- Sort Score
- Result 10 results
- Languages All
Results 11 - 20 of 26 for authorizationpolicies (0.29 sec)
-
pilot/pkg/model/authentication.go
MTLSPermissive // MTLSStrict if authentication policy enable mTLS in strict mode. MTLSStrict ) // In Ambient, we convert k8s PeerAuthentication resources to the same type as AuthorizationPolicies // To prevent conflicts in xDS, we add this prefix to the converted PeerAuthentication resources. const convertedPeerAuthenticationPrefix = "converted_peer_authentication_" // use '_' character since those are illegal in k8s names
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Apr 17 22:20:44 UTC 2024 - 10.1K bytes - Viewed (0) -
pilot/pkg/model/authorization_test.go
t.Errorf("wantCustom:%v\n but got: %v\n", tc.wantCustom, result.Custom) } }) } } func createFakeAuthorizationPolicies(configs []config.Config) *AuthorizationPolicies { store := &authzFakeStore{} for _, cfg := range configs { store.add(cfg) } environment := &Environment{ ConfigStore: store,
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Apr 17 22:20:44 UTC 2024 - 12.7K bytes - Viewed (0) -
pilot/pkg/config/kube/crdclient/types.gen.go
) func create(c kube.Client, cfg config.Config, objMeta metav1.ObjectMeta) (metav1.Object, error) { switch cfg.GroupVersionKind { case gvk.AuthorizationPolicy: return c.Istio().SecurityV1beta1().AuthorizationPolicies(cfg.Namespace).Create(context.TODO(), &apiistioioapisecurityv1beta1.AuthorizationPolicy{ ObjectMeta: objMeta, Spec: *(cfg.Spec.(*istioioapisecurityv1beta1.AuthorizationPolicy)), }, metav1.CreateOptions{})
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Fri Apr 12 17:37:32 UTC 2024 - 62.2K bytes - Viewed (0) -
pkg/config/schema/collections/collections.agent.gen.go
) var ( AuthorizationPolicy = resource.Builder{ Identifier: "AuthorizationPolicy", Group: "security.istio.io", Kind: "AuthorizationPolicy", Plural: "authorizationpolicies", Version: "v1beta1", VersionAliases: []string{ "v1", }, Proto: "istio.security.v1beta1.AuthorizationPolicy", StatusProto: "istio.meta.v1alpha1.IstioStatus",
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Apr 25 14:44:17 UTC 2024 - 12.9K bytes - Viewed (0) -
pilot/pkg/networking/core/networkfilter_test.go
t.Fatalf("Unexpected SourceIp hash policy. expected: %v, got: %v", tt.useSourceIP, hasSourceIP) } }) } } func getAuthorizationPolicies() *model.AuthorizationPolicies { return &model.AuthorizationPolicies{ NamespaceToPolicies: map[string][]model.AuthorizationPolicy{ "foo": { { Name: "httpbin-deny", Namespace: "foo", Spec: &v1beta1.AuthorizationPolicy{
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Apr 17 22:20:44 UTC 2024 - 25.8K bytes - Viewed (0) -
pkg/config/schema/metadata.yaml
group: "" version: "v1alpha1" proto: "istio.mesh.v1alpha1.MeshNetworks" protoPackage: "istio.io/api/mesh/v1alpha1" synthetic: true - kind: AuthorizationPolicy plural: "authorizationpolicies" group: "security.istio.io" version: "v1beta1" versionAliases: - "v1" proto: "istio.security.v1beta1.AuthorizationPolicy" protoPackage: "istio.io/api/security/v1beta1"
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Fri Apr 12 17:37:32 UTC 2024 - 13.2K bytes - Viewed (0) -
pilot/pkg/serviceregistry/kube/controller/ambient/authorization.go
) func (a *index) Policies(requested sets.Set[model.ConfigKey]) []model.WorkloadAuthorization { // TODO: use many Gets instead of List? cfgs := a.authorizationPolicies.List() l := len(cfgs) if len(requested) > 0 { l = len(requested) } res := make([]model.WorkloadAuthorization, 0, l) for _, cfg := range cfgs { k := model.ConfigKey{
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Apr 15 16:23:36 UTC 2024 - 18.4K bytes - Viewed (0) -
pkg/config/analysis/analyzers/analyzers_test.go
{msg.UnknownMeshNetworksServiceRegistry, "MeshNetworks istio-system/meshnetworks"}, }, }, { name: "authorizationpolicies", inputFiles: []string{ "testdata/authorizationpolicies.yaml", }, analyzer: &authz.AuthorizationPoliciesAnalyzer{}, expected: []message{ {msg.NoMatchingWorkloadsFound, "AuthorizationPolicy istio-system/meshwide-httpbin-v1"},
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Fri Jun 14 07:22:31 UTC 2024 - 42.6K bytes - Viewed (0) -
pilot/pkg/serviceregistry/kube/controller/ambient/workloads_test.go
CanonicalRevision: "latest", WorkloadType: workloadapi.WorkloadType_POD, WorkloadName: "name", Status: workloadapi.WorkloadStatus_HEALTHY, ClusterId: testC, AuthorizationPolicies: []string{ "istio-system/root-ns", "ns/local-ns", }, }, }, } for _, tt := range cases { t.Run(tt.name, func(t *testing.T) { mock := krttest.NewMock(t, tt.inputs)
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Jun 13 16:51:29 UTC 2024 - 20.3K bytes - Viewed (0) -
pkg/workloadapi/workload.pb.go
// are returned out of band. // Authorization policies are only valid for workloads with `addresses` rather than `hostname`. AuthorizationPolicies []string `protobuf:"bytes,16,rep,name=authorization_policies,json=authorizationPolicies,proto3" json:"authorization_policies,omitempty"` Status WorkloadStatus `protobuf:"varint,17,opt,name=status,proto3,enum=istio.workload.WorkloadStatus" json:"status,omitempty"`
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Jun 12 18:02:35 UTC 2024 - 65.9K bytes - Viewed (0)