Skip to content

Commit

Permalink
add support for tagged identities
Browse files Browse the repository at this point in the history
This commit adds support for tagged identities.
An identity can have zero, one or multiple tags
(key-value metadata labels). Tags are useful to
associate additional metadata with an identity.
For example, which service is using this identity.

A tag key is an arbitrary string (at most 64 characters long)
and can contain the following characters: [a-z], [A-Z], [0-9] or
'.', '_', '-', '/'.

A tag value is an arbitrary string from the same character set
but it can be long 256 characters long.

An identity can hold up to 32 tags.

Signed-off-by: Andreas Auernhammer <[email protected]>
  • Loading branch information
aead committed Oct 10, 2024
1 parent e82414e commit 16e8557
Show file tree
Hide file tree
Showing 8 changed files with 122 additions and 67 deletions.
2 changes: 1 addition & 1 deletion kms/protobuf/log.pb.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

78 changes: 48 additions & 30 deletions kms/protobuf/request.pb.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

3 changes: 3 additions & 0 deletions kms/protobuf/request.proto
Original file line number Diff line number Diff line change
Expand Up @@ -233,6 +233,9 @@ message CreateIdentityRequest {

// IsServiceAccount indicates whether the identity is a service account.
bool IsServiceAccount = 3 [ json_name = "service_account" ];

// Tags are optional metadata labels attached to the identity as key-value pairs.
map<string,string> Tags = 4 [ json_name="tags" ];
}

message IdentityRequest {
Expand Down
89 changes: 54 additions & 35 deletions kms/protobuf/response.pb.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

3 changes: 3 additions & 0 deletions kms/protobuf/response.proto
Original file line number Diff line number Diff line change
Expand Up @@ -284,6 +284,9 @@ message IdentityResponse {
bool IsServiceAccount = 6 [ json_name = "is_service_account" ];

repeated string ServiceAccounts = 7 [ json_name = "service_accounts" ];

// Tags are optional metadata labels attached to the key as key-value pairs.
map<string,string> Tags = 8 [ json_name="tags" ];
}

message ListIdentitiesResponse {
Expand Down
2 changes: 1 addition & 1 deletion kms/protobuf/rule.pb.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Loading

0 comments on commit 16e8557

Please sign in to comment.