1// Copyright 2018 Istio Authors
2//
3// Licensed under the Apache License, Version 2.0 (the "License");
4// you may not use this file except in compliance with the License.
5// You may obtain a copy of the License at
6//
7//     http://www.apache.org/licenses/LICENSE-2.0
8//
9// Unless required by applicable law or agreed to in writing, software
10// distributed under the License is distributed on an "AS IS" BASIS,
11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12// See the License for the specific language governing permissions and
13// limitations under the License.
14
15syntax = "proto3";
16
17// $schema: istio.policy.v1beta1.Rule
18// $schema: istio.policy.v1beta1.AttributeManifest
19// $title: Rules
20// $description: Describes the rules used to configure Mixer's policy and telemetry features.
21// $location: https://istio.io/docs/reference/config/policy-and-telemetry/istio.policy.v1beta1.html
22
23// Describes the rules used to configure Mixer's policy and telemetry features.
24package istio.policy.v1beta1;
25
26option go_package="istio.io/api/policy/v1beta1";
27
28import "google/protobuf/duration.proto";
29import "google/protobuf/timestamp.proto";
30
31// An instance field of type Value denotes that the expression for the field is of dynamic type and can evaluate to any
32// [ValueType][istio.policy.v1beta1.ValueType] enum values. For example, when
33// authoring an instance configuration for a template that has a field `data` of type `istio.policy.v1beta1.Value`,
34// both of the following expressions are valid `data: source.ip | ip("0.0.0.0")`, `data: request.id | ""`;
35// the resulting type is either ValueType.IP_ADDRESS or ValueType.STRING for the two cases respectively.
36//
37// Objects of type Value are also passed to the adapters during request-time. There is a 1:1 mapping between
38// oneof fields in `Value` and enum values inside `ValueType`. Depending on the expression's evaluated `ValueType`,
39// the equivalent oneof field in `Value` is populated by Mixer and passed to the adapters.
40message Value {
41    oneof value {
42        // Used for values of type STRING
43        string string_value = 1;
44
45        // Used for values of type INT64
46        int64 int64_value = 2;
47
48        // Used for values of type DOUBLE
49        double double_value = 3;
50
51        // Used for values of type BOOL
52        bool bool_value = 4;
53
54        // Used for values of type IPAddress
55        IPAddress ip_address_value = 5;
56
57        // Used for values of type TIMESTAMP
58        TimeStamp timestamp_value = 6;
59
60        // Used for values of type DURATION
61        Duration duration_value = 7;
62
63        // Used for values of type EmailAddress
64        EmailAddress email_address_value = 8;
65
66        // Used for values of type DNSName
67        DNSName dns_name_value = 9;
68
69        // Used for values of type Uri
70        Uri uri_value = 10;
71
72        // Used for values of type STRING_MAP
73        StringMap string_map_value = 11;
74    }
75}
76
77// An instance field of type IPAddress denotes that the expression for the field must evaluate to
78// [ValueType.IP_ADDRESS][istio.policy.v1beta1.ValueType.IP_ADDRESS]
79//
80// Objects of type IPAddress are also passed to the adapters during request-time for the instance fields of
81// type IPAddress
82message IPAddress {
83    // IPAddress encoded as bytes.
84    bytes value = 1;
85}
86
87// An instance field of type Duration denotes that the expression for the field must evaluate to
88// [ValueType.DURATION][istio.policy.v1beta1.ValueType.DURATION]
89//
90// Objects of type Duration are also passed to the adapters during request-time for the instance fields of
91// type Duration
92message Duration {
93    // Duration encoded as google.protobuf.Duration.
94    google.protobuf.Duration value = 1;
95}
96
97// An instance field of type TimeStamp denotes that the expression for the field must evaluate to
98// [ValueType.TIMESTAMP][istio.policy.v1beta1.ValueType.TIMESTAMP]
99//
100// Objects of type TimeStamp are also passed to the adapters during request-time for the instance fields of
101// type TimeStamp
102message TimeStamp {
103    // TimeStamp encoded as google.protobuf.Timestamp.
104    google.protobuf.Timestamp value = 1;
105}
106
107// An instance field of type DNSName denotes that the expression for the field must evaluate to
108// [ValueType.DNS_NAME][istio.policy.v1beta1.ValueType.DNS_NAME]
109//
110// Objects of type DNSName are also passed to the adapters during request-time for the instance fields of
111// type DNSName
112message DNSName {
113    // DNSName encoded as string.
114    string value = 1;
115}
116
117
118// An instance field of type StringMap denotes that the expression for the field must evaluate to
119// [ValueType.STRING_MAP][istio.policy.v1beta1.ValueType.STRING_MAP]
120//
121// Objects of type StringMap are also passed to the adapters during request-time for the instance fields of
122// type StringMap
123message StringMap {
124    // StringMap encoded as a map of strings
125    map<string, string> value = 1;
126}
127
128// DO NOT USE !! Under Development
129// An instance field of type EmailAddress denotes that the expression for the field must evaluate to
130// [ValueType.EMAIL_ADDRESS][istio.policy.v1beta1.ValueType.EMAIL_ADDRESS]
131//
132// Objects of type EmailAddress are also passed to the adapters during request-time for the instance fields of
133// type EmailAddress
134message EmailAddress {
135    // EmailAddress encoded as string.
136    string value = 1;
137}
138
139// DO NOT USE !! Under Development
140// An instance field of type Uri denotes that the expression for the field must evaluate to
141// [ValueType.URI][istio.policy.v1beta1.ValueType.URI]
142//
143// Objects of type Uri are also passed to the adapters during request-time for the instance fields of
144// type Uri
145message Uri {
146    // Uri encoded as string.
147    string value = 1;
148}
149