schwarzit.stackit-public/audit-go
1
0
Fork 0
mirror of https://dev.azure.com/schwarzit/schwarzit.stackit-public/_git/audit-go synced 2026-02-17 13:21:44 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
audit-go/proto/audit/v1/routable_event.proto
Christian Schaible dff37867e5 Add event source, region and container reference to audit event and 
replace wrapping protobuf message type with cloud event wrapper
2024-07-18 14:09:07 +02:00

68 lines
No EOL
2.4 KiB
Protocol Buffer
Raw Blame History

syntax = "proto3";
import "buf/validate/validate.proto";
import "audit/v1/common.proto";
package audit.v1;
option go_package = "./audit;auditV1";
option java_multiple_files = true;
option java_package = "com.schwarz.stackit.audit.v1";
enum Visibility {
VISIBILITY_UNSPECIFIED = 0;
// Will be routed to customer data sinks
VISIBILITY_PUBLIC = 1;
// Will NOT be routed to customer data sinks
VISIBILITY_PRIVATE = 2;
}
message EncryptedData {
// Encrypted serialized protobuf content (the actual audit event)
bytes data = 1 [(buf.validate.field).required = true, (buf.validate.field).bytes.min_len = 1];
// Name of the protobuf type
string protobuf_type = 2 [(buf.validate.field).required = true, (buf.validate.field).string.min_len = 1];
// The password taken to derive the encryption key from
string encrypted_password = 3 [(buf.validate.field).required = true, (buf.validate.field).string.min_len = 1];
// Version of the encrypted key
int32 key_version = 4 [(buf.validate.field).int32.gte = 1];
}
message UnencryptedData {
// Unencrypted serialized protobuf content (the actual audit event)
bytes data = 1 [(buf.validate.field).required = true, (buf.validate.field).bytes.min_len = 1];
// Name of the protobuf type
string protobuf_type = 2 [(buf.validate.field).required = true, (buf.validate.field).string.min_len = 1];
}
message RoutableAuditEvent {
// Functional event name with pattern <TYPE>_<ACTION>, e.g. ORGANIZATION_CREATED
// Will be copied over by the SDK from the AuditEvent
string event_name = 1 [(buf.validate.field).required = true, (buf.validate.field).string.pattern = "^[A-Z]+_[A-Z]+$"];
// Visibility relevant for differentiating between internal and public events
Visibility visibility = 2 [(buf.validate.field).required = true, (buf.validate.field).enum.defined_only = true];
// Identifier the audit log event refers to
oneof resource_reference {
option (buf.validate.oneof).required = true;
// If it is a technical event not related to an organization, folder or project
// Will NOT be routed to the end-user, only for internal analysis ->
// Clarify what do in the router
ObjectName object_name = 3;
ObjectIdentifier object_identifier = 4;
}
// The actual audit event is transferred in one of the attributes below
oneof data {
option (buf.validate.oneof).required = true;
UnencryptedData unencrypted_data = 5;
EncryptedData encrypted_data = 6;
}
}
Reference in a new issue View git blame Copy permalink