- Sort Score
- Result 10 results
- Languages All
Results 1 - 10 of 14 for NotRequestPrincipals (0.26 sec)
-
pilot/pkg/security/authz/builder/testdata/tcp/audit-both-http-tcp-in.yaml
requestPrincipals: ["requestPrincipals"] namespaces: ["ns"] ipBlocks: ["1.2.3.4"] remoteIpBlocks: ["10.250.90.4"] notPrincipals: ["not-principal"] notRequestPrincipals: ["not-requestPrincipals"] notNamespaces: ["not-ns"] notIpBlocks: ["9.0.0.1"] notRemoteIpBlocks: ["10.133.154.65"] to: - operation: methods: ["method"]
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Apr 01 19:25:01 UTC 2021 - 2.1K bytes - Viewed (0) -
pilot/pkg/security/authz/model/model_test.go
} func TestModel_Generate(t *testing.T) { rule := yamlRule(t, ` from: - source: requestPrincipals: ["td-1/ns/foo/sa/sleep-1"] notRequestPrincipals: ["td-1/ns/foo/sa/sleep-2"] - source: requestPrincipals: ["td-1/ns/foo/sa/sleep-3"] notRequestPrincipals: ["td-1/ns/foo/sa/sleep-4"] to: - operation: ports: ["8001"] notPorts: ["8002"] - operation: ports: ["8003"]
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Nov 20 22:15:12 UTC 2023 - 10K bytes - Viewed (0) -
pilot/pkg/security/authz/builder/testdata/http/allow-full-rule-in.yaml
ipBlocks: ["1.2.3.4", "5.6.0.0/16"] remoteIpBlocks: ["1.2.3.4", "5.6.0.0/16"] notPrincipals: ["not-principal", "not-principal-prefix-*", "*-not-suffix-principal", "*"] notRequestPrincipals: ["not-requestPrincipals", "not-requestPrincipals-prefix-*", "*-not-suffix-requestPrincipals", "*"] notNamespaces: ["not-ns", "not-ns-prefix-*", "*-not-ns-suffix", "*"]
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Sat Apr 20 01:58:53 UTC 2024 - 4.1K bytes - Viewed (0) -
pilot/pkg/serviceregistry/kube/controller/ambient/testdata/allow-full-in.yaml
- from: - source: requestPrincipals: [ "requestPrincipals", "requestPrincipals-prefix-*", "*-suffix-requestPrincipals", "*" ] notRequestPrincipals: [ "not-requestPrincipals", "not-requestPrincipals-prefix-*", "*-suffix-not-requestPrincipals", "*" ] - from: - source: namespaces: [ "ns", "ns-prefix-*", "*-ns-suffix", "*" ]
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Feb 29 18:40:34 UTC 2024 - 4K bytes - Viewed (0) -
tests/integration/security/testdata/authz/jwt.yaml.tmpl
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed May 08 23:36:51 UTC 2024 - 3K bytes - Viewed (0) -
pilot/pkg/security/authz/builder/testdata/tcp/deny-both-http-tcp-in.yaml
ipBlocks: ["1.2.3.4"] remoteIpBlocks: ["172.18.4.0/22"] notPrincipals: ["not-principal", "*not-principal-suffix", "not-principal-prefix*", "*"] notRequestPrincipals: ["not-requestPrincipals"] notNamespaces: ["not-ns", "*not-ns-suffix", "not-ns-prefix*", "*"] notIpBlocks: ["9.0.0.1"] notRemoteIpBlocks: ["192.168.244.139"] to: - operation:
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Fri Aug 12 19:47:37 UTC 2022 - 3.9K bytes - Viewed (0) -
pilot/pkg/security/authz/model/model.go
if useExtendedJwt { merged.insertFrontExtended(requestPrincipalGenerator{}, attrRequestPrincipal, s.RequestPrincipals, s.NotRequestPrincipals) } else { merged.insertFront(requestPrincipalGenerator{}, attrRequestPrincipal, s.RequestPrincipals, s.NotRequestPrincipals) } merged.insertFront(srcPrincipalGenerator{}, attrSrcPrincipal, s.Principals, s.NotPrincipals) }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Mar 25 10:39:25 UTC 2024 - 13.8K bytes - Viewed (0) -
pilot/pkg/serviceregistry/kube/controller/ambient/authorization.go
} fromMatches := []*security.Match{} for _, from := range rule.From { op := from.Source if action == security.Action_ALLOW && anyNonEmpty(op.RemoteIpBlocks, op.NotRemoteIpBlocks, op.RequestPrincipals, op.NotRequestPrincipals) { // L7 policies never match for ALLOW // For DENY they will always match, so it is more restrictive return nil } match := &security.Match{ SourceIps: stringToIP(op.IpBlocks),
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Apr 15 16:23:36 UTC 2024 - 18.4K bytes - Viewed (0) -
pkg/config/validation/validation.go
errs = appendErrors(errs, check(len(src.RequestPrincipals) != 0, "From.RequestPrincipals")) errs = appendErrors(errs, check(len(src.NotRequestPrincipals) != 0, "From.NotRequestPrincipals")) } } for _, when := range rule.GetWhen() { if when == nil { errs = appendErrors(errs, fmt.Errorf("when field cannot be nil")) continue }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Jun 12 04:03:33 UTC 2024 - 107.2K bytes - Viewed (0) -
pkg/config/validation/validation_test.go
}, }, }, }, valid: false, }, { name: "NotRequestPrincipals-empty", in: &security_beta.AuthorizationPolicy{ Rules: []*security_beta.Rule{ { From: []*security_beta.Rule_From{ { Source: &security_beta.Source{ NotRequestPrincipals: []string{"p1", ""}, }, }, }, }, }, },
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Tue Apr 30 03:11:45 UTC 2024 - 196K bytes - Viewed (0)