/* -*- Mode: C++; tab-width: 4; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 2023-present Couchbase, Inc. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ #pragma once #include <optional> #include <string> namespace couchbase::management { enum analytics_link_type { /** * S3 external analytics link. Corresponds to a @ref s3_external_analytics_link */ s3_external, /** * Azure external analytics link. Corresponds to a @ref azure_blob_external_analytics_link */ azure_external, /** * A remote analytics link that uses a Couchbase data service that is not part of the same cluster as the Analytics service. * Corresponds to a @ref couchbase_remote_analytics_link */ couchbase_remote, }; enum analytics_encryption_level { /** * Connect to the remote Couchbase cluster using an unsecured channel. Send the password in plaintext. */ none, /** * Connect to the remote Couchbase cluster using an unsecured channel. Send the password securely using SASL. */ half, /** * Connect to the remote Couchbase cluster using a channel secured by TLS. If a password is used, it is sent over the secure channel. * * Requires specifying the certificate to trust. */ full }; struct analytics_link { std::string name; std::string dataverse_name; virtual ~analytics_link() = default; /** * Returns the type of this analytics link * * @return the link type */ [[nodiscard]] virtual analytics_link_type link_type() const = 0; analytics_link() = default; analytics_link(std::string name, std::string dataverse_name); }; struct couchbase_analytics_encryption_settings { /** * Specifies what level of encryption should be applied */ analytics_encryption_level encryption_level{ analytics_encryption_level::none }; /** * The certificate to use for encryption when the encryption level is set to 'full'. */ std::optional<std::string> certificate{}; /** * The certificate to use for authenticating when the encryption level is set to 'full'. Cannot be set if a username and password are * provided */ std::optional<std::string> client_certificate{}; /** * The client key to use for authenticating when the encryption level is set to 'full'. Cannot be set if a username and password are * provided */ std::optional<std::string> client_key{}; }; struct couchbase_remote_analytics_link : analytics_link { std::string hostname; couchbase_analytics_encryption_settings encryption{}; std::optional<std::string> username{}; std::optional<std::string> password{}; [[nodiscard]] analytics_link_type link_type() const override { return analytics_link_type::couchbase_remote; } /** * Constructs an empty remote Couchbase analytics link. * * @since 1.0.0 * @committed */ couchbase_remote_analytics_link() = default; /** * Constructs and initializes a remote Couchbase analytics link with the given parameters. A remote analytics link uses a Couchbase data * service that is not part of the same cluster as the Analytics service. * * @param name the name of the link * @param dataverse_name the dataverse that the link belongs to. Its format can be one part `dataversename` or two parts * `bucket_name/scope_name` * @param hostname the hostname of the target Couchbase cluster * @param encryption the encryption settings for the link * @param username the username to use for authentication with the remote cluster. Optional if client certificate authentication is * being used * @param password the password to use for authentication with the remote cluster. Optional if client-certificate authentication is * being used * * @since 1.0.0 * @committed */ couchbase_remote_analytics_link(std::string name, std::string dataverse_name, std::string hostname, couchbase_analytics_encryption_settings encryption = {}, std::optional<std::string> username = {}, std::optional<std::string> password = {}); }; struct s3_external_analytics_link : analytics_link { std::string access_key_id; std::string secret_access_key; std::string region; std::optional<std::string> session_token{}; std::optional<std::string> service_endpoint{}; [[nodiscard]] analytics_link_type link_type() const override { return analytics_link_type::s3_external; } /** * Constructs an empty external S3 analytics link * * @committed * @since 1.0.0 */ s3_external_analytics_link() = default; /** * Constructs and initializes an external S3 analytics link with the given parameters. * * @param name the name of the link * @param dataverse_name the name of the dataverse the link belongs to * @param access_key_id the AWS S3 access key * @param secret_access_key the AWS S3 secret key * @param region the AWS S3 region * @param session_token the AWS S3 token if temporary credentials are provided * @param service_endpoint the AWS S3 service endpoint * * @committed * @since 1.0.0 */ s3_external_analytics_link(std::string name, std::string dataverse_name, std::string access_key_id, std::string secret_access_key, std::string region, std::optional<std::string> session_token = {}, std::optional<std::string> service_endpoint = {}); }; struct azure_blob_external_analytics_link : analytics_link { std::optional<std::string> connection_string{}; std::optional<std::string> account_name{}; std::optional<std::string> account_key{}; std::optional<std::string> shared_access_signature{}; std::optional<std::string> blob_endpoint{}; std::optional<std::string> endpoint_suffix{}; [[nodiscard]] analytics_link_type link_type() const override { return analytics_link_type::azure_external; } /** * Constructs an empty external Azure blob analytics link. * * @committed * @since 1.0.0 */ azure_blob_external_analytics_link() = default; /** * Constructs and initializes an external Azure blob analytics link. * * @param name the name of the link * @param dataverse_name the name of the dataverse the link belongs to * @param connection_string the connection string that can be used as an authentication method. It contains other authentication methods * embedded inside the string. Only a single authentication method can be used (e.g. * "AccountName=myAccountName;AccountKey=myAccountKey"). * @param account_name the Azure blob storage account name * @param account_key the Azure blob storage account key * @param shared_access_signature token that can be used for authentication * @param blob_endpoint the Azure blob storage endpoint * @param endpoint_suffix the Azure blob endpoint suffix * * @committed * @since 1.0.0 */ azure_blob_external_analytics_link(std::string name, std::string dataverse_name, std::optional<std::string> connection_string = {}, std::optional<std::string> account_name = {}, std::optional<std::string> account_key = {}, std::optional<std::string> shared_access_signature = {}, std::optional<std::string> blob_endpoint = {}, std::optional<std::string> endpoint_suffix = {}); }; } // namespace couchbase::management