Search Options

Results per page
Sort
Preferred Languages
Advance

Results 1 - 10 of 21 for NotPrincipals (0.4 sec)

  2. github.com/istio/istio

    pilot/pkg/serviceregistry/kube/controller/ambient/testdata/allow-full.yaml 

    groups:
- rules:
  - matches:
    - notPrincipals:
      - exact: not-principal
      - prefix: not-principal-prefix-
      - suffix: -suffix-not-principal
      - presence: {}
      principals:
      - exact: principal
      - prefix: principal-prefix-
      - suffix: -suffix-principal
      - presence: {}
- rules:
  - matches:
    - namespaces:
      - exact: ns
      - prefix: ns-prefix-
      - suffix: -ns-suffix
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Thu Feb 29 18:40:34 UTC 2024
    - 2.1K bytes
    - Viewed (0)
  3. github.com/istio/istio

    pilot/pkg/serviceregistry/kube/controller/ambient/testdata/peer-authn-disable-port-mtls-strict.yaml 

    action: DENY
groups:
- rules:
  - matches:
    - destinationPorts:
      - 9090
      notPrincipals:
      - presence: {}
name: converted_peer_authentication_disable-strict-mtls
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Thu Feb 29 18:40:34 UTC 2024
    - 203 bytes
    - Viewed (0)
  4. github.com/istio/istio

    pilot/pkg/serviceregistry/kube/controller/ambient/testdata/peer-authn-permissive-port-mtls-strict.yaml 

    action: DENY
groups:
- rules:
  - matches:
    - destinationPorts:
      - 9090
      notPrincipals:
      - presence: {}
name: converted_peer_authentication_permissive-strict-mtls
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Thu Feb 29 18:40:34 UTC 2024
    - 206 bytes
    - Viewed (0)
  5. github.com/istio/istio

    pilot/pkg/serviceregistry/kube/controller/ambient/testdata/peer-authn-unset-port-mtls-strict.yaml 

    action: DENY
groups:
- rules:
  - matches:
    - destinationPorts:
      - 8080
      notPrincipals:
      - presence: {}
name: converted_peer_authentication_strict-mtls
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Thu Feb 29 18:40:34 UTC 2024
    - 195 bytes
    - Viewed (0)
  6. github.com/istio/istio

    pilot/pkg/serviceregistry/kube/controller/ambient/testdata/peer-authn-strict-and-disable-port-mtls.yaml 

    action: DENY
groups:
- rules:
  - matches:
    - notPrincipals:
      - presence: {}
  - matches:
    - notDestinationPorts:
      - 9090
name: converted_peer_authentication_strict-and-disable-mtls
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Thu Feb 29 18:40:34 UTC 2024
    - 223 bytes
    - Viewed (0)
  7. github.com/istio/istio

    pilot/pkg/serviceregistry/kube/controller/ambient/testdata/peer-authn-strict-and-permissive-port-mtls.yaml 

    action: DENY
groups:
- rules:
  - matches:
    - notPrincipals:
      - presence: {}
  - matches:
    - notDestinationPorts:
      - 9090
name: converted_peer_authentication_strict-and-permissive-mtls
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Thu Feb 29 18:40:34 UTC 2024
    - 226 bytes
    - Viewed (0)
  8. github.com/istio/istio

    istioctl/pkg/writer/ztunnel/configdump/api.go 

    	Namespaces          []StringMatch `json:"namespaces,omitempty"`
	NotNamespaces       []StringMatch `json:"notNamespaces,omitempty"`
	Principals          []StringMatch `json:"principals,omitempty"`
	NotPrincipals       []StringMatch `json:"notPrincipals,omitempty"`
	SourceIps           []string      `json:"sourceIps,omitempty"`
	NotSourceIps        []string      `json:"notSourceIps,omitempty"`
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Thu Jun 13 16:51:29 UTC 2024
    - 5.5K bytes
    - Viewed (0)
  9. github.com/istio/istio

    pilot/pkg/serviceregistry/kube/controller/ambient/authorization.go 

    			NotSourceIps:  stringToIP(op.NotIpBlocks),
			Namespaces:    stringToMatch(op.Namespaces),
			NotNamespaces: stringToMatch(op.NotNamespaces),
			Principals:    stringToMatch(op.Principals),
			NotPrincipals: stringToMatch(op.NotPrincipals),
		}
		fromMatches = append(fromMatches, match)
	}

	rules := []*security.Rules{}
	if len(toMatches) > 0 {
		rules = append(rules, &security.Rules{Matches: toMatches})
	}
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Mon Apr 15 16:23:36 UTC 2024
    - 18.4K bytes
    - Viewed (0)
  10. github.com/istio/istio

    tests/integration/security/testdata/authz/plaintext.yaml.tmpl 

      namespace: {{ .To.NamespaceName }}
spec:
  selector:
    matchLabels:
      "app": "{{ .To.ServiceName }}"
  action: DENY
  rules:
    - from:
        - source:
            notPrincipals: [ "*" ]

---
# This configures plaintext for the "To" service from any workload in the namespace.

apiVersion: networking.istio.io/v1beta1
kind: DestinationRule
metadata:
  name: {{ .To.ServiceName }}
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Mon May 08 07:03:01 UTC 2023
    - 1.3K bytes
    - Viewed (0)
  11. github.com/istio/istio

    pilot/pkg/security/authz/builder/testdata/http/allow-full-rule-in.yaml 

                namespaces: ["ns", "ns-prefix-*", "*-ns-suffix", "*"]
            ipBlocks: ["1.2.3.4", "5.6.0.0/16"]
            remoteIpBlocks: ["1.2.3.4", "5.6.0.0/16"]
            notPrincipals: ["not-principal", "not-principal-prefix-*", "*-not-suffix-principal", "*"]
            notRequestPrincipals: ["not-requestPrincipals", "not-requestPrincipals-prefix-*", "*-not-suffix-requestPrincipals", "*"]
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Sat Apr 20 01:58:53 UTC 2024
    - 4.1K bytes
    - Viewed (0)
Back to top