-
Notifications
You must be signed in to change notification settings - Fork 458
/
names.go
907 lines (632 loc) · 28.4 KB
/
names.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
package telemetry
// Constants for metric/log keys and labels. Helps with enforcement of non-conflicting usage of same or similar names.
// Additionally, importers of this package can get an idea of metric tags to look for.
// While these constants are exported, it is preferable to use the functions defined in subpackages, or
// define new such functions there
// Action metric tags or labels that are typically a specific action
const (
// Action functionality related to actions themselves, such as rate-limiting an action
Action = "action"
// Activate functionality related to activating some element (such as X509 CA manager);
// should be used with other tags to add clarity
Activate = "activate"
// Append functionality related to appending some element (such as part of a bundle);
// should be used with other tags to add clarity
Append = "append"
// Attest functionality related to attesting; should be used with other tags
// to add clarity
Attest = "attest"
// Create functionality related to creating some entity; should be used with other tags
// to add clarity
Create = "create"
// Create if not exists functionality related to creating some entity; should be used with
// other tags to add clarity
CreateIfNotExists = "create_if_not_exists"
// Delete functionality related to deleting some entity; should be used with other tags
// to add clarity
Delete = "delete"
// Fetch functionality related to fetching some entity; should be used with other tags
// to add clarity
Fetch = "fetch"
// FetchPrivateKey related to fetching a private in the KeyManager plugin interface
// (agent)
FetchPrivateKey = "fetch_private_key"
// GenerateKey related to generating a key in the KeyManager plugin interface
// (server)
GenerateKey = "generate_key"
// GenerateKeyPair related to generating a key pair in the KeyManager plugin interface
// (agent)
GenerateKeyPair = "generate_key_pair"
// GetKey related to getting a key in the KeyManager plugin interface
// (agent)
GetKey = "get_key"
// GetKeys related to getting keys in the KeyManager plugin interface
// (agent)
GetKeys = "get_keys"
// GetPublicKey related to getting a key in the KeyManager plugin interface
// (server)
GetPublicKey = "get_public_key"
// GetPublicKeys related to getting keys in the KeyManager plugin interface
// (server)
GetPublicKeys = "get_public_keys"
// Keys related to keys used on HCL
Keys = "keys"
// List functionality related to listing some objects; should be used
// with other tags to add clarity
List = "list"
// Prepare functionality related to preparation of some entity; should be used with other tags
// to add clarity
Prepare = "prepare"
// Prune functionality related to pruning some entity(ies); should be used with other tags
// to add clarity
Prune = "prune"
// Push functionality related to pushing some entity to let a destination know
// that some source generated such entity; should be used with other tags
// to add clarity
Push = "push"
// Reload functionality related to reloading of a cache
Reload = "reload"
// Rotate functionality related to rotation of SVID; should be used with other tags
// to add clarity
Rotate = "rotate"
// Set functionality related to set/override/clobber of an entity, such as a bundle;
// should be used with other tags to add clarity
Set = "set"
// Sign functionality related to signing a token / cert; should be used with other tags
// to add clarity
Sign = "sign"
// SignData related to signing data in the KeyManager plugin interface
// (server)
SignData = "sign_data"
// StorePrivateKey related to storing a private key in the KeyManager plugin interface
// (agent or server)
StorePrivateKey = "store_private_key"
// StoreSVIDUpdates related to storing SVID updates in SVIDStore plugins
StoreSVIDUpdates = "store_svid_updates"
// Sync functionality for syncing (such as CA manager updates). Should
// be used with other tags to add clarity
Sync = "sync"
// Update functionality related to updating some entity; should be used
// with other tags to add clarity
Update = "update"
// Mint functionality related to minting identities
Mint = "mint"
// Taint functionality related with tainting a key from the bundle
Taint = "taint"
// Revoke functionality related with revoking a key from the bundle
Revoke = "revoke"
)
// Attribute metric tags or labels that are typically an attribute of a
// larger entity or logic path
const (
// Address tags some network address
Address = "address"
// Admin tags admin access
Admin = "admin"
// AdminIDs are admin IDs
AdminIDs = "admin_ids"
// Agent SPIFFE ID
AgentID = "agent_id"
// Attempt tags some count of attempts
Attempt = "attempt"
// Audience tags some audience for a token
Audience = "audience"
// AuthorizedAs indicates who an entity was authorized as
AuthorizedAs = "authorized_as"
// AuthorizedVia indicates by what means an entity was authorized
AuthorizedVia = "authorized_via"
// BundleEndpointProfile is the name of the bundle endpoint profile
BundleEndpointProfile = "bundle_endpoint_profile"
// BundleEndpointURL is the URL of the bundle endpoint
BundleEndpointURL = "bundle_endpoint_url"
// ByBanned tags filtering by banned agents
ByBanned = "by_banned"
// ByCanReattest tags filtering by agents that can re-attest
ByCanReattest = "by_can_reattest"
// BySelectorMatch tags Match used when filtering by Selectors
BySelectorMatch = "by_selector_match"
// BySelectors tags selectors used when filtering
BySelectors = "by_selectors"
// CAJournal is a CA journal record
CAJournal = "ca_journal"
// CAJournalID tags a CA journal ID
CAJournalID = "ca_journal_id"
// CallerAddr labels an API caller address
CallerAddr = "caller_addr"
// CallerID tags an API caller; should be used with other tags
// to add clarity
CallerID = "caller_id"
// CallerUID tags an API caller user ID; should be used with other tags
// to add clarity; Unix only
CallerUID = "caller_uid"
// CallerSID tags an API caller user SID; should be used with other tags
// to add clarity; Windows only
CallerUserSID = "caller_user_sid"
// CallerGID tags an API caller group ID; should be used with other tags
// to add clarity; Unix only
CallerGID = "caller_gid"
// CallerPath tags an API caller binary path; should be used with other tags
// to add clarity
CallerPath = "caller_path"
// CertFilePath tags a certificate file path used for TLS connections.
CertFilePath = "cert_file_path"
// KeyFilePath tags a key file path used for TLS connections.
KeyFilePath = "key_file_path"
// CGroupPath tags a linux CGroup path, most likely for use in attestation
CGroupPath = "cgroup_path"
// Check tags a health check subsystem
Check = "check"
// Connection functionality related to some connection; should be used with other tags
// to add clarity
Connection = "connection"
// Connections functionality related to some group of connections; should be used with other tags
// to add clarity
Connections = "connections"
// ContainerID tags some container ID, most likely for use in attestation
ContainerID = "container_id"
// ContainerName tags some container name, most likely for use in attestation
ContainerName = "container_name"
// Count tags some basic count; should be used with other tags and clear messaging to add clarity
Count = "count"
// CreatedAt tags registration entry creation date
CreatedAt = "created_at"
// Csr represents a presented Csr in hashed format. It's hashed using the hex-encoded SHA256 checksum.
Csr = "csr"
// CsrSpiffeID represents the SPIFFE ID in a Certificate Signing Request.
CsrSpiffeID = "csr_spiffe_id"
// DataDir is a data directory
DataDir = "data_dir"
// DatabaseType labels a database type (MySQL, postgres...)
DatabaseType = "db_type"
// DeprecatedServiceName tags the deprecated service name
DeprecatedServiceName = "deprecated_service_name"
// Details tags details response from a health check subsystem
Details = "details"
// Duration is the amount of seconds that an error is active
Duration = "duration"
// DiscoveredSelectors tags selectors for some registration
DiscoveredSelectors = "discovered_selectors"
// DNS name is a name which is resolvable with DNS
DNSName = "dns_name"
// Downstream tags if entry is a downstream
Downstream = "downstream"
// ElapsedTime tags some duration of time.
ElapsedTime = "elapsed_time"
// EntryAdded is the counter key for when a entry is added to LRU cache
EntryAdded = "lru_cache_entry_add"
// EntryRemoved is the counter key for when a entry is removed from LRU cache
EntryRemoved = "lru_cache_entry_remove"
// EntryUpdated is the counter key for when an LRU cache entry is updated
EntryUpdated = "lru_cache_entry_update"
// EndpointSpiffeID tags endpoint SPIFFE ID
EndpointSpiffeID = "endpoint_spiffe_id"
// Error tag for some error that occurred. Limited usage, such as logging errors at
// non-error level.
Error = "error"
// Expect tags an expected value, as opposed to the one received. Message should clarify
// what kind of value was expected, and a different field should show the received value
Expect = "expect"
// ExpectGID is like Expect, specific to gid.
ExpectGID = "expect_gid"
// ExpectStartTime is like Expect, specific to a start time.
ExpectStartTime = "expect_start_time"
// ExpectUID is like Expect, specific to uid.
ExpectUID = "expect_uid"
// Expiration tags an expiration time for some entity
Expiration = "expiration"
// ExpiresAt tags registration entry expiration
ExpiresAt = "expires_at"
// ExpiryCheckDuration tags duration for an expiry check; should be used with other tags
// to add clarity
ExpiryCheckDuration = "expiry_check_duration"
// External tag something as external (e.g. external plugin)
External = "external"
// Failures amount of concatenated errors
Failures = "failures"
// FederatedAdded labels some count of federated bundles that have been added to an entity
FederatedAdded = "fed_add"
// FederatedRemoved labels some count of federated bundles that have been removed from an entity
FederatedRemoved = "fed_rem"
// FederatesWith tags a federates with list
FederatesWith = "federates_with"
// FederatesWithMatch tags a federates with match filter
FederatesWithMatch = "federates_with_match"
// FederationRelationship tags a federation relationship
FederationRelationship = "federation_relationship"
// Generation represents an objection generation (i.e. version)
Generation = "generation"
// Hint tags registration entry hint
Hint = "hint"
// IDType tags some type of ID (eg. registration ID, SPIFFE ID...)
IDType = "id_type"
// IssuedAt tags an issuance timestamp
IssuedAt = "issued_at"
// JWT declares JWT-SVID type, clarifying metrics
JWT = "jwt"
// JWTAuthorityExpiresAt tags a JWT Authority expiration
JWTAuthorityExpiresAt = "jwt_authority_expires_at"
// JWTAuthorityPublicKey tags a JWT authority key ID
JWTAuthorityKeyID = "jwt_authority_key_id"
// JWTAuthorityPublicKeySHA256 tags a JWT Authority public key
JWTAuthorityPublicKeySHA256 = "jwt_authority_public_key_sha256"
// JWTKeys tags some count or list of JWT Keys. Should NEVER provide the actual keys, use
// Key IDs instead.
JWTKeys = "jwt_keys"
// Kid tags some key ID
Kid = "kid"
// LaunchLogLevel log level when service started
LaunchLogLevel = "launch_log_level"
// LocalAuthorityID tags a local authority ID
LocalAuthorityID = "local_authority_id"
// Mode tags a bundle deletion mode
Mode = "mode"
// NewLogLevel tags a new log level
NewLogLevel = "new_log_level"
// Network tags some network name ("tcp", "udp")
Network = "network"
// NewSerialNumber tags a certificate new serial number
NewSerialNumber = "new_serial_num"
// NodeAttestorType declares the type of node attestation.
NodeAttestorType = "node_attestor_type"
// Nonce tags some nonce for communication
Nonce = "nonce"
// ParentID tags parent ID for an entry
ParentID = "parent_id"
// PartialSelectors is a partial set of selectors for a workload
PartialSelectors = "partial_selectors"
// Path declares some logic path, likely on the file system
Path = "path"
// Peer ID is the SPIFFE ID of a peer
PeerID = "peer_id"
// PID declares some process ID
PID = "pid"
// PluginName tags name of some plugin
PluginName = "plugin_name"
// PluginService tags single service provided by a plugin
PluginService = "plugin_service"
// PluginServices tags services provided by a plugin
PluginServices = "plugin_services"
// PluginType tags type of some plugin
PluginType = "plugin_type"
// PodUID tags some pod UID, most likely for use in attestation
PodUID = "pod_uid"
// PreferredServiceName tags the preferred service name
PreferredServiceName = "preferred_service_name"
// Pruned flagging something has been pruned
Pruned = "pruned"
// ReadOnly tags something read-only
ReadOnly = "read_only"
// Reason is the reason for something
Reason = "reason"
// Reattestable declares if the agent should reattest when its SVID expires
Reattestable = "rettestable"
// Received tags a received value, as opposed to the one that is expected. Message should clarify
// what kind of value was received, and a different field should show the expected value.
Received = "received"
// ReceivedGID is like Received, specific to gid.
ReceivedGID = "received_gid"
// ReceivedStartTime is like Received, specific to a start time.
ReceivedStartTime = "received_start_time"
// ReceivedUID is like Received, specific to uid.
ReceivedUID = "received_uid"
// RecordMapSize is the gauge key to hold the size of the LRU cache entries map
RecordMapSize = "lru_cache_record_map_size"
// RefreshHint tags a bundle refresh hint
RefreshHint = "refresh_hint"
// RegistrationID tags some registration entry ID
RegistrationID = "entry_id"
// Registered flags whether some entity is registered or not; should be
// either true or false
Registered = "registered"
// RegistrationEntry tags a registration entry
RegistrationEntry = "registration_entry"
// RegistrationEntryEvent is a notice a registration entry has been create, modified, or deleted
RegistrationEntryEvent = "registration_entry_event"
// RequestID tags a request identifier
RequestID = "request_id"
// ResourceNames tags some group of resources by name
ResourceNames = "resource_names"
// RetryInterval tags some interval for retry logic
RetryInterval = "retry_interval"
// RevisionNumber tags a registration entry revision number
RevisionNumber = "revision_number"
// Schema tags database schema version
Schema = "schema"
// Seconds tags some count of seconds; should be used with other tags and message
// to add clarity
Seconds = "seconds"
// SequenceNumber tags a bundle sequence number
SequenceNumber = "sequence_number"
// Selector tags some registration selector
Selector = "selector"
// Selectors tags some group of registration selector
Selectors = "selectors"
// SelectorsAdded labels some count of selectors that have been added to an entity
SelectorsAdded = "selectors_added"
// SelectorsRemoved labels some count of selectors that have been removed from an entity
SelectorsRemoved = "selectors_removed"
// SelfSigned tags whether or not some entity is self-signed
SelfSigned = "self_signed"
// SendJWTBundleLatency tags latency for sending JWT bundle
SendJWTBundleLatency = "send_jwt_bundle_latency"
// SerialNumber tags a certificate serial number
SerialNumber = "serial_num"
// Slot X509 CA Slot ID
Slot = "slot"
// SPIFFEID tags a SPIFFE ID
SPIFFEID = "spiffe_id"
// StartTime tags some start/entry timestamp.
StartTime = "start_time"
// Status tags status of call (OK, or some error), or status of some process
Status = "status"
// StatusCode tags status codes of call
StatusCode = "status_code"
// StatusMessage tags status messages of call
StatusMessage = "status_message"
// Subject tags some subject (likely a SPIFFE ID, and likely for a token); should be used
// with other tags to add clarity
Subject = "subject"
// SVIDMapSize is the gauge key for the size of the LRU cache SVID map
SVIDMapSize = "lru_cache_svid_map_size"
// SVIDResponseLatency tags latency for SVID response
SVIDResponseLatency = "svid_response_latency"
// SVIDSerialNumber tags a certificate serial number
SVIDSerialNumber = "svid_serial_num"
// SVIDType tags some type of SVID (eg. X509, JWT)
SVIDType = "svid_type"
// SVIDUpdated tags that for some entity the SVID was updated
SVIDUpdated = "svid_updated"
// SyncBundlesTotal is the number of bundles synced from the server.
SyncBundlesTotal = "sync_bundles_total"
// SyncEntriesTotal is the number of entries synced from the server.
SyncEntriesTotal = "sync_entries_total"
// SyncEntriesTotal is the number of entries that existed on the server but not the agent.
SyncEntriesMissing = "sync_entries_missing"
// SyncEntriesTotal is the number of entries that were out of date on the agent.
SyncEntriesStale = "sync_entries_stale"
// SyncEntriesTotal is the number of entries that were no longer on the server.
SyncEntriesDropped = "sync_entries_dropped"
// TTL functionality related to a time-to-live field; should be used
// with other tags to add clarity
TTL = "ttl"
// X509 SVID TTL functionality related to a time-to-live field for X509-SVIDs; should be used
// with other tags to add clarity
X509SVIDTTL = "x509_svid_ttl"
// JWT SVID TTL functionality related to a time-to-live field for JWT-SVIDs; should be used
// with other tags to add clarity
JWTSVIDTTL = "jwt_svid_ttl"
// Type tags a type
Type = "type"
// TrustDomain tags the name of some trust domain
TrustDomain = "trust_domain"
// TrustDomainID tags the ID of some trust domain
TrustDomainID = "trust_domain_id"
// Unknown tags some unknown caller, entity, or status
Unknown = "unknown"
// Updated tags some entity as updated; should be used
// with other tags to add clarity
Updated = "updated"
// StoreSvid tags if entry is storable
StoreSvid = "store_svid"
// Version tags a version
Version = "version"
// VersionInfo tags some version information
VersionInfo = "version_info"
// WorkloadAttestation tags call of overall workload attestation
WorkloadAttestation = "workload_attestation"
// WorkloadAttestor tags call of a workload attestor
WorkloadAttestor = "workload_attestor"
// X509 declared X509 SVID type, clarifying metrics
X509 = "x509"
// X509AuthoritiesASN1256 tags a X509 authority ASN1 encrypted using SHA256
X509AuthoritiesASN1SHA256 = "x509_authorities_asn1_sha256"
// X509CAs tags some count or list of X509 CAs
X509CAs = "x509_cas"
)
// Entity metric tags or labels that are typically an entity or
// module in their own right, rather than descriptive of other
// entities or modules
const (
// AgentSVID tag a node (agent) SVID
AgentSVID = "agent_svid"
// Attestor tags an attestor plugin/type (eg. gcp, aws...)
Attestor = "attestor"
// Bundle functionality related to a bundle; should be used with other tags
// to add clarity
Bundle = "bundle"
// BundleManager functionality related to a Bundle manager
BundleManager = "bundle_manager"
// BundlesUpdate functionality related to updating bundles
BundlesUpdate = "bundles_update"
// CA functionality related to some CA; should be used with other tags
// to add clarity
CA = "ca"
// CAManager functionality related to a CA manager
CAManager = "ca_manager"
// Cache functionality related to a cache
Cache = "cache"
// Cache type tag
CacheType = "cache_type"
// CacheManager functionality related to a cache manager
CacheManager = "cache_manager"
// Catalog functionality related to plugin catalog
Catalog = "catalog"
// Datastore functionality related to datastore plugin
Datastore = "datastore"
// Deleted tags something as deleted
Deleted = "deleted"
// Endpoints functionality related to agent/server endpoints
Endpoints = "endpoints"
// Entry tag for some stored entry
Entry = "entry"
// Event tag some event that has occurred, for a notifier, watcher, listener, etc.
Event = "event"
// ExpiringSVIDs tags expiring SVID count/list
ExpiringSVIDs = "expiring_svids"
// OutdatedSVIDs tags SVID with outdated attributes count/list
OutdatedSVIDs = "outdated_svids"
// FederatedBundle functionality related to a federated bundle; should be used
// with other tags to add clarity
FederatedBundle = "federated_bundle"
// JoinToken functionality related to a join token; should be used
// with other tags to add clarity
JoinToken = "join_token"
// JWTKey functionality related to a JWT key; should be used with other tags
// to add clarity. Should NEVER actually provide the key itself, use Key ID instead.
JWTKey = "jwt_key"
// JWTSVID functionality related to a JWT-SVID; should be used with other tags
// to add clarity
JWTSVID = "jwt_svid"
// Limit tags a limit
Limit = "limit"
// Manager functionality related to a manager (such as CA manager); should be
// used with other tags to add clarity
Manager = "manager"
// Method is the full name of the method invoked
Method = "method"
// NewSVID functionality related to creation of a new SVID
NewSVID = "new_svid"
// Node functionality related to a node entity or type; should be used with other tags
// to add clarity
Node = "node"
// NodeEvent functionality related to a node entity or type being created, updated, or deleted
NodeEvent = "node_event"
// Notifier functionality related to some notifying entity; should be used with other tags
// to add clarity
Notifier = "notifier"
// ServerCA functionality related to a server CA; should be used with other tags
// to add clarity
ServerCA = "server_ca"
// Service is the name of the service invoked
Service = "service"
// SpireAgent typically the entire spire agent service
SpireAgent = "spire_agent"
// SpireServer typically the entire spire server
SpireServer = "spire_server"
// SVID functionality related to a SVID; should be used with other tags
// to add clarity
SVID = "svid"
// SVIDRotator functionality related to a SVID rotator
SVIDRotator = "svid_rotator"
// SVIDStore tags an SVID store plugin/type (eg. aws_secretsmanager)
SVIDStore = "svid_store"
// RegistrationManager functionality related to a registration manager
RegistrationManager = "registration_manager"
// Telemetry tags a telemetry module
Telemetry = "telemetry"
// X509CA functionality related to an x509 CA; should be used with other tags
// to add clarity
X509CA = "x509_ca"
// X509CASVID functionality related to an x509 CA SVID; should be used with other tags
// to add clarity
X509CASVID = "x509_ca_svid"
// X509SVID functionality related to an x509 SVID; should be used with other tags
// to add clarity
X509SVID = "x509_svid"
)
// Operation metric tags or labels that are typically a specific
// operation or API
const (
// AgentKeyManager attached to all operations related to the Agent KeyManger interface
AgentKeyManager = "agent_key_manager"
// AuthorizeCall functionality related to authorizing an incoming call
AuthorizeCall = "authorize_call"
// CreateFederatedBundle functionality related to creating a federated bundle
CreateFederatedBundle = "create_federated_bundle"
// CreateJoinToken functionality related to creating a join token
CreateJoinToken = "create_join_token"
// CreateRegistrationEntry functionality related to creating a registration entry
CreateRegistrationEntry = "create_registration_entry"
// CreateRegistrationEntryIfNotExists functionality related to creating a registration entry
CreateRegistrationEntryIfNotExists = "create_registration_entry_if_not_exists"
// DebugAPI functionality related to debug endpoints
DebugAPI = "debug_api"
// DelegatedIdentityAPI functionality related to delegated identity endpoints
DelegatedIdentityAPI = "delegated_identity_api"
// DeleteFederatedBundle functionality related to deleting a federated bundle
DeleteFederatedBundle = "delete_federated_bundle"
// DeleteFederatedBundleMode functionality related to deleting federated bundle modes
DeleteFederatedBundleMode = "delete_federated_bundle_mode"
// DeleteRegistrationEntry functionality related to deleting a registration entry
DeleteRegistrationEntry = "delete_registration_entry"
// EvictAgent functionality related to evicting an agent
EvictAgent = "evict_agent"
// FetchBundle functionality related to fetching a CA bundle
FetchBundle = "fetch_bundle"
// FetchEntriesUpdates functionality related to fetching entries updates; should be used
// with other tags to add clarity
FetchEntriesUpdates = "fetch_entries_updates"
// FetchFederatedBundle functionality related to fetching a federated bundle
FetchFederatedBundle = "fetch_federated_bundle"
// FetchJWTSVID functionality related to fetching a JWT-SVID
FetchJWTSVID = "fetch_jwt_svid"
// FetchJWTBundles functionality related to fetching JWT bundles
FetchJWTBundles = "fetch_jwt_bundles"
// FetchRegistrationEntry functionality related to fetching a registration entry
FetchRegistrationEntry = "fetch_registration_entry"
// FetchRegistrationEntries functionality related to fetching registration entries
FetchRegistrationEntries = "fetch_registration_entries"
// FetchSecrets functionality related to fetching secrets
FetchSecrets = "fetch_secrets"
// FetchSVIDsUpdates functionality related to fetching SVIDs updates; should be used
// with other tags to add clarity
FetchSVIDsUpdates = "fetch_svids_updates"
// FetchX509CASVID functionality related to fetching an X509 SVID
FetchX509CASVID = "fetch_x509_ca_svid"
// FetchX509SVID functionality related to fetching an X509 SVID
FetchX509SVID = "fetch_x509_svid"
// FirstUpdate functionality related to fetching first update in a streaming API.
FirstUpdate = "first_update"
// GetNodeSelectors functionality related to getting node selectors
GetNodeSelectors = "get_node_selectors"
// CountAgents functionality related to counting agents
CountAgents = "count_agents"
// ListAgents functionality related to listing agents
ListAgents = "list_agents"
// CountEntries functionality related to counting all registration entries
CountEntries = "count_entries"
// ListAllEntriesWithPages functionality related to listing all registration entries with pagination
ListAllEntriesWithPages = "list_all_entries_with_pages"
// CountBundles functionality related to counting bundles
CountBundles = "count_federated_bundles"
// ListFederatedBundles functionality related to listing federated bundles
ListFederatedBundles = "list_federated_bundles"
// ListRegistrationsByParentID functionality related to listing registrations by parent ID
ListRegistrationsByParentID = "list_registrations_by_parent_id"
// ListRegistrationsBySelector functionality related to listing registrations by selector
ListRegistrationsBySelector = "list_registrations_by_selector"
// ListRegistrationsBySelectors functionality related to listing registrations by selectors
ListRegistrationsBySelectors = "list_registrations_by_selectors"
// ListRegistrationsBySPIFFEID functionality related to listing registrations by SPIFFE ID
ListRegistrationsBySPIFFEID = "list_registrations_by_spiffe_id"
// MintJWTSVID functionality related to minting a JWT-SVID
MintJWTSVID = "mint_jwt_svid"
// MintX509SVID functionality related to minting an X.509 SVID
MintX509SVID = "mint_x509_svid"
// PushJWTKeyUpstream functionality related to pushing a public JWT Key to an upstream server.
PushJWTKeyUpstream = "push_jwtkey_upstream"
// SDSAPI functionality related to SDS; should be used with other tags
// to add clarity
SDSAPI = "sds_api"
// ServerKeyManager attached to all operations related to the server KeyManager interface
ServerKeyManager = "server_key_manager"
// Store functionality related to SVID Store service
Store = "store"
// StreamSecrets functionality related to streaming secrets
StreamSecrets = "stream_secrets"
// SubscribeX509SVIDs functionality related to subscribing to X.509 SVIDs.
SubscribeX509SVIDs = "subscribe_x509_svids"
// SubsystemName declares field for some subsystem name (an API, module...)
SubsystemName = "subsystem_name"
// UpdateFederatedBundle functionality related to updating a federated bundle
UpdateFederatedBundle = "update_federated_bundle"
// UpdateRegistrationEntry functionality related to updating a registration entry
UpdateRegistrationEntry = "update_registration_entry"
// ValidateJWTSVID functionality related validating a JWT-SVID
ValidateJWTSVID = "validate_jwt_svid"
// ValidateJWTSVIDError functionality related to an error validating a JWT-SVID
ValidateJWTSVIDError = "validate_jwt_svid_error"
// WorkloadAPI flagging usage of workload API; should be used with other tags
// to add clarity
WorkloadAPI = "workload_api"
)