@cerbos/files/lib/protobuf/cerbos/policy/v1/policy.d.ts

Load Cerbos policies from YAML or JSON files

import { Effect } from "../../effect/v1/effect";
export declare const protobufPackage = "cerbos.policy.v1";
export declare enum ScopePermissions {
    SCOPE_PERMISSIONS_UNSPECIFIED = 0,
    SCOPE_PERMISSIONS_OVERRIDE_PARENT = 1,
    SCOPE_PERMISSIONS_REQUIRE_PARENTAL_CONSENT_FOR_ALLOWS = 2
}
export declare function scopePermissionsFromJSON(object: any): ScopePermissions;
export declare function scopePermissionsToJSON(object: ScopePermissions): string;
export interface Policy {
    apiVersion: string;
    disabled: boolean;
    description: string;
    metadata: Metadata | undefined;
    policyType?: {
        $case: "resourcePolicy";
        resourcePolicy: ResourcePolicy;
    } | {
        $case: "principalPolicy";
        principalPolicy: PrincipalPolicy;
    } | {
        $case: "derivedRoles";
        derivedRoles: DerivedRoles;
    } | {
        $case: "exportVariables";
        exportVariables: ExportVariables;
    } | {
        $case: "rolePolicy";
        rolePolicy: RolePolicy;
    } | {
        $case: "exportConstants";
        exportConstants: ExportConstants;
    } | undefined;
    variables: {
        [key: string]: string;
    };
    jsonSchema: string;
}
export interface Policy_VariablesEntry {
    key: string;
    value: string;
}
export interface SourceAttributes {
    attributes: {
        [key: string]: any | undefined;
    };
}
export interface SourceAttributes_AttributesEntry {
    key: string;
    value: any | undefined;
}
export interface Metadata {
    sourceFile: string;
    annotations: {
        [key: string]: string;
    };
    hash: string | undefined;
    storeIdentifer: string;
    storeIdentifier: string;
    sourceAttributes: SourceAttributes | undefined;
}
export interface Metadata_AnnotationsEntry {
    key: string;
    value: string;
}
export interface ResourcePolicy {
    resource: string;
    version: string;
    importDerivedRoles: string[];
    rules: ResourceRule[];
    scope: string;
    schemas: Schemas | undefined;
    variables: Variables | undefined;
    scopePermissions: ScopePermissions;
    constants: Constants | undefined;
}
export interface ResourceRule {
    actions: string[];
    derivedRoles: string[];
    roles: string[];
    condition: Condition | undefined;
    effect: Effect;
    name: string;
    output: Output | undefined;
}
export interface RolePolicy {
    policyType?: {
        $case: "role";
        role: string;
    } | undefined;
    parentRoles: string[];
    scope: string;
    rules: RoleRule[];
    scopePermissions: ScopePermissions;
}
export interface RoleRule {
    resource: string;
    allowActions: string[];
    condition: Condition | undefined;
}
export interface PrincipalPolicy {
    principal: string;
    version: string;
    rules: PrincipalRule[];
    scope: string;
    variables: Variables | undefined;
    scopePermissions: ScopePermissions;
    constants: Constants | undefined;
}
export interface PrincipalRule {
    resource: string;
    actions: PrincipalRule_Action[];
}
export interface PrincipalRule_Action {
    action: string;
    condition: Condition | undefined;
    effect: Effect;
    name: string;
    output: Output | undefined;
}
export interface DerivedRoles {
    name: string;
    definitions: RoleDef[];
    variables: Variables | undefined;
    constants: Constants | undefined;
}
export interface RoleDef {
    name: string;
    parentRoles: string[];
    condition: Condition | undefined;
}
export interface ExportConstants {
    name: string;
    definitions: {
        [key: string]: any | undefined;
    };
}
export interface ExportConstants_DefinitionsEntry {
    key: string;
    value: any | undefined;
}
export interface Constants {
    import: string[];
    local: {
        [key: string]: any | undefined;
    };
}
export interface Constants_LocalEntry {
    key: string;
    value: any | undefined;
}
export interface ExportVariables {
    name: string;
    definitions: {
        [key: string]: string;
    };
}
export interface ExportVariables_DefinitionsEntry {
    key: string;
    value: string;
}
export interface Variables {
    import: string[];
    local: {
        [key: string]: string;
    };
}
export interface Variables_LocalEntry {
    key: string;
    value: string;
}
export interface Condition {
    condition?: {
        $case: "match";
        match: Match;
    } | {
        $case: "script";
        script: string;
    } | undefined;
}
export interface Match {
    op?: {
        $case: "all";
        all: Match_ExprList;
    } | {
        $case: "any";
        any: Match_ExprList;
    } | {
        $case: "none";
        none: Match_ExprList;
    } | {
        $case: "expr";
        expr: string;
    } | undefined;
}
export interface Match_ExprList {
    of: Match[];
}
export interface Output {
    expr: string;
    when: Output_When | undefined;
}
export interface Output_When {
    ruleActivated: string;
    conditionNotMet: string;
}
export interface Schemas {
    principalSchema: Schemas_Schema | undefined;
    resourceSchema: Schemas_Schema | undefined;
}
export interface Schemas_IgnoreWhen {
    actions: string[];
}
export interface Schemas_Schema {
    ref: string;
    ignoreWhen: Schemas_IgnoreWhen | undefined;
}
export declare const Policy: MessageFns<Policy>;
export declare const Policy_VariablesEntry: MessageFns<Policy_VariablesEntry>;
export declare const SourceAttributes: MessageFns<SourceAttributes>;
export declare const SourceAttributes_AttributesEntry: MessageFns<SourceAttributes_AttributesEntry>;
export declare const Metadata: MessageFns<Metadata>;
export declare const Metadata_AnnotationsEntry: MessageFns<Metadata_AnnotationsEntry>;
export declare const ResourcePolicy: MessageFns<ResourcePolicy>;
export declare const ResourceRule: MessageFns<ResourceRule>;
export declare const RolePolicy: MessageFns<RolePolicy>;
export declare const RoleRule: MessageFns<RoleRule>;
export declare const PrincipalPolicy: MessageFns<PrincipalPolicy>;
export declare const PrincipalRule: MessageFns<PrincipalRule>;
export declare const PrincipalRule_Action: MessageFns<PrincipalRule_Action>;
export declare const DerivedRoles: MessageFns<DerivedRoles>;
export declare const RoleDef: MessageFns<RoleDef>;
export declare const ExportConstants: MessageFns<ExportConstants>;
export declare const ExportConstants_DefinitionsEntry: MessageFns<ExportConstants_DefinitionsEntry>;
export declare const Constants: MessageFns<Constants>;
export declare const Constants_LocalEntry: MessageFns<Constants_LocalEntry>;
export declare const ExportVariables: MessageFns<ExportVariables>;
export declare const ExportVariables_DefinitionsEntry: MessageFns<ExportVariables_DefinitionsEntry>;
export declare const Variables: MessageFns<Variables>;
export declare const Variables_LocalEntry: MessageFns<Variables_LocalEntry>;
export declare const Condition: MessageFns<Condition>;
export declare const Match: MessageFns<Match>;
export declare const Match_ExprList: MessageFns<Match_ExprList>;
export declare const Output: MessageFns<Output>;
export declare const Output_When: MessageFns<Output_When>;
export declare const Schemas: MessageFns<Schemas>;
export declare const Schemas_IgnoreWhen: MessageFns<Schemas_IgnoreWhen>;
export declare const Schemas_Schema: MessageFns<Schemas_Schema>;
export interface MessageFns<T> {
    fromJSON(object: any): T;
    toJSON(message: T): unknown;
}
//# sourceMappingURL=policy.d.ts.map