proto3" json:"actions,omitempty"` + // List of projects this role belongs to. Projects []string `protobuf:"bytes,4,rep,name=projects,proto3" json:"projects,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` @@ -753,6 +783,7 @@ func (m *ListRolesReq) XXX_DiscardUnknown() { var xxx_messageInfo_ListRolesReq proto.InternalMessageInfo type GetProjectReq struct { + // ID of the project. Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` @@ -823,7 +854,9 @@ func (m *ListProjectsReq) XXX_DiscardUnknown() { var xxx_messageInfo_ListProjectsReq proto.InternalMessageInfo type CreateProjectReq struct { - Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` + // Unique ID. Cannot be changed. + Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` + // Name for the new project. Name string `protobuf:"bytes,2,opt,name=name,proto3" json:"name,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` @@ -870,7 +903,9 @@ func (m *CreateProjectReq) GetName() string { } type UpdateProjectReq struct { - Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` + // Unique ID. Cannot be changed. + Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` + // Name for the project. Name string `protobuf:"bytes,2,opt,name=name,proto3" json:"name,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` @@ -917,6 +952,7 @@ func (m *UpdateProjectReq) GetName() string { } type DeleteProjectReq struct { + // ID of the project. Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` @@ -984,35 +1020,41 @@ func init() { } var fileDescriptor_814b1112341d4ba8 = []byte{ - // 478 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xb4, 0x94, 0x4b, 0x6f, 0xd3, 0x40, - 0x10, 0xc7, 0x95, 0x07, 0xd0, 0x0c, 0x79, 0x14, 0x97, 0x87, 0x55, 0x21, 0x1a, 0x8c, 0x84, 0x72, - 0xc1, 0x16, 0x41, 0xe2, 0x00, 0x07, 0x44, 0x83, 0x14, 0x21, 0x81, 0x84, 0x16, 0xe8, 0x81, 0xdb, - 0x66, 0x3d, 0xb4, 0x8b, 0xb2, 0xde, 0x8d, 0x77, 0x12, 0xd4, 0x6f, 0xc5, 0x47, 0x44, 0x6b, 0x3b, - 0x56, 0x12, 0xd5, 0x16, 0xa1, 0xea, 0xcd, 0xb3, 0xde, 0xff, 0xec, 0xcc, 0x6f, 0x1e, 0xf0, 0x56, - 0x68, 0x65, 0x74, 0x82, 0x09, 0xd9, 0x88, 0x2f, 0x49, 0x2b, 0x4e, 0xf8, 0xe2, 0x9c, 0x13, 0xfe, - 0xe6, 0x97, 0x11, 0x37, 0x32, 0x92, 0x5c, 0x45, 0xab, 0x71, 0x94, 0xe2, 0x62, 0x89, 0x96, 0x22, - 0xa3, 0xe7, 0x52, 0x5c, 0x86, 0x26, 0xd5, 0xa4, 0x3d, 0x5f, 0x5c, 0xe0, 0xcf, 0x70, 0x2d, 0x0b, - 0xb9, 0x91, 0xa1, 0xe4, 0x2a, 0x5c, 0x8d, 0x8f, 0xdf, 0xfc, 0xa3, 0x5b, 0xa1, 0x95, 0xd2, 0xc9, - 0x96, 0xd7, 0xe0, 0x4f, 0x03, 0x06, 0x93, 0x14, 0x39, 0xe1, 0x97, 0xec, 0x98, 0xe1, 0xc2, 0xeb, - 0x43, 0x53, 0xc6, 0x7e, 0x63, 0xd8, 0x18, 0x75, 0x58, 0x53, 0xc6, 0x9e, 0x07, 0xed, 0x84, 0x2b, - 0xf4, 0x9b, 0xd9, 0x49, 0xf6, 0xed, 0xf9, 0x70, 0x47, 0xa1, 0x9a, 0x61, 0x6a, 0xfd, 0xd6, 0xb0, - 0x35, 0xea, 0xb0, 0xb5, 0xe9, 0x4d, 0x00, 0x2c, 0x71, 0x42, 0xe5, 0xe2, 0xf1, 0xdb, 0xc3, 0xd6, - 0xe8, 0xee, 0xf8, 0x59, 0x58, 0x15, 0x7c, 0xf8, 0x75, 0x7d, 0x97, 0x6d, 0xc8, 0xbc, 0x63, 0x38, - 0x30, 0xa9, 0xfe, 0x85, 0x82, 0xac, 0x7f, 0x2b, 0xf3, 0x5f, 0xda, 0xc1, 0x53, 0x18, 0x7c, 0xc0, - 0x39, 0xd6, 0x44, 0x1c, 0xdc, 0x83, 0xc1, 0x27, 0x69, 0x29, 0xbb, 0x20, 0xd1, 0x32, 0x5c, 0x04, - 0xef, 0xe0, 0xe8, 0x7d, 0x1c, 0xe7, 0x92, 0xcf, 0x79, 0xa8, 0x57, 0xe5, 0xba, 0x91, 0x57, 0x73, - 0x2b, 0xaf, 0xe0, 0x09, 0x74, 0xa7, 0x48, 0xd5, 0x6f, 0x3a, 0x92, 0xdf, 0x4d, 0x5c, 0x4b, 0xb2, - 0xd2, 0xfb, 0x0e, 0xb5, 0xd6, 0xff, 0x51, 0x5b, 0x17, 0xea, 0x60, 0xa3, 0x50, 0x9b, 0x24, 0x3b, - 0x3b, 0x24, 0x1f, 0xc0, 0x51, 0x99, 0xd2, 0x19, 0xa6, 0x56, 0xea, 0xc4, 0xa1, 0xea, 0x43, 0x97, - 0xa1, 0x45, 0xfa, 0xa6, 0xcf, 0x5e, 0x3a, 0xfb, 0x39, 0xdc, 0x2f, 0x69, 0xd6, 0xb0, 0x0b, 0x26, - 0xf0, 0x88, 0xa1, 0x99, 0x73, 0x81, 0xd7, 0xc0, 0x7c, 0x0a, 0x0f, 0x19, 0x2a, 0xbd, 0xba, 0x8e, - 0x0f, 0x09, 0xbd, 0xbc, 0xa7, 0x99, 0x9e, 0xe3, 0x1e, 0x1d, 0xcd, 0x05, 0x49, 0x9d, 0x94, 0x1d, - 0x5d, 0x98, 0x5b, 0x08, 0xdb, 0x3b, 0x08, 0x1f, 0x03, 0x4c, 0x91, 0x2a, 0xde, 0x09, 0x4e, 0xa0, - 0x97, 0xb7, 0x6a, 0xd5, 0x05, 0x09, 0xbd, 0xbc, 0x67, 0x6e, 0x3e, 0xd2, 0x3e, 0x74, 0x5d, 0x15, - 0xdd, 0x43, 0xd9, 0x40, 0x9c, 0x40, 0xcf, 0x15, 0x3f, 0xff, 0x5d, 0x37, 0x44, 0x85, 0x03, 0xa7, - 0x79, 0x0d, 0x87, 0xc5, 0xb2, 0xa8, 0x94, 0x5d, 0x15, 0xb1, 0xd3, 0x15, 0xa3, 0xb1, 0x9f, 0x2e, - 0x80, 0xc3, 0x62, 0xd4, 0x2b, 0x75, 0xa7, 0x1f, 0x7f, 0x4c, 0xcf, 0x25, 0x5d, 0x2c, 0x67, 0xa1, - 0xd0, 0x2a, 0x72, 0x13, 0x53, 0x2e, 0xc1, 0x68, 0xbf, 0x7d, 0x3b, 0xbb, 0x9d, 0xed, 0xc4, 0x57, - 0x7f, 0x03, 0x00, 0x00, 0xff, 0xff, 0x08, 0xc7, 0x6e, 0x77, 0xa8, 0x05, 0x00, 0x00, + // 574 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xc4, 0x55, 0xcd, 0x6e, 0xd3, 0x40, + 0x10, 0x96, 0x93, 0x94, 0x36, 0x43, 0x7e, 0x1a, 0xb7, 0x14, 0x93, 0x4a, 0x28, 0x32, 0x97, 0x88, + 0x12, 0x5b, 0x84, 0x5b, 0x38, 0x99, 0x22, 0x45, 0x95, 0x40, 0x20, 0x43, 0x2b, 0xc4, 0x6d, 0x63, + 0x0f, 0xe9, 0xa2, 0xac, 0xd7, 0xb1, 0x37, 0xa9, 0xfa, 0x02, 0x3c, 0x40, 0x9e, 0x0c, 0xe5, 0x89, + 0xd0, 0xae, 0xed, 0xc8, 0xae, 0x9a, 0x28, 0xa1, 0x48, 0x9c, 0xec, 0x59, 0xcd, 0x7c, 0x3b, 0xdf, + 0x7c, 0x33, 0xb3, 0xf0, 0xd6, 0xe3, 0x2c, 0xe4, 0x01, 0x06, 0x22, 0xb6, 0xc9, 0x4c, 0x70, 0x46, + 0x04, 0xf6, 0xc6, 0x44, 0xe0, 0x0d, 0xb9, 0xb5, 0x49, 0x48, 0x6d, 0x4a, 0x98, 0x3d, 0xef, 0xdb, + 0x11, 0x4e, 0x67, 0x18, 0x0b, 0x3b, 0xe4, 0x13, 0xea, 0xdd, 0x5a, 0x61, 0xc4, 0x05, 0xd7, 0x0d, + 0xef, 0x1a, 0x7f, 0x58, 0x59, 0x98, 0x45, 0x42, 0x6a, 0x51, 0xc2, 0xac, 0x79, 0xbf, 0x3d, 0xd8, + 0x12, 0xd6, 0xe3, 0x8c, 0xf1, 0xa0, 0x80, 0xda, 0x7e, 0xa5, 0x3e, 0x5e, 0x6f, 0x8c, 0x41, 0x2f, + 0xbe, 0x21, 0xe3, 0x31, 0x46, 0x36, 0x0f, 0x05, 0xe5, 0x41, 0x6c, 0x93, 0x20, 0xe0, 0x82, 0xa8, + 0xff, 0xc4, 0xdb, 0xfc, 0xad, 0x41, 0xf3, 0x3c, 0x42, 0x22, 0xf0, 0xb3, 0x02, 0x71, 0x71, 0xaa, + 0x37, 0xa0, 0x44, 0x7d, 0x43, 0xeb, 0x68, 0xdd, 0xaa, 0x5b, 0xa2, 0xbe, 0xae, 0x43, 0x25, 0x20, + 0x0c, 0x8d, 0x92, 0x3a, 0x51, 0xff, 0xba, 0x01, 0xfb, 0x0c, 0xd9, 0x08, 0xa3, 0xd8, 0x28, 0x77, + 0xca, 0xdd, 0xaa, 0x9b, 0x99, 0xfa, 0x39, 0x40, 0x2c, 0x88, 0x40, 0x26, 0xb3, 0x37, 0x2a, 0x9d, + 0x72, 0xf7, 0x71, 0xff, 0x85, 0xb5, 0x8e, 0xaa, 0xf5, 0x25, 0xf3, 0x75, 0x73, 0x61, 0x7a, 0x1b, + 0x0e, 0xc2, 0x88, 0xff, 0x44, 0x4f, 0xc4, 0xc6, 0x9e, 0xc2, 0x5f, 0xd9, 0x83, 0xe7, 0x0b, 0xe7, + 0x14, 0x9e, 0x2d, 0xb5, 0x12, 0xf5, 0x97, 0x9a, 0xca, 0x66, 0xa9, 0xe5, 0x62, 0xcd, 0x1e, 0x34, + 0xdf, 0xe3, 0x04, 0x37, 0x30, 0x1a, 0xc0, 0xc2, 0xd9, 0x87, 0x3d, 0x05, 0x61, 0xb6, 0xa0, 0xf9, + 0x81, 0xc6, 0x42, 0x39, 0x53, 0x8c, 0x5d, 0x9c, 0x9a, 0x97, 0x70, 0xe4, 0xf8, 0x7e, 0x12, 0xfe, + 0x31, 0xa1, 0x75, 0x5f, 0x5d, 0x72, 0x35, 0x28, 0x15, 0x6a, 0x30, 0x38, 0x5e, 0x38, 0x2d, 0x68, + 0xa6, 0x29, 0x66, 0xa7, 0xe6, 0x4b, 0xa8, 0x0d, 0x51, 0x6c, 0x97, 0x95, 0xd4, 0xe5, 0x32, 0xf4, + 0x37, 0xea, 0xb2, 0xf6, 0xfe, 0x3b, 0x1a, 0x94, 0xff, 0x4e, 0x83, 0x4c, 0xf6, 0x83, 0x9c, 0xec, + 0x79, 0x5d, 0xaa, 0x3b, 0xea, 0xf2, 0x04, 0x8e, 0x56, 0xf4, 0xaf, 0x30, 0x8a, 0x29, 0x0f, 0x64, + 0xb1, 0x1b, 0x50, 0x73, 0x31, 0x46, 0xf1, 0x95, 0x5f, 0xbd, 0x96, 0x76, 0x1f, 0x8e, 0x57, 0x7a, + 0x6c, 0xa8, 0x7e, 0xa1, 0x5a, 0x9f, 0xe0, 0xa9, 0x8b, 0xe1, 0x84, 0x78, 0xf8, 0x00, 0xd1, 0xf2, + 0x80, 0xdf, 0xe0, 0xc4, 0x45, 0xc6, 0xe7, 0xf8, 0xcf, 0x9b, 0xe0, 0x97, 0x06, 0xf5, 0x64, 0xe0, + 0x5c, 0x3e, 0xc1, 0x1d, 0xc6, 0x8d, 0x78, 0x6a, 0x6e, 0xb3, 0x71, 0x4b, 0xcd, 0x82, 0x22, 0x95, + 0x3b, 0x8a, 0x9c, 0x2e, 0x1c, 0x03, 0x4e, 0x8a, 0x8a, 0x64, 0x81, 0x66, 0x17, 0x60, 0x88, 0x62, + 0x4d, 0x12, 0x85, 0x62, 0x9c, 0x41, 0x3d, 0x19, 0xa8, 0x6d, 0x9c, 0x25, 0xbf, 0xa4, 0x71, 0xff, + 0x33, 0xbf, 0x06, 0xd4, 0x64, 0x1f, 0xc9, 0x2c, 0xd4, 0x50, 0x9f, 0x41, 0x5d, 0xb6, 0x5f, 0x12, + 0xbb, 0xed, 0x52, 0x48, 0x6f, 0x92, 0xf1, 0x17, 0x70, 0x98, 0x2e, 0xca, 0xb5, 0x10, 0xf7, 0x51, + 0x1b, 0xb4, 0x16, 0x4e, 0x03, 0x6a, 0xf9, 0x24, 0x25, 0x54, 0x3a, 0xdb, 0x0f, 0x86, 0xb2, 0xe0, + 0x30, 0x5d, 0x76, 0x5b, 0x11, 0x7b, 0x77, 0xf1, 0x7d, 0x38, 0xa6, 0xe2, 0x7a, 0x36, 0xb2, 0x3c, + 0xce, 0x6c, 0xb9, 0x11, 0x56, 0x0f, 0x8c, 0xbd, 0xdb, 0x5b, 0x36, 0x7a, 0xa4, 0x5e, 0x90, 0x37, + 0x7f, 0x02, 0x00, 0x00, 0xff, 0xff, 0xa4, 0xcc, 0x29, 0x42, 0x04, 0x07, 0x00, 0x00, } diff --git a/components/automate-gateway/api/iam_v2_policy.pb.swagger.go b/components/automate-gateway/api/iam_v2_policy.pb.swagger.go index 7dac4e1ad17..3dabf5dcf5f 100644 --- a/components/automate-gateway/api/iam_v2_policy.pb.swagger.go +++ b/components/automate-gateway/api/iam_v2_policy.pb.swagger.go @@ -26,12 +26,14 @@ func init() { } }, "tags": [ - "Policies" + "hidden" ] } }, "/iam/v2/policies": { "get": { + "summary": "List all policies", + "description": "List all policies.\n\nAuthorization Action:\n` + "`" + `` + "`" + `` + "`" + `\niam:policies:list\n` + "`" + `` + "`" + `` + "`" + `", "operationId": "ListPolicies", "responses": { "200": { @@ -42,10 +44,12 @@ func init() { } }, "tags": [ - "Policies" + "policies" ] }, "post": { + "summary": "Create a custom policy", + "description": "Creates a custom IAM policy used to control permissions in Automate.\nA policy is composed of one or more statements that grant permissions to a set of members.\nEach statement contains a role as well as a list of projects.\n\nThe role defines a set of actions that the statement is scoped to.\nThe project list defines the set of resources that the statement is scoped to.\nPass ` + "`" + `\"projects\": [\"*\"]` + "`" + ` to scope a statement to every project.\n\nA policy's *top-level* projects list defines which projects the policy belongs to (for filtering policies by their projects),\nwhereas the *statement-level* projects list defines which projects the statement applies to.\n\nThis example creates a new policy not associated with any project (because the top-level ` + "`" + `projects` + "`" + ` property is empty) that grants the ` + "`" + `viewer` + "`" + ` role\non a few projects for all LDAP teams and a custom role ` + "`" + `qa` + "`" + ` on a specific project.\n\nExample:\n` + "`" + `` + "`" + `` + "`" + `\n{\n\"name\": \"My Viewer Policy\",\n\"id\": \"viewer-policy\",\n\"members\": [\"team:ldap:*\"],\n\"statements\" : [\n{\n\"role\": \"viewer\",\n\"projects\": [\"project1\", \"project2\"]\n},\n{\n\"role\": \"qa\",\n\"projects\": [\"acceptanceProject\"]\n}\n],\n\"projects\": []\n}\n` + "`" + `` + "`" + `` + "`" + `\n\nAuthorization Action:\n` + "`" + `` + "`" + `` + "`" + `\niam:policies:create\n` + "`" + `` + "`" + `` + "`" + `", "operationId": "CreatePolicy", "responses": { "200": { @@ -66,12 +70,14 @@ func init() { } ], "tags": [ - "Policies" + "policies" ] } }, "/iam/v2/policies/{id}": { "get": { + "summary": "Get a policy", + "description": "Returns the details for a policy.\n\nAuthorization Action:\n` + "`" + `` + "`" + `` + "`" + `\niam:policies:get\n` + "`" + `` + "`" + `` + "`" + `", "operationId": "GetPolicy", "responses": { "200": { @@ -84,16 +90,19 @@ func init() { "parameters": [ { "name": "id", + "description": "ID of the policy.", "in": "path", "required": true, "type": "string" } ], "tags": [ - "Policies" + "policies" ] }, "delete": { + "summary": "Delete a custom policy", + "description": "Delete a specified custom policy. You cannot delete Chef-managed policies.\n\nAuthorization Action:\n` + "`" + `` + "`" + `` + "`" + `\niam:policies:delete\n` + "`" + `` + "`" + `` + "`" + `", "operationId": "DeletePolicy", "responses": { "200": { @@ -106,16 +115,19 @@ func init() { "parameters": [ { "name": "id", + "description": "ID of the policy.", "in": "path", "required": true, "type": "string" } ], "tags": [ - "Policies" + "policies" ] }, "put": { + "summary": "Update a custom policy", + "description": "This operation overwrites all fields excepting ID,\nincluding those omitted from the request, so be sure to specify all properties.\nProperties that you do not include are reset to empty values.\nThe only exception is the policy ID, which is immutable; it can only be set at creation time.\n\nWhile you can use this endpoint to update members on a policy, if that is the only\nproperty you wish to modify you might find it more convenient to use one of these endpoints instead:\nAdd policy members, Remove policy members, or Replace policy members.\n\nAuthorization Action:\n` + "`" + `` + "`" + `` + "`" + `\niam:policies:update\n` + "`" + `` + "`" + `` + "`" + `", "operationId": "UpdatePolicy", "responses": { "200": { @@ -128,6 +140,7 @@ func init() { "parameters": [ { "name": "id", + "description": "Unique ID. Cannot be changed.", "in": "path", "required": true, "type": "string" @@ -142,12 +155,14 @@ func init() { } ], "tags": [ - "Policies" + "policies" ] } }, "/iam/v2/policies/{id}/members": { "get": { + "summary": "List policy members", + "description": "List all members of a specific policy.\n\nAuthorization Action:\n` + "`" + `` + "`" + `` + "`" + `\niam:policyMembers:get\n` + "`" + `` + "`" + `` + "`" + `", "operationId": "ListPolicyMembers", "responses": { "200": { @@ -160,16 +175,19 @@ func init() { "parameters": [ { "name": "id", + "description": "ID of the policy.", "in": "path", "required": true, "type": "string" } ], "tags": [ - "Policies" + "policies" ] }, "put": { + "summary": "Replace policy members", + "description": "Replace the entire member list of a specific policy with a new list.\nYou may use this endpoint to update members of either Custom or Chef-managed policies.\n\nEnsure each element of the members array is in the correct\n[Member Expression](https://automate.chef.io/docs/iam-v2-guide/#member-expressions) format.\n\nAuthorization Action:\n` + "`" + `` + "`" + `` + "`" + `\niam:policyMembers:update\n` + "`" + `` + "`" + `` + "`" + `", "operationId": "ReplacePolicyMembers", "responses": { "200": { @@ -182,6 +200,7 @@ func init() { "parameters": [ { "name": "id", + "description": "ID of the policy.", "in": "path", "required": true, "type": "string" @@ -196,12 +215,14 @@ func init() { } ], "tags": [ - "Policies" + "policies" ] } }, "/iam/v2/policies/{id}/members:add": { "post": { + "summary": "Add policy members", + "description": "Add members to the member list of a specific policy.\nYou may use this endpoint to update members of either Custom or Chef-managed policies.\n\nEnsure each element of the members array is in the correct\n[Member Expression](https://automate.chef.io/docs/iam-v2-guide/#member-expressions) format.\n\nAuthorization Action:\n` + "`" + `` + "`" + `` + "`" + `\niam:policyMembers:create\n` + "`" + `` + "`" + `` + "`" + `", "operationId": "AddPolicyMembers", "responses": { "200": { @@ -214,6 +235,7 @@ func init() { "parameters": [ { "name": "id", + "description": "ID of the policy.", "in": "path", "required": true, "type": "string" @@ -228,12 +250,14 @@ func init() { } ], "tags": [ - "Policies" + "policies" ] } }, "/iam/v2/policies/{id}/members:remove": { "post": { + "summary": "Remove policy members", + "description": "Remove members from the member list of a specific policy. Silently ignores\nmembers that are not already part of the member list.\nYou may use this endpoint to update members of either Custom or Chef-managed policies.\n\nEnsure each element of the members array is in the correct\n[Member Expression](https://automate.chef.io/docs/iam-v2-guide/#member-expressions) format.\n\nThe removed members will still exist within Chef Automate, but are no longer associated with this policy.\n\nAuthorization Action:\n` + "`" + `` + "`" + `` + "`" + `\niam:policyMembers:delete\n` + "`" + `` + "`" + `` + "`" + `", "operationId": "RemovePolicyMembers", "responses": { "200": { @@ -246,6 +270,7 @@ func init() { "parameters": [ { "name": "id", + "description": "ID of the policy.", "in": "path", "required": true, "type": "string" @@ -260,12 +285,14 @@ func init() { } ], "tags": [ - "Policies" + "policies" ] } }, "/iam/v2/policy_version": { "get": { + "summary": "Get IAM version", + "description": "Returns the major and minor version of IAM that your automate installation is running.\n\nAuthorization Action:\n` + "`" + `` + "`" + `` + "`" + `\niam:policies:get\n` + "`" + `` + "`" + `` + "`" + `", "operationId": "GetPolicyVersion", "responses": { "200": { @@ -276,12 +303,14 @@ func init() { } }, "tags": [ - "Policies" + "policies" ] } }, "/iam/v2/projects": { "get": { + "summary": "List all projects", + "description": "List all projects.\n\nAuthorization Action:\n` + "`" + `` + "`" + `` + "`" + `\niam:projects:list\n` + "`" + `` + "`" + `` + "`" + `", "operationId": "ListProjects", "responses": { "200": { @@ -292,10 +321,12 @@ func init() { } }, "tags": [ - "Policies" + "projects" ] }, "post": { + "summary": "Create a project", + "description": "Creates a new project to be used in the policies that control permissions in Automate.\n\nA project defines the scope of resources in a policy statement. Resources can be in more than one project.\n\nAuthorization Action:\n` + "`" + `` + "`" + `` + "`" + `\niam:projects:create\n` + "`" + `` + "`" + `` + "`" + `", "operationId": "CreateProject", "responses": { "200": { @@ -316,12 +347,14 @@ func init() { } ], "tags": [ - "Policies" + "projects" ] } }, "/iam/v2/projects/{id}": { "get": { + "summary": "Get a project", + "description": "Returns the details for a project.\n\nAuthorization Action:\n` + "`" + `` + "`" + `` + "`" + `\niam:projects:get\n` + "`" + `` + "`" + `` + "`" + `", "operationId": "GetProject", "responses": { "200": { @@ -334,16 +367,19 @@ func init() { "parameters": [ { "name": "id", + "description": "ID of the project.", "in": "path", "required": true, "type": "string" } ], "tags": [ - "Policies" + "projects" ] }, "delete": { + "summary": "Delete a project", + "description": "Delete a project from any resources tagged with it.\n\nAlso deletes this project from any project list in any policy statements.\nIf the resulting project list for a given statement is empty, it is deleted.\nIf the resulting policy has no statements, it is also deleted.\n\nAuthorization Action:\n` + "`" + `` + "`" + `` + "`" + `\niam:projects:delete\n` + "`" + `` + "`" + `` + "`" + `", "operationId": "DeleteProject", "responses": { "200": { @@ -356,16 +392,19 @@ func init() { "parameters": [ { "name": "id", + "description": "ID of the project.", "in": "path", "required": true, "type": "string" } ], "tags": [ - "Policies" + "projects" ] }, "put": { + "summary": "Update a project", + "description": "Updates the name of an existing project.\n\nAuthorization Action:\n` + "`" + `` + "`" + `` + "`" + `\niam:projects:update\n` + "`" + `` + "`" + `` + "`" + `", "operationId": "UpdateProject", "responses": { "200": { @@ -378,6 +417,7 @@ func init() { "parameters": [ { "name": "id", + "description": "Unique ID. Cannot be changed.", "in": "path", "required": true, "type": "string" @@ -392,12 +432,14 @@ func init() { } ], "tags": [ - "Policies" + "projects" ] } }, "/iam/v2/roles": { "get": { + "summary": "List all roles", + "description": "List all *Chef-managed* and *Custom* roles.\n\nAuthorization Action:\n` + "`" + `` + "`" + `` + "`" + `\niam:roles:list\n` + "`" + `` + "`" + `` + "`" + `", "operationId": "ListRoles", "responses": { "200": { @@ -408,10 +450,12 @@ func init() { } }, "tags": [ - "Policies" + "roles" ] }, "post": { + "summary": "Create a custom role", + "description": "Creates a new role to be used in the policies that control permissions in Automate.\n\nA role defines the scope of actions in a policy statement.\n\nAuthorization Action:\n` + "`" + `` + "`" + `` + "`" + `\niam:roles:create\n` + "`" + `` + "`" + `` + "`" + `", "operationId": "CreateRole", "responses": { "200": { @@ -432,12 +476,14 @@ func init() { } ], "tags": [ - "Policies" + "roles" ] } }, "/iam/v2/roles/{id}": { "get": { + "summary": "Get a role", + "description": "Returns the details for a role.\n\nAuthorization Action:\n` + "`" + `` + "`" + `` + "`" + `\niam:roles:get\n` + "`" + `` + "`" + `` + "`" + `", "operationId": "GetRole", "responses": { "200": { @@ -450,16 +496,19 @@ func init() { "parameters": [ { "name": "id", + "description": "ID of the role.", "in": "path", "required": true, "type": "string" } ], "tags": [ - "Policies" + "roles" ] }, "delete": { + "summary": "Delete a custom role", + "description": "Delete a specified custom role (you cannot delete Chef-managed roles) and remove it from any statements that may have been using it.\nIf such a statement has no other associated actions, the statement is deleted as well.\nSimilarly, if that statement removal results in a policy with no other statements,\nthat policy is removed as well.\n\nAuthorization Action:\n` + "`" + `` + "`" + `` + "`" + `\niam:roles:delete\n` + "`" + `` + "`" + `` + "`" + `", "operationId": "DeleteRole", "responses": { "200": { @@ -472,16 +521,19 @@ func init() { "parameters": [ { "name": "id", + "description": "ID of the role.", "in": "path", "required": true, "type": "string" } ], "tags": [ - "Policies" + "roles" ] }, "put": { + "summary": "Update a custom role", + "description": "This operation overwrites all fields excepting ID,\nincluding those omitted from the request, so be sure to specify all properties.\nProperties that you do not include are reset to empty values.\n\nAuthorization Action:\n` + "`" + `` + "`" + `` + "`" + `\niam:roles:update\n` + "`" + `` + "`" + `` + "`" + `", "operationId": "UpdateRole", "responses": { "200": { @@ -494,6 +546,7 @@ func init() { "parameters": [ { "name": "id", + "description": "Unique ID. Cannot be changed.", "in": "path", "required": true, "type": "string" @@ -508,7 +561,7 @@ func init() { } ], "tags": [ - "Policies" + "roles" ] } } @@ -518,15 +571,21 @@ func init() { "type": "object", "properties": { "id": { - "type": "string" + "type": "string", + "description": "ID of the policy." }, "members": { "type": "array", "items": { "type": "string" - } + }, + "description": "List of members to add to the policy." } - } + }, + "required": [ + "id", + "members" + ] }, "chef.automate.api.iam.v2.AddPolicyMembersResp": { "type": "object", @@ -535,7 +594,8 @@ func init() { "type": "array", "items": { "type": "string" - } + }, + "description": "Resulting list of policy members." } } }, @@ -543,31 +603,41 @@ func init() { "type": "object", "properties": { "id": { - "type": "string" + "type": "string", + "description": "Unique ID. Cannot be changed." }, "name": { - "type": "string" + "type": "string", + "description": "Name for the policy." }, "members": { "type": "array", "items": { "type": "string" - } + }, + "description": "Members affected by this policy." }, "statements": { "type": "array", "items": { "$ref": "#/definitions/chef.automate.api.iam.v2.Statement" - } + }, + "description": "Statements for the policy." }, "projects": { "type": "array", "items": { "type": "string" - } + }, + "description": "List of projects this policy belongs to." } }, - "description": "Does not contain type as the enduser can only create 'custom' policies." + "description": "Does not contain type as the enduser can only create 'custom' policies.", + "required": [ + "id", + "name", + "statements" + ] }, "chef.automate.api.iam.v2.CreatePolicyResp": { "type": "object", @@ -581,12 +651,18 @@ func init() { "type": "object", "properties": { "id": { - "type": "string" + "type": "string", + "description": "Unique ID. Cannot be changed." }, "name": { - "type": "string" + "type": "string", + "description": "Name for the new project." } - } + }, + "required": [ + "id", + "name" + ] }, "chef.automate.api.iam.v2.CreateProjectResp": { "type": "object", @@ -600,25 +676,34 @@ func init() { "type": "object", "properties": { "id": { - "type": "string" + "type": "string", + "description": "Unique ID. Cannot be changed." }, "name": { - "type": "string" + "type": "string", + "description": "Name for the role." }, "actions": { "type": "array", "items": { "type": "string" - } + }, + "description": "List of actions that this role scopes to." }, "projects": { "type": "array", "items": { "type": "string" - } + }, + "description": "List of projects this role belongs to." } }, - "description": "Does not contain type as the enduser can only create 'custom' roles." + "description": "Does not contain type as the enduser can only create 'custom' roles.", + "required": [ + "id", + "name", + "actions" + ] }, "chef.automate.api.iam.v2.CreateRoleResp": { "type": "object", @@ -687,7 +772,8 @@ func init() { "type": "array", "items": { "type": "string" - } + }, + "description": "List of policy members." } } }, @@ -717,31 +803,37 @@ func init() { "type": "object", "properties": { "name": { - "type": "string" + "type": "string", + "description": "Name for the policy." }, "id": { - "type": "string" + "type": "string", + "description": "Unique ID. Cannot be changed." }, "type": { - "$ref": "#/definitions/chef.automate.api.iam.v2.Type" + "$ref": "#/definitions/chef.automate.api.iam.v2.Type", + "description": "This doc-comment is ignored for an enum." }, "members": { "type": "array", "items": { "type": "string" - } + }, + "description": "Members affected by this policy. May be empty." }, "statements": { "type": "array", "items": { "$ref": "#/definitions/chef.automate.api.iam.v2.Statement" - } + }, + "description": "Statements for the policy. Will contain one or more." }, "projects": { "type": "array", "items": { "type": "string" - } + }, + "description": "List of projects this policy belongs to. May be empty." } } }, @@ -749,16 +841,20 @@ func init() { "type": "object", "properties": { "name": { - "type": "string" + "type": "string", + "description": "Name for the project." }, "id": { - "type": "string" + "type": "string", + "description": "Unique ID. Cannot be changed." }, "type": { - "$ref": "#/definitions/chef.automate.api.iam.v2.Type" + "$ref": "#/definitions/chef.automate.api.iam.v2.Type", + "description": "Whether this policy is user created (` + "`" + `CUSTOM` + "`" + `) or chef managed (` + "`" + `CHEF_MANAGED` + "`" + `)." }, "status": { - "$ref": "#/definitions/chef.automate.api.iam.v2.ProjectRulesStatus" + "$ref": "#/definitions/chef.automate.api.iam.v2.ProjectRulesStatus", + "description": "The current status of the rules for this project." } } }, @@ -776,15 +872,21 @@ func init() { "type": "object", "properties": { "id": { - "type": "string" + "type": "string", + "description": "ID of the policy." }, "members": { "type": "array", "items": { "type": "string" - } + }, + "description": "List of members to remove from the policy." } - } + }, + "required": [ + "id", + "members" + ] }, "chef.automate.api.iam.v2.RemovePolicyMembersResp": { "type": "object", @@ -793,7 +895,8 @@ func init() { "type": "array", "items": { "type": "string" - } + }, + "description": "Resulting list of policy members." } } }, @@ -801,15 +904,20 @@ func init() { "type": "object", "properties": { "id": { - "type": "string" + "type": "string", + "description": "ID of the policy." }, "members": { "type": "array", "items": { "type": "string" - } + }, + "description": "List of members that replaces previous policy member list." } - } + }, + "required": [ + "id" + ] }, "chef.automate.api.iam.v2.ReplacePolicyMembersResp": { "type": "object", @@ -818,7 +926,8 @@ func init() { "type": "array", "items": { "type": "string" - } + }, + "description": "Resulting list of policy members." } } }, @@ -826,25 +935,30 @@ func init() { "type": "object", "properties": { "name": { - "type": "string" + "type": "string", + "description": "Name for the role." }, "id": { - "type": "string" + "type": "string", + "description": "Unique ID. Cannot be changed." }, "type": { - "$ref": "#/definitions/chef.automate.api.iam.v2.Type" + "$ref": "#/definitions/chef.automate.api.iam.v2.Type", + "description": "Whether this policy is user created (` + "`" + `CUSTOM` + "`" + `) or chef managed (` + "`" + `CHEF_MANAGED` + "`" + `)." }, "actions": { "type": "array", "items": { "type": "string" - } + }, + "description": "List of actions this role scopes to. Will contain one or more." }, "projects": { "type": "array", "items": { "type": "string" - } + }, + "description": "List of projects this role belongs to. May be empty." } } }, @@ -852,31 +966,33 @@ func init() { "type": "object", "properties": { "effect": { - "$ref": "#/definitions/chef.automate.api.iam.v2.Statement.Effect" + "$ref": "#/definitions/chef.automate.api.iam.v2.Statement.Effect", + "description": "This doc-comment is ignored for an enum." }, "actions": { "type": "array", "items": { "type": "string" }, - "title": "inline definitions" + "description": "Actions defined inline. May be empty.\nBest practices recommend that you use custom roles rather than inline actions where practical." }, "role": { "type": "string", - "title": "references" + "description": "The role defines a set of actions that the statement is scoped to." }, "resources": { "type": "array", "items": { "type": "string" }, - "title": "Note: these are for display only, not to be set in CreatePolicy/UpdatePolicy" + "description": "DEPRECATED: Resources defined inline. Use projects instead." }, "projects": { "type": "array", "items": { "type": "string" - } + }, + "description": "The project list defines the set of resources that the statement is scoped to. May be empty." } } }, @@ -900,31 +1016,41 @@ func init() { "type": "object", "properties": { "id": { - "type": "string" + "type": "string", + "description": "Unique ID. Cannot be changed." }, "members": { "type": "array", "items": { "type": "string" - } + }, + "description": "Members affected by this policy." }, "statements": { "type": "array", "items": { "$ref": "#/definitions/chef.automate.api.iam.v2.Statement" - } + }, + "description": "Statements for the policy." }, "name": { - "type": "string" + "type": "string", + "description": "Name for this policy." }, "projects": { "type": "array", "items": { "type": "string" - } + }, + "description": "List of projects this policy belongs to." } }, - "description": "Does not contain type as the enduser can only create 'custom' policies." + "description": "Does not contain type as the enduser can only create 'custom' policies.", + "required": [ + "id", + "name", + "statements" + ] }, "chef.automate.api.iam.v2.UpdatePolicyResp": { "type": "object", @@ -938,12 +1064,18 @@ func init() { "type": "object", "properties": { "id": { - "type": "string" + "type": "string", + "description": "Unique ID. Cannot be changed." }, "name": { - "type": "string" + "type": "string", + "description": "Name for the project." } - } + }, + "required": [ + "id", + "name" + ] }, "chef.automate.api.iam.v2.UpdateProjectResp": { "type": "object", @@ -957,24 +1089,33 @@ func init() { "type": "object", "properties": { "id": { - "type": "string" + "type": "string", + "description": "Unique ID. Cannot be changed." }, "name": { - "type": "string" + "type": "string", + "description": "Name for the role." }, "actions": { "type": "array", "items": { "type": "string" - } + }, + "description": "List of actions that this role scopes to." }, "projects": { "type": "array", "items": { "type": "string" - } + }, + "description": "List of projects this role belongs to." } - } + }, + "required": [ + "id", + "name", + "actions" + ] }, "chef.automate.api.iam.v2.UpdateRoleResp": { "type": "object", diff --git a/components/automate-gateway/api/manager.pb.swagger.go b/components/automate-gateway/api/manager.pb.swagger.go index 4f01408cd2d..f36ceef0605 100644 --- a/components/automate-gateway/api/manager.pb.swagger.go +++ b/components/automate-gateway/api/manager.pb.swagger.go @@ -16,6 +16,8 @@ func init() { "paths": { "/nodemanagers": { "post": { + "summary": "Create a Node Manager", + "description": "Creates a node manager given a name, credential id *or* credential data, and type.\n\n\nAuthorization Action:\n\n` + "`" + `` + "`" + `` + "`" + `\ninfra:nodeManagers:create\n` + "`" + `` + "`" + `` + "`" + `", "operationId": "Create", "responses": { "200": { @@ -42,6 +44,8 @@ func init() { }, "/nodemanagers/id/{id}": { "get": { + "summary": "View a Node Manager", + "description": "List the details of a node manager.\n\nAuthorization Action:\n\n` + "`" + `` + "`" + `` + "`" + `\ninfra:nodeManagers:get\n` + "`" + `` + "`" + `` + "`" + `", "operationId": "Read", "responses": { "200": { @@ -54,6 +58,7 @@ func init() { "parameters": [ { "name": "id", + "description": "UUID for the node manager.", "in": "path", "required": true, "type": "string" @@ -64,6 +69,8 @@ func init() { ] }, "delete": { + "summary": "Delete a Node Manager", + "description": "Delete a single node manager. This deletes the node manager itself and\nreassigns its associated nodes to the Automate node manager.\n\nAuthorization Action:\n\n` + "`" + `` + "`" + `` + "`" + `\ninfra:nodeManagers:delete\n` + "`" + `` + "`" + `` + "`" + `", "operationId": "Delete", "responses": { "200": { @@ -76,6 +83,7 @@ func init() { "parameters": [ { "name": "id", + "description": "UUID for the node manager.", "in": "path", "required": true, "type": "string" @@ -86,6 +94,8 @@ func init() { ] }, "put": { + "summary": "Update a Node Manager", + "description": "Update a node manager's metadata, such as its name, associated credential id, or data.\nThis is a PUT operation and it overwrites ALL of the existing node manager metadata. Include all fields, because a PUT operation overwrites any missing fields to empty (\"\").\n\nAuthorization Action:\n\n` + "`" + `` + "`" + `` + "`" + `\ninfra:nodeManagers:update\n` + "`" + `` + "`" + `` + "`" + `", "operationId": "Update", "responses": { "200": { @@ -98,6 +108,7 @@ func init() { "parameters": [ { "name": "id", + "description": "UUID for the nodemanager.", "in": "path", "required": true, "type": "string" @@ -118,6 +129,8 @@ func init() { }, "/nodemanagers/id/{id}/with-node-state/stopped": { "delete": { + "summary": "Delete a Node Manager and Stop Nodes", + "description": "Delete a node manager and update its associated nodes to ` + "`" + `stopped` + "`" + `.\n\nAuthorization Action:\n\n` + "`" + `` + "`" + `` + "`" + `\ninfra:nodeManagers:delete\n` + "`" + `` + "`" + `` + "`" + `", "operationId": "DeleteWithNodeStateStopped", "responses": { "200": { @@ -130,6 +143,7 @@ func init() { "parameters": [ { "name": "id", + "description": "UUID for the node manager.", "in": "path", "required": true, "type": "string" @@ -142,6 +156,8 @@ func init() { }, "/nodemanagers/id/{id}/with-node-state/terminated": { "delete": { + "summary": "Delete a Node Manager and Terminate Nodes", + "description": "Delete a node manager and update its associated nodes to ` + "`" + `terminated` + "`" + `.\n\nAuthorization Action:\n\n` + "`" + `` + "`" + `` + "`" + `\ninfra:nodeManagers:delete\n` + "`" + `` + "`" + `` + "`" + `", "operationId": "DeleteWithNodeStateTerminated", "responses": { "200": { @@ -154,6 +170,7 @@ func init() { "parameters": [ { "name": "id", + "description": "UUID for the node manager.", "in": "path", "required": true, "type": "string" @@ -166,6 +183,8 @@ func init() { }, "/nodemanagers/id/{id}/with-nodes": { "delete": { + "summary": "Delete a Node Manager and Delete Nodes", + "description": "Delete a node manager and all of its associated nodes.\n\nAuthorization Action:\n\n` + "`" + `` + "`" + `` + "`" + `\ninfra:nodeManagers:delete\n` + "`" + `` + "`" + `` + "`" + `", "operationId": "DeleteWithNodes", "responses": { "200": { @@ -178,6 +197,7 @@ func init() { "parameters": [ { "name": "id", + "description": "UUID for the node manager.", "in": "path", "required": true, "type": "string" @@ -190,6 +210,8 @@ func init() { }, "/nodemanagers/id/{node_manager_id}/search-fields": { "post": { + "summary": "Search Node Fields", + "description": "Searches the available values for a given field across all nodes associated with the nodemanager id.\n\n\nAuthorization Action:\n\n` + "`" + `` + "`" + `` + "`" + `\ninfra:nodeManagers:list\n` + "`" + `` + "`" + `` + "`" + `", "operationId": "SearchNodeFields", "responses": { "200": { @@ -202,6 +224,7 @@ func init() { "parameters": [ { "name": "node_manager_id", + "description": "Node manager ID.", "in": "path", "required": true, "type": "string" @@ -222,6 +245,8 @@ func init() { }, "/nodemanagers/id/{node_manager_id}/search-nodes": { "post": { + "summary": "Search nodes", + "description": "Searches the available nodes for a single node manager by id.\n\n\nAuthorization Action:\n\n` + "`" + `` + "`" + `` + "`" + `\ninfra:nodeManagers:list\n` + "`" + `` + "`" + `` + "`" + `", "operationId": "SearchNodes", "responses": { "200": { @@ -234,6 +259,7 @@ func init() { "parameters": [ { "name": "node_manager_id", + "description": "Node manager ID.", "in": "path", "required": true, "type": "string" @@ -254,6 +280,8 @@ func init() { }, "/nodemanagers/rerun/id/{id}": { "post": { + "summary": "Connect", + "description": "Attempts to reach the API for the given nodemanager id to validate the\ncredentials associated with the nodemanager.\n\nAuthorization Action:\n\n` + "`" + `` + "`" + `` + "`" + `\ninfra:nodeManagers:rerun\n` + "`" + `` + "`" + `` + "`" + `", "operationId": "Connect", "responses": { "200": { @@ -266,6 +294,7 @@ func init() { "parameters": [ { "name": "id", + "description": "UUID for the node manager.", "in": "path", "required": true, "type": "string" @@ -286,6 +315,8 @@ func init() { }, "/nodemanagers/search": { "post": { + "summary": "List all Node Managers", + "description": "Returns a list of node managers.\nSupports filtering, sorting, and pagination.\n\nValid filtering fields: manager_type\n\n\nAuthorization Action:\n\n` + "`" + `` + "`" + `` + "`" + `\ninfra:nodeManagers:list\n` + "`" + `` + "`" + `` + "`" + `", "operationId": "List", "responses": { "200": { @@ -353,32 +384,46 @@ func init() { "type": "object", "properties": { "tag_key": { - "type": "string" + "type": "string", + "description": "Tag key to match on." }, "tag_value": { - "type": "string" + "type": "string", + "description": "Tag value to match on." }, "credential_ids": { "type": "array", "items": { "type": "string" - } + }, + "description": "List of credential ids to associate with the key/value pair." } - } + }, + "required": [ + "tag_key", + "tag_value", + "credential_ids" + ] }, "chef.automate.api.nodes.manager.v1.FieldQuery": { "type": "object", "properties": { "query": { - "$ref": "#/definitions/chef.automate.api.nodes.manager.v1.Query" + "$ref": "#/definitions/chef.automate.api.nodes.manager.v1.Query", + "description": "Query details (filters) to be applied to the results." }, "field": { - "type": "string" + "type": "string", + "description": "Possible search fields: regions, tags, name, subscription_id." }, "node_manager_id": { - "type": "string" + "type": "string", + "description": "Node manager ID." } - } + }, + "required": [ + "node_manager_id" + ] }, "chef.automate.api.nodes.manager.v1.Fields": { "type": "object", @@ -387,17 +432,25 @@ func init() { "type": "array", "items": { "type": "string" - } + }, + "description": "One or more fields: regions, tags, name, subscription_id." } } }, "chef.automate.api.nodes.manager.v1.Id": { "type": "object", + "example": { + "uuid": "cd3ad3d9-2776-4ef1-a904-4c229d1642ee" + }, "properties": { "id": { - "type": "string" + "type": "string", + "description": "UUID for the node manager." } - } + }, + "required": [ + "id" + ] }, "chef.automate.api.nodes.manager.v1.Ids": { "type": "object", @@ -406,61 +459,104 @@ func init() { "type": "array", "items": { "$ref": "#/definitions/chef.automate.api.nodes.manager.v1.Id" - } + }, + "description": "List of node manager UUIDs." } } }, "chef.automate.api.nodes.manager.v1.NodeManager": { "type": "object", + "example": { + "account_id": "12345EXAMPLE", + "credential_data": [ + { + "key": "AWS_ACCESS_KEY_ID", + "value": "AKIAIOSFODNN7EXAMPLE" + }, + { + "key": "AWS_SECRET_ACCESS_KEY", + "value": "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY" + }, + { + "key": "AWS_SESSION_TOKEN", + "value": "AQoDYXdzEPT//////////wEXAMPLEt==" + } + ], + "credential_ID": "my-credential-UUID", + "id": "cd3ad3d9-2776-4ef1-a904-1EXAMPLEUUID", + "instance_credentials": [], + "name": "my aws api integration with session token", + "type": "aws-ec2" + }, "properties": { "id": { - "type": "string" + "type": "string", + "description": "UUID for the nodemanager." }, "name": { - "type": "string" + "type": "string", + "description": "User defined name for the node manager." }, "type": { - "type": "string" + "type": "string", + "description": "Type of nodemanager (aws-ec2, azure-vm, aws-api, azure-api, gcp)." }, "credential_id": { - "type": "string" + "type": "string", + "description": "Use either 'credential_id' OR 'credential_data'.\n'credential_data' will overwrite values in 'credential_id'.\nThe 'credential_id' is the UUID of credential with the information\nyou need to connect to aws, azure, or gcp." }, "instance_credentials": { "type": "array", "items": { "$ref": "#/definitions/chef.automate.api.nodes.manager.v1.CredentialsByTags" - } + }, + "description": "List of tag and credential UUID associations for making node managers.\nThese are ssh, winrm, and sudo creds used to access instances." }, "status": { - "type": "string" + "type": "string", + "description": "Status of the nodemanager (reachable, unreachable)." }, "account_id": { - "type": "string" + "type": "string", + "description": "Account id associated with the nodemanager." }, "date_added": { "type": "string", - "format": "date-time" + "format": "date-time", + "description": "Date the nodemanager was created." }, "credential_data": { "type": "array", "items": { "$ref": "#/definitions/chef.automate.api.common.query.Kv" - } + }, + "description": "Use either 'credential_data' OR 'credential_id'.\n'credential_data' will overwrite values in 'credential_id'.\nUse 'credential_data' when you have not yet created node credentials\nand provide credential data (such as AWS_ACCESS_KEY) inline." } - } + }, + "required": [ + "id", + "credential_id", + "credential_data", + "type" + ] }, "chef.automate.api.nodes.manager.v1.NodeManagers": { "type": "object", + "example": { + "total": "1" + }, "properties": { "managers": { "type": "array", "items": { "$ref": "#/definitions/chef.automate.api.nodes.manager.v1.NodeManager" - } + }, + "description": "List of nodemanagers." }, "total": { "type": "integer", - "format": "int32" + "format": "int32", + "description": "Total count of nodemanagers." } } }, @@ -468,12 +564,17 @@ func init() { "type": "object", "properties": { "query": { - "$ref": "#/definitions/chef.automate.api.nodes.manager.v1.Query" + "$ref": "#/definitions/chef.automate.api.nodes.manager.v1.Query", + "description": "Valid search filters: manager_type." }, "node_manager_id": { - "type": "string" + "type": "string", + "description": "Node manager ID." } - } + }, + "required": [ + "node_manager_id" + ] }, "chef.automate.api.nodes.manager.v1.Nodes": { "type": "object", @@ -482,38 +583,58 @@ func init() { "type": "array", "items": { "type": "string" - } + }, + "description": "List of node names matching the request." }, "total": { "type": "integer", - "format": "int32" + "format": "int32", + "description": "Total count of node names matching the request." } } }, "chef.automate.api.nodes.manager.v1.Query": { "type": "object", + "example": { + "filter_map": [ + { + "key": "manager_type", + "values": [ + "aws-ec2" + ] + } + ], + "sort": "date_added" + }, "properties": { "filter_map": { "type": "array", "items": { "$ref": "#/definitions/chef.automate.api.common.query.Filter" - } + }, + "description": "Filters for the query: \"manager_type\"." }, "order": { "$ref": "#/definitions/chef.automate.api.nodes.manager.v1.Query.OrderType" }, "sort": { - "type": "string" + "type": "string", + "description": "Field to use for sorting.\nValid fields are: name, type, status, status_message, date_added." }, "page": { "type": "integer", - "format": "int32" + "format": "int32", + "description": "Starting page for the list. For example, if your query returns 100 pages,\nand you know you're looking for a node manager somewhere in the middle,\nyou might want to start on page 50." }, "per_page": { "type": "integer", - "format": "int32" + "format": "int32", + "description": "Number of results on each page." } - } + }, + "required": [ + "filter_map" + ] }, "chef.automate.api.nodes.manager.v1.Query.OrderType": { "type": "string", @@ -521,7 +642,8 @@ func init() { "ASC", "DESC" ], - "default": "ASC" + "default": "ASC", + "description": "Sort the results in ascending or descending order." } } }