Search Options

Results per page
Sort
Preferred Languages
Advance

Results 1 - 6 of 6 for AuthorizationPolicy_DENY (0.5 sec)

  2. github.com/istio/istio

    pilot/pkg/model/authorization.go 

    		config.Namespace, config.Name)
	switch config.Spec.GetAction() {
	case authpb.AuthorizationPolicy_ALLOW:
		configs.Allow = append(configs.Allow, config)
	case authpb.AuthorizationPolicy_DENY:
		configs.Deny = append(configs.Deny, config)
	case authpb.AuthorizationPolicy_AUDIT:
		configs.Audit = append(configs.Audit, config)
	case authpb.AuthorizationPolicy_CUSTOM:
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Wed Apr 17 22:20:44 UTC 2024
    - 4.2K bytes
    - Viewed (0)
  3. github.com/istio/istio

    pilot/pkg/networking/grpcgen/grpcgen_test.go 

    					When: []*security.Condition{
						{
							Key: "request.headers[echo]",
							Values: []string{
								"block",
							},
						},
					},
				},
			},
			Action: security.AuthorizationPolicy_DENY,
		},
	})

	store.Create(config.Config{
		Meta: config.Meta{
			GroupVersionKind: gvk.AuthorizationPolicy,
			Name:             svcname + "-allow",
			Namespace:        ns,
		},
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Thu Mar 28 09:04:02 UTC 2024
    - 16.9K bytes
    - Viewed (0)
  4. github.com/istio/istio

    pkg/config/validation/validation_test.go 

    			valid: true,
		},
		{
			name:        "dry-run-valid-deny",
			annotations: map[string]string{"istio.io/dry-run": "false"},
			in: &security_beta.AuthorizationPolicy{
				Action: security_beta.AuthorizationPolicy_DENY,
				Rules:  []*security_beta.Rule{{}},
			},
			valid: true,
		},
		{
			name:        "dry-run-invalid-value",
			annotations: map[string]string{"istio.io/dry-run": "foo"},
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Tue Apr 30 03:11:45 UTC 2024
    - 196K bytes
    - Viewed (0)
  5. github.com/istio/istio

    pilot/pkg/model/authorization_test.go 

    		Group:     gvk.Service.Group,
		Kind:      gvk.Service.Kind,
		Name:      "foo-svc",
		Namespace: "foo",
	}

	denyPolicy := proto.Clone(policy).(*authpb.AuthorizationPolicy)
	denyPolicy.Action = authpb.AuthorizationPolicy_DENY

	auditPolicy := proto.Clone(policy).(*authpb.AuthorizationPolicy)
	auditPolicy.Action = authpb.AuthorizationPolicy_AUDIT

	customPolicy := proto.Clone(policy).(*authpb.AuthorizationPolicy)
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Wed Apr 17 22:20:44 UTC 2024
    - 12.7K bytes
    - Viewed (0)
  6. github.com/istio/istio

    pilot/pkg/serviceregistry/kube/controller/ambient/authorization.go 

    			scope = security.Scope_GLOBAL // TODO: global workload?
		}
	}
	action := security.Action_ALLOW
	switch pol.Action {
	case v1beta1.AuthorizationPolicy_ALLOW:
	case v1beta1.AuthorizationPolicy_DENY:
		action = security.Action_DENY
	default:
		return nil
	}
	opol := &security.Authorization{
		Name:      obj.Name,
		Namespace: obj.Namespace,
		Scope:     scope,
		Action:    action,
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Mon Apr 15 16:23:36 UTC 2024
    - 18.4K bytes
    - Viewed (0)
  7. github.com/istio/istio

    pkg/config/validation/validation.go 

    		}
		if spec, ok := cfg.Spec.(*security_beta.AuthorizationPolicy); ok {
			switch spec.Action {
			case security_beta.AuthorizationPolicy_ALLOW, security_beta.AuthorizationPolicy_DENY:
				if _, err := strconv.ParseBool(val); err != nil {
					return fmt.Errorf("%s/%s has annotation %s with invalid value (%s): %v", cfg.Namespace, cfg.Name, annotation.IoIstioDryRun.Name, val, err)
				}
			default:
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Wed Jun 12 04:03:33 UTC 2024
    - 107.2K bytes
    - Viewed (0)
Back to top