- Sort Score
- Result 10 results
- Languages All
Results 1 - 3 of 3 for ImpersonatedIdentity (0.15 sec)
-
security/pkg/server/ca/server.go
// By default, we will use the callers identity for the certificate sans := caller.Identities crMetadata := request.Metadata.GetFields() impersonatedIdentity := crMetadata[security.ImpersonatedIdentity].GetStringValue() if impersonatedIdentity != "" { serverCaLog.Debugf("impersonated identity: %s", impersonatedIdentity) // If there is an impersonated identity, we will override to use that identity (only single value
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Tue May 28 17:35:26 UTC 2024 - 8K bytes - Viewed (0) -
pkg/security/security.go
K8sTokenPrefix = "Istio " // CertSigner info CertSigner = "CertSigner" // ImpersonatedIdentity declares the identity we are requesting a certificate on behalf of. // This is constrained to only allow identities in CATrustedNodeAccounts, and only to impersonate identities // on their node. ImpersonatedIdentity = "ImpersonatedIdentity" ) type ImpersonatedIdentityContextKey struct{}
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Jun 13 17:48:28 UTC 2024 - 19.1K bytes - Viewed (0) -
security/pkg/server/ca/server_test.go
for _, c := range server.nodeAuthorizer.component.All() { kube.WaitForCacheSync("test", stop, c.pods.HasSynced) } } reqMeta, _ := structpb.NewStruct(map[string]any{ security.ImpersonatedIdentity: c.impersonatePod.Identity(), }) request := &pb.IstioCertificateRequest{ Csr: "dumb CSR", Metadata: reqMeta, }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Feb 28 16:41:38 UTC 2024 - 15.8K bytes - Viewed (0)