- Sort Score
- Result 10 results
- Languages All
Results 1 - 10 of 321 for authZ (0.03 sec)
-
istioctl/pkg/authz/authz.go
Example: ` # Check AuthorizationPolicy applied to pod httpbin-88ddbcfdd-nt5jb: istioctl x authz check httpbin-88ddbcfdd-nt5jb # Check AuthorizationPolicy applied to one pod under a deployment istioctl x authz check deployment/productpage-v1 # Check AuthorizationPolicy from Envoy config dump file: istioctl x authz check -f httpbin_config_dump.json`, Args: func(cmd *cobra.Command, args []string) error {
Registered: Wed Nov 06 22:53:10 UTC 2024 - Last Modified: Sat Apr 13 05:23:38 UTC 2024 - 5K bytes - Viewed (0) -
istioctl/cmd/root.go
rootCmd.AddCommand(admin.Cmd(ctx)) experimentalCmd.AddCommand(injector.Cmd(ctx)) rootCmd.AddCommand(mesh.UninstallCmd(ctx)) experimentalCmd.AddCommand(authz.AuthZ(ctx)) rootCmd.AddCommand(seeExperimentalCmd("authz")) experimentalCmd.AddCommand(metrics.Cmd(ctx)) experimentalCmd.AddCommand(describe.Cmd(ctx)) experimentalCmd.AddCommand(config.Cmd()) experimentalCmd.AddCommand(workload.Cmd(ctx))
Registered: Wed Nov 06 22:53:10 UTC 2024 - Last Modified: Mon Aug 05 02:08:47 UTC 2024 - 9.6K bytes - Viewed (0) -
docs/iam/opa.md
``` ### 2. Create a sample OPA Policy In another terminal, create a policy that allows root user all access and for all other users denies `PutObject`: ```sh cat > example.rego <<EOF package httpapi.authz import input default allow = false # Allow the root user to perform any action. allow { input.owner == true } # All other users may do anything other than call PutObject allow {
Registered: Sun Nov 03 19:28:11 UTC 2024 - Last Modified: Sun Jul 17 15:43:14 UTC 2022 - 2.3K bytes - Viewed (0) -
internal/config/policy/plugin/config.go
} // Handle large OPA responses when OPA URL is of // form http://localhost:8181/v1/data/httpapi/authz type opaResultAllow struct { Result struct { Allow bool `json:"allow"` } `json:"result"` } // Handle simpler OPA responses when OPA URL is of // form http://localhost:8181/v1/data/httpapi/authz/allow type opaResult struct { Result bool `json:"result"` }
Registered: Sun Nov 03 19:28:11 UTC 2024 - Last Modified: Fri May 24 23:05:23 UTC 2024 - 5.8K bytes - Viewed (0) -
cmd/globals.go
return globalAuthZPlugin } func setGlobalAuthNPlugin(authn *idplugin.AuthNPlugin) { globalAuthPluginMutex.Lock() globalAuthNPlugin = authn globalAuthPluginMutex.Unlock() } func setGlobalAuthZPlugin(authz *polplugin.AuthZPlugin) { globalAuthPluginMutex.Lock() globalAuthZPlugin = authz globalAuthPluginMutex.Unlock() }
Registered: Sun Nov 03 19:28:11 UTC 2024 - Last Modified: Tue Sep 03 18:23:41 UTC 2024 - 16.2K bytes - Viewed (0) -
internal/config/policy/opa/config.go
} // Handle large OPA responses when OPA URL is of // form http://localhost:8181/v1/data/httpapi/authz type opaResultAllow struct { Result struct { Allow bool `json:"allow"` } `json:"result"` } // Handle simpler OPA responses when OPA URL is of // form http://localhost:8181/v1/data/httpapi/authz/allow type opaResult struct { Result bool `json:"result"` }
Registered: Sun Nov 03 19:28:11 UTC 2024 - Last Modified: Wed Jul 10 20:16:44 UTC 2024 - 5.3K bytes - Viewed (0) -
internal/config/policy/opa/help.go
return config.DefaultHelpPostfix(DefaultKVS, key) } Help = config.HelpKVS{ config.HelpKV{ Key: URL, Description: `[DEPRECATED] OPA HTTP(s) endpoint e.g. "http://localhost:8181/v1/data/httpapi/authz/allow"` + defaultHelpPostfix(URL), Type: "url", Sensitive: true, }, config.HelpKV{ Key: AuthToken,
Registered: Sun Nov 03 19:28:11 UTC 2024 - Last Modified: Fri Jun 23 14:45:27 UTC 2023 - 1.6K bytes - Viewed (0) -
istioctl/pkg/authz/analyzer.go
// limitations under the License. // The auth package provides support for checking the authentication and authorization policy applied // in the mesh. It aims to increase the debuggability and observability of auth policies. // Note: this is still under active development and is not ready for real use. package authz import ( "fmt" "io"
Registered: Wed Nov 06 22:53:10 UTC 2024 - Last Modified: Wed Jul 13 01:59:17 UTC 2022 - 2.1K bytes - Viewed (0) -
istioctl/pkg/authz/authz_test.go
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. package authz import ( "fmt" "strings" "testing" "istio.io/istio/istioctl/pkg/cli" "istio.io/istio/istioctl/pkg/util/testutil" ) func TestAuthz(t *testing.T) { cases := []testutil.TestCase{ {
Registered: Wed Nov 06 22:53:10 UTC 2024 - Last Modified: Wed Jun 21 14:20:23 UTC 2023 - 1.4K bytes - Viewed (0) -
internal/config/policy/plugin/help.go
return config.DefaultHelpPostfix(DefaultKVS, key) } Help = config.HelpKVS{ config.HelpKV{ Key: URL, Description: `plugin hook endpoint (HTTP(S)) e.g. "http://localhost:8181/v1/data/httpapi/authz/allow"` + defaultHelpPostfix(URL), Type: "url", Sensitive: true, }, config.HelpKV{ Key: AuthToken,
Registered: Sun Nov 03 19:28:11 UTC 2024 - Last Modified: Fri Jun 23 14:45:27 UTC 2023 - 1.8K bytes - Viewed (0)