From db07714dc4d1acc4a8abcaa81795e655ad79d98e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Roope=20Karhap=C3=A4=C3=A4?= Date: Thu, 5 Dec 2024 10:51:11 +0200 Subject: [PATCH] feat: add kafka native acl (#185) --- config.yaml | 4 + handler/kafka/kafka.go | 214 ++++++++++++++++++++++++++++++++++++- handler/service/service.go | 102 +++++++++++++++--- 3 files changed, 301 insertions(+), 19 deletions(-) diff --git a/config.yaml b/config.yaml index ffa93f5..cc4275a 100644 --- a/config.yaml +++ b/config.yaml @@ -111,6 +111,10 @@ Kafka: - ServiceKafkaAclAdd - ServiceKafkaAclDelete - ServiceKafkaAclList + - ServiceKafkaNativeAclAdd + - ServiceKafkaNativeAclDelete + - ServiceKafkaNativeAclGet + - ServiceKafkaNativeAclList - ServiceKafkaQuotaCreate - ServiceKafkaQuotaDelete - ServiceKafkaQuotaDescribe diff --git a/handler/kafka/kafka.go b/handler/kafka/kafka.go index b1627fd..7254fca 100644 --- a/handler/kafka/kafka.go +++ b/handler/kafka/kafka.go @@ -10,7 +10,7 @@ import ( ) type Handler interface { - // ServiceKafkaAclAdd add a Kafka ACL entry + // ServiceKafkaAclAdd add Aiven Kafka ACL entry // POST /v1/project/{project}/service/{service_name}/acl // https://api.aiven.io/doc/#tag/Service:_Kafka/operation/ServiceKafkaAclAdd ServiceKafkaAclAdd(ctx context.Context, project string, serviceName string, in *ServiceKafkaAclAddIn) ([]AclOut, error) @@ -20,11 +20,31 @@ type Handler interface { // https://api.aiven.io/doc/#tag/Service:_Kafka/operation/ServiceKafkaAclDelete ServiceKafkaAclDelete(ctx context.Context, project string, serviceName string, kafkaAclId string) ([]AclOut, error) - // ServiceKafkaAclList list Kafka ACL entries + // ServiceKafkaAclList list Aiven ACL entries for Kafka service // GET /v1/project/{project}/service/{service_name}/acl // https://api.aiven.io/doc/#tag/Service:_Kafka/operation/ServiceKafkaAclList ServiceKafkaAclList(ctx context.Context, project string, serviceName string) ([]AclOut, error) + // ServiceKafkaNativeAclAdd add a Kafka-native ACL entry + // POST /v1/project/{project}/service/{service_name}/kafka/acl + // https://api.aiven.io/doc/#tag/Service:_Kafka/operation/ServiceKafkaNativeAclAdd + ServiceKafkaNativeAclAdd(ctx context.Context, project string, serviceName string, in *ServiceKafkaNativeAclAddIn) (*ServiceKafkaNativeAclAddOut, error) + + // ServiceKafkaNativeAclDelete delete a Kafka-native ACL entry + // DELETE /v1/project/{project}/service/{service_name}/kafka/acl/{kafka_acl_id} + // https://api.aiven.io/doc/#tag/Service:_Kafka/operation/ServiceKafkaNativeAclDelete + ServiceKafkaNativeAclDelete(ctx context.Context, project string, serviceName string, kafkaAclId string) error + + // ServiceKafkaNativeAclGet get single Kafka-native ACL entry + // GET /v1/project/{project}/service/{service_name}/kafka/acl/{kafka_acl_id} + // https://api.aiven.io/doc/#tag/Service:_Kafka/operation/ServiceKafkaNativeAclGet + ServiceKafkaNativeAclGet(ctx context.Context, project string, serviceName string, kafkaAclId string) (*ServiceKafkaNativeAclGetOut, error) + + // ServiceKafkaNativeAclList list Kafka-native ACL entries + // GET /v1/project/{project}/service/{service_name}/kafka/acl + // https://api.aiven.io/doc/#tag/Service:_Kafka/operation/ServiceKafkaNativeAclList + ServiceKafkaNativeAclList(ctx context.Context, project string, serviceName string) (*ServiceKafkaNativeAclListOut, error) + // ServiceKafkaQuotaCreate create Kafka quota // POST /v1/project/{project}/service/{service_name}/quota // https://api.aiven.io/doc/#tag/Service:_Kafka/operation/ServiceKafkaQuotaCreate @@ -113,6 +133,50 @@ func (h *KafkaHandler) ServiceKafkaAclList(ctx context.Context, project string, } return out.Acl, nil } +func (h *KafkaHandler) ServiceKafkaNativeAclAdd(ctx context.Context, project string, serviceName string, in *ServiceKafkaNativeAclAddIn) (*ServiceKafkaNativeAclAddOut, error) { + path := fmt.Sprintf("/v1/project/%s/service/%s/kafka/acl", url.PathEscape(project), url.PathEscape(serviceName)) + b, err := h.doer.Do(ctx, "ServiceKafkaNativeAclAdd", "POST", path, in) + if err != nil { + return nil, err + } + out := new(serviceKafkaNativeAclAddOut) + err = json.Unmarshal(b, out) + if err != nil { + return nil, err + } + return &out.Acl, nil +} +func (h *KafkaHandler) ServiceKafkaNativeAclDelete(ctx context.Context, project string, serviceName string, kafkaAclId string) error { + path := fmt.Sprintf("/v1/project/%s/service/%s/kafka/acl/%s", url.PathEscape(project), url.PathEscape(serviceName), url.PathEscape(kafkaAclId)) + _, err := h.doer.Do(ctx, "ServiceKafkaNativeAclDelete", "DELETE", path, nil) + return err +} +func (h *KafkaHandler) ServiceKafkaNativeAclGet(ctx context.Context, project string, serviceName string, kafkaAclId string) (*ServiceKafkaNativeAclGetOut, error) { + path := fmt.Sprintf("/v1/project/%s/service/%s/kafka/acl/%s", url.PathEscape(project), url.PathEscape(serviceName), url.PathEscape(kafkaAclId)) + b, err := h.doer.Do(ctx, "ServiceKafkaNativeAclGet", "GET", path, nil) + if err != nil { + return nil, err + } + out := new(serviceKafkaNativeAclGetOut) + err = json.Unmarshal(b, out) + if err != nil { + return nil, err + } + return &out.Acl, nil +} +func (h *KafkaHandler) ServiceKafkaNativeAclList(ctx context.Context, project string, serviceName string) (*ServiceKafkaNativeAclListOut, error) { + path := fmt.Sprintf("/v1/project/%s/service/%s/kafka/acl", url.PathEscape(project), url.PathEscape(serviceName)) + b, err := h.doer.Do(ctx, "ServiceKafkaNativeAclList", "GET", path, nil) + if err != nil { + return nil, err + } + out := new(ServiceKafkaNativeAclListOut) + err = json.Unmarshal(b, out) + if err != nil { + return nil, err + } + return out, nil +} func (h *KafkaHandler) ServiceKafkaQuotaCreate(ctx context.Context, project string, serviceName string, in *ServiceKafkaQuotaCreateIn) error { path := fmt.Sprintf("/v1/project/%s/service/%s/quota", url.PathEscape(project), url.PathEscape(serviceName)) _, err := h.doer.Do(ctx, "ServiceKafkaQuotaCreate", "POST", path, in) @@ -200,6 +264,60 @@ type HourlyOut struct { HourStart string `json:"hour_start"` // Timestamp in ISO 8601 format, always in UTC PeakStoredBytes int `json:"peak_stored_bytes"` // Peak bytes stored on object storage at this hour } +type KafkaAclOut struct { + Host string `json:"host"` // the host or * for all hosts + Id string `json:"id"` // ID + Operation OperationType `json:"operation"` // Kafka ACL operation represents an operation which an ACL grants or denies permission to perform + PatternType PatternType `json:"pattern_type"` // Kafka ACL pattern type of resource name + PermissionType KafkaAclPermissionType `json:"permission_type"` // Kafka ACL permission type + Principal string `json:"principal"` // principal is in 'principalType:name' format + ResourceName string `json:"resource_name"` // Resource pattern used to match specified resources + ResourceType ResourceType `json:"resource_type"` // Kafka ACL resource type represents a type of resource which an ACL can be applied to +} +type KafkaAclPermissionType string + +const ( + KafkaAclPermissionTypeAllow KafkaAclPermissionType = "ALLOW" + KafkaAclPermissionTypeDeny KafkaAclPermissionType = "DENY" +) + +func KafkaAclPermissionTypeChoices() []string { + return []string{"ALLOW", "DENY"} +} + +type OperationType string + +const ( + OperationTypeAll OperationType = "All" + OperationTypeAlter OperationType = "Alter" + OperationTypeAlterConfigs OperationType = "AlterConfigs" + OperationTypeClusterAction OperationType = "ClusterAction" + OperationTypeCreate OperationType = "Create" + OperationTypeCreateTokens OperationType = "CreateTokens" + OperationTypeDelete OperationType = "Delete" + OperationTypeDescribe OperationType = "Describe" + OperationTypeDescribeConfigs OperationType = "DescribeConfigs" + OperationTypeDescribeTokens OperationType = "DescribeTokens" + OperationTypeIdempotentWrite OperationType = "IdempotentWrite" + OperationTypeRead OperationType = "Read" + OperationTypeWrite OperationType = "Write" +) + +func OperationTypeChoices() []string { + return []string{"All", "Alter", "AlterConfigs", "ClusterAction", "Create", "CreateTokens", "Delete", "Describe", "DescribeConfigs", "DescribeTokens", "IdempotentWrite", "Read", "Write"} +} + +type PatternType string + +const ( + PatternTypeLiteral PatternType = "LITERAL" + PatternTypePrefixed PatternType = "PREFIXED" +) + +func PatternTypeChoices() []string { + return []string{"LITERAL", "PREFIXED"} +} + type PermissionType string const ( @@ -221,6 +339,21 @@ type QuotaOut struct { User string `json:"user"` // user } +type ResourceType string + +const ( + ResourceTypeTopic ResourceType = "Topic" + ResourceTypeGroup ResourceType = "Group" + ResourceTypeCluster ResourceType = "Cluster" + ResourceTypeTransactionalId ResourceType = "TransactionalId" + ResourceTypeDelegationToken ResourceType = "DelegationToken" + ResourceTypeUser ResourceType = "User" +) + +func ResourceTypeChoices() []string { + return []string{"Topic", "Group", "Cluster", "TransactionalId", "DelegationToken", "User"} +} + // ServiceKafkaAclAddIn ServiceKafkaAclAddRequestBody type ServiceKafkaAclAddIn struct { Permission PermissionType `json:"permission"` // Kafka permission @@ -228,6 +361,67 @@ type ServiceKafkaAclAddIn struct { Username string `json:"username"` } +// ServiceKafkaNativeAclAddIn ServiceKafkaNativeAclAddRequestBody +type ServiceKafkaNativeAclAddIn struct { + Host *string `json:"host,omitempty"` // the host or * for all hosts + Operation OperationType `json:"operation"` // Kafka ACL operation represents an operation which an ACL grants or denies permission to perform + PatternType PatternType `json:"pattern_type"` // Kafka ACL pattern type of resource name + PermissionType ServiceKafkaNativeAclAddPermissionType `json:"permission_type"` // Kafka ACL permission type + Principal string `json:"principal"` // principal is in 'PrincipalType:name' format + ResourceName string `json:"resource_name"` // Resource pattern used to match specified resources + ResourceType ResourceType `json:"resource_type"` // Kafka ACL resource type represents a type of resource which an ACL can be applied to +} + +// ServiceKafkaNativeAclAddOut Kafka-native ACL entry for Kafka service +type ServiceKafkaNativeAclAddOut struct { + Host string `json:"host"` // the host or * for all hosts + Id string `json:"id"` // ID + Operation OperationType `json:"operation"` // Kafka ACL operation represents an operation which an ACL grants or denies permission to perform + PatternType PatternType `json:"pattern_type"` // Kafka ACL pattern type of resource name + PermissionType ServiceKafkaNativeAclAddPermissionType `json:"permission_type"` // Kafka ACL permission type + Principal string `json:"principal"` // principal is in 'principalType:name' format + ResourceName string `json:"resource_name"` // Resource pattern used to match specified resources + ResourceType ResourceType `json:"resource_type"` // Kafka ACL resource type represents a type of resource which an ACL can be applied to +} +type ServiceKafkaNativeAclAddPermissionType string + +const ( + ServiceKafkaNativeAclAddPermissionTypeAllow ServiceKafkaNativeAclAddPermissionType = "ALLOW" + ServiceKafkaNativeAclAddPermissionTypeDeny ServiceKafkaNativeAclAddPermissionType = "DENY" +) + +func ServiceKafkaNativeAclAddPermissionTypeChoices() []string { + return []string{"ALLOW", "DENY"} +} + +// ServiceKafkaNativeAclGetOut Kafka-native ACL entry for Kafka service +type ServiceKafkaNativeAclGetOut struct { + Host string `json:"host"` // the host or * for all hosts + Id string `json:"id"` // ID + Operation OperationType `json:"operation"` // Kafka ACL operation represents an operation which an ACL grants or denies permission to perform + PatternType PatternType `json:"pattern_type"` // Kafka ACL pattern type of resource name + PermissionType ServiceKafkaNativeAclGetPermissionType `json:"permission_type"` // Kafka ACL permission type + Principal string `json:"principal"` // principal is in 'principalType:name' format + ResourceName string `json:"resource_name"` // Resource pattern used to match specified resources + ResourceType ResourceType `json:"resource_type"` // Kafka ACL resource type represents a type of resource which an ACL can be applied to +} +type ServiceKafkaNativeAclGetPermissionType string + +const ( + ServiceKafkaNativeAclGetPermissionTypeAllow ServiceKafkaNativeAclGetPermissionType = "ALLOW" + ServiceKafkaNativeAclGetPermissionTypeDeny ServiceKafkaNativeAclGetPermissionType = "DENY" +) + +func ServiceKafkaNativeAclGetPermissionTypeChoices() []string { + return []string{"ALLOW", "DENY"} +} + +// ServiceKafkaNativeAclListOut ServiceKafkaNativeAclListResponse +type ServiceKafkaNativeAclListOut struct { + Acl []AclOut `json:"acl"` // List of Aiven ACL entries for Kafka service + KafkaAcl []KafkaAclOut `json:"kafka_acl"` // List of Kafka-native ACL entries +} + // ServiceKafkaQuotaCreateIn ServiceKafkaQuotaCreateRequestBody type ServiceKafkaQuotaCreateIn struct { ClientId *string `json:"client-id,omitempty"` // client-id @@ -262,17 +456,27 @@ type StorageUsageHistoryOut struct { // serviceKafkaAclAddOut ServiceKafkaAclAddResponse type serviceKafkaAclAddOut struct { - Acl []AclOut `json:"acl"` // List of Kafka ACL entries + Acl []AclOut `json:"acl"` // List of Aiven ACL entries for Kafka service } // serviceKafkaAclDeleteOut ServiceKafkaAclDeleteResponse type serviceKafkaAclDeleteOut struct { - Acl []AclOut `json:"acl"` // List of Kafka ACL entries + Acl []AclOut `json:"acl"` // List of Aiven ACL entries for Kafka service } // serviceKafkaAclListOut ServiceKafkaAclListResponse type serviceKafkaAclListOut struct { - Acl []AclOut `json:"acl"` // List of Kafka ACL entries + Acl []AclOut `json:"acl"` // List of Aiven ACL entries for Kafka service +} + +// serviceKafkaNativeAclAddOut ServiceKafkaNativeAclAddResponse +type serviceKafkaNativeAclAddOut struct { + Acl ServiceKafkaNativeAclAddOut `json:"acl"` // Kafka-native ACL entry for Kafka service +} + +// serviceKafkaNativeAclGetOut ServiceKafkaNativeAclGetResponse +type serviceKafkaNativeAclGetOut struct { + Acl ServiceKafkaNativeAclGetOut `json:"acl"` // Kafka-native ACL entry for Kafka service } // serviceKafkaQuotaDescribeOut ServiceKafkaQuotaDescribeResponse diff --git a/handler/service/service.go b/handler/service/service.go index 470946b..2ce6b84 100644 --- a/handler/service/service.go +++ b/handler/service/service.go @@ -1227,6 +1227,27 @@ type IntegrationTypeOut struct { SourceServiceTypes []string `json:"source_service_types"` // Supported source service types UserConfigSchema map[string]any `json:"user_config_schema"` // JSON-Schema for the 'user_config' properties } +type KafkaAclOut struct { + Host string `json:"host"` // the host or * for all hosts + Id string `json:"id"` // ID + Operation OperationType `json:"operation"` // Kafka ACL operation represents an operation which an ACL grants or denies permission to perform + PatternType PatternType `json:"pattern_type"` // Kafka ACL pattern type of resource name + PermissionType KafkaAclPermissionType `json:"permission_type"` // Kafka ACL permission type + Principal string `json:"principal"` // principal is in 'principalType:name' format + ResourceName string `json:"resource_name"` // Resource pattern used to match specified resources + ResourceType ResourceType `json:"resource_type"` // Kafka ACL resource type represents a type of resource which an ACL can be applied to +} +type KafkaAclPermissionType string + +const ( + KafkaAclPermissionTypeAllow KafkaAclPermissionType = "ALLOW" + KafkaAclPermissionTypeDeny KafkaAclPermissionType = "DENY" +) + +func KafkaAclPermissionTypeChoices() []string { + return []string{"ALLOW", "DENY"} +} + type KafkaAuthenticationMethodType string const ( @@ -1523,13 +1544,34 @@ type OpensearchOut struct { type OperationType string const ( - OperationTypeAcknowledgeRenewal OperationType = "acknowledge-renewal" - OperationTypeResetCredentials OperationType = "reset-credentials" - OperationTypeSetAccessControl OperationType = "set-access-control" + OperationTypeAll OperationType = "All" + OperationTypeAlter OperationType = "Alter" + OperationTypeAlterConfigs OperationType = "AlterConfigs" + OperationTypeClusterAction OperationType = "ClusterAction" + OperationTypeCreate OperationType = "Create" + OperationTypeCreateTokens OperationType = "CreateTokens" + OperationTypeDelete OperationType = "Delete" + OperationTypeDescribe OperationType = "Describe" + OperationTypeDescribeConfigs OperationType = "DescribeConfigs" + OperationTypeDescribeTokens OperationType = "DescribeTokens" + OperationTypeIdempotentWrite OperationType = "IdempotentWrite" + OperationTypeRead OperationType = "Read" + OperationTypeWrite OperationType = "Write" ) func OperationTypeChoices() []string { - return []string{"acknowledge-renewal", "reset-credentials", "set-access-control"} + return []string{"All", "Alter", "AlterConfigs", "ClusterAction", "Create", "CreateTokens", "Delete", "Describe", "DescribeConfigs", "DescribeTokens", "IdempotentWrite", "Read", "Write"} +} + +type PatternType string + +const ( + PatternTypeLiteral PatternType = "LITERAL" + PatternTypePrefixed PatternType = "PREFIXED" +) + +func PatternTypeChoices() []string { + return []string{"LITERAL", "PREFIXED"} } type PeriodType string @@ -1692,6 +1734,21 @@ type RedisOut struct { ServicePlans []ServicePlanOut `json:"service_plans"` // List of plans available for this type of service UserConfigSchema map[string]any `json:"user_config_schema"` // JSON-Schema for the 'user_config' properties } +type ResourceType string + +const ( + ResourceTypeTopic ResourceType = "Topic" + ResourceTypeGroup ResourceType = "Group" + ResourceTypeCluster ResourceType = "Cluster" + ResourceTypeTransactionalId ResourceType = "TransactionalId" + ResourceTypeDelegationToken ResourceType = "DelegationToken" + ResourceTypeUser ResourceType = "User" +) + +func ResourceTypeChoices() []string { + return []string{"Topic", "Group", "Cluster", "TransactionalId", "DelegationToken", "User"} +} + type ResultCodeOut struct { Code string `json:"code"` // Machine-readable key code, which represents the result of the task Dbname *string `json:"dbname,omitempty"` // Database which related to the result code @@ -1776,7 +1833,7 @@ type ServiceCreateIn struct { // ServiceCreateOut Service information type ServiceCreateOut struct { - Acl []AclOut `json:"acl,omitempty"` // List of Kafka ACL entries + Acl []AclOut `json:"acl,omitempty"` // List of Aiven ACL entries for Kafka service Backups []BackupOut `json:"backups,omitempty"` // List of backups for the service CloudDescription *string `json:"cloud_description,omitempty"` // Cloud provider and location CloudName string `json:"cloud_name"` // Target cloud @@ -1788,6 +1845,7 @@ type ServiceCreateOut struct { DiskSpaceMb *int `json:"disk_space_mb,omitempty"` // Megabytes of disk space for data storage Features map[string]any `json:"features,omitempty"` // Feature flags GroupList []string `json:"group_list"` // List of service groups the service belongs to. This field is deprecated. It is always set to single element with value 'default' + KafkaAcl []KafkaAclOut `json:"kafka_acl,omitempty"` // List of Kafka-native ACL entries Maintenance *MaintenanceOut `json:"maintenance,omitempty"` // Automatic maintenance settings Metadata map[string]any `json:"metadata,omitempty"` // Service type specific metadata NodeCount *int `json:"node_count,omitempty"` // Number of service nodes in the active plan @@ -1830,7 +1888,7 @@ type ServiceGetMigrationStatusOut struct { // ServiceGetOut Service information type ServiceGetOut struct { - Acl []AclOut `json:"acl,omitempty"` // List of Kafka ACL entries + Acl []AclOut `json:"acl,omitempty"` // List of Aiven ACL entries for Kafka service Backups []BackupOut `json:"backups,omitempty"` // List of backups for the service CloudDescription *string `json:"cloud_description,omitempty"` // Cloud provider and location CloudName string `json:"cloud_name"` // Target cloud @@ -1842,6 +1900,7 @@ type ServiceGetOut struct { DiskSpaceMb *int `json:"disk_space_mb,omitempty"` // Megabytes of disk space for data storage Features map[string]any `json:"features,omitempty"` // Feature flags GroupList []string `json:"group_list"` // List of service groups the service belongs to. This field is deprecated. It is always set to single element with value 'default' + KafkaAcl []KafkaAclOut `json:"kafka_acl,omitempty"` // List of Kafka-native ACL entries Maintenance *MaintenanceOut `json:"maintenance,omitempty"` // Automatic maintenance settings Metadata map[string]any `json:"metadata,omitempty"` // Service type specific metadata NodeCount *int `json:"node_count,omitempty"` // Number of service nodes in the active plan @@ -2052,7 +2111,7 @@ func ServiceNotificationTypeChoices() []string { } type ServiceOut struct { - Acl []AclOut `json:"acl,omitempty"` // List of Kafka ACL entries + Acl []AclOut `json:"acl,omitempty"` // List of Aiven ACL entries for Kafka service Backups []BackupOut `json:"backups,omitempty"` // List of backups for the service CloudDescription *string `json:"cloud_description,omitempty"` // Cloud provider and location CloudName string `json:"cloud_name"` // Target cloud @@ -2064,6 +2123,7 @@ type ServiceOut struct { DiskSpaceMb *int `json:"disk_space_mb,omitempty"` // Megabytes of disk space for data storage Features map[string]any `json:"features,omitempty"` // Feature flags GroupList []string `json:"group_list"` // List of service groups the service belongs to. This field is deprecated. It is always set to single element with value 'default' + KafkaAcl []KafkaAclOut `json:"kafka_acl,omitempty"` // List of Kafka-native ACL entries Maintenance *MaintenanceOut `json:"maintenance,omitempty"` // Automatic maintenance settings Metadata map[string]any `json:"metadata,omitempty"` // Service type specific metadata NodeCount *int `json:"node_count,omitempty"` // Number of service nodes in the active plan @@ -2166,7 +2226,7 @@ type ServiceUpdateIn struct { // ServiceUpdateOut Service information type ServiceUpdateOut struct { - Acl []AclOut `json:"acl,omitempty"` // List of Kafka ACL entries + Acl []AclOut `json:"acl,omitempty"` // List of Aiven ACL entries for Kafka service Backups []BackupOut `json:"backups,omitempty"` // List of backups for the service CloudDescription *string `json:"cloud_description,omitempty"` // Cloud provider and location CloudName string `json:"cloud_name"` // Target cloud @@ -2178,6 +2238,7 @@ type ServiceUpdateOut struct { DiskSpaceMb *int `json:"disk_space_mb,omitempty"` // Megabytes of disk space for data storage Features map[string]any `json:"features,omitempty"` // Feature flags GroupList []string `json:"group_list"` // List of service groups the service belongs to. This field is deprecated. It is always set to single element with value 'default' + KafkaAcl []KafkaAclOut `json:"kafka_acl,omitempty"` // List of Kafka-native ACL entries Maintenance *MaintenanceOut `json:"maintenance,omitempty"` // Automatic maintenance settings Metadata map[string]any `json:"metadata,omitempty"` // Service type specific metadata NodeCount *int `json:"node_count,omitempty"` // Number of service nodes in the active plan @@ -2227,15 +2288,26 @@ type ServiceUserCreateOut struct { // ServiceUserCredentialsModifyIn ServiceUserCredentialsModifyRequestBody type ServiceUserCredentialsModifyIn struct { - AccessControl *AccessControlIn `json:"access_control,omitempty"` // Service specific access controls for user. Service type specific access control rules for user. Currently only used for configuring user ACLs for Redis version 6 and above. - Authentication AuthenticationType `json:"authentication,omitempty"` // Authentication details - NewPassword *string `json:"new_password,omitempty"` // New password - Operation OperationType `json:"operation"` // Operation type + AccessControl *AccessControlIn `json:"access_control,omitempty"` // Service specific access controls for user. Service type specific access control rules for user. Currently only used for configuring user ACLs for Redis version 6 and above. + Authentication AuthenticationType `json:"authentication,omitempty"` // Authentication details + NewPassword *string `json:"new_password,omitempty"` // New password + Operation ServiceUserCredentialsModifyOperationType `json:"operation"` // Operation type +} +type ServiceUserCredentialsModifyOperationType string + +const ( + ServiceUserCredentialsModifyOperationTypeAcknowledgeRenewal ServiceUserCredentialsModifyOperationType = "acknowledge-renewal" + ServiceUserCredentialsModifyOperationTypeResetCredentials ServiceUserCredentialsModifyOperationType = "reset-credentials" + ServiceUserCredentialsModifyOperationTypeSetAccessControl ServiceUserCredentialsModifyOperationType = "set-access-control" +) + +func ServiceUserCredentialsModifyOperationTypeChoices() []string { + return []string{"acknowledge-renewal", "reset-credentials", "set-access-control"} } // ServiceUserCredentialsModifyOut Service information type ServiceUserCredentialsModifyOut struct { - Acl []AclOut `json:"acl,omitempty"` // List of Kafka ACL entries + Acl []AclOut `json:"acl,omitempty"` // List of Aiven ACL entries for Kafka service Backups []BackupOut `json:"backups,omitempty"` // List of backups for the service CloudDescription *string `json:"cloud_description,omitempty"` // Cloud provider and location CloudName string `json:"cloud_name"` // Target cloud @@ -2247,6 +2319,7 @@ type ServiceUserCredentialsModifyOut struct { DiskSpaceMb *int `json:"disk_space_mb,omitempty"` // Megabytes of disk space for data storage Features map[string]any `json:"features,omitempty"` // Feature flags GroupList []string `json:"group_list"` // List of service groups the service belongs to. This field is deprecated. It is always set to single element with value 'default' + KafkaAcl []KafkaAclOut `json:"kafka_acl,omitempty"` // List of Kafka-native ACL entries Maintenance *MaintenanceOut `json:"maintenance,omitempty"` // Automatic maintenance settings Metadata map[string]any `json:"metadata,omitempty"` // Service type specific metadata NodeCount *int `json:"node_count,omitempty"` // Number of service nodes in the active plan @@ -2276,7 +2349,7 @@ type ServiceUserCredentialsModifyOut struct { // ServiceUserCredentialsResetOut Service information type ServiceUserCredentialsResetOut struct { - Acl []AclOut `json:"acl,omitempty"` // List of Kafka ACL entries + Acl []AclOut `json:"acl,omitempty"` // List of Aiven ACL entries for Kafka service Backups []BackupOut `json:"backups,omitempty"` // List of backups for the service CloudDescription *string `json:"cloud_description,omitempty"` // Cloud provider and location CloudName string `json:"cloud_name"` // Target cloud @@ -2288,6 +2361,7 @@ type ServiceUserCredentialsResetOut struct { DiskSpaceMb *int `json:"disk_space_mb,omitempty"` // Megabytes of disk space for data storage Features map[string]any `json:"features,omitempty"` // Feature flags GroupList []string `json:"group_list"` // List of service groups the service belongs to. This field is deprecated. It is always set to single element with value 'default' + KafkaAcl []KafkaAclOut `json:"kafka_acl,omitempty"` // List of Kafka-native ACL entries Maintenance *MaintenanceOut `json:"maintenance,omitempty"` // Automatic maintenance settings Metadata map[string]any `json:"metadata,omitempty"` // Service type specific metadata NodeCount *int `json:"node_count,omitempty"` // Number of service nodes in the active plan