mirror of https://github.com/hashicorp/boundary
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
258 lines
8.8 KiB
258 lines
8.8 KiB
// Copyright (c) HashiCorp, Inc.
|
|
// SPDX-License-Identifier: MPL-2.0
|
|
|
|
syntax = "proto3";
|
|
|
|
package controller.api.resources.credentials.v1;
|
|
|
|
import "controller/api/resources/scopes/v1/scope.proto";
|
|
import "controller/custom_options/v1/options.proto";
|
|
import "google/api/visibility.proto";
|
|
import "google/protobuf/struct.proto";
|
|
import "google/protobuf/timestamp.proto";
|
|
import "google/protobuf/wrappers.proto";
|
|
|
|
option go_package = "github.com/hashicorp/boundary/sdk/pbs/controller/api/resources/credentials;credentials";
|
|
|
|
// Credential contains all fields related to an Credential resource
|
|
message Credential {
|
|
// Output only. The ID of the Credential.
|
|
string id = 10; // @gotags: `class:"public"`
|
|
|
|
// The ID of the Credential Store of which this Credential is a part.
|
|
string credential_store_id = 20 [json_name = "credential_store_id"]; // @gotags: `class:"public"`
|
|
|
|
// Output only. Scope information for this Credential.
|
|
resources.scopes.v1.ScopeInfo scope = 30;
|
|
|
|
// Optional name for identification purposes.
|
|
google.protobuf.StringValue name = 40 [
|
|
(custom_options.v1.generate_sdk_option) = true,
|
|
(custom_options.v1.mask_mapping) = {
|
|
this: "name"
|
|
that: "Name"
|
|
}
|
|
]; // @gotags: `class:"public"`
|
|
|
|
// Optional user-set description for identification purposes.
|
|
google.protobuf.StringValue description = 50 [
|
|
(custom_options.v1.generate_sdk_option) = true,
|
|
(custom_options.v1.mask_mapping) = {
|
|
this: "description"
|
|
that: "Description"
|
|
}
|
|
]; // @gotags: `class:"public"`
|
|
|
|
// Output only. The time this resource was created.
|
|
google.protobuf.Timestamp created_time = 60 [json_name = "created_time"]; // @gotags: `class:"public"`
|
|
|
|
// Output only. The time this resource was last updated.
|
|
google.protobuf.Timestamp updated_time = 70 [json_name = "updated_time"]; // @gotags: `class:"public"`
|
|
|
|
// Version is used in mutation requests, after the initial creation, to ensure this resource has not changed.
|
|
// The mutation will fail if the version does not match the latest known good version.
|
|
uint32 version = 80; // @gotags: `class:"public"`
|
|
|
|
// The Credential type.
|
|
string type = 90; // @gotags: `class:"public"`
|
|
|
|
oneof attrs {
|
|
// The attributes that are applicable for the specific Credential type.
|
|
google.protobuf.Struct attributes = 100 [
|
|
(custom_options.v1.generate_sdk_option) = true,
|
|
(custom_options.v1.subtype) = "default"
|
|
];
|
|
UsernamePasswordAttributes username_password_attributes = 101 [
|
|
(google.api.field_visibility).restriction = "INTERNAL",
|
|
(custom_options.v1.generate_sdk_option) = true,
|
|
(custom_options.v1.subtype) = "username_password"
|
|
];
|
|
SshPrivateKeyAttributes ssh_private_key_attributes = 102 [
|
|
(google.api.field_visibility).restriction = "INTERNAL",
|
|
(custom_options.v1.generate_sdk_option) = true,
|
|
(custom_options.v1.subtype) = "ssh_private_key"
|
|
];
|
|
JsonAttributes json_attributes = 103 [
|
|
(google.api.field_visibility).restriction = "INTERNAL",
|
|
(custom_options.v1.generate_sdk_option) = true,
|
|
(custom_options.v1.subtype) = "json"
|
|
];
|
|
UsernamePasswordDomainAttributes username_password_domain_attributes = 104 [
|
|
(google.api.field_visibility).restriction = "INTERNAL",
|
|
(custom_options.v1.generate_sdk_option) = true,
|
|
(custom_options.v1.subtype) = "username_password_domain"
|
|
];
|
|
PasswordAttributes password_attributes = 105 [
|
|
(google.api.field_visibility).restriction = "INTERNAL",
|
|
(custom_options.v1.generate_sdk_option) = true,
|
|
(custom_options.v1.subtype) = "password"
|
|
];
|
|
}
|
|
|
|
// Output only. The available actions on this resource for this user.
|
|
repeated string authorized_actions = 300 [json_name = "authorized_actions"]; // @gotags: `class:"public"`
|
|
}
|
|
|
|
// The attributes of a UsernamePassword Credential.
|
|
message UsernamePasswordAttributes {
|
|
// The username associated with the credential.
|
|
google.protobuf.StringValue username = 10 [
|
|
(custom_options.v1.generate_sdk_option) = true,
|
|
(custom_options.v1.mask_mapping) = {
|
|
this: "attributes.username"
|
|
that: "Username"
|
|
}
|
|
]; // @gotags: `class:"sensitive"`
|
|
|
|
// Input only. The password associated with the credential.
|
|
google.protobuf.StringValue password = 20 [
|
|
json_name = "password",
|
|
(custom_options.v1.generate_sdk_option) = true,
|
|
(custom_options.v1.mask_mapping) = {
|
|
this: "attributes.password"
|
|
that: "Password"
|
|
}
|
|
]; // @gotags: `class:"secret"`
|
|
|
|
// Output only. The hmac value of the password.
|
|
string password_hmac = 30 [
|
|
json_name = "password_hmac",
|
|
(custom_options.v1.mask_mapping) = {
|
|
this: "attributes.password_hmac"
|
|
that: "PasswordHmac"
|
|
}
|
|
]; // @gotags: `class:"public"`
|
|
}
|
|
|
|
message UsernamePasswordDomainAttributes {
|
|
// The username associated with the credential.
|
|
google.protobuf.StringValue username = 10 [
|
|
(custom_options.v1.generate_sdk_option) = true,
|
|
(custom_options.v1.mask_mapping) = {
|
|
this: "attributes.username"
|
|
that: "Username"
|
|
}
|
|
]; // @gotags: `class:"sensitive"`
|
|
|
|
// Input only. The password associated with the credential.
|
|
google.protobuf.StringValue password = 20 [
|
|
json_name = "password",
|
|
(custom_options.v1.generate_sdk_option) = true,
|
|
(custom_options.v1.mask_mapping) = {
|
|
this: "attributes.password"
|
|
that: "Password"
|
|
}
|
|
]; // @gotags: `class:"secret"`
|
|
|
|
// Output only. The hmac value of the password.
|
|
string password_hmac = 30 [
|
|
json_name = "password_hmac",
|
|
(custom_options.v1.mask_mapping) = {
|
|
this: "attributes.password_hmac"
|
|
that: "PasswordHmac"
|
|
}
|
|
]; // @gotags: `class:"public"`
|
|
|
|
google.protobuf.StringValue domain = 40 [
|
|
(custom_options.v1.generate_sdk_option) = true,
|
|
(custom_options.v1.mask_mapping) = {
|
|
this: "attributes.domain"
|
|
that: "Domain"
|
|
}
|
|
]; // @gotags: `class:"public"`
|
|
}
|
|
|
|
// The attributes of a Password Credential.
|
|
message PasswordAttributes {
|
|
// Input only. The password associated with the credential.
|
|
google.protobuf.StringValue password = 10 [
|
|
json_name = "password",
|
|
(custom_options.v1.generate_sdk_option) = true,
|
|
(custom_options.v1.mask_mapping) = {
|
|
this: "attributes.password"
|
|
that: "Password"
|
|
}
|
|
]; // @gotags: `class:"secret"`
|
|
|
|
// Output only. The hmac value of the password.
|
|
string password_hmac = 20 [
|
|
json_name = "password_hmac",
|
|
(custom_options.v1.mask_mapping) = {
|
|
this: "attributes.password_hmac"
|
|
that: "PasswordHmac"
|
|
}
|
|
]; // @gotags: `class:"public"`
|
|
}
|
|
|
|
// The attributes of a SshPrivateKey Credential.
|
|
message SshPrivateKeyAttributes {
|
|
// The username associated with the credential.
|
|
google.protobuf.StringValue username = 10 [
|
|
(custom_options.v1.generate_sdk_option) = true,
|
|
(custom_options.v1.mask_mapping) = {
|
|
this: "attributes.username"
|
|
that: "Username"
|
|
}
|
|
]; // @gotags: `class:"sensitive"`
|
|
|
|
// Input only. The SSH private key associated with the credential.
|
|
google.protobuf.StringValue private_key = 20 [
|
|
json_name = "private_key",
|
|
(custom_options.v1.generate_sdk_option) = true,
|
|
(custom_options.v1.mask_mapping) = {
|
|
this: "attributes.private_key"
|
|
that: "PrivateKey"
|
|
}
|
|
]; // @gotags: `class:"secret"`
|
|
|
|
// Output only. The hmac value of the SSH private key.
|
|
string private_key_hmac = 30 [
|
|
json_name = "private_key_hmac",
|
|
(custom_options.v1.mask_mapping) = {
|
|
this: "attributes.private_key_hmac"
|
|
that: "PrivateKeyHmac"
|
|
}
|
|
]; // @gotags: `class:"public"`
|
|
|
|
// Input only. The passphrase for the SSH private key associated with the credential.
|
|
google.protobuf.StringValue private_key_passphrase = 40 [
|
|
json_name = "private_key_passphrase",
|
|
(custom_options.v1.generate_sdk_option) = true,
|
|
(custom_options.v1.mask_mapping) = {
|
|
this: "attributes.private_key_passphrase"
|
|
that: "PrivateKeyPassphrase"
|
|
}
|
|
]; // @gotags: `class:"secret"`
|
|
|
|
// Output only. The hmac value of the SSH private key passphrase.
|
|
string private_key_passphrase_hmac = 50 [
|
|
json_name = "private_key_passphrase_hmac",
|
|
(custom_options.v1.mask_mapping) = {
|
|
this: "attributes.private_key_passphrase_hmac"
|
|
that: "PrivateKeyPassphraseHmac"
|
|
}
|
|
]; // @gotags: `class:"public"`
|
|
}
|
|
|
|
// The attributes of a JSON Credential.
|
|
message JsonAttributes {
|
|
// Input only. The secret associated with the credential.
|
|
google.protobuf.Struct object = 10 [
|
|
json_name = "object",
|
|
(custom_options.v1.generate_sdk_option) = true,
|
|
(custom_options.v1.mask_mapping) = {
|
|
this: "attributes.object"
|
|
that: "Object"
|
|
}
|
|
]; // @gotags: `class:"secret"`
|
|
|
|
// Output only. The hmac value of the object.
|
|
string object_hmac = 20 [
|
|
json_name = "object_hmac",
|
|
(custom_options.v1.mask_mapping) = {
|
|
this: "attributes.object_hmac"
|
|
that: "ObjectHmac"
|
|
}
|
|
]; // @gotags: `class:"public"`
|
|
}
|