- Sort Score
- Result 10 results
- Languages All
Results 1 - 10 of 18 for rbac (0.03 sec)
-
manifests/addons/values-grafana.yaml
# Avoid creating a bunch of RBAC rules for features we are not enabling rbac: create: false pspEnabled: false # Disable test pods testFramework: enabled: false podLabels: sidecar.istio.io/inject: "false" # Demo only, so we will have no authentication admin: existingSecret: "" ldap: existingSecret: true env: GF_SECURITY_ADMIN_USER: "admin" GF_SECURITY_ADMIN_PASSWORD: "admin"
Registered: Wed Nov 06 22:53:10 UTC 2024 - Last Modified: Wed Jun 12 20:46:28 UTC 2024 - 1.7K bytes - Viewed (0) -
istioctl/pkg/describe/describe.go
return []string{}, err } // Identify RBAC policies. Currently there are no "breadcrumbs" so we only return the policy names. for _, httpFilter := range hcm.HttpFilters { if httpFilter.Name == wellknown.HTTPRoleBasedAccessControl { rbac := &rbachttp.RBAC{} if err := httpFilter.GetTypedConfig().UnmarshalTo(rbac); err == nil { policies := []string{} for polName := range rbac.Rules.Policies {
Registered: Wed Nov 06 22:53:10 UTC 2024 - Last Modified: Thu Oct 24 17:36:49 UTC 2024 - 50.6K bytes - Viewed (0) -
istioctl/pkg/precheck/precheck.go
group string version string resource string }{ { version: "v1", resource: "namespaces", }, { group: "rbac.authorization.k8s.io", version: "v1", resource: "clusterroles", }, { group: "rbac.authorization.k8s.io", version: "v1", resource: "clusterrolebindings", }, { group: "apiextensions.k8s.io", version: "v1",
Registered: Wed Nov 06 22:53:10 UTC 2024 - Last Modified: Thu Oct 24 02:31:32 UTC 2024 - 15.3K bytes - Viewed (0) -
architecture/tests/integration.md
- **Focus**: 1. Authentication and authorization mechanisms. 1. Interaction between security components and Istio control plane. 1. Validation of mutual TLS (mTLS) configurations. 1. Testing of JWT token validation and RBAC policies. 1. Validation of certificate management and rotation. - **Setup**: The main test setup in this folder initializes the Istio control plane with security configurations. ## Adding a New Integration Test
Registered: Wed Nov 06 22:53:10 UTC 2024 - Last Modified: Wed Oct 09 00:57:44 UTC 2024 - 5.9K bytes - Viewed (0) -
cni/README.md
- [RBAC](https://docs.projectcalico.org/v3.2/getting-started/kubernetes/installation/rbac.yaml) - this creates the service account the CNI plugin is configured to use to access the kube-api-server...
Registered: Wed Nov 06 22:53:10 UTC 2024 - Last Modified: Wed Jul 17 23:10:17 UTC 2024 - 10.5K bytes - Viewed (0) -
architecture/ambient/ztunnel.md
This is fairly straightforward. First, we need to check that this traffic is allowed. Traffic may be denied by RBAC policies (especially from a `STRICT` mode enforcement, which denies plaintext traffic). If it is allowed, we will forward to the target destination. #### Hairpin
Registered: Wed Nov 06 22:53:10 UTC 2024 - Last Modified: Wed Jul 17 23:10:17 UTC 2024 - 16.8K bytes - Viewed (0) -
CHANGELOG/CHANGELOG-1.32.md
Similarly you can also access kubelet's `/pods` endpoint to fetch a list of Pods bound to that node by granting the caller `nodes/pods` permission in RBAC. Similarly you can also access kubelet's `/configz` endpoint to fetch kubelet's configuration by granting the caller `nodes/configz` permission in RBAC.
Registered: Fri Nov 01 09:05:11 UTC 2024 - Last Modified: Tue Oct 29 20:17:52 UTC 2024 - 121.6K bytes - Viewed (0) -
CHANGELOG/CHANGELOG-1.29.md
- `kubeadm`: a separate "super-admin.conf" file is now deployed. The User in `admin.conf` is now bound to a new RBAC Group `kubeadm:cluster-admins` that has `cluster-admin` `ClusterRole` access. The User in `super-admin.conf` is now bound to the `system:masters` built-in super-powers / break-glass Group that can bypass RBAC. Before this change, the default `admin.conf` was bound to `system:masters` Group, which was undesired. Executing `kubeadm init phase kubeconfig...
Registered: Fri Nov 01 09:05:11 UTC 2024 - Last Modified: Wed Oct 23 04:37:31 UTC 2024 - 375.1K bytes - Viewed (1) -
CHANGELOG/CHANGELOG-1.30.md
- Kubeadm: avoided uploading a defaulted flag value "--authorization-mode=Node,RBAC" for the kube-apiserver in the ClusterConfiguration stored in the "kube-system/kubeadm-config" ConfigMap. "Node,RBAC" are already the kubeadm defaults for this flag, so this action is redundant. ([#123555](https://github.com/kubernetes/kubernetes/pull/123555), [@neolit123](https://github.com/neolit123))
Registered: Fri Nov 01 09:05:11 UTC 2024 - Last Modified: Wed Oct 23 04:40:14 UTC 2024 - 309.1K bytes - Viewed (0) -
docs/iam/policies/pbac-tests.sh
Harshavardhana <******@****.***> 1719251988 -0700
Registered: Sun Nov 03 19:28:11 UTC 2024 - Last Modified: Tue Jun 25 01:15:27 UTC 2024 - 2.5K bytes - Viewed (0)