API Object - role
- Updated on Apr 19, 2023
Role Metadata
type Metadata struct {
ID string `json:"id"`
Name string `json:"name"`
Description string `json:"description"`
}
Role Spec
type Spec struct {
//
// These fields apply to Workload entities
//
// RepoTag is used to identify running containers by specifying
// their Docker image repository and tag
RepoTag RepoTagList `json:"repo_tag"`
// LabelSelector is used to identify containers or processes by
// looking at the labels (key/value pairs) associated with them
LabelSelector []LabSel `json:"label_selector"`
// ServiceAccts are use to identify containers running in a
// Kubernetes cluster by the service account used to deploy a pod
ServiceAccts []string `json:"service_account"`
//
// These fields apply to User entities
//
// UserGroup is used to identity users who belong to a specific
// group in the Identity Provider
UserGroup []string `json:"group"`
// Email is used to identity users by their email id
Email []string `json:"email"`
// DeviceOwnership is used to identify devices that are either
// corporate-owned or employee-owned
DeviceOwnership []string `json:"device_ownership"`
// Platform is used to identify operating system of a device.
// Allowed Values (Darwin, Windows, Android, Linux, iOS).
Platform []string `json:"platform"`
// MDMPresent is used to identify if a device is mdm managed.
// Allowed Value (true). Setting to false has no effect.
MDMPresent bool `json:"mdm_present"`
}
type RepoTagList
RepoTagList is a list of repo:tag strings that represents the Docker registry repository and tag associated with a Workload entity
type RepoTagList []string
type LabSel
LabSel is a map of labels (ie, key/value pairs) associated with a Workload entity
type LabSel map[string]string