Search Options

Results per page
Sort
Preferred Languages
Advance

Results 1 - 10 of 14 for rbacapi (0.27 sec)

  2. github.com/kubernetes/kubernetes

    pkg/apis/rbac/v1alpha1/conversion_test.go 

    				Subjects: []v1alpha1.Subject{{Kind: "User", APIVersion: v1alpha1.SchemeGroupVersion.String(), Name: "bob"}},
			},
			expected: &rbacapi.RoleBinding{
				RoleRef:  rbacapi.RoleRef{Name: "foo", APIGroup: v1alpha1.GroupName},
				Subjects: []rbacapi.Subject{{Kind: "User", APIGroup: v1alpha1.GroupName, Name: "bob"}},
			},
		},
		"wildcard user matches authenticated": {
			old: &v1alpha1.RoleBinding{
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Wed Oct 18 15:23:55 UTC 2017
    - 4K bytes
    - Viewed (0)
  3. github.com/istio/istio

    pilot/pkg/security/authz/builder/builder.go 

    	"istio.io/istio/pkg/wellknown"
)

var rbacPolicyMatchNever = &rbacpb.Policy{
	Permissions: []*rbacpb.Permission{{Rule: &rbacpb.Permission_NotRule{
		NotRule: &rbacpb.Permission{Rule: &rbacpb.Permission_Any{Any: true}},
	}}},
	Principals: []*rbacpb.Principal{{Identifier: &rbacpb.Principal_NotId{
		NotId: &rbacpb.Principal{Identifier: &rbacpb.Principal_Any{Any: true}},
	}}},
}

// General setting to control behavior
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Mon Nov 20 22:15:12 UTC 2023
    - 12.6K bytes
    - Viewed (0)
  4. github.com/istio/istio

    pilot/pkg/security/authz/model/principal.go 

    	return &rbacpb.Principal{
		Identifier: &rbacpb.Principal_OrIds{
			OrIds: &rbacpb.Principal_Set{
				Ids: principals,
			},
		},
	}
}

func principalAnd(principals []*rbacpb.Principal) *rbacpb.Principal {
	return &rbacpb.Principal{
		Identifier: &rbacpb.Principal_AndIds{
			AndIds: &rbacpb.Principal_Set{
				Ids: principals,
			},
		},
	}
}
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Thu Nov 17 18:44:57 UTC 2022
    - 2.8K bytes
    - Viewed (0)
  5. github.com/kubernetes/kubernetes

    pkg/registry/rbac/rest/storage_rbac.go 

    	}
	return PostStartHookName, policy.EnsureRBACPolicy(), nil
}

type PolicyData struct {
	ClusterRoles        []rbacapiv1.ClusterRole
	ClusterRoleBindings []rbacapiv1.ClusterRoleBinding
	Roles               map[string][]rbacapiv1.Role
	RoleBindings        map[string][]rbacapiv1.RoleBinding
	// ClusterRolesToAggregate maps from previous clusterrole name to the new clusterrole name
	ClusterRolesToAggregate map[string]string
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Thu Jul 14 03:25:19 UTC 2022
    - 18.5K bytes
    - Viewed (0)
  6. github.com/istio/istio

    pilot/pkg/security/authz/model/permission.go 

    	return &rbacpb.Permission{
		Rule: &rbacpb.Permission_OrRules{
			OrRules: &rbacpb.Permission_Set{
				Rules: permission,
			},
		},
	}
}

func permissionNot(permission *rbacpb.Permission) *rbacpb.Permission {
	return &rbacpb.Permission{
		Rule: &rbacpb.Permission_NotRule{
			NotRule: permission,
		},
	}
}
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Sat Apr 20 01:58:53 UTC 2024
    - 3K bytes
    - Viewed (0)
  7. github.com/istio/istio

    pilot/pkg/security/authz/model/model_test.go 

    							},
						},
					},
				},
				{
					Identifier: &rbacpb.Principal_NotId{
						NotId: &rbacpb.Principal{
							Identifier: &rbacpb.Principal_OrIds{
								OrIds: &rbacpb.Principal_Set{
									Ids: []*rbacpb.Principal{
										{
											Identifier: &rbacpb.Principal_Authenticated_{
												Authenticated: &rbacpb.Principal_Authenticated{
													PrincipalName: &matcherv3.StringMatcher{
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Mon Nov 20 22:15:12 UTC 2023
    - 10K bytes
    - Viewed (0)
  8. github.com/istio/istio

    pilot/pkg/security/authz/model/generator.go 

    type generator interface {
	permission(key, value string, forTCP bool) (*rbacpb.Permission, error)
	principal(key, value string, forTCP bool, useAuthenticated bool) (*rbacpb.Principal, error)
}

type extendedGenerator interface {
	extendedPermission(key string, value []string, forTCP bool) (*rbacpb.Permission, error)
	extendedPrincipal(key string, value []string, forTCP bool) (*rbacpb.Principal, error)
}

type destIPGenerator struct{}
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Fri May 03 18:02:42 UTC 2024
    - 14.1K bytes
    - Viewed (0)
  9. github.com/istio/istio

    pilot/pkg/security/authz/model/model.go 

    	var permissions []*rbacpb.Permission
	if r.extended != nil {
		if len(r.values) > 0 {
			p, err := r.extended.extendedPermission(r.key, r.values, forTCP)
			if err := r.checkError(action, err); err != nil {
				return nil, err
			}
			if p != nil {
				permissions = append(permissions, p)
			}
		}
	} else {
		var or []*rbacpb.Permission
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Mon Mar 25 10:39:25 UTC 2024
    - 13.8K bytes
    - Viewed (0)
  10. github.com/istio/istio

    pkg/kube/kubetypes/types.go 

    type WriteStatusAPI[T runtime.Object] interface {
	UpdateStatus(ctx context.Context, object T, opts metav1.UpdateOptions) (T, error)
}

// ReadAPI exposes a generic API for a client go type for read operations.
type ReadAPI[T runtime.Object, TL runtime.Object] interface {
	Get(ctx context.Context, name string, opts metav1.GetOptions) (T, error)
	List(ctx context.Context, opts metav1.ListOptions) (TL, error)
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Wed Feb 28 16:41:38 UTC 2024
    - 6.1K bytes
    - Viewed (0)
  11. github.com/istio/istio

    istioctl/pkg/authz/listener.go 

    					addPolicy(action, anonymousName, "0")
				}
			}
		}
	}

	buf := strings.Builder{}
	buf.WriteString("ACTION\tAuthorizationPolicy\tRULES\n")
	for _, action := range []rbacpb.RBAC_Action{rbacpb.RBAC_DENY, rbacpb.RBAC_ALLOW, rbacpb.RBAC_LOG} {
		if names, ok := actionToPolicy[action]; ok {
			sortedNames := make([]string, 0, len(names))
			for name := range names {
				sortedNames = append(sortedNames, name)
			}
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Mon Sep 11 15:29:30 UTC 2023
    - 6K bytes
    - Viewed (0)
Back to top