| Serge Bazanski | 6bd4159 | 2021-08-23 13:18:37 +0200 | [diff] [blame] | 1 | syntax = "proto3"; |
| 2 | package metropolis.proto.api; |
| 3 | option go_package = "source.monogon.dev/metropolis/proto/api"; |
| 4 | |
| Serge Bazanski | 9ffa1f9 | 2021-09-01 15:42:23 +0200 | [diff] [blame] | 5 | import "metropolis/proto/ext/authorization.proto"; |
| 6 | |
| Serge Bazanski | 6bd4159 | 2021-08-23 13:18:37 +0200 | [diff] [blame] | 7 | // Management service available to Cluster Managers. |
| 8 | service Management { |
| 9 | // GetRegisterTicket retrieves the current RegisterTicket which is required |
| 10 | // for new nodes to register into the cluster. Presenting this ticket on |
| 11 | // registration does not automatically grant access to arbitrary node |
| 12 | // registration. Instead, it is used to guard the API surface of the |
| 13 | // Register RPC from potential denial of service attacks, and can be |
| 14 | // regenerated at any time in case it leaks. |
| Serge Bazanski | 9ffa1f9 | 2021-09-01 15:42:23 +0200 | [diff] [blame] | 15 | rpc GetRegisterTicket(GetRegisterTicketRequest) returns (GetRegisterTicketResponse) { |
| 16 | option (metropolis.proto.ext.authorization) = { |
| 17 | need: PERMISSION_GET_REGISTER_TICKET |
| 18 | }; |
| 19 | } |
| Serge Bazanski | 6bd4159 | 2021-08-23 13:18:37 +0200 | [diff] [blame] | 20 | } |
| 21 | |
| 22 | message GetRegisterTicketRequest { |
| 23 | } |
| 24 | |
| 25 | message GetRegisterTicketResponse { |
| 26 | // Opaque bytes that comprise the RegisterTicket. |
| 27 | bytes ticket = 1; |
| 28 | } |