mirror of
https://github.com/coder/coder.git
synced 2026-06-02 20:48:20 +00:00
Paweł Banaszewski
f22d4e2cbb
Adds table to store keys that AI Gateway standalone replicas will use to authenticate into Coderd. Also adds RBAC and audit boilerplate.
551 lines
23 KiB
Go
551 lines
23 KiB
Go
// Code generated by: go run ./scripts/typegen rbac scopenames; DO NOT EDIT.
|
|
package rbac
|
|
|
|
// ScopeName constants generated from policy.RBACPermissions.
|
|
// These represent low-level "<resource>:<action>" scope names.
|
|
// Built-in non-low-level scopes like "all" and "application_connect" remain
|
|
// declared in code, not here, to avoid duplication.
|
|
|
|
const (
|
|
ScopeAiGatewayKeyCreate ScopeName = "ai_gateway_key:create"
|
|
ScopeAiGatewayKeyDelete ScopeName = "ai_gateway_key:delete"
|
|
ScopeAiGatewayKeyRead ScopeName = "ai_gateway_key:read"
|
|
ScopeAiModelPriceRead ScopeName = "ai_model_price:read"
|
|
ScopeAiModelPriceUpdate ScopeName = "ai_model_price:update"
|
|
ScopeAiProviderCreate ScopeName = "ai_provider:create"
|
|
ScopeAiProviderDelete ScopeName = "ai_provider:delete"
|
|
ScopeAiProviderRead ScopeName = "ai_provider:read"
|
|
ScopeAiProviderUpdate ScopeName = "ai_provider:update"
|
|
ScopeAiSeatCreate ScopeName = "ai_seat:create"
|
|
ScopeAiSeatRead ScopeName = "ai_seat:read"
|
|
ScopeAibridgeInterceptionCreate ScopeName = "aibridge_interception:create"
|
|
ScopeAibridgeInterceptionRead ScopeName = "aibridge_interception:read"
|
|
ScopeAibridgeInterceptionUpdate ScopeName = "aibridge_interception:update"
|
|
ScopeApiKeyCreate ScopeName = "api_key:create"
|
|
ScopeApiKeyDelete ScopeName = "api_key:delete"
|
|
ScopeApiKeyRead ScopeName = "api_key:read"
|
|
ScopeApiKeyUpdate ScopeName = "api_key:update"
|
|
ScopeAssignOrgRoleAssign ScopeName = "assign_org_role:assign"
|
|
ScopeAssignOrgRoleCreate ScopeName = "assign_org_role:create"
|
|
ScopeAssignOrgRoleDelete ScopeName = "assign_org_role:delete"
|
|
ScopeAssignOrgRoleRead ScopeName = "assign_org_role:read"
|
|
ScopeAssignOrgRoleUnassign ScopeName = "assign_org_role:unassign"
|
|
ScopeAssignOrgRoleUpdate ScopeName = "assign_org_role:update"
|
|
ScopeAssignRoleAssign ScopeName = "assign_role:assign"
|
|
ScopeAssignRoleRead ScopeName = "assign_role:read"
|
|
ScopeAssignRoleUnassign ScopeName = "assign_role:unassign"
|
|
ScopeAuditLogCreate ScopeName = "audit_log:create"
|
|
ScopeAuditLogRead ScopeName = "audit_log:read"
|
|
ScopeBoundaryLogCreate ScopeName = "boundary_log:create"
|
|
ScopeBoundaryLogDelete ScopeName = "boundary_log:delete"
|
|
ScopeBoundaryLogRead ScopeName = "boundary_log:read"
|
|
ScopeBoundaryUsageDelete ScopeName = "boundary_usage:delete"
|
|
ScopeBoundaryUsageRead ScopeName = "boundary_usage:read"
|
|
ScopeBoundaryUsageUpdate ScopeName = "boundary_usage:update"
|
|
ScopeChatCreate ScopeName = "chat:create"
|
|
ScopeChatDelete ScopeName = "chat:delete"
|
|
ScopeChatRead ScopeName = "chat:read"
|
|
ScopeChatShare ScopeName = "chat:share"
|
|
ScopeChatUpdate ScopeName = "chat:update"
|
|
ScopeConnectionLogRead ScopeName = "connection_log:read"
|
|
ScopeConnectionLogUpdate ScopeName = "connection_log:update"
|
|
ScopeCryptoKeyCreate ScopeName = "crypto_key:create"
|
|
ScopeCryptoKeyDelete ScopeName = "crypto_key:delete"
|
|
ScopeCryptoKeyRead ScopeName = "crypto_key:read"
|
|
ScopeCryptoKeyUpdate ScopeName = "crypto_key:update"
|
|
ScopeDebugInfoRead ScopeName = "debug_info:read"
|
|
ScopeDeploymentConfigRead ScopeName = "deployment_config:read"
|
|
ScopeDeploymentConfigUpdate ScopeName = "deployment_config:update"
|
|
ScopeDeploymentStatsRead ScopeName = "deployment_stats:read"
|
|
ScopeFileCreate ScopeName = "file:create"
|
|
ScopeFileRead ScopeName = "file:read"
|
|
ScopeGroupCreate ScopeName = "group:create"
|
|
ScopeGroupDelete ScopeName = "group:delete"
|
|
ScopeGroupRead ScopeName = "group:read"
|
|
ScopeGroupUpdate ScopeName = "group:update"
|
|
ScopeGroupMemberRead ScopeName = "group_member:read"
|
|
ScopeIdpsyncSettingsRead ScopeName = "idpsync_settings:read"
|
|
ScopeIdpsyncSettingsUpdate ScopeName = "idpsync_settings:update"
|
|
ScopeInboxNotificationCreate ScopeName = "inbox_notification:create"
|
|
ScopeInboxNotificationRead ScopeName = "inbox_notification:read"
|
|
ScopeInboxNotificationUpdate ScopeName = "inbox_notification:update"
|
|
ScopeLicenseCreate ScopeName = "license:create"
|
|
ScopeLicenseDelete ScopeName = "license:delete"
|
|
ScopeLicenseRead ScopeName = "license:read"
|
|
ScopeNotificationMessageCreate ScopeName = "notification_message:create"
|
|
ScopeNotificationMessageDelete ScopeName = "notification_message:delete"
|
|
ScopeNotificationMessageRead ScopeName = "notification_message:read"
|
|
ScopeNotificationMessageUpdate ScopeName = "notification_message:update"
|
|
ScopeNotificationPreferenceRead ScopeName = "notification_preference:read"
|
|
ScopeNotificationPreferenceUpdate ScopeName = "notification_preference:update"
|
|
ScopeNotificationTemplateRead ScopeName = "notification_template:read"
|
|
ScopeNotificationTemplateUpdate ScopeName = "notification_template:update"
|
|
ScopeOauth2AppCreate ScopeName = "oauth2_app:create"
|
|
ScopeOauth2AppDelete ScopeName = "oauth2_app:delete"
|
|
ScopeOauth2AppRead ScopeName = "oauth2_app:read"
|
|
ScopeOauth2AppUpdate ScopeName = "oauth2_app:update"
|
|
ScopeOauth2AppCodeTokenCreate ScopeName = "oauth2_app_code_token:create"
|
|
ScopeOauth2AppCodeTokenDelete ScopeName = "oauth2_app_code_token:delete"
|
|
ScopeOauth2AppCodeTokenRead ScopeName = "oauth2_app_code_token:read"
|
|
ScopeOauth2AppSecretCreate ScopeName = "oauth2_app_secret:create"
|
|
ScopeOauth2AppSecretDelete ScopeName = "oauth2_app_secret:delete"
|
|
ScopeOauth2AppSecretRead ScopeName = "oauth2_app_secret:read"
|
|
ScopeOauth2AppSecretUpdate ScopeName = "oauth2_app_secret:update"
|
|
ScopeOrganizationCreate ScopeName = "organization:create"
|
|
ScopeOrganizationDelete ScopeName = "organization:delete"
|
|
ScopeOrganizationRead ScopeName = "organization:read"
|
|
ScopeOrganizationUpdate ScopeName = "organization:update"
|
|
ScopeOrganizationMemberCreate ScopeName = "organization_member:create"
|
|
ScopeOrganizationMemberDelete ScopeName = "organization_member:delete"
|
|
ScopeOrganizationMemberRead ScopeName = "organization_member:read"
|
|
ScopeOrganizationMemberUpdate ScopeName = "organization_member:update"
|
|
ScopePrebuiltWorkspaceDelete ScopeName = "prebuilt_workspace:delete"
|
|
ScopePrebuiltWorkspaceUpdate ScopeName = "prebuilt_workspace:update"
|
|
ScopeProvisionerDaemonCreate ScopeName = "provisioner_daemon:create"
|
|
ScopeProvisionerDaemonDelete ScopeName = "provisioner_daemon:delete"
|
|
ScopeProvisionerDaemonRead ScopeName = "provisioner_daemon:read"
|
|
ScopeProvisionerDaemonUpdate ScopeName = "provisioner_daemon:update"
|
|
ScopeProvisionerJobsCreate ScopeName = "provisioner_jobs:create"
|
|
ScopeProvisionerJobsRead ScopeName = "provisioner_jobs:read"
|
|
ScopeProvisionerJobsUpdate ScopeName = "provisioner_jobs:update"
|
|
ScopeReplicasRead ScopeName = "replicas:read"
|
|
ScopeSystemCreate ScopeName = "system:create"
|
|
ScopeSystemDelete ScopeName = "system:delete"
|
|
ScopeSystemRead ScopeName = "system:read"
|
|
ScopeSystemUpdate ScopeName = "system:update"
|
|
ScopeTailnetCoordinatorCreate ScopeName = "tailnet_coordinator:create"
|
|
ScopeTailnetCoordinatorDelete ScopeName = "tailnet_coordinator:delete"
|
|
ScopeTailnetCoordinatorRead ScopeName = "tailnet_coordinator:read"
|
|
ScopeTailnetCoordinatorUpdate ScopeName = "tailnet_coordinator:update"
|
|
ScopeTaskCreate ScopeName = "task:create"
|
|
ScopeTaskDelete ScopeName = "task:delete"
|
|
ScopeTaskRead ScopeName = "task:read"
|
|
ScopeTaskUpdate ScopeName = "task:update"
|
|
ScopeTemplateCreate ScopeName = "template:create"
|
|
ScopeTemplateDelete ScopeName = "template:delete"
|
|
ScopeTemplateRead ScopeName = "template:read"
|
|
ScopeTemplateUpdate ScopeName = "template:update"
|
|
ScopeTemplateUse ScopeName = "template:use"
|
|
ScopeTemplateViewInsights ScopeName = "template:view_insights"
|
|
ScopeUsageEventCreate ScopeName = "usage_event:create"
|
|
ScopeUsageEventRead ScopeName = "usage_event:read"
|
|
ScopeUsageEventUpdate ScopeName = "usage_event:update"
|
|
ScopeUserCreate ScopeName = "user:create"
|
|
ScopeUserDelete ScopeName = "user:delete"
|
|
ScopeUserRead ScopeName = "user:read"
|
|
ScopeUserReadPersonal ScopeName = "user:read_personal"
|
|
ScopeUserUpdate ScopeName = "user:update"
|
|
ScopeUserUpdatePersonal ScopeName = "user:update_personal"
|
|
ScopeUserSecretCreate ScopeName = "user_secret:create"
|
|
ScopeUserSecretDelete ScopeName = "user_secret:delete"
|
|
ScopeUserSecretRead ScopeName = "user_secret:read"
|
|
ScopeUserSecretUpdate ScopeName = "user_secret:update"
|
|
ScopeUserSkillCreate ScopeName = "user_skill:create"
|
|
ScopeUserSkillDelete ScopeName = "user_skill:delete"
|
|
ScopeUserSkillRead ScopeName = "user_skill:read"
|
|
ScopeUserSkillUpdate ScopeName = "user_skill:update"
|
|
ScopeWebpushSubscriptionCreate ScopeName = "webpush_subscription:create"
|
|
ScopeWebpushSubscriptionDelete ScopeName = "webpush_subscription:delete"
|
|
ScopeWebpushSubscriptionRead ScopeName = "webpush_subscription:read"
|
|
ScopeWorkspaceApplicationConnect ScopeName = "workspace:application_connect"
|
|
ScopeWorkspaceCreate ScopeName = "workspace:create"
|
|
ScopeWorkspaceCreateAgent ScopeName = "workspace:create_agent"
|
|
ScopeWorkspaceDelete ScopeName = "workspace:delete"
|
|
ScopeWorkspaceDeleteAgent ScopeName = "workspace:delete_agent"
|
|
ScopeWorkspaceRead ScopeName = "workspace:read"
|
|
ScopeWorkspaceShare ScopeName = "workspace:share"
|
|
ScopeWorkspaceSsh ScopeName = "workspace:ssh"
|
|
ScopeWorkspaceStart ScopeName = "workspace:start"
|
|
ScopeWorkspaceStop ScopeName = "workspace:stop"
|
|
ScopeWorkspaceUpdate ScopeName = "workspace:update"
|
|
ScopeWorkspaceUpdateAgent ScopeName = "workspace:update_agent"
|
|
ScopeWorkspaceAgentDevcontainersCreate ScopeName = "workspace_agent_devcontainers:create"
|
|
ScopeWorkspaceAgentResourceMonitorCreate ScopeName = "workspace_agent_resource_monitor:create"
|
|
ScopeWorkspaceAgentResourceMonitorRead ScopeName = "workspace_agent_resource_monitor:read"
|
|
ScopeWorkspaceAgentResourceMonitorUpdate ScopeName = "workspace_agent_resource_monitor:update"
|
|
ScopeWorkspaceDormantApplicationConnect ScopeName = "workspace_dormant:application_connect"
|
|
ScopeWorkspaceDormantCreate ScopeName = "workspace_dormant:create"
|
|
ScopeWorkspaceDormantCreateAgent ScopeName = "workspace_dormant:create_agent"
|
|
ScopeWorkspaceDormantDelete ScopeName = "workspace_dormant:delete"
|
|
ScopeWorkspaceDormantDeleteAgent ScopeName = "workspace_dormant:delete_agent"
|
|
ScopeWorkspaceDormantRead ScopeName = "workspace_dormant:read"
|
|
ScopeWorkspaceDormantShare ScopeName = "workspace_dormant:share"
|
|
ScopeWorkspaceDormantSsh ScopeName = "workspace_dormant:ssh"
|
|
ScopeWorkspaceDormantStart ScopeName = "workspace_dormant:start"
|
|
ScopeWorkspaceDormantStop ScopeName = "workspace_dormant:stop"
|
|
ScopeWorkspaceDormantUpdate ScopeName = "workspace_dormant:update"
|
|
ScopeWorkspaceDormantUpdateAgent ScopeName = "workspace_dormant:update_agent"
|
|
ScopeWorkspaceProxyCreate ScopeName = "workspace_proxy:create"
|
|
ScopeWorkspaceProxyDelete ScopeName = "workspace_proxy:delete"
|
|
ScopeWorkspaceProxyRead ScopeName = "workspace_proxy:read"
|
|
ScopeWorkspaceProxyUpdate ScopeName = "workspace_proxy:update"
|
|
)
|
|
|
|
// Valid reports whether the ScopeName matches one of the known scope values.
|
|
// This includes both builtin scope names and generated low-level scopes.
|
|
// Builtins are sourced from rbac.BuiltinScopeNames() at generation time to
|
|
// ensure changes in rbac/scopes.go remain in sync here.
|
|
func (e ScopeName) Valid() bool {
|
|
switch e {
|
|
case ScopeName("coder:all"),
|
|
ScopeName("coder:application_connect"),
|
|
ScopeName("no_user_data"),
|
|
ScopeAiGatewayKeyCreate,
|
|
ScopeAiGatewayKeyDelete,
|
|
ScopeAiGatewayKeyRead,
|
|
ScopeAiModelPriceRead,
|
|
ScopeAiModelPriceUpdate,
|
|
ScopeAiProviderCreate,
|
|
ScopeAiProviderDelete,
|
|
ScopeAiProviderRead,
|
|
ScopeAiProviderUpdate,
|
|
ScopeAiSeatCreate,
|
|
ScopeAiSeatRead,
|
|
ScopeAibridgeInterceptionCreate,
|
|
ScopeAibridgeInterceptionRead,
|
|
ScopeAibridgeInterceptionUpdate,
|
|
ScopeApiKeyCreate,
|
|
ScopeApiKeyDelete,
|
|
ScopeApiKeyRead,
|
|
ScopeApiKeyUpdate,
|
|
ScopeAssignOrgRoleAssign,
|
|
ScopeAssignOrgRoleCreate,
|
|
ScopeAssignOrgRoleDelete,
|
|
ScopeAssignOrgRoleRead,
|
|
ScopeAssignOrgRoleUnassign,
|
|
ScopeAssignOrgRoleUpdate,
|
|
ScopeAssignRoleAssign,
|
|
ScopeAssignRoleRead,
|
|
ScopeAssignRoleUnassign,
|
|
ScopeAuditLogCreate,
|
|
ScopeAuditLogRead,
|
|
ScopeBoundaryLogCreate,
|
|
ScopeBoundaryLogDelete,
|
|
ScopeBoundaryLogRead,
|
|
ScopeBoundaryUsageDelete,
|
|
ScopeBoundaryUsageRead,
|
|
ScopeBoundaryUsageUpdate,
|
|
ScopeChatCreate,
|
|
ScopeChatDelete,
|
|
ScopeChatRead,
|
|
ScopeChatShare,
|
|
ScopeChatUpdate,
|
|
ScopeConnectionLogRead,
|
|
ScopeConnectionLogUpdate,
|
|
ScopeCryptoKeyCreate,
|
|
ScopeCryptoKeyDelete,
|
|
ScopeCryptoKeyRead,
|
|
ScopeCryptoKeyUpdate,
|
|
ScopeDebugInfoRead,
|
|
ScopeDeploymentConfigRead,
|
|
ScopeDeploymentConfigUpdate,
|
|
ScopeDeploymentStatsRead,
|
|
ScopeFileCreate,
|
|
ScopeFileRead,
|
|
ScopeGroupCreate,
|
|
ScopeGroupDelete,
|
|
ScopeGroupRead,
|
|
ScopeGroupUpdate,
|
|
ScopeGroupMemberRead,
|
|
ScopeIdpsyncSettingsRead,
|
|
ScopeIdpsyncSettingsUpdate,
|
|
ScopeInboxNotificationCreate,
|
|
ScopeInboxNotificationRead,
|
|
ScopeInboxNotificationUpdate,
|
|
ScopeLicenseCreate,
|
|
ScopeLicenseDelete,
|
|
ScopeLicenseRead,
|
|
ScopeNotificationMessageCreate,
|
|
ScopeNotificationMessageDelete,
|
|
ScopeNotificationMessageRead,
|
|
ScopeNotificationMessageUpdate,
|
|
ScopeNotificationPreferenceRead,
|
|
ScopeNotificationPreferenceUpdate,
|
|
ScopeNotificationTemplateRead,
|
|
ScopeNotificationTemplateUpdate,
|
|
ScopeOauth2AppCreate,
|
|
ScopeOauth2AppDelete,
|
|
ScopeOauth2AppRead,
|
|
ScopeOauth2AppUpdate,
|
|
ScopeOauth2AppCodeTokenCreate,
|
|
ScopeOauth2AppCodeTokenDelete,
|
|
ScopeOauth2AppCodeTokenRead,
|
|
ScopeOauth2AppSecretCreate,
|
|
ScopeOauth2AppSecretDelete,
|
|
ScopeOauth2AppSecretRead,
|
|
ScopeOauth2AppSecretUpdate,
|
|
ScopeOrganizationCreate,
|
|
ScopeOrganizationDelete,
|
|
ScopeOrganizationRead,
|
|
ScopeOrganizationUpdate,
|
|
ScopeOrganizationMemberCreate,
|
|
ScopeOrganizationMemberDelete,
|
|
ScopeOrganizationMemberRead,
|
|
ScopeOrganizationMemberUpdate,
|
|
ScopePrebuiltWorkspaceDelete,
|
|
ScopePrebuiltWorkspaceUpdate,
|
|
ScopeProvisionerDaemonCreate,
|
|
ScopeProvisionerDaemonDelete,
|
|
ScopeProvisionerDaemonRead,
|
|
ScopeProvisionerDaemonUpdate,
|
|
ScopeProvisionerJobsCreate,
|
|
ScopeProvisionerJobsRead,
|
|
ScopeProvisionerJobsUpdate,
|
|
ScopeReplicasRead,
|
|
ScopeSystemCreate,
|
|
ScopeSystemDelete,
|
|
ScopeSystemRead,
|
|
ScopeSystemUpdate,
|
|
ScopeTailnetCoordinatorCreate,
|
|
ScopeTailnetCoordinatorDelete,
|
|
ScopeTailnetCoordinatorRead,
|
|
ScopeTailnetCoordinatorUpdate,
|
|
ScopeTaskCreate,
|
|
ScopeTaskDelete,
|
|
ScopeTaskRead,
|
|
ScopeTaskUpdate,
|
|
ScopeTemplateCreate,
|
|
ScopeTemplateDelete,
|
|
ScopeTemplateRead,
|
|
ScopeTemplateUpdate,
|
|
ScopeTemplateUse,
|
|
ScopeTemplateViewInsights,
|
|
ScopeUsageEventCreate,
|
|
ScopeUsageEventRead,
|
|
ScopeUsageEventUpdate,
|
|
ScopeUserCreate,
|
|
ScopeUserDelete,
|
|
ScopeUserRead,
|
|
ScopeUserReadPersonal,
|
|
ScopeUserUpdate,
|
|
ScopeUserUpdatePersonal,
|
|
ScopeUserSecretCreate,
|
|
ScopeUserSecretDelete,
|
|
ScopeUserSecretRead,
|
|
ScopeUserSecretUpdate,
|
|
ScopeUserSkillCreate,
|
|
ScopeUserSkillDelete,
|
|
ScopeUserSkillRead,
|
|
ScopeUserSkillUpdate,
|
|
ScopeWebpushSubscriptionCreate,
|
|
ScopeWebpushSubscriptionDelete,
|
|
ScopeWebpushSubscriptionRead,
|
|
ScopeWorkspaceApplicationConnect,
|
|
ScopeWorkspaceCreate,
|
|
ScopeWorkspaceCreateAgent,
|
|
ScopeWorkspaceDelete,
|
|
ScopeWorkspaceDeleteAgent,
|
|
ScopeWorkspaceRead,
|
|
ScopeWorkspaceShare,
|
|
ScopeWorkspaceSsh,
|
|
ScopeWorkspaceStart,
|
|
ScopeWorkspaceStop,
|
|
ScopeWorkspaceUpdate,
|
|
ScopeWorkspaceUpdateAgent,
|
|
ScopeWorkspaceAgentDevcontainersCreate,
|
|
ScopeWorkspaceAgentResourceMonitorCreate,
|
|
ScopeWorkspaceAgentResourceMonitorRead,
|
|
ScopeWorkspaceAgentResourceMonitorUpdate,
|
|
ScopeWorkspaceDormantApplicationConnect,
|
|
ScopeWorkspaceDormantCreate,
|
|
ScopeWorkspaceDormantCreateAgent,
|
|
ScopeWorkspaceDormantDelete,
|
|
ScopeWorkspaceDormantDeleteAgent,
|
|
ScopeWorkspaceDormantRead,
|
|
ScopeWorkspaceDormantShare,
|
|
ScopeWorkspaceDormantSsh,
|
|
ScopeWorkspaceDormantStart,
|
|
ScopeWorkspaceDormantStop,
|
|
ScopeWorkspaceDormantUpdate,
|
|
ScopeWorkspaceDormantUpdateAgent,
|
|
ScopeWorkspaceProxyCreate,
|
|
ScopeWorkspaceProxyDelete,
|
|
ScopeWorkspaceProxyRead,
|
|
ScopeWorkspaceProxyUpdate:
|
|
return true
|
|
}
|
|
return false
|
|
}
|
|
|
|
// AllScopeNameValues returns a slice containing all known scope values,
|
|
// including builtin and generated low-level scopes.
|
|
func AllScopeNameValues() []ScopeName {
|
|
return []ScopeName{
|
|
ScopeName("coder:all"),
|
|
ScopeName("coder:application_connect"),
|
|
ScopeName("no_user_data"),
|
|
ScopeAiGatewayKeyCreate,
|
|
ScopeAiGatewayKeyDelete,
|
|
ScopeAiGatewayKeyRead,
|
|
ScopeAiModelPriceRead,
|
|
ScopeAiModelPriceUpdate,
|
|
ScopeAiProviderCreate,
|
|
ScopeAiProviderDelete,
|
|
ScopeAiProviderRead,
|
|
ScopeAiProviderUpdate,
|
|
ScopeAiSeatCreate,
|
|
ScopeAiSeatRead,
|
|
ScopeAibridgeInterceptionCreate,
|
|
ScopeAibridgeInterceptionRead,
|
|
ScopeAibridgeInterceptionUpdate,
|
|
ScopeApiKeyCreate,
|
|
ScopeApiKeyDelete,
|
|
ScopeApiKeyRead,
|
|
ScopeApiKeyUpdate,
|
|
ScopeAssignOrgRoleAssign,
|
|
ScopeAssignOrgRoleCreate,
|
|
ScopeAssignOrgRoleDelete,
|
|
ScopeAssignOrgRoleRead,
|
|
ScopeAssignOrgRoleUnassign,
|
|
ScopeAssignOrgRoleUpdate,
|
|
ScopeAssignRoleAssign,
|
|
ScopeAssignRoleRead,
|
|
ScopeAssignRoleUnassign,
|
|
ScopeAuditLogCreate,
|
|
ScopeAuditLogRead,
|
|
ScopeBoundaryLogCreate,
|
|
ScopeBoundaryLogDelete,
|
|
ScopeBoundaryLogRead,
|
|
ScopeBoundaryUsageDelete,
|
|
ScopeBoundaryUsageRead,
|
|
ScopeBoundaryUsageUpdate,
|
|
ScopeChatCreate,
|
|
ScopeChatDelete,
|
|
ScopeChatRead,
|
|
ScopeChatShare,
|
|
ScopeChatUpdate,
|
|
ScopeConnectionLogRead,
|
|
ScopeConnectionLogUpdate,
|
|
ScopeCryptoKeyCreate,
|
|
ScopeCryptoKeyDelete,
|
|
ScopeCryptoKeyRead,
|
|
ScopeCryptoKeyUpdate,
|
|
ScopeDebugInfoRead,
|
|
ScopeDeploymentConfigRead,
|
|
ScopeDeploymentConfigUpdate,
|
|
ScopeDeploymentStatsRead,
|
|
ScopeFileCreate,
|
|
ScopeFileRead,
|
|
ScopeGroupCreate,
|
|
ScopeGroupDelete,
|
|
ScopeGroupRead,
|
|
ScopeGroupUpdate,
|
|
ScopeGroupMemberRead,
|
|
ScopeIdpsyncSettingsRead,
|
|
ScopeIdpsyncSettingsUpdate,
|
|
ScopeInboxNotificationCreate,
|
|
ScopeInboxNotificationRead,
|
|
ScopeInboxNotificationUpdate,
|
|
ScopeLicenseCreate,
|
|
ScopeLicenseDelete,
|
|
ScopeLicenseRead,
|
|
ScopeNotificationMessageCreate,
|
|
ScopeNotificationMessageDelete,
|
|
ScopeNotificationMessageRead,
|
|
ScopeNotificationMessageUpdate,
|
|
ScopeNotificationPreferenceRead,
|
|
ScopeNotificationPreferenceUpdate,
|
|
ScopeNotificationTemplateRead,
|
|
ScopeNotificationTemplateUpdate,
|
|
ScopeOauth2AppCreate,
|
|
ScopeOauth2AppDelete,
|
|
ScopeOauth2AppRead,
|
|
ScopeOauth2AppUpdate,
|
|
ScopeOauth2AppCodeTokenCreate,
|
|
ScopeOauth2AppCodeTokenDelete,
|
|
ScopeOauth2AppCodeTokenRead,
|
|
ScopeOauth2AppSecretCreate,
|
|
ScopeOauth2AppSecretDelete,
|
|
ScopeOauth2AppSecretRead,
|
|
ScopeOauth2AppSecretUpdate,
|
|
ScopeOrganizationCreate,
|
|
ScopeOrganizationDelete,
|
|
ScopeOrganizationRead,
|
|
ScopeOrganizationUpdate,
|
|
ScopeOrganizationMemberCreate,
|
|
ScopeOrganizationMemberDelete,
|
|
ScopeOrganizationMemberRead,
|
|
ScopeOrganizationMemberUpdate,
|
|
ScopePrebuiltWorkspaceDelete,
|
|
ScopePrebuiltWorkspaceUpdate,
|
|
ScopeProvisionerDaemonCreate,
|
|
ScopeProvisionerDaemonDelete,
|
|
ScopeProvisionerDaemonRead,
|
|
ScopeProvisionerDaemonUpdate,
|
|
ScopeProvisionerJobsCreate,
|
|
ScopeProvisionerJobsRead,
|
|
ScopeProvisionerJobsUpdate,
|
|
ScopeReplicasRead,
|
|
ScopeSystemCreate,
|
|
ScopeSystemDelete,
|
|
ScopeSystemRead,
|
|
ScopeSystemUpdate,
|
|
ScopeTailnetCoordinatorCreate,
|
|
ScopeTailnetCoordinatorDelete,
|
|
ScopeTailnetCoordinatorRead,
|
|
ScopeTailnetCoordinatorUpdate,
|
|
ScopeTaskCreate,
|
|
ScopeTaskDelete,
|
|
ScopeTaskRead,
|
|
ScopeTaskUpdate,
|
|
ScopeTemplateCreate,
|
|
ScopeTemplateDelete,
|
|
ScopeTemplateRead,
|
|
ScopeTemplateUpdate,
|
|
ScopeTemplateUse,
|
|
ScopeTemplateViewInsights,
|
|
ScopeUsageEventCreate,
|
|
ScopeUsageEventRead,
|
|
ScopeUsageEventUpdate,
|
|
ScopeUserCreate,
|
|
ScopeUserDelete,
|
|
ScopeUserRead,
|
|
ScopeUserReadPersonal,
|
|
ScopeUserUpdate,
|
|
ScopeUserUpdatePersonal,
|
|
ScopeUserSecretCreate,
|
|
ScopeUserSecretDelete,
|
|
ScopeUserSecretRead,
|
|
ScopeUserSecretUpdate,
|
|
ScopeUserSkillCreate,
|
|
ScopeUserSkillDelete,
|
|
ScopeUserSkillRead,
|
|
ScopeUserSkillUpdate,
|
|
ScopeWebpushSubscriptionCreate,
|
|
ScopeWebpushSubscriptionDelete,
|
|
ScopeWebpushSubscriptionRead,
|
|
ScopeWorkspaceApplicationConnect,
|
|
ScopeWorkspaceCreate,
|
|
ScopeWorkspaceCreateAgent,
|
|
ScopeWorkspaceDelete,
|
|
ScopeWorkspaceDeleteAgent,
|
|
ScopeWorkspaceRead,
|
|
ScopeWorkspaceShare,
|
|
ScopeWorkspaceSsh,
|
|
ScopeWorkspaceStart,
|
|
ScopeWorkspaceStop,
|
|
ScopeWorkspaceUpdate,
|
|
ScopeWorkspaceUpdateAgent,
|
|
ScopeWorkspaceAgentDevcontainersCreate,
|
|
ScopeWorkspaceAgentResourceMonitorCreate,
|
|
ScopeWorkspaceAgentResourceMonitorRead,
|
|
ScopeWorkspaceAgentResourceMonitorUpdate,
|
|
ScopeWorkspaceDormantApplicationConnect,
|
|
ScopeWorkspaceDormantCreate,
|
|
ScopeWorkspaceDormantCreateAgent,
|
|
ScopeWorkspaceDormantDelete,
|
|
ScopeWorkspaceDormantDeleteAgent,
|
|
ScopeWorkspaceDormantRead,
|
|
ScopeWorkspaceDormantShare,
|
|
ScopeWorkspaceDormantSsh,
|
|
ScopeWorkspaceDormantStart,
|
|
ScopeWorkspaceDormantStop,
|
|
ScopeWorkspaceDormantUpdate,
|
|
ScopeWorkspaceDormantUpdateAgent,
|
|
ScopeWorkspaceProxyCreate,
|
|
ScopeWorkspaceProxyDelete,
|
|
ScopeWorkspaceProxyRead,
|
|
ScopeWorkspaceProxyUpdate,
|
|
}
|
|
}
|