| // Copyright (c) HashiCorp, Inc. |
| // SPDX-License-Identifier: MPL-2.0 |
| |
| syntax = "proto3"; |
| |
| option go_package = "github.com/hashicorp/vault/sdk/logical"; |
| |
| package logical; |
| |
| message Entity { |
| // ID is the unique identifier for the entity |
| string ID = 1; |
| |
| // Name is the human-friendly unique identifier for the entity |
| string name = 2; |
| |
| // Aliases contains thhe alias mappings for the given entity |
| repeated Alias aliases = 3; |
| |
| // Metadata represents the custom data tied to this entity |
| map<string, string> metadata = 4; |
| |
| // Disabled is true if the entity is disabled. |
| bool disabled = 5; |
| |
| // NamespaceID is the identifier of the namespace to which this entity |
| // belongs to. |
| string namespace_id = 6; |
| } |
| |
| message Alias { |
| // MountType is the backend mount's type to which this identity belongs |
| string mount_type = 1; |
| |
| // MountAccessor is the identifier of the mount entry to which this |
| // identity belongs |
| string mount_accessor = 2; |
| |
| // Name is the identifier of this identity in its authentication source |
| string name = 3; |
| |
| // Metadata represents the custom data tied to this alias. Fields added |
| // to it should have a low rate of change (or no change) because each |
| // change incurs a storage write, so quickly-changing fields can have |
| // a significant performance impact at scale. See the SDK's |
| // "aliasmetadata" package for a helper that eases and standardizes |
| // using this safely. |
| map<string, string> metadata = 4; |
| |
| // ID is the unique identifier for the alias |
| string ID = 5; |
| |
| // NamespaceID is the identifier of the namespace to which this alias |
| // belongs. |
| string namespace_id = 6; |
| |
| // Custom Metadata represents the custom data tied to this alias |
| map<string, string> custom_metadata = 7; |
| |
| // Local indicates if the alias only belongs to the cluster where it was |
| // created. If true, the alias will be stored in a location that are ignored |
| // by the performance replication subsystem. |
| bool local = 8; |
| } |
| |
| message Group { |
| // ID is the unique identifier for the group |
| string ID = 1; |
| |
| // Name is the human-friendly unique identifier for the group |
| string name = 2; |
| |
| // Metadata represents the custom data tied to this group |
| map<string, string> metadata = 3; |
| |
| // NamespaceID is the identifier of the namespace to which this group |
| // belongs to. |
| string namespace_id = 4; |
| } |
| |
| message MFAMethodID { |
| string type = 1; |
| string id = 2; |
| bool uses_passcode = 3; |
| string name = 4; |
| } |
| |
| message MFAConstraintAny { |
| repeated MFAMethodID any = 1; |
| } |
| |
| message MFARequirement { |
| string mfa_request_id = 1; |
| map<string, MFAConstraintAny> mfa_constraints = 2; |
| } |