- Sort Score
- Result 10 results
- Languages All
Results 1 - 10 of 10 for authzmodes (0.12 sec)
-
pkg/kubeapiserver/options/authorization.go
for _, mode := range o.Modes { if !authzmodes.IsValidAuthorizationMode(mode) { allErrors = append(allErrors, fmt.Errorf("authorization-mode %q is not a valid mode", mode)) } if mode == authzmodes.ModeABAC && o.PolicyFile == "" { allErrors = append(allErrors, fmt.Errorf("authorization-mode ABAC's authorization policy file not passed")) } if mode == authzmodes.ModeWebhook && o.WebhookConfigFile == "" {
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Wed Feb 14 23:09:15 UTC 2024 - 12K bytes - Viewed (0) -
pkg/kubeapiserver/options/authentication.go
serviceaccountcontroller "k8s.io/kubernetes/pkg/controller/serviceaccount" "k8s.io/kubernetes/pkg/features" kubeauthenticator "k8s.io/kubernetes/pkg/kubeapiserver/authenticator" authzmodes "k8s.io/kubernetes/pkg/kubeapiserver/authorizer/modes" "k8s.io/kubernetes/pkg/util/filesystem" "k8s.io/kubernetes/plugin/pkg/auth/authenticator/token/bootstrap" "k8s.io/utils/pointer" ) const (
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Sat Mar 09 22:40:22 UTC 2024 - 32.4K bytes - Viewed (0) -
pilot/pkg/security/authz/builder/builder.go
} } return dryRun } func shadowRuleStatPrefix(rule *rbacpb.RBAC) string { switch rule.GetAction() { case rbacpb.RBAC_ALLOW: return authzmodel.RBACShadowRulesAllowStatPrefix case rbacpb.RBAC_DENY: return authzmodel.RBACShadowRulesDenyStatPrefix default: return "" } }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Nov 20 22:15:12 UTC 2023 - 12.6K bytes - Viewed (0) -
pilot/pkg/networking/core/tracing.go
dryRunPolicyTraceTag("istio.authorization.dry_run.allow_policy.result", authz_model.RBACShadowRulesAllowStatPrefix+authz_model.RBACShadowEngineResult), dryRunPolicyTraceTag("istio.authorization.dry_run.deny_policy.name", authz_model.RBACShadowRulesDenyStatPrefix+authz_model.RBACShadowEffectivePolicyID),
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu May 16 17:05:28 UTC 2024 - 24.2K bytes - Viewed (0) -
pilot/pkg/security/authz/builder/extauthz.go
Filter: name, Path: []*envoy_type_matcher_v3.MetadataMatcher_PathSegment{ { Segment: &envoy_type_matcher_v3.MetadataMatcher_PathSegment_Key{ Key: authzmodel.RBACExtAuthzShadowRulesStatPrefix + authzmodel.RBACShadowEffectivePolicyID, }, }, }, Value: &envoy_type_matcher_v3.ValueMatcher{ MatchPattern: &envoy_type_matcher_v3.ValueMatcher_StringMatch{
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Apr 17 20:06:41 UTC 2024 - 12.7K bytes - Viewed (0) -
cmd/kubeadm/app/phases/controlplane/manifests_test.go
} } func TestGetAuthzModes(t *testing.T) { var tests = []struct { name string authMode []string expected string }{ { name: "default if empty", authMode: []string{}, expected: "Node,RBAC", }, { name: "default non empty", authMode: []string{kubeadmconstants.ModeNode, kubeadmconstants.ModeRBAC}, expected: "Node,RBAC", }, {
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Sun Mar 03 14:43:47 UTC 2024 - 48.5K bytes - Viewed (0) -
pilot/pkg/networking/grpcgen/lds.go
wrappers "google.golang.org/protobuf/types/known/wrapperspb" "istio.io/api/label" "istio.io/istio/pilot/pkg/model" "istio.io/istio/pilot/pkg/networking/util" "istio.io/istio/pilot/pkg/security/authn" authzmodel "istio.io/istio/pilot/pkg/security/authz/model" "istio.io/istio/pilot/pkg/util/protoconv" xdsfilters "istio.io/istio/pilot/pkg/xds/filters" "istio.io/istio/pkg/istio-agent/grpcxds" "istio.io/istio/pkg/util/sets" )
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Apr 17 22:20:44 UTC 2024 - 14.6K bytes - Viewed (0) -
cmd/kubeadm/app/phases/controlplane/manifests.go
} } return true } func isValidAuthzMode(authzMode string) bool { allModes := []string{ kubeadmconstants.ModeNode, kubeadmconstants.ModeRBAC, kubeadmconstants.ModeWebhook, kubeadmconstants.ModeABAC, kubeadmconstants.ModeAlwaysAllow, kubeadmconstants.ModeAlwaysDeny, } for _, mode := range allModes { if authzMode == mode { return true } } return false }
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Sun Mar 03 14:43:47 UTC 2024 - 17.8K bytes - Viewed (0) -
pilot/pkg/networking/core/listener.go
authnmodel.ApplyToCommonTLSContext(ctx.CommonTlsContext, proxy, serverTLSSettings.SubjectAltNames, serverTLSSettings.CaCrl, []string{}, validateClient) // If credential name is specified at gateway config, create SDS config for gateway to fetch key/cert from Istiod. case serverTLSSettings.CredentialName != "":
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon May 06 04:44:06 UTC 2024 - 55.1K bytes - Viewed (0) -
pilot/pkg/xds/sds.go
"istio.io/istio/pilot/pkg/util/protoconv" "istio.io/istio/pkg/cluster" "istio.io/istio/pkg/config/schema/kind" "istio.io/istio/pkg/util/sets" ) // SecretResource wraps the authnmodel type with cache functions implemented type SecretResource struct { credentials.SecretResource pkpConfHash string } var _ model.XdsCacheEntry = SecretResource{} func (sr SecretResource) Type() string {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Apr 15 23:04:36 UTC 2024 - 15.8K bytes - Viewed (0)