Package builder provides simple and easy-to-use way to construct Aptomi Policy in the source code, primarily for unit tests.

Package expression provides support for evaluating expressions in Aptomi, with support for caching compiled expressions.

Package template provides support for evaluating text templates in Aptomi, with support for caching compiled templates.

Package yaml provides support for marshalling YAML objects and loading/unmarshalling them from YAML files.

GetACLRulesSortedByWeight returns all rules sorted by their weight.

GetRulesSortedByWeight returns all rules sorted by their weight.

IsPolicyObject returns true if provided object is part of the policy objects list.

NewACLResolver creates a new ACLResolver.

NewLabelOperations creates a new LabelOperations object, given "set" and "remove" parameters.

NewLabelOperationsSetSingleLabel creates a new LabelOperations object to set a single "k"="v" label.

NewLabelSet creates a new LabelSet from a given map of text labels.

NewPolicy creates a new Policy.

NewPolicyNamespace creates a new PolicyNamespace.

NewPolicyValidator creates a new PolicyValidator.

NewPolicyView creates a new PolicyView.

NewRuleActionResult creates a new RuleActionResult.

NewTarget creates a new deployment target, given a string in form [aptomi_namespace/]cluster[.suffix] (where suffix is typically a k8s namespace).

LabelTarget is a special label name where cluster should be stored.

Reject is a special constant that is used in rule actions for rejecting claims, ingress traffic, etc.

ACLRolesMap represents the map of ACL roles (Role ID -> Role).

ACLRolesOrderedList represents the ordered list of ACL roles (from most "powerful" to least "powerful").

ACLRuleObject is an informational data structure with Kind and Constructor for ACLRule.

BundleObject is an informational data structure with Kind and Constructor for Bundle.

ClaimObject is an informational data structure with Kind and Constructor for Claim.

ClusterObject is an informational data structure with Kind and Constructor for Cluster.

DomainAdmin is a built-in domain admin role.

NamespaceAdmin is a built-in admin role.

PolicyObjects is the list of informational data for all policy objects.

RuleObject is an informational data structure with Kind and Constructor for Rule.

ServiceConsumer is a built-in service consumer role.

ServiceObject is an informational data structure with Kind and Constructor for Service.

ACLResolver is a struct which allows to perform ACL resolution, allowing to retrieve user privileges for the objects they access.

ACLRole is a struct for defining user roles and their privileges.

ACLRule defines which users have which roles in Aptomi.

ACLRuleActions is a set of actions that can be performed by a ACL rule, assigning permissions to access namespaces.

Allocation determines which bundle should be allocated for by the given context and which additional keys should be added to component instance key.

APIPolicy is a Policy representation for API filtered for specific user.

APIPolicyNamespace is a PolicyNamespace representation for API filtered for specific user.

Bundle defines individual bundle in Aptomi.

BundleComponent defines component within a bundle.

Claim is a declaration of use, defined in a form <User> needs an instance of <Service> with specified set of <Labels>.

Cluster defines an individual cluster where containers get deployed.

Code with type and parameters, used to instantiate/update/delete component instances.

Context represents a single context within a service.

Criteria is a structure which allows users to define complex matching expressions in the policy.

GlobalUsers contains the map of users by their name.

LabelSet defines the set of labels that will be manipulated throughout policy execution.

Metadata is an object metadata implementation (Namespace, Kind, Name, Generation) which works for all standard objects.

Policy describes the entire Aptomi policy.

PolicyNamespace describes a specific namespace within Aptomi policy.

PolicyValidator is a custom validator for the policy.

PolicyView allows to view/manage policy objects on behalf on a certain user It will enforce all ACLs, allowing the user to only perform actions which he is entitled to perform.

Privilege is a unit of privilege for any single given object.

Privileges defines a set of privileges for a particular role in Aptomi.

Rule is a generic mechanism for defining rules in Aptomi.

RuleActionResult is a result of processing multiple rules on a given component.

RuleActions is a set of actions that can be performed by a rule.

Service is an object, which allows you to define a service for a bundle, as well as a set of specific implementations.

Target represents a deployment target in Aptomi.

User represents a user in Aptomi.

Base interface represents unified base object that could be part of the policy.

ClaimAction is a rule action to allow or disallow claim to be resolved.

IngressAction is a rule action to to allow or disallow ingres traffic for a component.

LabelOperations defines label transform operations.