mirror of https://github.com/hashicorp/boundary
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
437 lines
18 KiB
437 lines
18 KiB
syntax = "proto3";
|
|
|
|
package controller.api.services.v1;
|
|
|
|
import "controller/api/resources/targets/v1/target.proto";
|
|
import "controller/custom_options/v1/options.proto";
|
|
import "google/api/annotations.proto";
|
|
import "google/protobuf/field_mask.proto";
|
|
import "protoc-gen-openapiv2/options/annotations.proto";
|
|
|
|
option go_package = "github.com/hashicorp/boundary/internal/gen/controller/api/services;services";
|
|
option (custom_options.v1.domain) = "target";
|
|
|
|
service TargetService {
|
|
// GetTarget returns a stored Target if present. The provided request
|
|
// must include the Target ID for the Target being retrieved. If
|
|
// that ID is missing, malformed or reference a non existing
|
|
// resource an error is returned.
|
|
rpc GetTarget(GetTargetRequest) returns (GetTargetResponse) {
|
|
option (google.api.http) = {
|
|
get: "/v1/targets/{id}"
|
|
response_body: "item"
|
|
};
|
|
option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_operation) = {
|
|
summary: "Gets a single Target."
|
|
};
|
|
}
|
|
|
|
// ListTargets returns a list of stored Targets which exist inside the project
|
|
// referenced inside the request. The request must include the scope ID for
|
|
// the Targets being retrieved. If the scope ID is missing, malformed, or
|
|
// reference a non existing scope, an error is returned.
|
|
rpc ListTargets(ListTargetsRequest) returns (ListTargetsResponse) {
|
|
option (google.api.http) = {
|
|
get: "/v1/targets"
|
|
};
|
|
option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_operation) = {
|
|
summary: "Lists all Targets."
|
|
};
|
|
}
|
|
|
|
// CreateTarget creates and stores a Target in boundary. The provided
|
|
// request must include the scope id in which the Target will be created.
|
|
// If the scope id is missing, malformed or references a non existing
|
|
// scope, an error is returned. If a name is provided that is in
|
|
// use in another Target in the same scope, an error is returned.
|
|
rpc CreateTarget(CreateTargetRequest) returns (CreateTargetResponse) {
|
|
option (google.api.http) = {
|
|
post: "/v1/targets"
|
|
body: "item"
|
|
response_body: "item"
|
|
};
|
|
option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_operation) = {
|
|
summary: "Creates a single Target."
|
|
};
|
|
}
|
|
|
|
// UpdateTarget updates an existing Target in boundary. The provided
|
|
// Target must not have any read only fields set. The update mask must be
|
|
// included in the request and contain at least 1 mutable field. To unset
|
|
// a field's value, include the field in the update mask and don't set it
|
|
// in the provided Target. An error is returned if the Target ID is missing
|
|
// or reference a non-existing resource. An error is also returned if the
|
|
// request attempts to update the name to one that is already in use in
|
|
// this scope.
|
|
rpc UpdateTarget(UpdateTargetRequest) returns (UpdateTargetResponse) {
|
|
option (google.api.http) = {
|
|
patch: "/v1/targets/{id}"
|
|
body: "item"
|
|
response_body: "item"
|
|
};
|
|
option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_operation) = {
|
|
summary: "Updates a Target."
|
|
};
|
|
}
|
|
|
|
// DeleteTarget removes a Target from Boundary. If the provided Target ID
|
|
// is malformed or not provided an error is returned.
|
|
rpc DeleteTarget(DeleteTargetRequest) returns (DeleteTargetResponse) {
|
|
option (google.api.http) = {
|
|
delete: "/v1/targets/{id}"
|
|
};
|
|
option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_operation) = {
|
|
summary: "Deletes a Target."
|
|
};
|
|
}
|
|
|
|
// AuthorizeSession creates authorization information from a given Target.
|
|
rpc AuthorizeSession(AuthorizeSessionRequest) returns (AuthorizeSessionResponse) {
|
|
option (google.api.http) = {
|
|
post: "/v1/targets/{id}:authorize-session"
|
|
body: "*"
|
|
response_body: "item"
|
|
};
|
|
option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_operation) = {
|
|
summary: "Authorizes a Session."
|
|
};
|
|
}
|
|
|
|
// AddTargetHostSets adds Host Sets to this Target. The provided request must
|
|
// include the Target ID to which the Host Sets will be added.
|
|
// All Host Sets added to the provided Target must be a child of a Catalog that
|
|
// is a child of the same scope as this Target. If the scope or Target IDs are
|
|
// missing, malformed, or reference non-existing resources, an error is
|
|
// returned. An error is returned if a Host Set is attempted to be added
|
|
// to a target that is already present on the Target.
|
|
rpc AddTargetHostSets(AddTargetHostSetsRequest) returns (AddTargetHostSetsResponse) {
|
|
option (google.api.http) = {
|
|
post: "/v1/targets/{id}:add-host-sets"
|
|
body: "*"
|
|
response_body: "item"
|
|
};
|
|
option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_operation) = {
|
|
summary: "Adds existing Host Sets to a Target."
|
|
};
|
|
}
|
|
|
|
// SetTargetHostSets sets the Target's Host Sets. Any existing Host Sets on the
|
|
// Target are deleted if they are not included in this request. The
|
|
// provided request must include the scope, and the Target ID on which the
|
|
// Host Sets will be set. All Host Sets in the request must be a child of
|
|
// a Catalog that is in the same scope as the provided Target. If any
|
|
// IDs are missing, malformed, or references a non-existing resource, an
|
|
// error is returned.
|
|
rpc SetTargetHostSets(SetTargetHostSetsRequest) returns (SetTargetHostSetsResponse) {
|
|
option (google.api.http) = {
|
|
post: "/v1/targets/{id}:set-host-sets"
|
|
body: "*"
|
|
response_body: "item"
|
|
};
|
|
option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_operation) = {
|
|
summary: "Sets the Host Sets on the Target."
|
|
};
|
|
}
|
|
|
|
// RemoveTargetHostSets removes the Host Sets from the specified Target. The
|
|
// provided request must include the Target ID for the Target
|
|
// from which the Host Sets will be removed. If the ID is missing,
|
|
// malformed, or references a non-existing scope or Catalog, an error is
|
|
// returned. An error is returned if a Host Set is attempted to be
|
|
// removed from the Target when the Target does not have the Host Set.
|
|
rpc RemoveTargetHostSets(RemoveTargetHostSetsRequest) returns (RemoveTargetHostSetsResponse) {
|
|
option (google.api.http) = {
|
|
post: "/v1/targets/{id}:remove-host-sets"
|
|
body: "*"
|
|
response_body: "item"
|
|
};
|
|
option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_operation) = {
|
|
summary: "Removes Host Sets from the Target."
|
|
};
|
|
}
|
|
|
|
// AddTargetHostSources adds Host Sources to this Target. The provided request
|
|
// must include the Target ID to which the Host Sources will be added. All
|
|
// Host Sources added to the provided Target must be a child of a Catalog that
|
|
// is a child of the same scope as this Target. If the scope or Target IDs are
|
|
// missing, malformed, or reference non-existing resources, an error is
|
|
// returned. An error is returned if a Host Source is attempted to be added to a
|
|
// target that is already present on the Target.
|
|
rpc AddTargetHostSources(AddTargetHostSourcesRequest) returns (AddTargetHostSourcesResponse) {
|
|
option (google.api.http) = {
|
|
post: "/v1/targets/{id}:add-host-sources"
|
|
body: "*"
|
|
response_body: "item"
|
|
};
|
|
option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_operation) = {
|
|
summary: "Adds existing Host Sources to a Target."
|
|
};
|
|
}
|
|
|
|
// SetTargetHostSources sets the Target's Host Sources. Any existing Host
|
|
// Sources on the Target are deleted if they are not included in this request.
|
|
// The provided request must include the scope, and the Target ID on which the
|
|
// Host Sources will be set. All Host Sources in the request must be a child
|
|
// of a Catalog that is in the same scope as the provided Target. If any IDs
|
|
// are missing, malformed, or references a non-existing resource, an error is
|
|
// returned.
|
|
rpc SetTargetHostSources(SetTargetHostSourcesRequest) returns (SetTargetHostSourcesResponse) {
|
|
option (google.api.http) = {
|
|
post: "/v1/targets/{id}:set-host-sources"
|
|
body: "*"
|
|
response_body: "item"
|
|
};
|
|
option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_operation) = {
|
|
summary: "Sources the Host Sources on the Target."
|
|
};
|
|
}
|
|
|
|
// RemoveTargetHostSources removes the Host Sources from the specified Target.
|
|
// The provided request must include the Target ID for the Target from which
|
|
// the Host Sources will be removed. If the ID is missing, malformed, or
|
|
// references a non-existing scope or Catalog, an error is returned. An error
|
|
// is returned if a Host Source is attempted to be removed from the Target
|
|
// when the Target does not have the Host Set.
|
|
rpc RemoveTargetHostSources(RemoveTargetHostSourcesRequest) returns (RemoveTargetHostSourcesResponse) {
|
|
option (google.api.http) = {
|
|
post: "/v1/targets/{id}:remove-host-sources"
|
|
body: "*"
|
|
response_body: "item"
|
|
};
|
|
option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_operation) = {
|
|
summary: "Removes Host Sources from the Target."
|
|
};
|
|
}
|
|
|
|
// AddTargetCredentialSources adds Credential Sources to this Target.
|
|
// The provided request must include the Target ID to which the Credential
|
|
// Sources will be added. All Credential Sources added to the provided
|
|
// Target must be a child of a Store that is in the same scope as this
|
|
// Target. If the scope or Target IDs are missing, malformed, or reference
|
|
// non-existing resources, an error is returned. An error is returned if a
|
|
// Credential Source is attempted to be added to a target that is already
|
|
// present on the Target.
|
|
rpc AddTargetCredentialSources(AddTargetCredentialSourcesRequest) returns (AddTargetCredentialSourcesResponse) {
|
|
option (google.api.http) = {
|
|
post: "/v1/targets/{id}:add-credential-sources"
|
|
body: "*"
|
|
response_body: "item"
|
|
};
|
|
option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_operation) = {
|
|
summary: "Adds existing Credential Sources to a Target."
|
|
};
|
|
}
|
|
|
|
// SetTargetCredentialSources sets the Target's Credential Sources.
|
|
// Any existing Credential Sources on the Target are deleted if they are
|
|
// not included in this request. The provided request must include the scope,
|
|
// and the Target ID on which the Credential Sources will be set. All
|
|
// Credential Sources in the request must be a child of a Store that is
|
|
// in the same scope as the provided Target. If any IDs are missing,
|
|
// malformed, or references a non-existing resource, an error is returned.
|
|
rpc SetTargetCredentialSources(SetTargetCredentialSourcesRequest) returns (SetTargetCredentialSourcesResponse) {
|
|
option (google.api.http) = {
|
|
post: "/v1/targets/{id}:set-credential-sources"
|
|
body: "*"
|
|
response_body: "item"
|
|
};
|
|
option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_operation) = {
|
|
summary: "Sets the Credential Sources on the Target."
|
|
};
|
|
}
|
|
|
|
// RemoveTargetCredentialSources removes the Credential Sources from the
|
|
// specified Target. The provided request must include the Target ID for the
|
|
// Target from which the Credential Sources will be removed. If the ID is
|
|
// missing, or malformed, an error is returned. An error is returned if a
|
|
// Credential Source is attempted to be removed from the Target when the
|
|
// Target does not have the Credential Source.
|
|
rpc RemoveTargetCredentialSources(RemoveTargetCredentialSourcesRequest) returns (RemoveTargetCredentialSourcesResponse) {
|
|
option (google.api.http) = {
|
|
post: "/v1/targets/{id}:remove-credential-sources"
|
|
body: "*"
|
|
response_body: "item"
|
|
};
|
|
option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_operation) = {
|
|
summary: "Removes Credential Sources from the Target."
|
|
};
|
|
}
|
|
}
|
|
|
|
message GetTargetRequest {
|
|
string id = 1; // @gotags: `class:"public"`
|
|
}
|
|
|
|
message GetTargetResponse {
|
|
resources.targets.v1.Target item = 1;
|
|
}
|
|
|
|
message ListTargetsRequest {
|
|
string scope_id = 1; // @gotags: `class:"public"`
|
|
bool recursive = 20 [json_name = "recursive"]; // @gotags: `class:"public"`
|
|
string filter = 30 [json_name = "filter"]; // @gotags: `class:"public"`
|
|
}
|
|
|
|
message ListTargetsResponse {
|
|
repeated resources.targets.v1.Target items = 1;
|
|
}
|
|
|
|
message CreateTargetRequest {
|
|
resources.targets.v1.Target item = 1;
|
|
}
|
|
|
|
message CreateTargetResponse {
|
|
string uri = 1; // @gotags: `class:"public"`
|
|
resources.targets.v1.Target item = 2;
|
|
}
|
|
|
|
message UpdateTargetRequest {
|
|
string id = 1; // @gotags: `class:"public"`
|
|
resources.targets.v1.Target item = 2;
|
|
google.protobuf.FieldMask update_mask = 3 [json_name = "update_mask"];
|
|
}
|
|
|
|
message UpdateTargetResponse {
|
|
resources.targets.v1.Target item = 1;
|
|
}
|
|
|
|
message DeleteTargetRequest {
|
|
string id = 1; // @gotags: `class:"public"`
|
|
}
|
|
|
|
message DeleteTargetResponse {}
|
|
|
|
message AddTargetHostSetsRequest {
|
|
string id = 1; // @gotags: `class:"public"`
|
|
// Version is used to ensure this resource has not changed.
|
|
// The mutation will fail if the version does not match the latest known good version.
|
|
uint32 version = 2; // @gotags: `class:"public"`
|
|
repeated string host_set_ids = 3 [json_name = "host_set_ids"]; // @gotags: `class:"public"`
|
|
}
|
|
|
|
message AddTargetHostSetsResponse {
|
|
api.resources.targets.v1.Target item = 1;
|
|
}
|
|
|
|
message SetTargetHostSetsRequest {
|
|
string id = 1; // @gotags: `class:"public"`
|
|
// Version is used to ensure this resource has not changed.
|
|
// The mutation will fail if the version does not match the latest known good version.
|
|
uint32 version = 2; // @gotags: `class:"public"`
|
|
repeated string host_set_ids = 3 [json_name = "host_set_ids"]; // @gotags: `class:"public"`
|
|
}
|
|
|
|
message SetTargetHostSetsResponse {
|
|
api.resources.targets.v1.Target item = 1;
|
|
}
|
|
|
|
message RemoveTargetHostSetsRequest {
|
|
string id = 1; // @gotags: `class:"public"`
|
|
// Version is used to ensure this resource has not changed.
|
|
// The mutation will fail if the version does not match the latest known good version.
|
|
uint32 version = 2; // @gotags: `class:"public"`
|
|
repeated string host_set_ids = 3 [json_name = "host_set_ids"]; // @gotags: `class:"public"`
|
|
}
|
|
|
|
message RemoveTargetHostSetsResponse {
|
|
api.resources.targets.v1.Target item = 1;
|
|
}
|
|
|
|
message AddTargetHostSourcesRequest {
|
|
string id = 1; // @gotags: `class:"public"`
|
|
// Version is used to ensure this resource has not changed.
|
|
// The mutation will fail if the version does not match the latest known good version.
|
|
uint32 version = 2; // @gotags: `class:"public"`
|
|
repeated string host_source_ids = 3 [json_name = "host_source_ids"]; // @gotags: `class:"public"`
|
|
}
|
|
|
|
message AddTargetHostSourcesResponse {
|
|
api.resources.targets.v1.Target item = 1;
|
|
}
|
|
|
|
message SetTargetHostSourcesRequest {
|
|
string id = 1; // @gotags: `class:"public"`
|
|
// Version is used to ensure this resource has not changed.
|
|
// The mutation will fail if the version does not match the latest known good version.
|
|
uint32 version = 2; // @gotags: `class:"public"`
|
|
repeated string host_source_ids = 3 [json_name = "host_source_ids"]; // @gotags: `class:"public"`
|
|
}
|
|
|
|
message SetTargetHostSourcesResponse {
|
|
api.resources.targets.v1.Target item = 1;
|
|
}
|
|
|
|
message RemoveTargetHostSourcesRequest {
|
|
string id = 1; // @gotags: `class:"public"`
|
|
// Version is used to ensure this resource has not changed.
|
|
// The mutation will fail if the version does not match the latest known good version.
|
|
uint32 version = 2; // @gotags: `class:"public"`
|
|
repeated string host_source_ids = 3 [json_name = "host_source_ids"]; // @gotags: `class:"public"`
|
|
}
|
|
|
|
message RemoveTargetHostSourcesResponse {
|
|
api.resources.targets.v1.Target item = 1;
|
|
}
|
|
|
|
message AddTargetCredentialSourcesRequest {
|
|
string id = 1; // @gotags: `class:"public"`
|
|
// Version is used to ensure this resource has not changed.
|
|
// The mutation will fail if the version does not match the latest known good version.
|
|
uint32 version = 2; // @gotags: `class:"public"`
|
|
repeated string application_credential_source_ids = 3 [json_name = "application_credential_source_ids"]; // @gotags: `class:"public"`
|
|
repeated string egress_credential_source_ids = 4 [json_name = "egress_credential_source_ids"]; // @gotags: `class:"public"`
|
|
}
|
|
|
|
message AddTargetCredentialSourcesResponse {
|
|
api.resources.targets.v1.Target item = 1;
|
|
}
|
|
|
|
// Sets the values for credential sources. Any credential_source_id field that
|
|
// is not set in the request will result in those fields being cleared.
|
|
message SetTargetCredentialSourcesRequest {
|
|
string id = 1; // @gotags: `class:"public"`
|
|
// Version is used to ensure this resource has not changed.
|
|
// The mutation will fail if the version does not match the latest known good version.
|
|
uint32 version = 2; // @gotags: `class:"public"`
|
|
repeated string application_credential_source_ids = 3 [json_name = "application_credential_source_ids"]; // @gotags: `class:"public"`
|
|
repeated string egress_credential_source_ids = 4 [json_name = "egress_credential_source_ids"]; // @gotags: `class:"public"`
|
|
}
|
|
|
|
message SetTargetCredentialSourcesResponse {
|
|
api.resources.targets.v1.Target item = 1;
|
|
}
|
|
|
|
message RemoveTargetCredentialSourcesRequest {
|
|
string id = 1; // @gotags: `class:"public"`
|
|
// Version is used to ensure this resource has not changed.
|
|
// The mutation will fail if the version does not match the latest known good version.
|
|
uint32 version = 2; // @gotags: `class:"public"`
|
|
repeated string application_credential_source_ids = 3 [json_name = "application_credential_source_id"]; // @gotags: `class:"public"`
|
|
repeated string egress_credential_source_ids = 4 [json_name = "egress_credential_source_ids"]; // @gotags: `class:"public"`
|
|
}
|
|
|
|
message RemoveTargetCredentialSourcesResponse {
|
|
api.resources.targets.v1.Target item = 1;
|
|
}
|
|
|
|
message AuthorizeSessionRequest {
|
|
// The ID of the target. Required unless some combination of scope_id/scope_name and name are set.
|
|
string id = 1; // @gotags: `class:"public"`
|
|
|
|
// The name of the target. When using this, scope_id or scope_name must be set.
|
|
string name = 3; // @gotags: `class:"public"`
|
|
|
|
// The scope ID containing the target, if specifying the target by name.
|
|
string scope_id = 4; // @gotags: `class:"public"`
|
|
|
|
// The scope name containing the target, if specifying the target by name.
|
|
string scope_name = 5; // @gotags: `class:"public"`
|
|
|
|
// An optional parameter allowing specification of the particular Host within the Target's configured Host Sets to connect to during this Session.
|
|
string host_id = 2 [json_name = "host_id"]; // @gotags: `class:"public"`
|
|
}
|
|
|
|
message AuthorizeSessionResponse {
|
|
api.resources.targets.v1.SessionAuthorization item = 1;
|
|
}
|