- Sort Score
- Result 10 results
- Languages All
Results 1 - 10 of 58 for Authz (0.04 sec)
-
pilot/pkg/model/authorization_test.go
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Apr 17 22:20:44 UTC 2024 - 12.7K bytes - Viewed (0) -
pilot/pkg/networking/core/route/route_internal_test.go
"google.golang.org/protobuf/types/known/wrapperspb" networking "istio.io/api/networking/v1alpha3" "istio.io/istio/pilot/pkg/model" authzmatcher "istio.io/istio/pilot/pkg/security/authz/matcher" authz "istio.io/istio/pilot/pkg/security/authz/model" "istio.io/istio/pkg/config/labels" "istio.io/istio/pkg/util/sets" ) func TestIsCatchAllRoute(t *testing.T) { cases := []struct { name string route *route.Route
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Sat May 11 02:47:57 UTC 2024 - 18.2K bytes - Viewed (0) -
pilot/pkg/networking/core/listener_builder.go
authnBuilder *authn.Builder // authzBuilder provides access to authz configuration for the given proxy. authzBuilder *authz.Builder // authzCustomBuilder provides access to CUSTOM authz configuration for the given proxy. authzCustomBuilder *authz.Builder } // enabledInspector captures if for a given listener, listener filter inspectors are added type enabledInspector struct {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon May 06 04:44:06 UTC 2024 - 17.9K bytes - Viewed (0) -
tests/integration/security/pass_through_filter_chain_test.go
}, }, { // There is only authZ policy that allows access to TCPWorkloadOnly should be allowed. name: "DISABLE with authz", config: `apiVersion: security.istio.io/v1beta1 kind: PeerAuthentication metadata: name: mtls spec: mtls: mode: DISABLE --- apiVersion: security.istio.io/v1beta1 kind: AuthorizationPolicy metadata: name: authz spec: rules: - to: - operation:
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Apr 08 22:02:59 UTC 2024 - 11.9K bytes - Viewed (0) -
pilot/pkg/networking/core/networkfilter.go
authzBuilder := lb.authzBuilder if policySvc != nil { useFilterState := lb.node.Type == model.Waypoint authzBuilder = authz.NewBuilderForService(authz.Local, lb.push, lb.node, useFilterState, policySvc) authzCustomBuilder = authz.NewBuilderForService(authz.Custom, lb.push, lb.node, useFilterState, policySvc) } var filters []*listener.Filter
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Apr 17 22:20:44 UTC 2024 - 13.7K bytes - Viewed (0) -
plugin/pkg/auth/authorizer/node/node_authorizer_test.go
expect: authorizer.DecisionAllow, }, } for _, tc := range tests { t.Run(tc.name, func(t *testing.T) { if tc.features == nil { authz.features = utilfeature.DefaultFeatureGate } else { authz.features = tc.features } decision, _, _ := authz.Authorize(context.Background(), tc.attrs) if decision != tc.expect { t.Errorf("expected %v, got %v", tc.expect, decision) } }) } }
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Thu Mar 07 21:22:55 UTC 2024 - 40.5K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/plugin/pkg/authorizer/webhook/webhook_v1beta1_test.go
certificate-authority: {{ .CA }} server: https://authz.example.com name: foobar users: - name: a cluster user: client-certificate: {{ .Cert }} client-key: {{ .Key }} `, wantErr: true, }, { msg: "multiple clusters with no context", configTmpl: ` clusters: - cluster: certificate-authority: {{ .CA }} server: https://authz.example.com name: foobar - cluster:
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Fri Mar 01 22:41:27 UTC 2024 - 19.9K bytes - Viewed (0) -
istioctl/cmd/root.go
experimentalCmd.AddCommand(injector.Cmd(ctx)) rootCmd.AddCommand(mesh.NewVerifyCommand(ctx)) rootCmd.AddCommand(mesh.UninstallCmd(ctx)) experimentalCmd.AddCommand(authz.AuthZ(ctx)) rootCmd.AddCommand(seeExperimentalCmd("authz")) experimentalCmd.AddCommand(metrics.Cmd(ctx)) experimentalCmd.AddCommand(describe.Cmd(ctx)) experimentalCmd.AddCommand(wait.Cmd(ctx)) experimentalCmd.AddCommand(config.Cmd())
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Jun 06 15:59:33 UTC 2024 - 10K bytes - Viewed (0) -
pilot/pkg/security/authz/builder/builder_test.go
AuthzPolicies: yamlPolicy(t, basePath+input), Mesh: mc, } p.ServiceIndex.HostnameAndNamespace = map[host.Name]map[string]*model.Service{ "my-custom-ext-authz.foo.svc.cluster.local": { "foo": &model.Service{ Hostname: "my-custom-ext-authz.foo.svc.cluster.local", }, }, } return p } func node(version *model.IstioVersion) *model.Proxy { return &model.Proxy{
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Apr 17 22:20:44 UTC 2024 - 13.8K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/pkg/admission/plugin/policy/validating/dispatcher.go
"k8s.io/klog/v2" ) type dispatcher struct { matcher generic.PolicyMatcher authz authorizer.Authorizer } var _ generic.Dispatcher[PolicyHook] = &dispatcher{} func NewDispatcher( authorizer authorizer.Authorizer, matcher generic.PolicyMatcher, ) generic.Dispatcher[PolicyHook] { return &dispatcher{ matcher: matcher, authz: authorizer, } }
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Wed Mar 06 00:00:21 UTC 2024 - 14.4K bytes - Viewed (0)