Security Service

Service to manage security settings.

Security

The Security service provides methods to manage security settings in TSB.

It provides methods to create and manage security groups within a workspace, allowing to create fine-grained groupings to configure a subset of the workspace namespaces. Access policies can be assigned at group level, providing a fine-grained access control to the security configuration features.

The Security service also provides methods to configure the different security settings that are allowed within each group.

CreateGroup

rpc CreateGroup (tetrateio.api.tsb.security.v2.CreateSecurityGroupRequest) returns (tetrateio.api.tsb.security.v2.Group)

Requires CREATE

Create a new security group in the given workspace.

Groups will by default configure all the namespaces owned by their workspace, unless explicitly configured. If a specific set of namespaces is set for the group, it must be a subset of the namespaces defined by its workspace.

GetGroup

rpc GetGroup (tetrateio.api.tsb.security.v2.GetSecurityGroupRequest) returns (tetrateio.api.tsb.security.v2.Group)

Requires READ

Get the details of the given security group.

UpdateGroup

rpc UpdateGroup (tetrateio.api.tsb.security.v2.Group) returns (tetrateio.api.tsb.security.v2.Group)

Requires WRITE

Modify a security group.

ListGroups

rpc ListGroups (tetrateio.api.tsb.security.v2.ListSecurityGroupsRequest) returns (tetrateio.api.tsb.security.v2.ListSecurityGroupsResponse)

List all security groups in the given workspace.

DeleteGroup

rpc DeleteGroup (tetrateio.api.tsb.security.v2.DeleteSecurityGroupRequest) returns (google.protobuf.Empty)

Requires DELETE

Delete the given security group. Note that deleting resources in TSB is a recursive operation. Deleting a security group will delete all configuration objects that exist in it.

CreateSettings

rpc CreateSettings (tetrateio.api.tsb.security.v2.CreateSecuritySettingsRequest) returns (tetrateio.api.tsb.security.v2.SecuritySetting)

Requires CreateSecuritySetting

Create a security settings object in the security group.

GetSettings

rpc GetSettings (tetrateio.api.tsb.security.v2.GetSecuritySettingsRequest) returns (tetrateio.api.tsb.security.v2.SecuritySetting)

Requires ReadSecuritySetting

Get the details of the given security settings object.

UpdateSettings

rpc UpdateSettings (tetrateio.api.tsb.security.v2.SecuritySetting) returns (tetrateio.api.tsb.security.v2.SecuritySetting)

Requires WriteSecuritySetting

Modify the given security settings object.

ListSettings

rpc ListSettings (tetrateio.api.tsb.security.v2.ListSecuritySettingsRequest) returns (tetrateio.api.tsb.security.v2.ListSecuritySettingsResponse)

List all security settings objects that have been attached to the security group.

DeleteSettings

rpc DeleteSettings (tetrateio.api.tsb.security.v2.DeleteSecuritySettingsRequest) returns (google.protobuf.Empty)

Requires DeleteSecuritySetting

Delete the given security settings from the group.

CreateServiceSecuritySettings

rpc CreateServiceSecuritySettings (tetrateio.api.tsb.security.v2.CreateServiceSecuritySettingsRequest) returns (tetrateio.api.tsb.security.v2.ServiceSecuritySetting)

Requires CREATE

Create a service security settings object in the security group.

GetServiceSecuritySettings

rpc GetServiceSecuritySettings (tetrateio.api.tsb.security.v2.GetServiceSecuritySettingsRequest) returns (tetrateio.api.tsb.security.v2.ServiceSecuritySetting)

Requires READ

Get the details of the given service security settings object.

UpdateServiceSecuritySettings

rpc UpdateServiceSecuritySettings (tetrateio.api.tsb.security.v2.ServiceSecuritySetting) returns (tetrateio.api.tsb.security.v2.ServiceSecuritySetting)

Requires WRITE

Modify the given service security settings object.

ListServiceSecuritySettings

rpc ListServiceSecuritySettings (tetrateio.api.tsb.security.v2.ListServiceSecuritySettingsRequest) returns (tetrateio.api.tsb.security.v2.ListServiceSecuritySettingsResponse)

List all service security settings objects that have been attached to the security group.

DeleteServiceSecuritySettings

rpc DeleteServiceSecuritySettings (tetrateio.api.tsb.security.v2.DeleteServiceSecuritySettingsRequest) returns (google.protobuf.Empty)

Requires DELETE

Delete the given service security settings from the group.

CreateSecurityGroupRequest

Request to create a Security Group.

Field Description Validation Rule

parent

string
REQUIRED
Parent resource where the Group will be created.

string = {
  min_len: 1
}

name

string
REQUIRED
The short name for the resource to be created.

string = {
  min_len: 1
}

group

tetrateio.api.tsb.security.v2.Group
REQUIRED
Details of the Group to be created.

message = {
  required: true
}

CreateSecuritySettingsRequest

Request to create a Security Settings.

Field Description Validation Rule

parent

string
REQUIRED
Parent resource where the Security Settings will be created.

string = {
  min_len: 1
}

name

string
REQUIRED
The short name for the resource to be created.

string = {
  min_len: 1
}

settings

tetrateio.api.tsb.security.v2.SecuritySetting
REQUIRED
Details of the Security Settings to be created.

message = {
  required: true
}

CreateServiceSecuritySettingsRequest

Request to create a Service Security Settings.

Field Description Validation Rule

parent

string
REQUIRED
Parent resource where the Service Security Settings will be created.

string = {
  min_len: 1
}

name

string
REQUIRED
The short name for the resource to be created.

string = {
  min_len: 1
}

settings

tetrateio.api.tsb.security.v2.ServiceSecuritySetting
REQUIRED
Details of the Service Security Settings to be created.

message = {
  required: true
}

DeleteSecurityGroupRequest

Request to delete a Security Group.

Field Description Validation Rule

fqn

string
REQUIRED
Fully-qualified name of the Group.

string = {
  min_len: 1
}

force

bool
Force the deletion of the object even if deletion protection is enabled. If this is set, then the object and all its children will be deleted even if any of them has the deletion protection enabled.

DeleteSecuritySettingsRequest

Request to delete a Security Settings.

Field Description Validation Rule

fqn

string
REQUIRED
Fully-qualified name of the Security Settings.

string = {
  min_len: 1
}

DeleteServiceSecuritySettingsRequest

Request to delete a Service Security Settings.

Field Description Validation Rule

fqn

string
REQUIRED
Fully-qualified name of the Service Security Settings.

string = {
  min_len: 1
}

GetSecurityGroupRequest

Request to retrieve a Security Group.

Field Description Validation Rule

fqn

string
REQUIRED
Fully-qualified name of the Group.

string = {
  min_len: 1
}

GetSecuritySettingsRequest

Request to retrieve a Security Settings.

Field Description Validation Rule

fqn

string
REQUIRED
Fully-qualified name of the Security Settings.

string = {
  min_len: 1
}

GetServiceSecuritySettingsRequest

Request to retrieve a Service Security Settings.

Field Description Validation Rule

fqn

string
REQUIRED
Fully-qualified name of the Service Security Settings.

string = {
  min_len: 1
}

ListSecurityGroupsRequest

Request to list Security Groups.

Field Description Validation Rule

parent

string
REQUIRED
Parent resource to list Groups from.

string = {
  min_len: 1
}

ListSecurityGroupsResponse

List of all security groups in the workspace.

Field Description Validation Rule

groups

List of tetrateio.api.tsb.security.v2.Group

ListSecuritySettingsRequest

Request to list Security Settings.

Field Description Validation Rule

parent

string
REQUIRED
Parent resource to list Security Settings from.

string = {
  min_len: 1
}

ListSecuritySettingsResponse

List of all security settings objects attached to the group.

Field Description Validation Rule

settings

List of tetrateio.api.tsb.security.v2.SecuritySetting

ListServiceSecuritySettingsRequest

Request to list Service Security Settings.

Field Description Validation Rule

parent

string
REQUIRED
Parent resource to list Service Security Settings from.

string = {
  min_len: 1
}

ListServiceSecuritySettingsResponse

List of all Service Security Settings objects attached to the group.

Field Description Validation Rule

settings

List of tetrateio.api.tsb.security.v2.ServiceSecuritySetting