Search Options

Results per page
Sort
Preferred Languages
Advance

Results 1 - 2 of 2 for PILOT_ENABLE_XDS_IDENTITY_CHECK (0.23 sec)

  2. github.com/istio/istio

    pilot/pkg/features/security.go 

    	XDSAuth = env.Register("XDS_AUTH", true,
		"If true, will authenticate XDS clients.").Get()

	EnableXDSIdentityCheck = env.Register(
		"PILOT_ENABLE_XDS_IDENTITY_CHECK",
		true,
		"If enabled, pilot will authorize XDS clients, to ensure they are acting only as namespaces they have permissions for.",
	).Get()

	// TODO: Move this to proper API.
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Sat Jan 13 03:50:59 UTC 2024
    - 3.1K bytes
    - Viewed (0)
  3. github.com/istio/istio

    pilot/pkg/bootstrap/server.go 

    func (s *Server) initSDSServer() {
	if s.kubeClient == nil {
		return
	}
	if !features.EnableXDSIdentityCheck {
		// Make sure we have security
		log.Warnf("skipping Kubernetes credential reader; PILOT_ENABLE_XDS_IDENTITY_CHECK must be set to true for this feature.")
	} else {
		creds := kubecredentials.NewMulticluster(s.clusterID, s.multiclusterController)
		creds.AddSecretHandler(func(name string, namespace string) {
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Thu Jun 13 17:48:28 UTC 2024
    - 46.3K bytes
    - Viewed (0)
Back to top