- Sort Score
- Result 10 results
- Languages All
Results 1 - 10 of 12 for Copa (0.18 sec)
-
docs/iam/opa.md
# OPA Quickstart Guide [![Slack](https://slack.minio.io/slack?type=svg)](https://slack.minio.io) OPA is a lightweight general-purpose policy engine that can be co-located with MinIO server, in this document we talk about how to use OPA HTTP API to authorize requests. It can be used with any type of credentials (STS based like OpenID or LDAP, regular IAM users or service accounts). OPA is enabled through MinIO's Access Management Plugin feature. ## Get started
Plain Text - Registered: Sun Mar 24 19:28:08 GMT 2024 - Last Modified: Sun Jul 17 15:43:14 GMT 2022 - 2.3K bytes - Viewed (0) -
internal/config/policy/opa/help.go
package opa import "github.com/minio/minio/internal/config" // Help template for OPA policy feature. var ( defaultHelpPostfix = func(key string) string { return config.DefaultHelpPostfix(DefaultKVS, key) } Help = config.HelpKVS{ config.HelpKV{ Key: URL,
Go - Registered: Sun Mar 24 19:28:08 GMT 2024 - Last Modified: Fri Jun 23 14:45:27 GMT 2023 - 1.6K bytes - Viewed (0) -
internal/config/policy/opa/config.go
*a = oa return nil } *a = oa return nil } // Opa - implements opa policy agent calls. type Opa struct { args Args client *http.Client } // Enabled returns if opa is enabled. func Enabled(kvs config.KVS) bool { return kvs.Get(URL) != "" } // LookupConfig lookup Opa from config, override with any ENVs.
Go - Registered: Sun Mar 24 19:28:08 GMT 2024 - Last Modified: Thu Sep 14 21:50:16 GMT 2023 - 5.2K bytes - Viewed (1) -
internal/config/policy/opa/legacy.go
// along with this program. If not, see <http://www.gnu.org/licenses/>. package opa import ( "github.com/minio/minio/internal/config" ) // Legacy OPA envs const ( EnvIamOpaURL = "MINIO_IAM_OPA_URL" EnvIamOpaAuthToken = "MINIO_IAM_OPA_AUTHTOKEN" ) // SetPolicyOPAConfig - One time migration code needed, for migrating from older config to new for PolicyOPAConfig.
Go - Registered: Sun Mar 24 19:28:08 GMT 2024 - Last Modified: Tue Jun 01 21:59:40 GMT 2021 - 1.4K bytes - Viewed (0) -
internal/config/policy/plugin/config.go
if err != nil { return false, err } // Handle large OPA responses when OPA URL is of // form http://localhost:8181/v1/data/httpapi/authz type opaResultAllow struct { Result struct { Allow bool `json:"allow"` } `json:"result"` } // Handle simpler OPA responses when OPA URL is of // form http://localhost:8181/v1/data/httpapi/authz/allow type opaResult struct {
Go - Registered: Sun Mar 24 19:28:08 GMT 2024 - Last Modified: Thu Sep 14 21:50:16 GMT 2023 - 5.8K bytes - Viewed (0) -
cmd/config-versions.go
Compression compress.Config `json:"compress"` // OpenID configuration OpenID openid.Config `json:"openid"` // External policy enforcements. Policy struct { // OPA configuration. OPA opa.Args `json:"opa"` // Add new external policy enforcements here. } `json:"policy"` LDAPServerConfig xldap.LegacyConfig `json:"ldapserverconfig"`
Go - Registered: Sun Mar 24 19:28:08 GMT 2024 - Last Modified: Wed Oct 18 18:05:24 GMT 2023 - 2.5K bytes - Viewed (0) -
cmd/config-migrate.go
cfg.Compression.MimeTypes = strings.Split(compress.DefaultMimeTypes, config.ValueSeparator) case "30": // V30 -> V31 cfg.OpenID = openid.Config{} cfg.Policy.OPA = opa.Args{ URL: &xnet.URL{}, AuthToken: "", } case "31": // V31 -> V32 cfg.Notify.NSQ = make(map[string]target.NSQArgs) cfg.Notify.NSQ["1"] = target.NSQArgs{} }
Go - Registered: Sun Mar 24 19:28:08 GMT 2024 - Last Modified: Wed Oct 18 18:05:24 GMT 2023 - 5.4K bytes - Viewed (0) -
cmd/config-current.go
case config.PolicyOPASubSys: // In case legacy OPA config is being set, we treat it as if the // AuthZPlugin is being set. subSys = config.PolicyPluginSubSys fallthrough case config.PolicyPluginSubSys: if ppargs, err := polplugin.LookupConfig(s, GetDefaultConnSettings(), xhttp.DrainBody); err != nil { return err } else if ppargs.URL == nil { // Check if legacy opa is configured.
Go - Registered: Sun Mar 24 19:28:08 GMT 2024 - Last Modified: Tue Mar 05 02:50:24 GMT 2024 - 30.8K bytes - Viewed (0) -
cmd/iam.go
} if authZPluginCfg.URL == nil { opaCfg, err := opa.LookupConfig(s[config.PolicyOPASubSys][config.Default], NewHTTPTransport(), xhttp.DrainBody) if err != nil { logger.LogIf(ctx, fmt.Errorf("Unable to initialize AuthZPlugin from legacy OPA config: %w", err)) } else { authZPluginCfg.URL = opaCfg.URL authZPluginCfg.AuthToken = opaCfg.AuthToken
Go - Registered: Sun Mar 24 19:28:08 GMT 2024 - Last Modified: Mon Feb 26 21:30:28 GMT 2024 - 63.3K bytes - Viewed (1) -
manifests/charts/istiod-remote/values.yaml
enableNamespacesByDefault: false # Mutations that occur after the sidecar injector are not handled by default, as the Istio sidecar injector is only run # once. For example, an OPA sidecar injected after the Istio sidecar will not have it's liveness/readiness probes rewritten. # Setting this to `IfNeeded` will result in the sidecar injector being run again if additional mutations occur.
Others - Registered: Wed Mar 20 22:53:08 GMT 2024 - Last Modified: Mon Mar 11 16:58:23 GMT 2024 - 19.6K bytes - Viewed (0)