- Sort Score
- Result 10 results
- Languages All
Results 1 - 10 of 89 for authorizationpolicy (0.36 sec)
-
pilot/pkg/xds/testdata/benchmarks/authorizationpolicy.yaml
resolution: STATIC endpoints: - address: 1.1.1.1 labels: istio.io/benchmark: "true" --- {{- range $i := until .Services }} apiVersion: security.istio.io/v1 kind: AuthorizationPolicy metadata: name: authn-{{$i}} spec: action: DENY rules: - from: - source: namespaces: ["default"] to: - operation: methods: ["POST"] ---
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Sat Jul 29 02:10:48 UTC 2023 - 738 bytes - Viewed (0) -
pkg/test/datasets/validation/dataset/security-v1beta1-AuthorizationPolicy.yaml
apiVersion: security.istio.io/v1beta1 kind: AuthorizationPolicy metadata: name: authorization-policy spec: selector: matchLabels: app: httpbin version: v1 rules: - from: - source: principals: ["cluster.local/ns/default/sa/sleep"] - source: namespaces: ["test"] to: - operation: methods: ["GET"] paths: ["/info*"] - operation: methods: ["POST"]
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Tue Oct 17 07:02:38 UTC 2023 - 524 bytes - Viewed (0) -
pkg/test/datasets/validation/dataset/security-v1-AuthorizationPolicy.yaml
apiVersion: security.istio.io/v1 kind: AuthorizationPolicy metadata: name: authorization-policy spec: selector: matchLabels: app: httpbin version: v1 rules: - from: - source: principals: ["cluster.local/ns/default/sa/sleep"] - source: namespaces: ["test"] to: - operation: methods: ["GET"] paths: ["/info*"] - operation: methods: ["POST"]
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Tue Oct 17 07:02:38 UTC 2023 - 519 bytes - Viewed (0) -
pilot/pkg/model/authorization.go
Spec: config.Spec.(*authpb.AuthorizationPolicy), } policy.NamespaceToPolicies[config.Namespace] = append(policy.NamespaceToPolicies[config.Namespace], authzConfig) } return policy } type AuthorizationPoliciesResult struct { Custom []AuthorizationPolicy Deny []AuthorizationPolicy Allow []AuthorizationPolicy Audit []AuthorizationPolicy }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Apr 17 22:20:44 UTC 2024 - 4.2K bytes - Viewed (0) -
pilot/pkg/security/authz/builder/testdata/http/multiple-policies-in.yaml
apiVersion: security.istio.io/v1beta1 kind: AuthorizationPolicy metadata: name: httpbin-1 namespace: foo spec: selector: matchLabels: app: httpbin version: v1 rules: - to: - operation: methods: ["GET", "POST"] --- apiVersion: security.istio.io/v1beta1 kind: AuthorizationPolicy metadata: name: httpbin-2 namespace: foo spec: selector: matchLabels:
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Apr 01 19:25:01 UTC 2021 - 2K bytes - Viewed (0) -
pkg/config/analysis/analyzers/testdata/authorizationpolicies.yaml
values: ["https://accounts.google.com"] --- apiVersion: security.istio.io/v1beta1 kind: AuthorizationPolicy metadata: name: meshwide-httpbin namespace: istio-system # valid: it applies to whole mesh spec: {} --- apiVersion: security.istio.io/v1beta1 kind: AuthorizationPolicy metadata: name: meshwide-httpbin-v1 namespace: istio-system # invalid: no pods running anywhere in the mesh
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Mar 08 14:14:46 UTC 2023 - 7.8K bytes - Viewed (0) -
tests/integration/security/testdata/authz/conditions.yaml.tmpl
apiVersion: security.istio.io/v1beta1 kind: AuthorizationPolicy metadata: name: {{ .To.ServiceName }}-request-headers spec: selector: matchLabels: app: "{{ .To.ServiceName }}" rules: - to: - operation: paths: [ "/request-headers" ] when: - key: request.headers[x-foo] values: [ "foo" ] - to: - operation: paths: [ "/request-headers-notValues" ] when:
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon May 08 07:03:01 UTC 2023 - 4K bytes - Viewed (0) -
pkg/config/analysis/analyzers/authz/authorizationpolicies.go
Inputs: []config.GroupVersionKind{ gvk.MeshConfig, gvk.AuthorizationPolicy, gvk.Namespace, gvk.Pod, }, } } func (a *AuthorizationPoliciesAnalyzer) Analyze(c analysis.Context) { podLabelsMap := initPodLabelsMap(c) c.ForEach(gvk.AuthorizationPolicy, func(r *resource.Instance) bool { a.analyzeNoMatchingWorkloads(r, c, podLabelsMap)
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Sep 11 20:57:29 UTC 2023 - 6K bytes - Viewed (0) -
releasenotes/notes/remote-ip.yaml
upgradeNotes: - title: Update AuthorizationPolicy resources to use remoteIpBlocks/notRemoteIpBlocks instead of ipBlocks/notIpBlocks if using the Proxy Protocol. content: |
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Fri Oct 23 17:46:08 UTC 2020 - 2.3K bytes - Viewed (0) -
pilot/pkg/security/authz/builder/testdata/tcp/custom-only-http-in.yaml
apiVersion: security.istio.io/v1beta1 kind: AuthorizationPolicy metadata: name: httpbin-1 namespace: foo spec: action: CUSTOM provider: name: default selector: matchLabels: app: httpbin version: v1 rules: - to: - operation: paths: ["/httpbin1"] --- apiVersion: security.istio.io/v1beta1 kind: AuthorizationPolicy metadata: name: httpbin-2 namespace: foo
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Apr 01 19:25:01 UTC 2021 - 606 bytes - Viewed (0)