Search Options

Results per page
Sort
Preferred Languages
Advance

Results 1 - 10 of 200 for deny (0.04 sec)

  1. docs/iam/policies/pbac-tests.sh

    mc admin user add myminio/ minio123 minio123
    
    mc admin policy create myminio/ deny-non-sse-kms-pol ./docs/iam/policies/deny-non-sse-kms-objects.json
    mc admin policy create myminio/ deny-invalid-sse-kms-pol ./docs/iam/policies/deny-objects-with-invalid-sse-kms-key-id.json
    
    mc admin policy attach myminio deny-non-sse-kms-pol --user minio123
    mc admin policy attach myminio deny-invalid-sse-kms-pol --user minio123
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Tue Jun 25 01:15:27 UTC 2024
    - 2.5K bytes
    - Viewed (0)
  2. common/config/.golangci.yml

      depguard:
        rules:
          DenyGogoProtobuf:
            files:
              - $all
            deny:
              - pkg: github.com/gogo/protobuf
                desc: "gogo/protobuf is deprecated, use golang/protobuf"
          # deny for all go files
          AllGoFiles:
            files:
              - $all
            deny:
              - pkg: golang.org/x/net/http2/h2c
    Registered: Wed Nov 06 22:53:10 UTC 2024
    - Last Modified: Thu Oct 24 17:36:49 UTC 2024
    - 11.7K bytes
    - Viewed (0)
  3. build-logic-commons/gradle-plugin/src/main/kotlin/gradlebuild.build-logic.groovy-dsl-gradle-plugin.gradle.kts

        jvmArgumentProviders.add(CommandLineArgumentProvider {
            val testVersion = testVersionProvider.get()
            if (testVersion.canCompileOrRun(9) && !testVersion.canCompileOrRun(17)) {
                listOf("--illegal-access=deny")
            } else {
                emptyList()
            }
        })
        useJUnitPlatform()
    Registered: Wed Nov 06 11:36:14 UTC 2024
    - Last Modified: Mon Sep 30 15:18:07 UTC 2024
    - 2.3K bytes
    - Viewed (0)
  4. architecture/ambient/peer-authentication.md

    spec:
      selector:
        matchLabels:
          app: a
      mtls:
        mode: STRICT
      portLevelMtls:
        9090:
          mode: PERMISSIVE
    ```
    
    will be translated into this `Authorization`:
    
    ```yaml
    action: DENY
    groups:
    - rules:
      - matches:
        - notPrincipals:
          - presence: {}
    - rules:
      - matches:
        - notDestinationPorts:
          - 9090
    name: converted_peer_authentication_strict-and-permissive-mtls
    Registered: Wed Nov 06 22:53:10 UTC 2024
    - Last Modified: Thu Aug 01 20:04:20 UTC 2024
    - 3.9K bytes
    - Viewed (0)
  5. cmd/kms-handlers_test.go

    			// the policy engine matches all Deny statements first, without regard to Resources (for KMS).
    			// This is for backwards compatibility where historically KMS statements ignored Resources.
    			policy: `{
    						"Effect": "Allow",
    						"Action": ["kms:ListKeys"]
    					},{
    						"Effect": "Deny",
    						"Action": ["kms:ListKeys"],
    						"Resource": ["arn:minio:kms:::default-test-key"]
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Sun Aug 18 06:43:03 UTC 2024
    - 22.3K bytes
    - Viewed (0)
  6. cmd/admin-handlers-users_test.go

    	ctx, cancel := context.WithTimeout(context.Background(), testDefaultTimeout)
    	defer cancel()
    
    	// 1. Create a policy
    	policy1 := "deny-svc"
    	policy2 := "allow-svc"
    	policyBytes := []byte(`{
     "Version": "2012-10-17",
     "Statement": [
      {
       "Effect": "Deny",
       "Action": [
        "admin:CreateServiceAccount"
       ]
      }
     ]
    }`)
    
    	newPolicyBytes := []byte(`{
     "Version": "2012-10-17",
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Sun Sep 22 00:33:43 UTC 2024
    - 47.3K bytes
    - Viewed (0)
  7. architecture/ambient/ztunnel-cni-lifecycle.md

    as a Kubernetes DaemonSet.
    
    At a high level, our goal is to provide complete connectivity to a workload throughout its entire lifetime.
    Failing to do so can be an availability risk (if we deny traffic that should succeed) or a security risk (if we allow traffic that should be denied).
    
    ## High level overview
    
    At a high level, the relevant components look as such:
    
    ```mermaid
    flowchart TD
    Registered: Wed Nov 06 22:53:10 UTC 2024
    - Last Modified: Wed Jul 17 23:10:17 UTC 2024
    - 9.4K bytes
    - Viewed (0)
  8. cmd/admin-handlers-idp-ldap.go

    					errors.New("service accounts cannot be generated for temporary credentials without parent")), r.URL)
    				return
    			}
    			targetUser = requestorParentUser
    		}
    		targetGroups = requestorGroups
    
    		// Deny if the target user is not LDAP
    		foundResult, err := globalIAMSys.LDAPConfig.GetValidatedDNForUsername(targetUser)
    		if err != nil {
    			writeErrorResponseJSON(ctx, w, toAdminAPIErr(ctx, err), r.URL)
    			return
    		}
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Sat Sep 21 11:35:40 UTC 2024
    - 19.1K bytes
    - Viewed (0)
  9. guava/src/com/google/common/base/Throwables.java

          throw death;
        } catch (Throwable t) {
          /*
           * This is not one of AppEngine's allowed classes, so even in Sun JDKs, this can fail with
           * a NoClassDefFoundError. Other apps might deny access to sun.misc packages.
           */
          return null;
        }
      }
    
      /**
       * Returns the Method that can be used to resolve an individual StackTraceElement, or null if that
    Registered: Fri Nov 01 12:43:10 UTC 2024
    - Last Modified: Fri Jul 19 16:02:36 UTC 2024
    - 20.7K bytes
    - Viewed (0)
  10. cmd/bucket-replication-handlers.go

    			return
    		}
    		// fake a versioned delete - to ensure deny policies are not in place
    		err = c.RemoveObject(ctx, clnt.Bucket, obj, minio.RemoveObjectOptions{
    			VersionID: ui.VersionID,
    			Internal: minio.AdvancedRemoveOptions{
    				ReplicationDeleteMarker:  false,
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Thu Aug 15 12:04:40 UTC 2024
    - 23.3K bytes
    - Viewed (0)
Back to top