- Sort Score
- Result 10 results
- Languages All
Results 1 - 10 of 66 for Principals (0.32 sec)
-
pilot/pkg/security/authz/model/model.go
} var principals []*rbacpb.Principal for _, rl := range m.principals { principal, err := generatePrincipal(rl, forTCP, useAuthenticated, action) if err != nil { return nil, err } principals = append(principals, principal) } if len(principals) == 0 { return nil, fmt.Errorf("must have at least 1 principal") } return &rbacpb.Policy{
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Mar 25 10:39:25 UTC 2024 - 13.8K bytes - Viewed (0) -
pilot/pkg/security/authz/builder/testdata/tcp/deny-both-http-tcp-out.yaml
exact: spiffe://not-principal - authenticated: principalName: safeRegex: regex: spiffe://.*not-principal-suffix - authenticated: principalName: prefix: spiffe://not-principal-prefix - authenticated: principalName:
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Tue Oct 17 16:35:46 UTC 2023 - 11.1K bytes - Viewed (0) -
pilot/pkg/security/authz/builder/testdata/http/single-policy-out.yaml
exact: spiffe://rule[0]-from[1]-principal[1] - authenticated: principalName: exact: spiffe://rule[0]-from[1]-principal[2] - orIds: ids: - metadata: filter: istio_authn path: - key: request.auth.principal value:
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Tue Oct 17 16:35:46 UTC 2023 - 14.1K bytes - Viewed (0) -
pilot/pkg/serviceregistry/kube/controller/ambient/authorization.go
SourceIps: stringToIP(op.IpBlocks), NotSourceIps: stringToIP(op.NotIpBlocks), Namespaces: stringToMatch(op.Namespaces), NotNamespaces: stringToMatch(op.NotNamespaces), Principals: stringToMatch(op.Principals), NotPrincipals: stringToMatch(op.NotPrincipals), } fromMatches = append(fromMatches, match) } rules := []*security.Rules{} if len(toMatches) > 0 {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Apr 15 16:23:36 UTC 2024 - 18.4K bytes - Viewed (0) -
pilot/pkg/security/authz/builder/testdata/http/extended-single-policy-out.yaml
addressPrefix: 192.168.10.0 prefixLen: 24 principals: - andIds: ids: - orIds: ids: - authenticated: principalName: exact: spiffe://rule[0]-from[0]-principal[1] - authenticated: principalName:
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Mar 25 10:39:25 UTC 2024 - 17.4K bytes - Viewed (0) -
pkg/workloadapi/security/authorization.pb.go
NotNamespaces []*StringMatch `protobuf:"bytes,2,rep,name=not_namespaces,json=notNamespaces,proto3" json:"not_namespaces,omitempty"` Principals []*StringMatch `protobuf:"bytes,3,rep,name=principals,proto3" json:"principals,omitempty"` NotPrincipals []*StringMatch `protobuf:"bytes,4,rep,name=not_principals,json=notPrincipals,proto3" json:"not_principals,omitempty"`
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Fri May 31 02:27:10 UTC 2024 - 29.7K bytes - Viewed (0) -
pilot/pkg/security/authz/model/model_test.go
rule: yamlRule(t, ` from: - source: principals: ["td-1/ns/foo/sa/sleep"] `), want: []string{ "td-1/ns/foo/sa/sleep", "td-2/ns/foo/sa/sleep", }, }, { name: "source-principal-attribute", tdBundle: trustdomain.NewBundle("td-1", []string{"td-2"}), rule: yamlRule(t, ` when: - key: source.principal values: ["td-1/ns/foo/sa/sleep"] `), want: []string{
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Nov 20 22:15:12 UTC 2023 - 10K bytes - Viewed (0) -
pilot/pkg/security/authz/builder/builder.go
Permissions: []*rbacpb.Permission{{Rule: &rbacpb.Permission_NotRule{ NotRule: &rbacpb.Permission{Rule: &rbacpb.Permission_Any{Any: true}}, }}}, Principals: []*rbacpb.Principal{{Identifier: &rbacpb.Principal_NotId{ NotId: &rbacpb.Principal{Identifier: &rbacpb.Principal_Any{Any: true}}, }}}, } // General setting to control behavior type Option struct { IsCustomBuilder bool UseFilterState bool
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Nov 20 22:15:12 UTC 2023 - 12.6K bytes - Viewed (0) -
pilot/pkg/security/authz/builder/testdata/http/allow-full-rule-out.yaml
regex: .+ principals: - andIds: ids: - orIds: ids: - authenticated: principalName: exact: spiffe://principal - authenticated: principalName: prefix: spiffe://principal-prefix- - authenticated:
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Sat Apr 20 01:58:53 UTC 2024 - 32.6K bytes - Viewed (0) -
pilot/pkg/model/authorization_test.go
func TestAuthorizationPolicies_ListAuthorizationPolicies(t *testing.T) { policy := &authpb.AuthorizationPolicy{ Rules: []*authpb.Rule{ { From: []*authpb.Rule_From{ { Source: &authpb.Source{ Principals: []string{"sleep"}, }, }, }, To: []*authpb.Rule_To{ { Operation: &authpb.Operation{ Methods: []string{"GET"}, }, }, }, }, }, }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Apr 17 22:20:44 UTC 2024 - 12.7K bytes - Viewed (0)