- Sort Score
- Result 10 results
- Languages All
Results 1 - 10 of 12 for Authz (0.05 sec)
-
tests/integration/security/authz_test.go
fromAndTo := to.Instances().Append(from) config.New(t). Source(config.File("testdata/authz/mtls.yaml.tmpl")). Source(config.File("testdata/authz/deny-global.yaml.tmpl").WithParams(param.Params{ param.Namespace.String(): istio.ClaimSystemNamespaceOrFail(t, t), })). Source(config.File("testdata/authz/deny-principal.yaml.tmpl").WithParams( param.Params{ "Denied": denied, })).
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed May 08 23:36:51 UTC 2024 - 50.1K bytes - Viewed (0) -
pilot/pkg/model/push_context_test.go
{ Mode: selectorpb.WorkloadMode_SERVER, Ports: []*selectorpb.PortSelector{{Number: 1234}}, }, }, }, }, "global-authz-med-prio-app": { Meta: config.Meta{Name: "global-authz-med-prio-app", Namespace: constants.IstioSystemNamespace, GroupVersionKind: gvk.WasmPlugin}, Spec: &extensions.WasmPlugin{ Phase: extensions.PluginPhase_AUTHZ,
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Sun Apr 21 17:42:54 UTC 2024 - 95.3K bytes - Viewed (0) -
pilot/pkg/networking/core/listener_test.go
testInboundListenerConfigWithSidecar(t, getProxy(), buildService("test.com", wildcardIPv4, protocol.HTTP, tnow)) }) t.Run("wasm, stats, authz", func(t *testing.T) { tcp := buildService("tcp.example.com", wildcardIPv4, protocol.TCP, tnow) tcp.Ports[0].Port = 1234 tcp.Ports[0].Name = "tcp" services := []*model.Service{ tcp,
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Jun 13 01:56:28 UTC 2024 - 93.6K bytes - Viewed (0) -
cmd/iam.go
} // IsAllowed - checks given policy args is allowed to continue the Rest API. func (sys *IAMSys) IsAllowed(args policy.Args) bool { // If opa is configured, use OPA always. if authz := newGlobalAuthZPluginFn(); authz != nil { ok, err := authz.IsAllowed(args) if err != nil { authZLogIf(GlobalContext, err) } return ok } // Policies don't apply to the owner. if args.IsOwner {
Registered: Sun Jun 16 00:44:34 UTC 2024 - Last Modified: Thu Jun 13 22:26:38 UTC 2024 - 71.9K bytes - Viewed (0) -
pilot/pkg/model/sidecar_test.go
{kind.AuthorizationPolicy, "authz", "default"}: true, }}, {"AuthorizationPolicy in a different ns from workload", []string{"*/*"}, map[ConfigKey]bool{ {kind.AuthorizationPolicy, "authz", "ns1"}: false, }}, {"AuthorizationPolicy in the root namespace", []string{"*/*"}, map[ConfigKey]bool{ {kind.AuthorizationPolicy, "authz", constants.IstioSystemNamespace}: true, }},
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Tue May 07 09:38:49 UTC 2024 - 74.3K bytes - Viewed (0) -
pilot/pkg/serviceregistry/kube/controller/ambient/ambientindex_test.go
Kind: kind.PeerAuthentication, Name: "selector-strict", Namespace: "ns1", }))}) s.assertEvent(t, xdsSelector) s.authz.Delete("selector", testNS) s.assertEvent(t, s.podXdsName("pod1"), s.podXdsName("pod3"), xdsSelector) assert.Equal(t, s.lookup(s.addrXdsName("127.0.0.1"))[0].Address.GetWorkload().AuthorizationPolicies,
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed May 08 01:04:50 UTC 2024 - 70.2K bytes - Viewed (0) -
pilot/pkg/networking/core/route/route.go
"istio.io/istio/pilot/pkg/model" "istio.io/istio/pilot/pkg/networking/core/route/retry" "istio.io/istio/pilot/pkg/networking/telemetry" "istio.io/istio/pilot/pkg/networking/util" authz "istio.io/istio/pilot/pkg/security/authz/model" "istio.io/istio/pilot/pkg/util/protoconv" "istio.io/istio/pkg/config" "istio.io/istio/pkg/config/constants" "istio.io/istio/pkg/config/host" "istio.io/istio/pkg/config/labels"
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Tue May 14 14:12:39 UTC 2024 - 56.1K bytes - Viewed (0) -
tests/integration/ambient/baseline_test.go
t.NewSubTest("authz target deny").RunParallel(func(t framework.TestContext) { opts := echo.CallOptions{ To: authzDst, Check: CheckDeny, Port: echo.Port{Name: "http"}, Scheme: scheme.HTTP, Count: 10, } src.CallOrFail(t, opts) }) t.NewSubTest("non-authz target allow").RunParallel(func(t framework.TestContext) {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Jun 12 00:07:28 UTC 2024 - 78.4K bytes - Viewed (0) -
staging/src/k8s.io/api/admissionregistration/v1/generated.proto
// 'authorizer' - A CEL Authorizer. May be used to perform authorization checks for the principal (user or service account) of the request. // See https://pkg.go.dev/k8s.io/apiserver/pkg/cel/library#Authz // 'authorizer.requestResource' - A CEL ResourceCheck constructed from the 'authorizer' and configured with the // request resource. // Documentation on CEL: https://kubernetes.io/docs/reference/using-api/cel/ //
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Thu May 23 17:42:49 UTC 2024 - 51.8K bytes - Viewed (0) -
staging/src/k8s.io/api/admissionregistration/v1/types.go
// - 'authorizer' - A CEL Authorizer. May be used to perform authorization checks for the principal (user or service account) of the request. // See https://pkg.go.dev/k8s.io/apiserver/pkg/cel/library#Authz // - 'authorizer.requestResource' - A CEL ResourceCheck constructed from the 'authorizer' and configured with the // request resource. //
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Thu May 23 17:42:49 UTC 2024 - 61.6K bytes - Viewed (0)