- Sort Score
- Result 10 results
- Languages All
Results 1 - 9 of 9 for impersonate (0.14 sec)
-
security/pkg/server/ca/node_auth.go
Name: caller.PodServiceAccount, } // First, make sure the caller is allowed to impersonate, in general if _, f := na.trustedNodeAccounts[callerSa]; !f { return fmt.Errorf("caller (%v) is not allowed to impersonate", caller) } // Next, make sure the identity they want to impersonate is valid, in general requestedIdentity, err := spiffe.ParseIdentity(requestedIdentityString) if err != nil {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Feb 28 16:41:38 UTC 2024 - 6.4K bytes - Viewed (0) -
releasenotes/notes/49011.yaml
apiVersion: release-notes/v2 kind: feature area: security issue: - 47489 releaseNotes: - |- **Added** support for istio CA to handle node authorization for CSRs with impersonate identity from remote clusters.
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Feb 05 15:46:44 UTC 2024 - 328 bytes - Viewed (0) -
security/pkg/server/ca/server.go
return nil, status.Error(codes.Unauthenticated, "request impersonation authentication failure") } // Node is authorized to impersonate; overwrite the SAN to the impersonated identity. sans = []string{impersonatedIdentity} } serverCaLog.Debugf("generating a certificate, sans: %v, requested ttl: %s", sans, time.Duration(request.ValidityDuration*int64(time.Second)))
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Tue May 28 17:35:26 UTC 2024 - 8K bytes - Viewed (0) -
src/cmd/go/internal/tool/tool.go
// since it is normally only used for building the toolchain in the first // place. However, 'go tool dist list' is useful for listing all supported // platforms. // // If the dist tool does not exist, impersonate this command. if impersonateDistList(args[2:]) { // If it becomes necessary, we could increment an additional counter to indicate // that we're impersonating dist list if knowing that becomes important?
Registered: Wed Jun 12 16:32:35 UTC 2024 - Last Modified: Fri Apr 05 18:02:11 UTC 2024 - 5.9K bytes - Viewed (0) -
common-protos/k8s.io/api/authentication/v1alpha1/generated.proto
// SelfSubjectReview contains the user information that the kube-apiserver has about the user making this request. // When using impersonation, users will receive the user info of the user being impersonated. If impersonation or // request header authentication is used, any extra keys will have their case ignored and returned as lowercase. message SelfSubjectReview { // Standard object's metadata.
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Mar 11 18:43:24 UTC 2024 - 2K bytes - Viewed (0) -
staging/src/k8s.io/api/authentication/v1alpha1/generated.proto
// SelfSubjectReview contains the user information that the kube-apiserver has about the user making this request. // When using impersonation, users will receive the user info of the user being impersonated. If impersonation or // request header authentication is used, any extra keys will have their case ignored and returned as lowercase. message SelfSubjectReview { // Standard object's metadata.
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Thu Mar 28 15:34:11 UTC 2024 - 2K bytes - Viewed (0) -
staging/src/k8s.io/api/authentication/v1beta1/generated.proto
repeated string items = 1; } // SelfSubjectReview contains the user information that the kube-apiserver has about the user making this request. // When using impersonation, users will receive the user info of the user being impersonated. If impersonation or // request header authentication is used, any extra keys will have their case ignored and returned as lowercase. message SelfSubjectReview { // Standard object's metadata.
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Thu Mar 28 15:34:11 UTC 2024 - 5.3K bytes - Viewed (0) -
common-protos/k8s.io/api/authentication/v1beta1/generated.proto
repeated string items = 1; } // SelfSubjectReview contains the user information that the kube-apiserver has about the user making this request. // When using impersonation, users will receive the user info of the user being impersonated. If impersonation or // request header authentication is used, any extra keys will have their case ignored and returned as lowercase. message SelfSubjectReview { // Standard object's metadata.
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Mar 11 18:43:24 UTC 2024 - 5.2K bytes - Viewed (0) -
staging/src/k8s.io/api/authentication/v1/generated.proto
repeated string items = 1; } // SelfSubjectReview contains the user information that the kube-apiserver has about the user making this request. // When using impersonation, users will receive the user info of the user being impersonated. If impersonation or // request header authentication is used, any extra keys will have their case ignored and returned as lowercase. message SelfSubjectReview { // Standard object's metadata.
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Thu Mar 28 15:34:11 UTC 2024 - 7.7K bytes - Viewed (0)