mirror of
https://github.com/gravitational/teleport
synced 2024-10-19 16:53:57 +00:00
GCP CLI support: API changes (#19785)
This commit is contained in:
parent
d72ac18247
commit
91032267d6
File diff suppressed because it is too large
Load diff
|
@ -324,6 +324,8 @@ message RouteToApp {
|
|||
string AWSRoleARN = 5 [(gogoproto.jsontag) = "aws_role_arn,omitempty"];
|
||||
// AzureIdentity is the Azure identity to assume when accessing Azure API.
|
||||
string AzureIdentity = 6 [(gogoproto.jsontag) = "azure_identity,omitempty"];
|
||||
// GCPServiceAccount is the GCP service account to assume when accessing GCP API.
|
||||
string GCPServiceAccount = 7 [(gogoproto.jsontag) = "gcp_service_account,omitempty"];
|
||||
}
|
||||
|
||||
// GetUserRequest specifies parameters for the GetUser method.
|
||||
|
@ -706,6 +708,8 @@ message CreateAppSessionRequest {
|
|||
string AWSRoleARN = 5 [(gogoproto.jsontag) = "aws_role_arn"];
|
||||
// AzureIdentity is Azure identity the user wants to assume.
|
||||
string AzureIdentity = 6 [(gogoproto.jsontag) = "azure_identity"];
|
||||
// GCPServiceAccount is the GCP service account the user wants to assume.
|
||||
string GCPServiceAccount = 7 [(gogoproto.jsontag) = "gcp_service_account"];
|
||||
}
|
||||
|
||||
// CreateAppSessionResponse contains the requested application web session.
|
||||
|
|
|
@ -75,11 +75,14 @@ message UserMetadata {
|
|||
// AWSRoleARN is AWS IAM role user assumes when accessing AWS console.
|
||||
string AWSRoleARN = 4 [(gogoproto.jsontag) = "aws_role_arn,omitempty"];
|
||||
|
||||
// AzureIdentity is the Azure identity to assume when accessing Azure API.
|
||||
string AzureIdentity = 6 [(gogoproto.jsontag) = "azure_identity,omitempty"];
|
||||
|
||||
// AccessRequests are the IDs of access requests created by the user
|
||||
repeated string AccessRequests = 5 [(gogoproto.jsontag) = "access_requests,omitempty"];
|
||||
|
||||
// AzureIdentity is the Azure identity user assumes when accessing Azure API.
|
||||
string AzureIdentity = 6 [(gogoproto.jsontag) = "azure_identity,omitempty"];
|
||||
|
||||
// GCPServiceAccount is the GCP service account user assumes when accessing GCP API.
|
||||
string GCPServiceAccount = 7 [(gogoproto.jsontag) = "gcp_service_account,omitempty"];
|
||||
}
|
||||
|
||||
// Server is a server metadata
|
||||
|
@ -3287,6 +3290,8 @@ message Identity {
|
|||
];
|
||||
// AzureIdentities is a list of allowed Azure identities user can assume.
|
||||
repeated string AzureIdentities = 24 [(gogoproto.jsontag) = "azure_identities,omitempty"];
|
||||
// GCPServiceAccounts is a list of allowed GCP service accounts user can assume.
|
||||
repeated string GCPServiceAccounts = 25 [(gogoproto.jsontag) = "gcp_service_accounts,omitempty"];
|
||||
}
|
||||
|
||||
// RouteToApp contains parameters for application access certificate requests.
|
||||
|
@ -3303,6 +3308,8 @@ message RouteToApp {
|
|||
string AWSRoleARN = 5 [(gogoproto.jsontag) = "aws_role_arn,omitempty"];
|
||||
// AzureIdentity is the Azure identity ot assume when accessing Azure API.
|
||||
string AzureIdentity = 6 [(gogoproto.jsontag) = "azure_identity,omitempty"];
|
||||
// GCPServiceAccount is the GCP service account to assume when accessing GCP API.
|
||||
string GCPServiceAccount = 7 [(gogoproto.jsontag) = "gcp_service_account,omitempty"];
|
||||
}
|
||||
|
||||
// RouteToDatabase combines parameters for database service routing information.
|
||||
|
|
|
@ -2433,6 +2433,9 @@ message RoleConditions {
|
|||
(gogoproto.nullable) = false,
|
||||
(gogoproto.jsontag) = "kubernetes_resources,omitempty"
|
||||
];
|
||||
|
||||
// GCPServiceAccounts is a list of GCP service accounts this role is allowed to assume.
|
||||
repeated string GCPServiceAccounts = 25 [(gogoproto.jsontag) = "gcp_service_accounts,omitempty"];
|
||||
}
|
||||
|
||||
// KubernetesResource is the Kubernetes resource identifier.
|
||||
|
|
|
@ -63,6 +63,8 @@ type Application interface {
|
|||
IsAWSConsole() bool
|
||||
// IsAzureCloud returns true if this app represents Azure Cloud instance.
|
||||
IsAzureCloud() bool
|
||||
// IsGCP returns true if this app represents GCP instance.
|
||||
IsGCP() bool
|
||||
// IsTCP returns true if this app represents a TCP endpoint.
|
||||
IsTCP() bool
|
||||
// GetProtocol returns the application protocol.
|
||||
|
@ -242,6 +244,11 @@ func (a *AppV3) IsAzureCloud() bool {
|
|||
return a.Spec.Cloud == CloudAzure
|
||||
}
|
||||
|
||||
// IsGCP returns true if this app is GCP instance.
|
||||
func (a *AppV3) IsGCP() bool {
|
||||
return a.Spec.Cloud == CloudGCP
|
||||
}
|
||||
|
||||
// IsTCP returns true if this app represents a TCP endpoint.
|
||||
func (a *AppV3) IsTCP() bool {
|
||||
return strings.HasPrefix(a.Spec.URI, "tcp://")
|
||||
|
|
File diff suppressed because it is too large
Load diff
|
@ -323,6 +323,8 @@ type CreateAppSessionRequest struct {
|
|||
AWSRoleARN string `json:"aws_role_arn"`
|
||||
// AzureIdentity is Azure identity this the user wants to assume.
|
||||
AzureIdentity string `json:"azure_identity"`
|
||||
// GCPServiceAccount is GCP service account this the user wants to assume.
|
||||
GCPServiceAccount string `json:"gcp_service_account"`
|
||||
}
|
||||
|
||||
// Check validates the request.
|
||||
|
|
File diff suppressed because it is too large
Load diff
Loading…
Reference in a new issue