mirror of
https://github.com/pomerium/pomerium.git
synced 2025-07-27 21:49:12 +02:00
504197d83b
* add support for sub policies * add support for sub policies * update authz rego policy to support sub policies
61 lines
1.4 KiB
Protocol Buffer
61 lines
1.4 KiB
Protocol Buffer
syntax = "proto3";
|
|
|
|
package pomerium.config;
|
|
option go_package = "github.com/pomerium/pomerium/pkg/grpc/config";
|
|
|
|
import "google/protobuf/duration.proto";
|
|
|
|
message Config {
|
|
string name = 1;
|
|
repeated Route routes = 2;
|
|
}
|
|
|
|
message Route {
|
|
string name = 1;
|
|
|
|
string from = 2;
|
|
string to = 3;
|
|
|
|
repeated string allowed_users = 4 [deprecated = true];
|
|
repeated string allowed_groups = 5 [deprecated = true];
|
|
repeated string allowed_domains = 6 [deprecated = true];
|
|
|
|
string prefix = 7;
|
|
string path = 8;
|
|
string regex = 9;
|
|
|
|
bool cors_allow_preflight = 10;
|
|
bool allow_public_unauthenticated_access = 11;
|
|
google.protobuf.Duration timeout = 12;
|
|
bool allow_websockets = 13;
|
|
|
|
bool tls_skip_verify = 14;
|
|
string tls_server_name = 15;
|
|
string tls_custom_ca = 16;
|
|
string tls_custom_ca_file = 17;
|
|
|
|
string tls_client_cert = 18;
|
|
string tls_client_key = 19;
|
|
string tls_client_cert_file = 20;
|
|
string tls_client_key_file = 21;
|
|
|
|
map<string, string> set_request_headers = 22;
|
|
repeated string remove_request_headers = 23;
|
|
|
|
bool preserve_host_header = 24;
|
|
bool pass_identity_headers = 25;
|
|
|
|
string kubernetes_service_account_token = 26;
|
|
|
|
repeated Policy policies = 27;
|
|
string id = 28;
|
|
}
|
|
|
|
message Policy {
|
|
string id = 1;
|
|
string name = 2;
|
|
repeated string allowed_users = 3;
|
|
repeated string allowed_groups = 4;
|
|
repeated string allowed_domains = 5;
|
|
repeated string rego = 6;
|
|
}
|