Search Options

Results per page
Sort
Preferred Languages
Advance

Results 1 - 10 of 29 for COMPLIANCE_POLICY (0.19 sec)

  2. github.com/istio/istio

    releasenotes/notes/fips.yaml 

    apiVersion: release-notes/v2
kind: bug-fix
area: security
issue:
- 49081

releaseNotes:
- |
  **Added** an environment variable `COMPLIANCE_POLICY` to Istio components for
  enforcing TLS restriction for compliance with FIPS. When set to `fips-140-2`
  on the Istiod container, the Istio Proxy container, and all other Istio
  components, TLS version is restricted to v1.2, the cipher suites to a subset
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Fri Feb 23 00:16:21 UTC 2024
    - 1.2K bytes
    - Viewed (0)
  3. github.com/istio/istio

    pkg/features/security.go 

    	// FIPS_140_2 compliance policy.
	// nolint: revive, stylecheck
	FIPS_140_2 = "fips-140-2"
)

// Define common security feature flags shared among the Istio components.
var (
	CompliancePolicy = env.Register("COMPLIANCE_POLICY", "",
		`If set, applies policy-specific restrictions over all existing TLS
settings, including in-mesh mTLS and external TLS. Valid values are:

* '' or unset places no additional restrictions.
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Fri Feb 23 00:16:21 UTC 2024
    - 1.6K bytes
    - Viewed (0)
  4. github.com/istio/istio

    manifests/charts/istio-control/istio-discovery/files/gateway-injection-template.yaml 

            resourceFieldRef:
          resource: limits.memory
    - name: GOMAXPROCS
      valueFrom:
        resourceFieldRef:
          resource: limits.cpu
    {{- if .CompliancePolicy }}
    - name: COMPLIANCE_POLICY
      value: "{{ .CompliancePolicy }}"
    {{- end }}
    - name: ISTIO_META_APP_CONTAINERS
      value: "{{ $containers | join "," }}"
    - name: ISTIO_META_CLUSTER_ID
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Mon Jun 03 01:55:05 UTC 2024
    - 8.7K bytes
    - Viewed (0)
  5. github.com/istio/istio

    manifests/charts/istiod-remote/files/gateway-injection-template.yaml 

            resourceFieldRef:
          resource: limits.memory
    - name: GOMAXPROCS
      valueFrom:
        resourceFieldRef:
          resource: limits.cpu
    {{- if .CompliancePolicy }}
    - name: COMPLIANCE_POLICY
      value: "{{ .CompliancePolicy }}"
    {{- end }}
    - name: ISTIO_META_APP_CONTAINERS
      value: "{{ $containers | join "," }}"
    - name: ISTIO_META_CLUSTER_ID
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Mon Jun 03 01:55:05 UTC 2024
    - 8.7K bytes
    - Viewed (0)
  6. github.com/istio/istio

    manifests/charts/istiod-remote/files/injection-template.yaml 

            resourceFieldRef:
          resource: limits.memory
    - name: GOMAXPROCS
      valueFrom:
        resourceFieldRef:
          resource: limits.cpu
    {{- if .CompliancePolicy }}
    - name: COMPLIANCE_POLICY
      value: "{{ .CompliancePolicy }}"
    {{- end }}
    - name: ISTIO_META_CLUSTER_ID
      value: "{{ valueOrDefault .Values.global.multiCluster.clusterName `Kubernetes` }}"
    - name: ISTIO_META_NODE_NAME
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Fri May 10 21:01:52 UTC 2024
    - 23.8K bytes
    - Viewed (0)
  7. github.com/istio/istio

    manifests/charts/istio-control/istio-discovery/files/injection-template.yaml 

            resourceFieldRef:
          resource: limits.memory
    - name: GOMAXPROCS
      valueFrom:
        resourceFieldRef:
          resource: limits.cpu
    {{- if .CompliancePolicy }}
    - name: COMPLIANCE_POLICY
      value: "{{ .CompliancePolicy }}"
    {{- end }}
    - name: ISTIO_META_CLUSTER_ID
      value: "{{ valueOrDefault .Values.global.multiCluster.clusterName `Kubernetes` }}"
    - name: ISTIO_META_NODE_NAME
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Fri May 10 21:01:52 UTC 2024
    - 23.8K bytes
    - Viewed (0)
  8. github.com/istio/istio

    pkg/kube/inject/testdata/inputs/enable-core-dump.yaml.5.template.gen.yaml 

                  resource: limits.memory
        - name: GOMAXPROCS
          valueFrom:
            resourceFieldRef:
              resource: limits.cpu
        {{- if .CompliancePolicy }}
        - name: COMPLIANCE_POLICY
          value: "{{ .CompliancePolicy }}"
        {{- end }}
        - name: ISTIO_META_CLUSTER_ID
          value: "{{ valueOrDefault .Values.global.multiCluster.clusterName `Kubernetes` }}"
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Mon Jun 03 01:55:05 UTC 2024
    - 75.9K bytes
    - Viewed (0)
  9. github.com/istio/istio

    pkg/kube/inject/testdata/inputs/hello-existing-cncf-networks-json.yaml.16.template.gen.yaml 

                  resource: limits.memory
        - name: GOMAXPROCS
          valueFrom:
            resourceFieldRef:
              resource: limits.cpu
        {{- if .CompliancePolicy }}
        - name: COMPLIANCE_POLICY
          value: "{{ .CompliancePolicy }}"
        {{- end }}
        - name: ISTIO_META_CLUSTER_ID
          value: "{{ valueOrDefault .Values.global.multiCluster.clusterName `Kubernetes` }}"
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Mon Jun 03 01:55:05 UTC 2024
    - 75.9K bytes
    - Viewed (0)
  10. github.com/istio/istio

    pkg/kube/inject/testdata/inputs/hello-image-pull-secret.yaml.11.template.gen.yaml 

                  resource: limits.memory
        - name: GOMAXPROCS
          valueFrom:
            resourceFieldRef:
              resource: limits.cpu
        {{- if .CompliancePolicy }}
        - name: COMPLIANCE_POLICY
          value: "{{ .CompliancePolicy }}"
        {{- end }}
        - name: ISTIO_META_CLUSTER_ID
          value: "{{ valueOrDefault .Values.global.multiCluster.clusterName `Kubernetes` }}"
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Mon Jun 03 01:55:05 UTC 2024
    - 75.9K bytes
    - Viewed (0)
  11. github.com/istio/istio

    pkg/kube/inject/testdata/inputs/hello.yaml.0.template.gen.yaml 

                  resource: limits.memory
        - name: GOMAXPROCS
          valueFrom:
            resourceFieldRef:
              resource: limits.cpu
        {{- if .CompliancePolicy }}
        - name: COMPLIANCE_POLICY
          value: "{{ .CompliancePolicy }}"
        {{- end }}
        - name: ISTIO_META_CLUSTER_ID
          value: "{{ valueOrDefault .Values.global.multiCluster.clusterName `Kubernetes` }}"
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Mon Jun 03 01:55:05 UTC 2024
    - 75.9K bytes
    - Viewed (0)
Back to top