Search Options

Results per page
Sort
Preferred Languages
Advance

Results 1 - 10 of 12 for NotRequestPrincipals (0.56 sec)

  2. github.com/istio/istio

    pilot/pkg/security/authz/model/model_test.go 

    }

func TestModel_Generate(t *testing.T) {
	rule := yamlRule(t, `
from:
- source:
    requestPrincipals: ["td-1/ns/foo/sa/sleep-1"]
    notRequestPrincipals: ["td-1/ns/foo/sa/sleep-2"]
- source:
    requestPrincipals: ["td-1/ns/foo/sa/sleep-3"]
    notRequestPrincipals: ["td-1/ns/foo/sa/sleep-4"]
to:
- operation:
    ports: ["8001"]
    notPorts: ["8002"]
- operation:
    ports: ["8003"]
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Mon Nov 20 22:15:12 UTC 2023
    - 10K bytes
    - Viewed (0)
  3. github.com/istio/istio

    pilot/pkg/security/authz/builder/testdata/http/allow-full-rule-in.yaml 

                ipBlocks: ["1.2.3.4", "5.6.0.0/16"]
            remoteIpBlocks: ["1.2.3.4", "5.6.0.0/16"]
            notPrincipals: ["not-principal", "not-principal-prefix-*", "*-not-suffix-principal", "*"]
            notRequestPrincipals: ["not-requestPrincipals", "not-requestPrincipals-prefix-*", "*-not-suffix-requestPrincipals", "*"]
            notNamespaces: ["not-ns", "not-ns-prefix-*", "*-not-ns-suffix", "*"]
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Sat Apr 20 01:58:53 UTC 2024
    - 4.1K bytes
    - Viewed (0)
  4. github.com/istio/istio

    pilot/pkg/serviceregistry/kube/controller/ambient/testdata/allow-full-in.yaml 

      - from:
    - source:
        requestPrincipals: [ "requestPrincipals", "requestPrincipals-prefix-*", "*-suffix-requestPrincipals", "*" ]
        notRequestPrincipals: [ "not-requestPrincipals", "not-requestPrincipals-prefix-*", "*-suffix-not-requestPrincipals", "*" ]
  - from:
    - source:
        namespaces: [ "ns", "ns-prefix-*", "*-ns-suffix", "*" ]
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Thu Feb 29 18:40:34 UTC 2024
    - 4K bytes
    - Viewed (0)
  5. github.com/istio/istio

    tests/integration/security/testdata/authz/jwt.yaml.tmpl 

        when:
    - key: request.auth.audiences
      values: ["foo"]
  - to:
    - operation:
        paths: ["/token3"]
        methods: ["GET"]
    from:
    - source:
        notRequestPrincipals: ["******@****.***/sub-1"]
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Wed May 08 23:36:51 UTC 2024
    - 3K bytes
    - Viewed (0)
  6. github.com/istio/istio

    pilot/pkg/security/authz/model/model.go 

    			if useExtendedJwt {
				merged.insertFrontExtended(requestPrincipalGenerator{}, attrRequestPrincipal, s.RequestPrincipals, s.NotRequestPrincipals)
			} else {
				merged.insertFront(requestPrincipalGenerator{}, attrRequestPrincipal, s.RequestPrincipals, s.NotRequestPrincipals)
			}
			merged.insertFront(srcPrincipalGenerator{}, attrSrcPrincipal, s.Principals, s.NotPrincipals)
		}
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Mon Mar 25 10:39:25 UTC 2024
    - 13.8K bytes
    - Viewed (0)
  7. github.com/istio/istio

    pilot/pkg/serviceregistry/kube/controller/ambient/authorization.go 

    	}
	fromMatches := []*security.Match{}
	for _, from := range rule.From {
		op := from.Source
		if action == security.Action_ALLOW && anyNonEmpty(op.RemoteIpBlocks, op.NotRemoteIpBlocks, op.RequestPrincipals, op.NotRequestPrincipals) {
			// L7 policies never match for ALLOW
			// For DENY they will always match, so it is more restrictive
			return nil
		}
		match := &security.Match{
			SourceIps:     stringToIP(op.IpBlocks),
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Mon Apr 15 16:23:36 UTC 2024
    - 18.4K bytes
    - Viewed (0)
  8. github.com/istio/istio

    pkg/config/validation/validation.go 

    						errs = appendErrors(errs, check(len(src.RequestPrincipals) != 0, "From.RequestPrincipals"))
						errs = appendErrors(errs, check(len(src.NotRequestPrincipals) != 0, "From.NotRequestPrincipals"))
					}
				}
				for _, when := range rule.GetWhen() {
					if when == nil {
						errs = appendErrors(errs, fmt.Errorf("when field cannot be nil"))
						continue
					}
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Wed Jun 12 04:03:33 UTC 2024
    - 107.2K bytes
    - Viewed (0)
  9. github.com/istio/istio

    pkg/config/validation/validation_test.go 

    						},
					},
				},
			},
			valid: false,
		},
		{
			name: "NotRequestPrincipals-empty",
			in: &security_beta.AuthorizationPolicy{
				Rules: []*security_beta.Rule{
					{
						From: []*security_beta.Rule_From{
							{
								Source: &security_beta.Source{
									NotRequestPrincipals: []string{"p1", ""},
								},
							},
						},
					},
				},
			},
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Tue Apr 30 03:11:45 UTC 2024
    - 196K bytes
    - Viewed (0)
  10. github.com/istio/istio

    operator/cmd/mesh/testdata/manifest-generate/output/all_on.golden-show-in-gh-pull-request.yaml 

                                    description: Optional.
                                items:
                                  type: string
                                type: array
                              notRequestPrincipals:
                                description: Optional.
                                items:
                                  type: string
                                type: array
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Wed Jan 10 05:10:03 UTC 2024
    - 506.8K bytes
    - Viewed (0)
  11. github.com/istio/istio

    manifests/charts/istiod-remote/templates/crd-all.gen.yaml 

                                    items:
                                  type: string
                                type: array
                              notRequestPrincipals:
                                description: Optional.
                                items:
                                  type: string
                                type: array
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Thu Jun 06 21:31:42 UTC 2024
    - 671.7K bytes
    - Viewed (0)
Back to top