- Sort Score
- Result 10 results
- Languages All
Results 11 - 20 of 68 for PERMISSIVE (0.13 sec)
-
architecture/ambient/peer-authentication.md
```yaml apiVersion: security.istio.io/v1beta1 kind: PeerAuthentication metadata: name: strict-and-permissive-mtls spec: selector: matchLabels: app: a mtls: mode: STRICT portLevelMtls: 9090: mode: PERMISSIVE ``` will be translated into this `Authorization`: ```yaml action: DENY groups: - rules: - matches:
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Aug 09 22:09:18 UTC 2023 - 3.9K bytes - Viewed (0) -
tests/integration/security/pass_through_filter_chain_test.go
}, }, { // There is only authN policy that enables mTLS (Permissive). // The request should be allowed because the client is always using plain text. name: "PERMISSIVE", config: `apiVersion: security.istio.io/v1beta1 kind: PeerAuthentication metadata: name: mtls spec: mtls: mode: PERMISSIVE`, expected: []expect{ {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Apr 08 22:02:59 UTC 2024 - 11.9K bytes - Viewed (0) -
tests/integration/security/testdata/authz/plaintext.yaml.tmpl
# This configures all services within the namespace to use mTLS with permissive mode (allowing plaintext). apiVersion: security.istio.io/v1beta1 kind: PeerAuthentication metadata: name: ns-default namespace: {{ .To.NamespaceName }} spec: mtls: mode: PERMISSIVE --- # This configures requests to any service in the namespace to use mTLS. apiVersion: networking.istio.io/v1beta1 kind: DestinationRule metadata:
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon May 08 07:03:01 UTC 2023 - 1.3K bytes - Viewed (0) -
pkg/test/framework/features/allowlist.txt
security,TestReachability/beta-mtls-permissive/a->ws://b:http security,TestReachability/beta-mtls-permissive/a->ws://headless:http security,TestReachability/beta-mtls-permissive/a->ws://multiversion:http security,TestReachability/beta-mtls-permissive/b->grpc://a:grpc security,TestReachability/beta-mtls-permissive/b->grpc://b:grpc security,TestReachability/beta-mtls-permissive/b->grpc://headless:grpc
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Tue Oct 18 18:03:23 UTC 2022 - 103.9K bytes - Viewed (0) -
pkg/test/datasets/validation/dataset/security-v1-PeerAuthentication.yaml
apiVersion: security.istio.io/v1 kind: PeerAuthentication metadata: name: valid-peer-authentication spec: selector: matchLabels: app: httpbin version: v1 mtls: mode: PERMISSIVE portLevelMtls: 8080:
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Apr 01 14:30:12 UTC 2024 - 249 bytes - Viewed (0) -
pilot/pkg/networking/core/sidecar_simulation_test.go
calls: calls, }) }) t.Run("Permissive", func(t *testing.T) { calls := []simulation.Expect{} for _, c := range cases { calls = append(calls, simulation.Expect{ Name: c.Name, Call: c.Call, Result: c.Permissive, }) } runSimulationTest(t, nil, xds.FakeOptions{}, simulationTest{ config: svc + mtlsMode("PERMISSIVE"), calls: calls, }) })
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Jun 13 01:56:28 UTC 2024 - 84.7K bytes - Viewed (0) -
pkg/test/datasets/validation/dataset/security-v1beta1-PeerAuthentication.yaml
apiVersion: security.istio.io/v1beta1 kind: PeerAuthentication metadata: name: valid-peer-authentication spec: selector: matchLabels: app: httpbin version: v1 mtls: mode: PERMISSIVE portLevelMtls: 8080:
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Tue Oct 17 07:02:38 UTC 2023 - 254 bytes - Viewed (0) -
pilot/pkg/networking/core/peer_authentication_simulation_test.go
mode: DISABLE ---` paPermissive := ` apiVersion: security.istio.io/v1beta1 kind: PeerAuthentication metadata: name: default spec: selector: matchLabels: app: foo mtls: mode: PERMISSIVE ---` paStrictWithDisableOnPort9000 := ` apiVersion: security.istio.io/v1beta1 kind: PeerAuthentication metadata: name: default spec: selector: matchLabels: app: foo mtls:
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Jun 13 01:56:28 UTC 2024 - 16.2K bytes - Viewed (0) -
pilot/pkg/model/authentication.go
MTLSUnknown MutualTLSMode = iota // MTLSDisable if authentication policy disable mTLS. MTLSDisable // MTLSPermissive if authentication policy enable mTLS in permissive mode. MTLSPermissive // MTLSStrict if authentication policy enable mTLS in strict mode. MTLSStrict ) // In Ambient, we convert k8s PeerAuthentication resources to the same type as AuthorizationPolicies
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Apr 17 22:20:44 UTC 2024 - 10.1K bytes - Viewed (0) -
pilot/pkg/networking/grpcgen/lds.go
// replacement for permissive. mode = model.MTLSDisable } var out []*listener.FilterChain switch mode { case model.MTLSDisable: out = append(out, buildInboundFilterChain(node, push, "plaintext", nil)) case model.MTLSStrict: out = append(out, buildInboundFilterChain(node, push, "mtls", tlsContext))
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Apr 17 22:20:44 UTC 2024 - 14.6K bytes - Viewed (0)