- Sort Score
- Result 10 results
- Languages All
Results 1 - 4 of 4 for production (0.2 sec)
-
manifests/charts/README.md
In particular access to the security-critical production components (root CA, policy, control) should be locked down and restricted. The new installer allows multiple instances of policy/control/telemetry - so testing/staging of new settings and versions can be performed by a different role than the prod version. The intended users of this repo are users running Istio in production who want to select, tune
Plain Text - Registered: Wed May 08 22:53:08 GMT 2024 - Last Modified: Wed Feb 07 17:53:24 GMT 2024 - 6.7K bytes - Viewed (0) -
common-protos/k8s.io/api/certificates/v1beta1/generated.proto
// "data encipherment", // "cert sign", // "crl sign", // "encipher only", // "decipher only", // "any", // "server auth", // "client auth", // "code signing", // "email protection", // "s/mime", // "ipsec end system", // "ipsec tunnel", // "ipsec user", // "timestamping", // "ocsp signing", // "microsoft sgc", // "netscape sgc" // +listType=atomic
Plain Text - Registered: Wed May 08 22:53:08 GMT 2024 - Last Modified: Mon Mar 11 18:43:24 GMT 2024 - 6.7K bytes - Viewed (0) -
common-protos/k8s.io/api/certificates/v1alpha1/generated.proto
// (root certificates). // // ClusterTrustBundle objects are considered to be readable by any authenticated // user in the cluster, because they can be mounted by pods using the // `clusterTrustBundle` projection. All service accounts have read access to // ClusterTrustBundles by default. Users who only have namespace-level access // to a cluster can read ClusterTrustBundles by impersonating a serviceaccount // that they have access to.
Plain Text - Registered: Wed May 08 22:53:08 GMT 2024 - Last Modified: Mon Mar 11 18:43:24 GMT 2024 - 4.2K bytes - Viewed (0) -
architecture/security/istio-agent.md
[generated and rotated by Kubernetes](https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#service-account-token-volume-projection). For discovery, the JWT token will be read directly from a file and sent as is. For CA, this logic is a bit more complex,
Plain Text - Registered: Wed May 08 22:53:08 GMT 2024 - Last Modified: Tue Aug 22 16:45:50 GMT 2023 - 7.2K bytes - Viewed (1)