- Sort Score
- Result 10 results
- Languages All
Results 21 - 30 of 77 for Authz (0.04 sec)
-
istioctl/pkg/authz/analyzer_test.go
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. package authz import ( "bytes" "reflect" "testing" envoy_admin "github.com/envoyproxy/go-control-plane/envoy/admin/v3" "google.golang.org/protobuf/types/known/anypb"
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Sun Apr 21 17:42:54 UTC 2024 - 2.8K bytes - Viewed (0) -
pkg/test/framework/components/echo/kube/templates/vm_deployment.yaml
- mountPath: /etc/istio-custom-bootstrap name: custom-bootstrap-volume {{- end }} {{- end }} {{- if $.IncludeExtAuthz }} - name: ext-authz image: {{ $.ImageHub }}/ext-authz:{{ $.ImageTag }} imagePullPolicy: {{ $.ImagePullPolicy }} ports: - containerPort: 8000 - containerPort: 9000 {{- end }} volumes: - emptyDir: {}
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Fri May 03 19:29:42 UTC 2024 - 8K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/pkg/cel/environment/environment_test.go
"[1, 2, 3].indexOf(2) == 1", // lists "'abc'.contains('bc')", //strings "isURL('http://example.com')", // urls "'a 1 b 2'.find('[0-9]') == '1'", // regex }, }, { name: "authz disabled", typeVersionCombinations: []envTypeAndVersion{ {version.MajorMinor(1, 26), NewExpressions}, // always enabled for StoredExpressions },
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Fri May 10 22:07:40 UTC 2024 - 10K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/pkg/server/options/feature.go
"Enable block profiling, if profiling is enabled") fs.StringVar(&o.DebugSocketPath, "debug-socket-path", o.DebugSocketPath, "Use an unprotected (no authn/authz) unix-domain socket for profiling with the given path") fs.BoolVar(&o.EnablePriorityAndFairness, "enable-priority-and-fairness", o.EnablePriorityAndFairness, ""+
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Mon Apr 22 18:51:27 UTC 2024 - 3K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/plugin/pkg/authorizer/webhook/webhook_v1_test.go
server: https://authz.example.com name: foobar users: - name: a cluster user: client-certificate: {{ .Cert }} client-key: {{ .Key }} `, wantErr: true, }, { msg: "multiple clusters with no context", configTmpl: ` clusters: - cluster: certificate-authority: {{ .CA }} server: https://authz.example.com name: foobar - cluster:
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Wed Apr 24 18:25:29 UTC 2024 - 43.2K bytes - Viewed (0) -
cmd/globals.go
func setGlobalAuthNPlugin(authn *idplugin.AuthNPlugin) { globalAuthPluginMutex.Lock() globalAuthNPlugin = authn globalAuthPluginMutex.Unlock() } func setGlobalAuthZPlugin(authz *polplugin.AuthZPlugin) { globalAuthPluginMutex.Lock() globalAuthZPlugin = authz globalAuthPluginMutex.Unlock() }
Registered: Sun Jun 16 00:44:34 UTC 2024 - Last Modified: Thu May 30 11:58:12 UTC 2024 - 16.4K bytes - Viewed (0) -
CODEOWNERS
/pilot/pkg/config/ @istio/wg-networking-maintainers /pilot/pkg/networking/plugin/authn/ @istio/wg-security-maintainers /pilot/pkg/networking/plugin/authz/ @istio/wg-security-maintainers /pilot/pkg/serviceregistry/ @istio/wg-networking-maintainers-pilot
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Apr 22 19:22:33 UTC 2024 - 7.2K bytes - Viewed (0) -
cluster/gce/gci/configure-kubeapiserver.sh
# Create the ABAC file if it doesn't exist yet, or if we have a KUBE_USER set (to ensure the right user is given permissions) if [[ -n "${KUBE_USER:-}" || ! -e /etc/srv/kubernetes/abac-authz-policy.jsonl ]]; then local -r abac_policy_json="${src_dir}/abac-authz-policy.jsonl" if [[ -n "${KUBE_USER:-}" ]]; then sed -i -e "s/{{kube_user}}/${KUBE_USER}/g" "${abac_policy_json}" else
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Fri Jun 07 11:08:30 UTC 2024 - 25.8K bytes - Viewed (0) -
pilot/pkg/networking/core/listener_inbound.go
TrafficDirection: core.TrafficDirection_INBOUND, ContinueOnListenerFiltersTimeout: true, } // Flush authz cache since we need filter state for the principal. oldBuilder := lb.authzBuilder lb.authzBuilder = authz.NewBuilder(authz.Local, lb.push, lb.node, true) inboundChainConfigs := lb.buildInboundChainConfigs() for _, cc := range inboundChainConfigs { cc.hbone = true
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Jun 13 01:56:28 UTC 2024 - 35.1K bytes - Viewed (0) -
pilot/pkg/networking/core/extension/wasmplugin.go
Ads: &core.AggregatedConfigSource{}, }, ResourceApiVersion: core.ApiVersion_V3, // we block proxy init until WasmPlugins are loaded because they might be // critical for security (e.g. authn/authz) InitialFetchTimeout: &durationpb.Duration{Seconds: 0}, } // PopAppendHTTP takes a list of filters and a set of WASM plugins, keyed by phase. It will remove all
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed May 15 09:02:11 UTC 2024 - 5.4K bytes - Viewed (0)