Search Options

Results per page
Sort
Preferred Languages
Advance

Results 1 - 3 of 3 for ImpersonatedIdentity (0.15 sec)

  2. github.com/istio/istio

    security/pkg/server/ca/server.go 

    	// By default, we will use the callers identity for the certificate
	sans := caller.Identities
	crMetadata := request.Metadata.GetFields()
	impersonatedIdentity := crMetadata[security.ImpersonatedIdentity].GetStringValue()
	if impersonatedIdentity != "" {
		serverCaLog.Debugf("impersonated identity: %s", impersonatedIdentity)
		// If there is an impersonated identity, we will override to use that identity (only single value
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Tue May 28 17:35:26 UTC 2024
    - 8K bytes
    - Viewed (0)
  3. github.com/istio/istio

    pkg/security/security.go 

    	K8sTokenPrefix = "Istio "

	// CertSigner info
	CertSigner = "CertSigner"

	// ImpersonatedIdentity declares the identity we are requesting a certificate on behalf of.
	// This is constrained to only allow identities in CATrustedNodeAccounts, and only to impersonate identities
	// on their node.
	ImpersonatedIdentity = "ImpersonatedIdentity"
)

type ImpersonatedIdentityContextKey struct{}
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Thu Jun 13 17:48:28 UTC 2024
    - 19.1K bytes
    - Viewed (0)
  4. github.com/istio/istio

    security/pkg/server/ca/server_test.go 

    				for _, c := range server.nodeAuthorizer.component.All() {
					kube.WaitForCacheSync("test", stop, c.pods.HasSynced)
				}
			}

			reqMeta, _ := structpb.NewStruct(map[string]any{
				security.ImpersonatedIdentity: c.impersonatePod.Identity(),
			})
			request := &pb.IstioCertificateRequest{
				Csr:      "dumb CSR",
				Metadata: reqMeta,
			}
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Wed Feb 28 16:41:38 UTC 2024
    - 15.8K bytes
    - Viewed (0)
Back to top