- Sort Score
- Result 10 results
- Languages All
Results 1 - 10 of 26 for peerAuthentication (0.28 sec)
-
pilot/pkg/model/authentication.go
MTLSPermissive // MTLSStrict if authentication policy enable mTLS in strict mode. MTLSStrict ) // In Ambient, we convert k8s PeerAuthentication resources to the same type as AuthorizationPolicies // To prevent conflicts in xDS, we add this prefix to the converted PeerAuthentication resources. const convertedPeerAuthenticationPrefix = "converted_peer_authentication_" // use '_' character since those are illegal in k8s names
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Apr 17 22:20:44 UTC 2024 - 10.1K bytes - Viewed (0) -
pilot/pkg/model/authentication_test.go
}, }, wantPeerAuthn: []*config.Config{ { Meta: config.Meta{ GroupVersionKind: gvk.PeerAuthentication, CreationTimestamp: baseTimestamp, Name: "default", Namespace: "foo", }, Spec: &securityBeta.PeerAuthentication{ Mtls: &securityBeta.PeerAuthentication_MutualTLS{ Mode: securityBeta.PeerAuthentication_MutualTLS_STRICT, },
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Apr 17 22:20:44 UTC 2024 - 45.1K bytes - Viewed (0) -
tests/integration/security/pass_through_filter_chain_test.go
// the workload ports are working correctly. { name: "DISABLE", config: `apiVersion: security.istio.io/v1beta1 kind: PeerAuthentication metadata: name: mtls spec: mtls: mode: DISABLE`, expected: []expect{ { port: ports.TCPWorkloadOnly, plaintextSucceeds: true,
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Apr 08 22:02:59 UTC 2024 - 11.9K bytes - Viewed (0) -
pkg/config/schema/collections/collections.agent.gen.go
ValidateProto: validation.EmptyValidate, }.MustBuild() PeerAuthentication = resource.Builder{ Identifier: "PeerAuthentication", Group: "security.istio.io", Kind: "PeerAuthentication", Plural: "peerauthentications", Version: "v1beta1", VersionAliases: []string{ "v1", }, Proto: "istio.security.v1beta1.PeerAuthentication", StatusProto: "istio.meta.v1alpha1.IstioStatus",
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Apr 25 14:44:17 UTC 2024 - 12.9K bytes - Viewed (0) -
pilot/pkg/serviceregistry/kube/controller/ambient/authorization.go
// [static STRICT policy, port-level STRICT policy] based on the effective PeerAuthentication policy func convertedSelectorPeerAuthentications(rootNamespace string, configs []*securityclient.PeerAuthentication) []string { var meshCfg, namespaceCfg, workloadCfg *securityclient.PeerAuthentication for _, cfg := range configs { spec := &cfg.Spec if spec.Selector == nil || len(spec.Selector.MatchLabels) == 0 {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Apr 15 16:23:36 UTC 2024 - 18.4K bytes - Viewed (0) -
pilot/pkg/serviceregistry/kube/controller/ambient/workloads.go
func fetchPeerAuthentications( ctx krt.HandlerContext, PeerAuths krt.Collection[*securityclient.PeerAuthentication], meshCfg *MeshConfig, ns string, matchLabels map[string]string, ) []*securityclient.PeerAuthentication { return krt.Fetch(ctx, PeerAuths, krt.FilterGeneric(func(a any) bool { pol := a.(*securityclient.PeerAuthentication) if pol.Namespace == meshCfg.GetRootNamespace() && pol.Spec.Selector == nil { return true
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Jun 13 16:51:29 UTC 2024 - 20.9K bytes - Viewed (0) -
pilot/pkg/xds/endpoints/ep_filters_test.go
IsMtlsDisabled bool SubsetName string }{ gvk.PeerAuthentication.String(): { "mtls-off-ineffective": { Config: config.Config{ Meta: config.Meta{ GroupVersionKind: gvk.PeerAuthentication, Name: "mtls-partial", Namespace: "istio-system", }, Spec: &security.PeerAuthentication{ Selector: &v1beta1.WorkloadSelector{
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed May 29 01:17:58 UTC 2024 - 26.8K bytes - Viewed (0) -
pilot/pkg/networking/core/peer_authentication_simulation_test.go
"istio.io/istio/pilot/test/xds" ) // TestPeerAuthenticationPassthrough tests the PeerAuthentication policy applies correctly on the passthrough filter chain, // including both global configuration and port level configuration. func TestPeerAuthenticationPassthrough(t *testing.T) { paStrict := ` apiVersion: security.istio.io/v1beta1 kind: PeerAuthentication metadata: name: default spec: selector: matchLabels: app: foo
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Jun 13 01:56:28 UTC 2024 - 16.2K bytes - Viewed (0) -
pkg/config/schema/collections/collections.gen.go
ValidateProto: validation.EmptyValidate, }.MustBuild() PeerAuthentication = resource.Builder{ Identifier: "PeerAuthentication", Group: "security.istio.io", Kind: "PeerAuthentication", Plural: "peerauthentications", Version: "v1beta1", VersionAliases: []string{ "v1", }, Proto: "istio.security.v1beta1.PeerAuthentication", StatusProto: "istio.meta.v1alpha1.IstioStatus",
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Apr 25 14:44:17 UTC 2024 - 31.4K bytes - Viewed (0) -
pkg/config/schema/gvk/resources.gen.go
Node = config.GroupVersionKind{Group: "", Version: "v1", Kind: "Node"} PeerAuthentication = config.GroupVersionKind{Group: "security.istio.io", Version: "v1beta1", Kind: "PeerAuthentication"} PeerAuthentication_v1 = config.GroupVersionKind{Group: "security.istio.io", Version: "v1", Kind: "PeerAuthentication"} Pod = config.GroupVersionKind{Group: "", Version: "v1", Kind: "Pod"}
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Fri Apr 12 17:37:32 UTC 2024 - 15.6K bytes - Viewed (0)