Search Options

Results per page
Sort
Preferred Languages
Advance

Results 11 - 20 of 35 for requestPrincipals (0.28 sec)

  2. github.com/istio/istio

    pilot/pkg/serviceregistry/kube/controller/ambient/testdata/allow-groups-in.yaml 

    kind: AuthorizationPolicy
metadata:
  name: groups
spec:
  rules:
  # Has mix of L4 and L7 in from
  - from:
    - source:
        principals: ["from-mix-principal"]
        requestPrincipals: ["from-mix-requestPrincipals"]
        namespaces: ["from-mix-ns"]
    to:
    - operation:
        ports: ["80"]
  # Has mix of L4 and L7 in to
  - from:
    - source:
        principals: ["to-mix-principal"]
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Thu Feb 29 18:40:34 UTC 2024
    - 1.3K bytes
    - Viewed (0)
  3. github.com/istio/istio

    pilot/pkg/security/authz/builder/testdata/tcp/allow-both-http-tcp-in.yaml 

        - from:
        - source:
            requestPrincipals: ["id-1"]
      to:
        - operation:
            methods: ["GET"]
    - from:
        - source:
            namespaces: ["ns-1"]
      to:
        - operation:
            ports: ["8080"]
            methods: ["GET"]
    - from:
        - source:
            namespaces: ["ns-2"]
            requestPrincipals: ["id-2"]
      to:
        - operation:
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Fri Aug 12 19:47:37 UTC 2022
    - 706 bytes
    - Viewed (0)
  4. github.com/istio/istio

    tests/integration/security/testdata/requestauthn/global-jwt.yaml.tmpl 

            - "example.{{ $svc.ServiceName }}.com"
{{- end }}
    from:
    - source:
        requestPrincipals: ["******@****.***/sub-1"]
  - to:
    - operation:
        hosts:
  {{- range $svc := .Services }}
        - "any-request-principal-ok.{{ $svc.ServiceName }}.com"
  {{- end }}
    from:
    - source:
        requestPrincipals: ["*"]
  - to:
    - operation:
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Mon May 08 07:03:01 UTC 2023
    - 1K bytes
    - Viewed (0)
  5. github.com/istio/istio

    tests/integration/ambient/testdata/requestauthn/waypoint-jwt.yaml.tmpl 

    spec:
  targetRefs:
  - kind: Gateway
    group: gateway.networking.k8s.io
    name: waypoint
  rules:
  - from:
    - source:
        requestPrincipals: ["******@****.***/sub-1"]
    - source:
        requestPrincipals: ["******@****.***/sub-1"]
  - to:
    - operation:
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Mon Apr 15 16:23:36 UTC 2024
    - 1.3K bytes
    - Viewed (0)
  6. github.com/istio/istio

    tests/integration/security/testdata/requestauthn/authn-authz.yaml.tmpl 

    metadata:
  name: {{ .To.ServiceName }}
spec:
  selector:
    matchLabels:
      app: {{ .To.ServiceName }}
  rules:
  - to:
    - operation:
        methods: ["GET"]
    from:
    - source:
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Mon May 08 07:03:01 UTC 2023
    - 699 bytes
    - Viewed (0)
  7. github.com/istio/istio

    tests/integration/security/testdata/requestauthn/headers-params.yaml.tmpl 

    metadata:
  name: {{ .To.ServiceName }}
spec:
  selector:
    matchLabels:
      app: {{ .To.ServiceName }}
  rules:
  - to:
    - operation:
        methods: ["GET"]
    from:
    - source:
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Mon May 08 07:03:01 UTC 2023
    - 867 bytes
    - Viewed (0)
  8. github.com/istio/istio

    pilot/pkg/security/authz/builder/testdata/tcp/allow-only-http-in.yaml 

    apiVersion: security.istio.io/v1beta1
kind: AuthorizationPolicy
metadata:
  name: httpbin-deny
  namespace: foo
spec:
  action: ALLOW
  rules:
  - from:
    - source:
        requestPrincipals: ["id-1"]
    to:
    - operation:
        methods: ["GET"]
  - from:
    - source:
        namespaces: ["ns-1"]
    to:
    - operation:
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Thu Apr 01 19:25:01 UTC 2021
    - 362 bytes
    - Viewed (0)
  9. github.com/istio/istio

    pilot/pkg/security/authz/builder/testdata/http/multiple-policies-in.yaml 

    ---
apiVersion: security.istio.io/v1beta1
kind: AuthorizationPolicy
metadata:
  name: httpbin-6
  namespace: foo
spec:
  rules:
    - from:
        - source:
            requestPrincipals: ["requestPrincipals1", "requestPrincipals2"]
---
apiVersion: security.istio.io/v1beta1
kind: AuthorizationPolicy
metadata:
  name: httpbin-7
  namespace: foo
spec:
  rules:
    - from:
        - source:
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Thu Apr 01 19:25:01 UTC 2021
    - 2K bytes
    - Viewed (0)
  10. github.com/istio/istio

    tests/integration/security/policy_attachment_only/testdata/authz/gateway-authz.yaml.tmpl 

      action: ALLOW
  rules:
  - to:
    - operation:
        hosts:
{{- range $svc := .Services }}
        - "example.{{ $svc.ServiceName }}.com"
{{- end }}
    from:
    - source:
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Tue Oct 24 19:50:43 UTC 2023
    - 847 bytes
    - Viewed (0)
  11. github.com/istio/istio

    pilot/pkg/security/authz/model/model_test.go 

    				}
			}
		})
	}
}

func TestModel_Generate(t *testing.T) {
	rule := yamlRule(t, `
from:
- source:
    requestPrincipals: ["td-1/ns/foo/sa/sleep-1"]
    notRequestPrincipals: ["td-1/ns/foo/sa/sleep-2"]
- source:
    requestPrincipals: ["td-1/ns/foo/sa/sleep-3"]
    notRequestPrincipals: ["td-1/ns/foo/sa/sleep-4"]
to:
- operation:
    ports: ["8001"]
    notPorts: ["8002"]
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Mon Nov 20 22:15:12 UTC 2023
    - 10K bytes
    - Viewed (0)
Back to top