blob: 4a1f3413750d3c0bee4e61ac9590fa2ce1710836 [file] [log] [blame] [edit]
// Copyright (c) HashiCorp, Inc.
// SPDX-License-Identifier: MPL-2.0
syntax = "proto3";
option go_package = "github.com/hashicorp/vault/sdk/logical";
package logical;
message Entity {
// ID is the unique identifier for the entity
string ID = 1;
// Name is the human-friendly unique identifier for the entity
string name = 2;
// Aliases contains thhe alias mappings for the given entity
repeated Alias aliases = 3;
// Metadata represents the custom data tied to this entity
map<string, string> metadata = 4;
// Disabled is true if the entity is disabled.
bool disabled = 5;
// NamespaceID is the identifier of the namespace to which this entity
// belongs to.
string namespace_id = 6;
}
message Alias {
// MountType is the backend mount's type to which this identity belongs
string mount_type = 1;
// MountAccessor is the identifier of the mount entry to which this
// identity belongs
string mount_accessor = 2;
// Name is the identifier of this identity in its authentication source
string name = 3;
// Metadata represents the custom data tied to this alias. Fields added
// to it should have a low rate of change (or no change) because each
// change incurs a storage write, so quickly-changing fields can have
// a significant performance impact at scale. See the SDK's
// "aliasmetadata" package for a helper that eases and standardizes
// using this safely.
map<string, string> metadata = 4;
// ID is the unique identifier for the alias
string ID = 5;
// NamespaceID is the identifier of the namespace to which this alias
// belongs.
string namespace_id = 6;
// Custom Metadata represents the custom data tied to this alias
map<string, string> custom_metadata = 7;
// Local indicates if the alias only belongs to the cluster where it was
// created. If true, the alias will be stored in a location that are ignored
// by the performance replication subsystem.
bool local = 8;
}
message Group {
// ID is the unique identifier for the group
string ID = 1;
// Name is the human-friendly unique identifier for the group
string name = 2;
// Metadata represents the custom data tied to this group
map<string, string> metadata = 3;
// NamespaceID is the identifier of the namespace to which this group
// belongs to.
string namespace_id = 4;
}
message MFAMethodID {
string type = 1;
string id = 2;
bool uses_passcode = 3;
string name = 4;
}
message MFAConstraintAny {
repeated MFAMethodID any = 1;
}
message MFARequirement {
string mfa_request_id = 1;
map<string, MFAConstraintAny> mfa_constraints = 2;
}