- Sort Score
- Result 10 results
- Languages All
Results 1 - 10 of 16 for authz_model (0.15 sec)
-
pilot/pkg/networking/core/tracing.go
dryRunPolicyTraceTag("istio.authorization.dry_run.allow_policy.result", authz_model.RBACShadowRulesAllowStatPrefix+authz_model.RBACShadowEngineResult), dryRunPolicyTraceTag("istio.authorization.dry_run.deny_policy.name", authz_model.RBACShadowRulesDenyStatPrefix+authz_model.RBACShadowEffectivePolicyID),
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu May 16 17:05:28 UTC 2024 - 24.2K bytes - Viewed (0) -
pilot/pkg/security/authz/builder/builder.go
} } return dryRun } func shadowRuleStatPrefix(rule *rbacpb.RBAC) string { switch rule.GetAction() { case rbacpb.RBAC_ALLOW: return authzmodel.RBACShadowRulesAllowStatPrefix case rbacpb.RBAC_DENY: return authzmodel.RBACShadowRulesDenyStatPrefix default: return "" } }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Nov 20 22:15:12 UTC 2023 - 12.6K bytes - Viewed (0) -
pilot/pkg/security/authn/utils/utils.go
TlsMinimumProtocolVersion: minTLSVersion, TlsMaximumProtocolVersion: tls.TlsParameters_TLSv1_3, } authn_model.ApplyToCommonTLSContext(ctx.CommonTlsContext, node, []string{}, /*subjectAltNames*/ "", /*crl*/ trustDomainAliases, ctx.RequireClientCertificate.Value) // Compliance for downstream mesh mTLS. authn_model.EnforceCompliance(ctx.CommonTlsContext) return ctx }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Fri Feb 23 00:16:21 UTC 2024 - 3.8K bytes - Viewed (0) -
pilot/pkg/networking/core/cluster_tls_test.go
}, ValidationContextSdsSecretConfig: &tls.SdsSecretConfig{ Name: "kubernetes://" + credentialName + authn_model.SdsCaSuffix, SdsConfig: authn_model.SDSAdsConfig, }, }, }, }, Sni: "some-sni.com", }, err: nil, }, }, {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon May 06 03:53:05 UTC 2024 - 60.9K bytes - Viewed (0) -
pkg/kubeapiserver/options/authorization.go
for _, mode := range o.Modes { if !authzmodes.IsValidAuthorizationMode(mode) { allErrors = append(allErrors, fmt.Errorf("authorization-mode %q is not a valid mode", mode)) } if mode == authzmodes.ModeABAC && o.PolicyFile == "" { allErrors = append(allErrors, fmt.Errorf("authorization-mode ABAC's authorization policy file not passed")) } if mode == authzmodes.ModeWebhook && o.WebhookConfigFile == "" {
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Wed Feb 14 23:09:15 UTC 2024 - 12K bytes - Viewed (0) -
pkg/kubeapiserver/authorizer/modes/modes_test.go
limitations under the License. */ package modes import "testing" func TestIsValidAuthorizationMode(t *testing.T) { var tests = []struct { authzMode string expected bool }{ {"", false}, {"rBAC", false}, // not supported {"falsy value", false}, // not supported {"RBAC", true}, // supported {"ABAC", true}, // supported
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Thu Feb 23 13:27:16 UTC 2017 - 1.2K bytes - Viewed (0) -
pkg/adsc/delta_test.go
"github.com/envoyproxy/go-control-plane/pkg/wellknown" "github.com/google/go-cmp/cmp" "google.golang.org/grpc" "google.golang.org/protobuf/testing/protocmp" authn_model "istio.io/istio/pilot/pkg/security/model" "istio.io/istio/pilot/pkg/util/protoconv" v3 "istio.io/istio/pilot/pkg/xds/v3" "istio.io/istio/pilot/test/xdstest" "istio.io/istio/pkg/log"
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Fri Feb 02 09:32:41 UTC 2024 - 13.9K bytes - Viewed (0) -
pkg/kubeapiserver/authorizer/modes/modes.go
// IsValidAuthorizationMode returns true if the given authorization mode is a valid one for the apiserver func IsValidAuthorizationMode(authzMode string) bool { return sets.NewString(AuthorizationModeChoices...).Has(authzMode)
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Mon Nov 05 01:22:41 UTC 2018 - 1.6K bytes - Viewed (0) -
pilot/pkg/security/authz/builder/extauthz.go
Filter: name, Path: []*envoy_type_matcher_v3.MetadataMatcher_PathSegment{ { Segment: &envoy_type_matcher_v3.MetadataMatcher_PathSegment_Key{ Key: authzmodel.RBACExtAuthzShadowRulesStatPrefix + authzmodel.RBACShadowEffectivePolicyID, }, }, }, Value: &envoy_type_matcher_v3.ValueMatcher{ MatchPattern: &envoy_type_matcher_v3.ValueMatcher_StringMatch{
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Apr 17 20:06:41 UTC 2024 - 12.7K bytes - Viewed (0) -
pilot/pkg/networking/grpcgen/lds.go
wrappers "google.golang.org/protobuf/types/known/wrapperspb" "istio.io/api/label" "istio.io/istio/pilot/pkg/model" "istio.io/istio/pilot/pkg/networking/util" "istio.io/istio/pilot/pkg/security/authn" authzmodel "istio.io/istio/pilot/pkg/security/authz/model" "istio.io/istio/pilot/pkg/util/protoconv" xdsfilters "istio.io/istio/pilot/pkg/xds/filters" "istio.io/istio/pkg/istio-agent/grpcxds" "istio.io/istio/pkg/util/sets" )
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Apr 17 22:20:44 UTC 2024 - 14.6K bytes - Viewed (0)