- Sort Score
- Result 10 results
- Languages All
Results 1 - 10 of 17 for authorizationpolicies (0.28 sec)
-
pilot/pkg/serviceregistry/kube/controller/ambient/workloads.go
PodWorkloads := krt.NewCollection( Pods, a.podWorkloadBuilder(MeshConfig, AuthorizationPolicies, PeerAuths, Waypoints, WorkloadServices, WorkloadServicesNamespaceIndex, Namespaces, Nodes), krt.WithName("PodWorkloads"), ) WorkloadEntryWorkloads := krt.NewCollection( WorkloadEntries, a.workloadEntryWorkloadBuilder(MeshConfig, AuthorizationPolicies, PeerAuths, Waypoints, WorkloadServices, WorkloadServicesNamespaceIndex, Namespaces),
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Jun 13 16:51:29 UTC 2024 - 20.9K bytes - Viewed (0) -
pilot/pkg/serviceregistry/kube/controller/ambient/ambientindex.go
// These are intentionally pre-computed based on events such that lookups are efficient. type index struct { services servicesCollection workloads workloadsCollection waypoints waypointsCollection authorizationPolicies krt.Collection[model.WorkloadAuthorization] networkUpdateTrigger *krt.RecomputeTrigger SystemNamespace string DomainSuffix string ClusterID cluster.ID XDSUpdater model.XDSUpdater
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Fri Apr 19 17:19:41 UTC 2024 - 15.8K bytes - Viewed (0) -
pkg/config/schema/gvr/resources.gen.go
AuthorizationPolicy = schema.GroupVersionResource{Group: "security.istio.io", Version: "v1beta1", Resource: "authorizationpolicies"} AuthorizationPolicy_v1 = schema.GroupVersionResource{Group: "security.istio.io", Version: "v1", Resource: "authorizationpolicies"} CertificateSigningRequest = schema.GroupVersionResource{Group: "certificates.k8s.io", Version: "v1", Resource: "certificatesigningrequests"}
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Fri Apr 12 17:37:32 UTC 2024 - 12.1K bytes - Viewed (0) -
pilot/pkg/xds/debug.go
type AuthorizationDebug struct { AuthorizationPolicies *model.AuthorizationPolicies `json:"authorization_policies"` } // authorizationz dumps the internal authorization policies. func (s *DiscoveryServer) authorizationz(w http.ResponseWriter, req *http.Request) { info := AuthorizationDebug{ AuthorizationPolicies: s.globalPushContext().AuthzPolicies, } writeJSON(w, info, req) }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Tue Apr 30 00:26:45 UTC 2024 - 39.5K bytes - Viewed (0) -
pilot/pkg/security/authz/builder/builder_test.go
} if err := util.Compare([]byte(gotYaml), []byte(wantYaml)); err != nil { t.Error(err) } } } func yamlPolicy(t *testing.T, filename string) *model.AuthorizationPolicies { t.Helper() data, err := os.ReadFile(filename) if err != nil { t.Fatalf("failed to read input yaml file: %v", err) } c, _, err := crd.ParseInputs(string(data)) if err != nil {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Apr 17 22:20:44 UTC 2024 - 13.8K bytes - Viewed (0) -
pkg/config/schema/kubeclient/resources.gen.go
l = func(options metav1.ListOptions) (runtime.Object, error) { return c.Istio().SecurityV1beta1().AuthorizationPolicies(opts.Namespace).List(context.Background(), options) } w = func(options metav1.ListOptions) (watch.Interface, error) { return c.Istio().SecurityV1beta1().AuthorizationPolicies(opts.Namespace).Watch(context.Background(), options) } case gvr.CertificateSigningRequest:
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed May 08 13:57:51 UTC 2024 - 31.1K bytes - Viewed (0) -
pilot/pkg/model/authentication.go
MTLSPermissive // MTLSStrict if authentication policy enable mTLS in strict mode. MTLSStrict ) // In Ambient, we convert k8s PeerAuthentication resources to the same type as AuthorizationPolicies // To prevent conflicts in xDS, we add this prefix to the converted PeerAuthentication resources. const convertedPeerAuthenticationPrefix = "converted_peer_authentication_" // use '_' character since those are illegal in k8s names
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Apr 17 22:20:44 UTC 2024 - 10.1K bytes - Viewed (0) -
pilot/pkg/model/authorization_test.go
t.Errorf("wantCustom:%v\n but got: %v\n", tc.wantCustom, result.Custom) } }) } } func createFakeAuthorizationPolicies(configs []config.Config) *AuthorizationPolicies { store := &authzFakeStore{} for _, cfg := range configs { store.add(cfg) } environment := &Environment{ ConfigStore: store,
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Apr 17 22:20:44 UTC 2024 - 12.7K bytes - Viewed (0) -
pkg/config/schema/collections/collections.agent.gen.go
) var ( AuthorizationPolicy = resource.Builder{ Identifier: "AuthorizationPolicy", Group: "security.istio.io", Kind: "AuthorizationPolicy", Plural: "authorizationpolicies", Version: "v1beta1", VersionAliases: []string{ "v1", }, Proto: "istio.security.v1beta1.AuthorizationPolicy", StatusProto: "istio.meta.v1alpha1.IstioStatus",
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Apr 25 14:44:17 UTC 2024 - 12.9K bytes - Viewed (0) -
pilot/pkg/networking/core/networkfilter_test.go
t.Fatalf("Unexpected SourceIp hash policy. expected: %v, got: %v", tt.useSourceIP, hasSourceIP) } }) } } func getAuthorizationPolicies() *model.AuthorizationPolicies { return &model.AuthorizationPolicies{ NamespaceToPolicies: map[string][]model.AuthorizationPolicy{ "foo": { { Name: "httpbin-deny", Namespace: "foo", Spec: &v1beta1.AuthorizationPolicy{
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Apr 17 22:20:44 UTC 2024 - 25.8K bytes - Viewed (0)