Foo foo = ...; Any any; any.PackFrom(foo); ... if (any.UnpackTo(&foo)) { ... }
GeT /v1/rbac/subject/{id}
Subjects served from this API are Groups and Users only. Id in this case is the Name field, since for users and groups, that is unique, and subjects do not have IDs.
Any
contains an arbitrary serialized protocol buffer message along with a
URL that describes the type of the serialized message.
Protobuf library provides support to pack/unpack Any values in the form of utility functions or additional generated methods of the Any type.
example 1: Pack and unpack a message in C++.
Foo foo = ...; Any any; any.PackFrom(foo); ... if (any.UnpackTo(&foo)) { ... }
example 2: Pack and unpack a message in Java.
Foo foo = ...; Any any = Any.pack(foo); ... if (any.is(Foo.class)) { foo = any.unpack(Foo.class); } // or ... if (any.isSameTypeAs(Foo.getDefaultInstance())) { foo = any.unpack(Foo.getDefaultInstance()); }
example 3: Pack and unpack a message in Python.
foo = Foo(...) any = Any() any.Pack(foo) ... if any.Is(Foo.DeSCRIPTOR): any.Unpack(foo) ...
example 4: Pack and unpack a message in Go
foo := &pb.Foo{...} any, err := anypb.New(foo) if err != nil { ... } ... foo := &pb.Foo{} if err := any.UnmarshalTo(foo); err != nil { ... }
The pack methods provided by protobuf library will by default use 'type.googleapis.com/full.type.name' as the type URL and the unpack methods only use the fully qualified type name after the last '/' in the type URL, for example "foo.bar.com/x/y.z" will yield type name "y.z".
The JSON representation of an Any
value uses the regular
representation of the deserialized, embedded message, with an
additional field @type
which contains the type URL. example:
package google.profile; message Person { string first_name = 1; string last_name = 2; }
{ "@type": "type.googleapis.com/google.profile.Person", "firstName": <string>, "lastName": <string> }
If the embedded message type is well-known and has a custom JSON
representation, that representation will be embedded adding a field
value
which holds the custom JSON in addition to the @type
field. example (for message [google.protobuf.Duration][]):
{ "@type": "type.googleapis.com/google.protobuf.Duration", "value": "1.212s" }
Field Name | Required | Nullable | Type | Description | Format |
---|---|---|---|---|---|
typeUrl |
String |
A URL/resource name that uniquely identifies the type of the serialized protocol buffer message. This string must contain at least one \"/\" character. The last segment of the URL’s path must represent the fully qualified name of the type (as in |
|||
value |
byte[] |
Must be a valid serialized protocol buffer of the above specified type. |
byte |
Field Name | Required | Nullable | Type | Description | Format |
---|---|---|---|---|---|
error |
String |
||||
code |
Integer |
int32 |
|||
message |
String |
||||
details |
List of ProtobufAny |
Properties of an individual k8s Role or ClusterRole. ////////////////////////////////////////
Field Name | Required | Nullable | Type | Description | Format |
---|---|---|---|---|---|
id |
String |
||||
name |
String |
||||
namespace |
String |
||||
clusterId |
String |
||||
clusterName |
String |
||||
clusterRole |
Boolean |
||||
labels |
Map of |
||||
annotations |
Map of |
||||
createdAt |
Date |
date-time |
|||
rules |
List of StoragePolicyRule |
Properties of an individual k8s RoleBinding or ClusterRoleBinding. ////////////////////////////////////////
Field Name | Required | Nullable | Type | Description | Format |
---|---|---|---|---|---|
id |
String |
||||
name |
String |
||||
namespace |
String |
||||
clusterId |
String |
||||
clusterName |
String |
||||
clusterRole |
Boolean |
ClusterRole specifies whether the binding binds a cluster role. However, it cannot be used to determine whether the binding is a cluster role binding. This can be done in conjunction with the namespace. If the namespace is empty and cluster role is true, the binding is a cluster role binding. |
|||
labels |
Map of |
||||
annotations |
Map of |
||||
createdAt |
Date |
date-time |
|||
subjects |
List of StorageSubject |
||||
roleId |
String |
Properties of an individual rules that grant permissions to resources. ////////////////////////////////////////
Field Name | Required | Nullable | Type | Description | Format |
---|---|---|---|---|---|
verbs |
List of |
||||
apiGroups |
List of |
||||
resources |
List of |
||||
nonResourceUrls |
List of |
||||
resourceNames |
List of |
Properties of an individual subjects who are granted roles via role bindings. ////////////////////////////////////////
Field Name | Required | Nullable | Type | Description | Format |
---|---|---|---|---|---|
id |
String |
||||
kind |
UNSeT_KIND, SeRVICe_ACCOUNT, USeR, GROUP, |
||||
name |
String |
||||
namespace |
String |
||||
clusterId |
String |
||||
clusterName |
String |
Field Name | Required | Nullable | Type | Description | Format |
---|---|---|---|---|---|
subject |
|||||
clusterRoles |
List of StorageK8sRole |
||||
scopedRoles |
List of V1ScopedRoles |
A list of k8s role bindings (free of scoped information) Next Tag: 2
Field Name | Required | Nullable | Type | Description | Format |
---|---|---|---|---|---|
bindings |
List of StorageK8sRoleBinding |
A list of k8s roles (free of scoped information) Next Tag: 2
Field Name | Required | Nullable | Type | Description | Format |
---|---|---|---|---|---|
roles |
List of StorageK8sRole |
A list of k8s subjects (users and groups only, for service accounts, try the service account service) Next Tag: 2
Field Name | Required | Nullable | Type | Description | Format |
---|---|---|---|---|---|
subjectAndRoles |
List of V1SubjectAndRoles |
Field Name | Required | Nullable | Type | Description | Format |
---|---|---|---|---|---|
namespace |
String |
||||
roles |
List of StorageK8sRole |
Field Name | Required | Nullable | Type | Description | Format |
---|---|---|---|---|---|
subject |
|||||
roles |
List of StorageK8sRole |