Search Options

Results per page
Sort
Preferred Languages
Advance

Results 51 - 60 of 131 for authorizationpolicy (0.29 sec)

  2. github.com/istio/istio

    tests/integration/security/policy_attachment_only/testdata/authz/gateway-authz.yaml.tmpl 

      jwtRules:
  - issuer: "******@****.***"
    jwksUri: "https://raw.githubusercontent.com/istio/istio/master/tests/common/jwt/jwks.json"
--- 
apiVersion: security.istio.io/v1beta1
kind: AuthorizationPolicy
metadata:
  name: authz-gateway-{{ .To.ServiceName }}
spec:
  targetRef:
    name: {{ .To.ServiceName }}-gateway
    kind: Gateway
    group: gateway.networking.k8s.io
  action: ALLOW
  rules:
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Tue Oct 24 19:50:43 UTC 2023
    - 847 bytes
    - Viewed (0)
  3. github.com/istio/istio

    tests/integration/security/testdata/authz/workload-ns.yaml.tmpl 

    # The following policy selects all workloads in namespace 1

apiVersion: security.istio.io/v1beta1
kind: AuthorizationPolicy
metadata:
  name: policy-{{ .Namespace.Prefix }}-all
spec:
  rules:
    - to:
        - operation:
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Mon May 08 07:03:01 UTC 2023
    - 283 bytes
    - Viewed (0)
  4. github.com/istio/istio

    releasenotes/notes/16585.yaml 

    kind: feature
area: security
issue:
  - 16585

# releaseNotes is a markdown listing of any user facing changes. This will appear in the
# release notes.
releaseNotes:
- |
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Sat Apr 20 01:58:53 UTC 2024
    - 406 bytes
    - Viewed (0)
  5. github.com/istio/istio

    tests/integration/security/testdata/requestauthn/headers-params.yaml.tmpl 

          prefix: "Token "
    fromParams:
    - "token"
    - "secondary_token"
---
# The following policy enables authorization on workload dst.
apiVersion: security.istio.io/v1beta1
kind: AuthorizationPolicy
metadata:
  name: {{ .To.ServiceName }}
spec:
  selector:
    matchLabels:
      app: {{ .To.ServiceName }}
  rules:
  - to:
    - operation:
        methods: ["GET"]
    from:
    - source:
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Mon May 08 07:03:01 UTC 2023
    - 867 bytes
    - Viewed (0)
  6. github.com/istio/istio

    tests/integration/security/testdata/authz/allow-namespace.yaml.tmpl 

    apiVersion: security.istio.io/v1beta1
kind: AuthorizationPolicy
metadata:
  name: {{ .To.ServiceName }}
spec:
  selector:
    matchLabels:
      "app": "{{ .To.ServiceName }}"
  action: ALLOW
  rules:
    - to:
        - operation: # HTTP
            ports: [ "{{ (.To.PortForName `http`).WorkloadPort }}", "{{ (.To.PortForName `http2`).WorkloadPort }}" ]
            paths: [ "/allow" ]
            methods: [ "GET" ]
      from:
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Mon May 08 07:03:01 UTC 2023
    - 983 bytes
    - Viewed (0)
  7. github.com/istio/istio

    tests/integration/security/testdata/authz/workload-system-ns.yaml.tmpl 

    # The following policy selects workloads for the service in all namespaces

apiVersion: security.istio.io/v1beta1
kind: AuthorizationPolicy
metadata:
  name: policy-system-{{ .To.ServiceName }}
spec:
  selector:
    matchLabels:
      "app": "{{ .To.ServiceName }}"
  rules:
  - to:
    - operation:
        paths: ["/policy-system-{{ .To.ServiceName }}"]
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Mon May 08 07:03:01 UTC 2023
    - 360 bytes
    - Viewed (0)
  8. github.com/istio/istio

    tests/integration/security/testdata/authz/deny-namespace.yaml.tmpl 

    apiVersion: security.istio.io/v1beta1
kind: AuthorizationPolicy
metadata:
  name: {{ .To.ServiceName }}
spec:
  selector:
    matchLabels:
      "app": "{{ .To.ServiceName }}"
  action: DENY
  rules:
    - to:
        - operation: # HTTP
            ports: [ "{{ (.To.PortForName `http`).WorkloadPort }}", "{{ (.To.PortForName `http2`).WorkloadPort }}" ]
            paths: [ "/deny*" ]
            notPaths: ["/deny/allow"]
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Mon May 08 07:03:01 UTC 2023
    - 1017 bytes
    - Viewed (0)
  9. github.com/istio/istio

    pkg/config/analysis/analyzers/k8sgateway/workloadselector.go 

    	"istio.io/istio/pkg/config/schema/gvk"
	"istio.io/istio/pkg/maps"
)

var _ analysis.Analyzer = &SelectorAnalyzer{}

type SelectorAnalyzer struct{}

var policyGVKs = []config.GroupVersionKind{
	gvk.AuthorizationPolicy,
	gvk.RequestAuthentication,
	gvk.Telemetry,
	gvk.WasmPlugin,
}

type policy interface {
	GetSelector() *typev1beta1.WorkloadSelector
	GetTargetRef() *typev1beta1.PolicyTargetReference
}
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Fri Dec 15 01:19:33 UTC 2023
    - 2.8K bytes
    - Viewed (0)
  10. github.com/istio/istio

    pilot/pkg/security/authz/builder/testdata/http/allow-host-before-111-in.yaml 

    apiVersion: security.istio.io/v1beta1
kind: AuthorizationPolicy
metadata:
  name: httpbin-1
  namespace: foo
spec:
  selector:
    matchLabels:
      app: httpbin
      version: v1
  rules:
    - to:
        - operation:
            hosts: ["example.com", "prefix.example.*", "*.example.com", "*"]
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Fri Sep 10 17:02:56 UTC 2021
    - 390 bytes
    - Viewed (0)
  11. github.com/istio/istio

    pilot/pkg/security/authz/builder/testdata/http/simple-policy-principal-with-wildcard-in.yaml 

    apiVersion: security.istio.io/v1beta1
kind: AuthorizationPolicy
metadata:
  name: httpbin
  namespace: foo
spec:
  selector:
    matchLabels:
      app: httpbin
      version: v1
  rules:
    - from:
        - source:
            principals: ["*"]
        - source:
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Thu Apr 01 19:25:01 UTC 2021
    - 381 bytes
    - Viewed (0)
Back to top