mirror of
https://dev.azure.com/schwarzit/schwarzit.stackit-public/_git/audit-go
synced 2026-02-21 07:01:49 +00:00
71 lines
No EOL
2.5 KiB
Protocol Buffer
71 lines
No EOL
2.5 KiB
Protocol Buffer
syntax = "proto3";
|
|
|
|
import "buf/validate/validate.proto";
|
|
|
|
import "audit/v1/common.proto";
|
|
|
|
package audit.v1;
|
|
|
|
option go_package = "./audit;auditV1";
|
|
option java_multiple_files = true;
|
|
option java_package = "com.schwarz.stackit.audit.v1";
|
|
|
|
enum Visibility {
|
|
VISIBILITY_UNSPECIFIED = 0;
|
|
// Will be routed to customer data sinks
|
|
VISIBILITY_PUBLIC = 1;
|
|
// Will NOT be routed to customer data sinks
|
|
VISIBILITY_PRIVATE = 2;
|
|
}
|
|
|
|
message EncryptedData {
|
|
// Encrypted serialized protobuf content (the actual audit event)
|
|
bytes data = 1 [(buf.validate.field).required = true, (buf.validate.field).bytes.min_len = 1];
|
|
|
|
// Name of the protobuf type
|
|
string protobuf_type = 2 [(buf.validate.field).required = true, (buf.validate.field).string.min_len = 1];
|
|
|
|
// The password taken to derive the encryption key from
|
|
string encrypted_password = 3 [(buf.validate.field).required = true, (buf.validate.field).string.min_len = 1];
|
|
|
|
// Version of the encrypted key
|
|
int32 key_version = 4 [(buf.validate.field).int32.gte = 1];
|
|
}
|
|
|
|
message UnencryptedData {
|
|
// Unencrypted serialized protobuf content (the actual audit event)
|
|
bytes data = 1 [(buf.validate.field).required = true, (buf.validate.field).bytes.min_len = 1];
|
|
|
|
// Name of the protobuf type
|
|
string protobuf_type = 2 [(buf.validate.field).required = true, (buf.validate.field).string.min_len = 1];
|
|
}
|
|
|
|
message RoutableAuditEvent {
|
|
|
|
// Functional event name with pattern <TYPE>_<ACTION>, e.g. ORGANIZATION_CREATED
|
|
// Will be copied over by the SDK from the AuditEvent
|
|
string event_name = 1 [
|
|
(buf.validate.field).required = true,
|
|
(buf.validate.field).string.pattern = "^stackit\\.[a-z0-9]+\\.v[1-9][0-9]*\\.[a-z0-9]+\\.[a-z0-9]+$"
|
|
];
|
|
|
|
// Visibility relevant for differentiating between internal and public events
|
|
Visibility visibility = 2 [(buf.validate.field).required = true, (buf.validate.field).enum.defined_only = true];
|
|
|
|
// Identifier the audit log event refers to
|
|
oneof resource_reference {
|
|
option (buf.validate.oneof).required = true;
|
|
// If it is a technical event not related to an organization, folder or project
|
|
// Will NOT be routed to the end-user, only for internal analysis ->
|
|
// Clarify what do in the router
|
|
ObjectName object_name = 3;
|
|
ObjectIdentifier object_identifier = 4;
|
|
}
|
|
|
|
// The actual audit event is transferred in one of the attributes below
|
|
oneof data {
|
|
option (buf.validate.oneof).required = true;
|
|
UnencryptedData unencrypted_data = 5;
|
|
EncryptedData encrypted_data = 6;
|
|
}
|
|
} |