Role Metadata

type Metadata struct {
  ID          string `json:"id"`
  Name        string `json:"name"`
  Description string `json:"description"`
}

Role Spec

type Spec struct {
  //
  // These fields apply to Workload entities
  //

  // RepoTag is used to identify running containers by specifying
  // their Docker image repository and tag
  RepoTag       RepoTagList `json:"repo_tag"`
  // LabelSelector is used to identify containers or processes by
  // looking at the labels (key/value pairs) associated with them
  LabelSelector []LabSel    `json:"label_selector"`
  // ServiceAccts are use to identify containers running in a
  // Kubernetes cluster by the service account used to deploy a pod
  ServiceAccts  []string    `json:"service_account"`


  //
  // These fields apply to User entities
  //

  // UserGroup is used to identity users who belong to a specific
  // group in the Identity Provider
  UserGroup []string `json:"group"`
  // Email is used to identity users by their email id
  Email     []string `json:"email"`
  // DeviceOwnership is used to identify devices that are either
  // corporate-owned or employee-owned
  DeviceOwnership []string `json:"device_ownership"`
  // Platform is used to identify operating system of a device.
  // Allowed Values (Darwin, Windows, Android, Linux, iOS).
  Platform              []string `json:"platform"`
  // MDMPresent is used to identify if a device is mdm managed.
  // Allowed Value (true). Setting to false has no effect.
  MDMPresent      bool     `json:"mdm_present"`
}

type RepoTagList

RepoTagList is a list of repo:tag strings that represents the Docker registry repository and tag associated with a Workload entity

type RepoTagList []string

type LabSel

LabSel is a map of labels (ie, key/value pairs) associated with a Workload entity

type LabSel map[string]string



Last modified: Dec 10, 2020