Search Options

Results per page
Sort
Preferred Languages
Advance

Results 1 - 9 of 9 for impersonate (0.14 sec)

  2. github.com/istio/istio

    security/pkg/server/ca/node_auth.go 

    		Name:      caller.PodServiceAccount,
	}
	// First, make sure the caller is allowed to impersonate, in general
	if _, f := na.trustedNodeAccounts[callerSa]; !f {
		return fmt.Errorf("caller (%v) is not allowed to impersonate", caller)
	}
	// Next, make sure the identity they want to impersonate is valid, in general
	requestedIdentity, err := spiffe.ParseIdentity(requestedIdentityString)
	if err != nil {
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Wed Feb 28 16:41:38 UTC 2024
    - 6.4K bytes
    - Viewed (0)
  3. github.com/istio/istio

    releasenotes/notes/49011.yaml 

    apiVersion: release-notes/v2
kind: feature
area: security
issue:
  - 47489
releaseNotes:
  - |-
    **Added** support for istio CA to handle node authorization for CSRs with impersonate identity from remote clusters.
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Mon Feb 05 15:46:44 UTC 2024
    - 328 bytes
    - Viewed (0)
  4. github.com/istio/istio

    security/pkg/server/ca/server.go 

    			return nil, status.Error(codes.Unauthenticated, "request impersonation authentication failure")
		}
		// Node is authorized to impersonate; overwrite the SAN to the impersonated identity.
		sans = []string{impersonatedIdentity}
	}
	serverCaLog.Debugf("generating a certificate, sans: %v, requested ttl: %s", sans, time.Duration(request.ValidityDuration*int64(time.Second)))
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Tue May 28 17:35:26 UTC 2024
    - 8K bytes
    - Viewed (0)
  5. github.com/golang/go

    src/cmd/go/internal/tool/tool.go 

    			// since it is normally only used for building the toolchain in the first
			// place. However, 'go tool dist list' is useful for listing all supported
			// platforms.
			//
			// If the dist tool does not exist, impersonate this command.
			if impersonateDistList(args[2:]) {
				// If it becomes necessary, we could increment an additional counter to indicate
				// that we're impersonating dist list if knowing that becomes important?
    Registered: Wed Jun 12 16:32:35 UTC 2024
    - Last Modified: Fri Apr 05 18:02:11 UTC 2024
    - 5.9K bytes
    - Viewed (0)
  6. github.com/istio/istio

    common-protos/k8s.io/api/authentication/v1alpha1/generated.proto 

    // SelfSubjectReview contains the user information that the kube-apiserver has about the user making this request.
// When using impersonation, users will receive the user info of the user being impersonated.  If impersonation or
// request header authentication is used, any extra keys will have their case ignored and returned as lowercase.
message SelfSubjectReview {
  // Standard object's metadata.
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Mon Mar 11 18:43:24 UTC 2024
    - 2K bytes
    - Viewed (0)
  7. github.com/kubernetes/kubernetes

    staging/src/k8s.io/api/authentication/v1alpha1/generated.proto 

    // SelfSubjectReview contains the user information that the kube-apiserver has about the user making this request.
// When using impersonation, users will receive the user info of the user being impersonated.  If impersonation or
// request header authentication is used, any extra keys will have their case ignored and returned as lowercase.
message SelfSubjectReview {
  // Standard object's metadata.
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Thu Mar 28 15:34:11 UTC 2024
    - 2K bytes
    - Viewed (0)
  8. github.com/kubernetes/kubernetes

    staging/src/k8s.io/api/authentication/v1beta1/generated.proto 

      repeated string items = 1;
}

// SelfSubjectReview contains the user information that the kube-apiserver has about the user making this request.
// When using impersonation, users will receive the user info of the user being impersonated.  If impersonation or
// request header authentication is used, any extra keys will have their case ignored and returned as lowercase.
message SelfSubjectReview {
  // Standard object's metadata.
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Thu Mar 28 15:34:11 UTC 2024
    - 5.3K bytes
    - Viewed (0)
  9. github.com/istio/istio

    common-protos/k8s.io/api/authentication/v1beta1/generated.proto 

      repeated string items = 1;
}

// SelfSubjectReview contains the user information that the kube-apiserver has about the user making this request.
// When using impersonation, users will receive the user info of the user being impersonated.  If impersonation or
// request header authentication is used, any extra keys will have their case ignored and returned as lowercase.
message SelfSubjectReview {
  // Standard object's metadata.
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Mon Mar 11 18:43:24 UTC 2024
    - 5.2K bytes
    - Viewed (0)
  10. github.com/kubernetes/kubernetes

    staging/src/k8s.io/api/authentication/v1/generated.proto 

      repeated string items = 1;
}

// SelfSubjectReview contains the user information that the kube-apiserver has about the user making this request.
// When using impersonation, users will receive the user info of the user being impersonated.  If impersonation or
// request header authentication is used, any extra keys will have their case ignored and returned as lowercase.
message SelfSubjectReview {
  // Standard object's metadata.
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Thu Mar 28 15:34:11 UTC 2024
    - 7.7K bytes
    - Viewed (0)
Back to top