| // Licensed to the Apache Software Foundation (ASF) under one |
| // or more contributor license agreements. See the NOTICE file |
| // distributed with this work for additional information |
| // regarding copyright ownership. The ASF licenses this file |
| // to you under the Apache License, Version 2.0 (the |
| // "License"); you may not use this file except in compliance |
| // with the License. You may obtain a copy of the License at |
| // |
| // http://www.apache.org/licenses/LICENSE-2.0 |
| // |
| // Unless required by applicable law or agreed to in writing, software |
| // distributed under the License is distributed on an "AS IS" BASIS, |
| // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| // See the License for the specific language governing permissions and |
| // limitations under the License. |
| |
| syntax = "proto2"; |
| |
| import "mesos/mesos.proto"; |
| import "mesos/quota/quota.proto"; |
| |
| package mesos.authorization; |
| |
| option java_package = "org.apache.mesos.authorization"; |
| option java_outer_classname = "Protos"; |
| |
| |
| // A `Subject` is the entity which desires to execute an `Action` on |
| // an `Object`. A `Subject` has a number of optional fields: |
| // `value` : String which identifies the subject, i.e., a principal. |
| // `claims`: Key-value pairs associated with the subject. |
| // |
| // NOTE: A `Subject` should always come with at least one set field. |
| message Subject { |
| optional string value = 1; |
| optional Labels claims = 2; |
| } |
| |
| |
| // An `Object` is the entity on which a `Subject` wishes to execute an |
| // `Action`. An `Object` has a number of optional fields of which, |
| // depending on the action, one or more fields must be set. For |
| // example the `VIEW_EXECUTOR` action expects the `executor_info` and |
| // `framework_info` field to be set. The `Action` comments explain |
| // what to expect. |
| // NOTE: An `Object` should always come with at least one set field. |
| message Object { |
| optional string value = 1; |
| optional FrameworkInfo framework_info = 2; |
| optional Task task = 3; |
| optional TaskInfo task_info = 4; |
| optional ExecutorInfo executor_info = 5; |
| optional quota.QuotaInfo quota_info = 6 [deprecated = true]; |
| optional WeightInfo weight_info = 7; |
| optional Resource resource = 8; |
| optional CommandInfo command_info = 9; |
| optional ContainerID container_id = 10; |
| optional MachineID machine_id = 11; |
| } |
| |
| |
| // List of authorizable actions supported in Mesos. |
| // NOTE: Values in this enum should be kept in |
| // numerical order to prevent accidental aliasing. |
| enum Action { |
| option allow_alias = true; |
| |
| // This must be the first enum value in this list, to |
| // ensure that if 'type' is not set, the default value |
| // is UNKNOWN. This enables enum values to be added |
| // in a backwards-compatible way. See: MESOS-4997. |
| UNKNOWN = 0; |
| |
| // Actions named *_WITH_foo may set a foo in `Object.value`. |
| |
| // `REGISTER_FRAMEWORK` will have an object with `FrameworkInfo` set. |
| // The `_WITH_ROLE` alias is deprecated and will be removed after |
| // Mesos 1.2's deprecation cycle ends. The `value` field will continue |
| // to be set until that time. |
| REGISTER_FRAMEWORK = 1; |
| REGISTER_FRAMEWORK_WITH_ROLE = 1; |
| |
| // `RUN_TASK` will have an object with `FrameworkInfo` and `TaskInfo` set. |
| RUN_TASK = 2; |
| |
| // `TEARDOWN_FRAMEWORK` will have an object with `FrameworkInfo` set. |
| // The `_WITH_PRINCIPAL` alias is deprecated and will be removed after |
| // Mesos 1.2's deprecation cycle ends. The `value` field will continue |
| // to be set until that time. |
| TEARDOWN_FRAMEWORK = 3; |
| TEARDOWN_FRAMEWORK_WITH_PRINCIPAL = 3; |
| |
| // `RESERVE_RESOURCES` will have an object with `Resource` set. |
| // The `_WITH_ROLE` alias is deprecated and will be removed after |
| // Mesos 1.2's deprecation cycle ends. The `value` field will continue |
| // to be set until that time. |
| RESERVE_RESOURCES = 4; |
| RESERVE_RESOURCES_WITH_ROLE = 4; |
| |
| // `UNRESERVE_RESOURCES` will have an object with `Resource` set. |
| // The `_WITH_PRINCIPAL` alias is deprecated and will be removed after |
| // Mesos 1.2's deprecation cycle ends. The `value` field will continue |
| // to be set until that time. |
| UNRESERVE_RESOURCES = 5; |
| UNRESERVE_RESOURCES_WITH_PRINCIPAL = 5; |
| |
| // `CREATE_VOLUME` will have an object with `Resource` set. |
| // The `_WITH_ROLE` alias is deprecated and will be removed after |
| // Mesos 1.2's deprecation cycle ends. The `value` field will continue |
| // to be set until that time. |
| CREATE_VOLUME = 6; |
| CREATE_VOLUME_WITH_ROLE = 6; |
| |
| // `DESTROY_VOLUME` will have an object with `Resource` set. |
| // The `_WITH_PRINCIPAL` alias is deprecated and will be removed after |
| // Mesos 1.2's deprecation cycle ends. The `value` field will continue |
| // to be set until that time. |
| DESTROY_VOLUME = 7; |
| DESTROY_VOLUME_WITH_PRINCIPAL = 7; |
| |
| GET_ENDPOINT_WITH_PATH = 8; |
| VIEW_ROLE = 9; |
| |
| // `UPDATE_WEIGHT` will have an object with `WeightInfo` set. |
| // The `_WITH_ROLE` alias is deprecated and will be removed after |
| // Mesos 1.2's deprecation cycle ends. The `value` field will continue |
| // to be set until that time. |
| UPDATE_WEIGHT = 10; |
| UPDATE_WEIGHT_WITH_ROLE = 10; |
| |
| // Prioir to Mesos 1.9, `GET_QUOTA` has an object with both `QuotaInfo` |
| // and `value` set. Since Mesos 1.9, the object will only have `value` set. |
| // |
| // The `_WITH_ROLE` alias is deprecated and will be removed after |
| // Mesos 1.2's deprecation cycle ends. |
| GET_QUOTA = 11; |
| GET_QUOTA_WITH_ROLE = 11; |
| |
| // `UPDATE_QUOTA` will have an object with a `QuotaInfo` set. |
| // |
| // TODO(mzhu): Remove this action after associated API calls `SET_QUOTA` |
| // and `REMOVE_QUOTA` are no longer supported. |
| // |
| // NOTE: We cannot reuse this action for the `UPDATE_QUOTA` API call, |
| // because the associated `QuotaConfig` message contains more information |
| // than `QuotaInfo`. |
| UPDATE_QUOTA = 12 [deprecated = true]; |
| |
| // `UPDATE_QUOTA_WITH_CONFIG` will have an object |
| // with a `value` field set to the role name. |
| UPDATE_QUOTA_WITH_CONFIG = 50; |
| |
| // `VIEW_FRAMEWORK` will have an object with a `FrameworkInfo` set. |
| VIEW_FRAMEWORK = 13; |
| |
| // `VIEW_TASK` will have an object with (`Task` or `TaskInfo`) and |
| // `FrameworkInfo` set. |
| VIEW_TASK = 14; |
| |
| // `VIEW_EXECUTOR` will have an object with `ExecutorInfo` and |
| // `FrameworkInfo` set. |
| VIEW_EXECUTOR = 15; |
| |
| // This action will have an object which commonly has both a |
| // `FrameworkInfo` and `ExecutorInfo` set. In exceptional cases the |
| // object might have nothing set. See MESOS-5730. |
| ACCESS_SANDBOX = 16; |
| |
| // This action will not fill in any object fields, since the object |
| // is the master/agent log itself. |
| ACCESS_MESOS_LOG = 17; |
| |
| // This action will not fill in any object fields, since the object |
| // is the entire set of flags. |
| VIEW_FLAGS = 18; |
| |
| // This action will always set the `ExecutorInfo`, `FrameworkInfo`, and |
| // `ContainerID` fields and optionally a `CommandInfo` if available. |
| LAUNCH_NESTED_CONTAINER = 19; |
| |
| // This action will set objects of type `ExecutorInfo`, `FrameworkInfo`, and |
| // `ContainerID`. |
| KILL_NESTED_CONTAINER = 20; |
| |
| // This action will set objects of type `ExecutorInfo`, `FrameworkInfo`, and |
| // `ContainerID`. |
| WAIT_NESTED_CONTAINER = 21; |
| |
| // This action will always set the `ExecutorInfo`, `FrameworkInfo`, and |
| // `ContainerID` fields and optionally a `CommandInfo` if available. |
| LAUNCH_NESTED_CONTAINER_SESSION = 22; |
| |
| // This action will set objects of type `ExecutorInfo` and `FrameworkInfo`. |
| ATTACH_CONTAINER_INPUT = 23; |
| |
| // This action will set objects of type `ExecutorInfo` and `FrameworkInfo`. |
| ATTACH_CONTAINER_OUTPUT = 24; |
| |
| // This action will set objects of type `ExecutorInfo` and `FrameworkInfo`. |
| VIEW_CONTAINER = 25; |
| |
| // This action will not fill in any object fields, since a principal is |
| // either allowed to change the log level or he is unauthorized. |
| SET_LOG_LEVEL = 26; |
| |
| // This action will set objects of type `ExecutorInfo`, `FrameworkInfo`, and |
| // `ContainerID`. |
| REMOVE_NESTED_CONTAINER = 27; |
| |
| // This action will not fill in any object fields, since a principal is |
| // either allowed to register as an agent or is unauthorized. |
| REGISTER_AGENT = 28; |
| |
| // This action will set objects of type `MachineID`. |
| UPDATE_MAINTENANCE_SCHEDULE = 29; |
| |
| // This action will set objects of type `MachineID`. |
| GET_MAINTENANCE_SCHEDULE = 30; |
| |
| // This action will set objects of type `MachineID`. |
| START_MAINTENANCE = 31; |
| |
| // This action will set objects of type `MachineID`. |
| STOP_MAINTENANCE = 32; |
| |
| // This action will set objects of type `MachineID`. |
| GET_MAINTENANCE_STATUS = 33; |
| |
| // This action will not fill in any object fields, since a principal is |
| // either allowed to drain an agent or is unauthorized. |
| DRAIN_AGENT = 51; |
| |
| // This action will not fill in any object fields, since a principal is |
| // either allowed to deactivate an agent or is unauthorized. |
| DEACTIVATE_AGENT = 52; |
| |
| // This action will not fill in any object fields, since a principal is |
| // either allowed to reactivate an agent or is unauthorized. |
| REACTIVATE_AGENT = 53; |
| |
| // This action will not fill in any object fields, since a principal is |
| // either allowed to mark an agent as gone or is unauthorized. |
| MARK_AGENT_GONE = 34; |
| |
| // This action will not fill in any object fields. A principal is either |
| // allowed to launch standalone containers or is unauthorized. |
| // |
| // TODO(josephw): This should set the operating system user in the object. |
| LAUNCH_STANDALONE_CONTAINER = 35; |
| |
| // This action will not fill in any object fields. A principal is either |
| // allowed to kill standalone containers or is unauthorized. |
| // |
| // TODO(josephw): This should set the operating system user in the object. |
| KILL_STANDALONE_CONTAINER = 36; |
| |
| // This action will not fill in any object fields. A principal is either |
| // allowed to wait upon standalone containers or is unauthorized. |
| // |
| // TODO(josephw): This should set the operating system user in the object. |
| WAIT_STANDALONE_CONTAINER = 37; |
| |
| // This action will not fill in any object fields. A principal is either |
| // allowed to remove standalone containers or is unauthorized. |
| // |
| // TODO(josephw): This should set the operating system user in the object. |
| REMOVE_STANDALONE_CONTAINER = 38; |
| |
| // This action will not fill in any object fields. A principal is either |
| // allowed to remove standalone containers or is unauthorized. |
| VIEW_STANDALONE_CONTAINER = 40; |
| |
| // This action will not fill in any object fields. A principal is either |
| // allowed to add, update and remove resource provider config files or is |
| // unauthorized. |
| MODIFY_RESOURCE_PROVIDER_CONFIG = 39; |
| |
| // This action will not fill in any object fields. A principal is either |
| // allowed to mark a resource provider as gone or is unauthorized. |
| MARK_RESOURCE_PROVIDER_GONE = 48; |
| |
| // This action will not fill in any object fields. A principal is either |
| // allowed to view resource provider information or is unauthorized. |
| VIEW_RESOURCE_PROVIDER = 47; |
| |
| // This action will not fill in any object fields. A principal is either |
| // allowed to prune unused container images or is unauthorized. |
| PRUNE_IMAGES = 41; |
| |
| // `RESIZE_VOLUME` will have an object with `Resource` set. |
| // |
| // NOTE: For consistency, the `value` field will be set with the most refined |
| // role until all `*_WITH_ROLE` aliases are removed. |
| RESIZE_VOLUME = 42; |
| |
| // `CREATE_BLOCK_DISK` will have an object with `Resource` set. |
| // |
| // NOTE: For consistency, the `value` field will be set with the most refined |
| // role until all `*_WITH_ROLE` aliases are removed. |
| CREATE_BLOCK_DISK = 43; |
| |
| // `DESTROY_BLOCK_DISK` will have an object with `Resource` set. |
| // |
| // NOTE: For consistency, the `value` field will be set with the most refined |
| // role until all `*_WITH_ROLE` aliases are removed. |
| DESTROY_BLOCK_DISK = 44; |
| |
| // `CREATE_MOUNT_DISK` will have an object with `Resource` set. |
| // |
| // NOTE: For consistency, the `value` field will be set with the most refined |
| // role until all `*_WITH_ROLE` aliases are removed. |
| CREATE_MOUNT_DISK = 45; |
| |
| // `DESTROY_MOUNT_DISK` will have an object with `Resource` set. |
| // |
| // NOTE: For consistency, the `value` field will be set with the most refined |
| // role until all `*_WITH_ROLE` aliases are removed. |
| DESTROY_MOUNT_DISK = 46; |
| |
| // `DESTROY_RAW_DISK` will have an object with `Resource` set. |
| // |
| // NOTE: For consistency, the `value` field will be set with the most refined |
| // role until all `*_WITH_ROLE` aliases are removed. |
| DESTROY_RAW_DISK = 49; |
| } |
| |
| |
| // A `Request` is a <subject, action, object> tuple which can be read |
| // as "Can `subject` perform `action` with `object`?". |
| message Request { |
| // An unset `subject` means "unspecified". |
| optional Subject subject = 1; |
| |
| // Enum fields should be optional, see: MESOS-4997. |
| optional Action action = 2; |
| |
| // An unset `object` means "unspecified". |
| optional Object object = 3; |
| } |