- Sort Score
- Result 10 results
- Languages All
Results 51 - 60 of 131 for authorizationpolicy (0.29 sec)
-
tests/integration/security/policy_attachment_only/testdata/authz/gateway-authz.yaml.tmpl
jwtRules: - issuer: "******@****.***" jwksUri: "https://raw.githubusercontent.com/istio/istio/master/tests/common/jwt/jwks.json" --- apiVersion: security.istio.io/v1beta1 kind: AuthorizationPolicy metadata: name: authz-gateway-{{ .To.ServiceName }} spec: targetRef: name: {{ .To.ServiceName }}-gateway kind: Gateway group: gateway.networking.k8s.io action: ALLOW rules:
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Tue Oct 24 19:50:43 UTC 2023 - 847 bytes - Viewed (0) -
tests/integration/security/testdata/authz/workload-ns.yaml.tmpl
# The following policy selects all workloads in namespace 1 apiVersion: security.istio.io/v1beta1 kind: AuthorizationPolicy metadata: name: policy-{{ .Namespace.Prefix }}-all spec: rules: - to: - operation:
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon May 08 07:03:01 UTC 2023 - 283 bytes - Viewed (0) -
releasenotes/notes/16585.yaml
kind: feature area: security issue: - 16585 # releaseNotes is a markdown listing of any user facing changes. This will appear in the # release notes. releaseNotes: - |
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Sat Apr 20 01:58:53 UTC 2024 - 406 bytes - Viewed (0) -
tests/integration/security/testdata/requestauthn/headers-params.yaml.tmpl
prefix: "Token " fromParams: - "token" - "secondary_token" --- # The following policy enables authorization on workload dst. apiVersion: security.istio.io/v1beta1 kind: AuthorizationPolicy metadata: name: {{ .To.ServiceName }} spec: selector: matchLabels: app: {{ .To.ServiceName }} rules: - to: - operation: methods: ["GET"] from: - source:
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon May 08 07:03:01 UTC 2023 - 867 bytes - Viewed (0) -
tests/integration/security/testdata/authz/allow-namespace.yaml.tmpl
apiVersion: security.istio.io/v1beta1 kind: AuthorizationPolicy metadata: name: {{ .To.ServiceName }} spec: selector: matchLabels: "app": "{{ .To.ServiceName }}" action: ALLOW rules: - to: - operation: # HTTP ports: [ "{{ (.To.PortForName `http`).WorkloadPort }}", "{{ (.To.PortForName `http2`).WorkloadPort }}" ] paths: [ "/allow" ] methods: [ "GET" ] from:
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon May 08 07:03:01 UTC 2023 - 983 bytes - Viewed (0) -
tests/integration/security/testdata/authz/workload-system-ns.yaml.tmpl
# The following policy selects workloads for the service in all namespaces apiVersion: security.istio.io/v1beta1 kind: AuthorizationPolicy metadata: name: policy-system-{{ .To.ServiceName }} spec: selector: matchLabels: "app": "{{ .To.ServiceName }}" rules: - to: - operation: paths: ["/policy-system-{{ .To.ServiceName }}"]
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon May 08 07:03:01 UTC 2023 - 360 bytes - Viewed (0) -
tests/integration/security/testdata/authz/deny-namespace.yaml.tmpl
apiVersion: security.istio.io/v1beta1 kind: AuthorizationPolicy metadata: name: {{ .To.ServiceName }} spec: selector: matchLabels: "app": "{{ .To.ServiceName }}" action: DENY rules: - to: - operation: # HTTP ports: [ "{{ (.To.PortForName `http`).WorkloadPort }}", "{{ (.To.PortForName `http2`).WorkloadPort }}" ] paths: [ "/deny*" ] notPaths: ["/deny/allow"]
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon May 08 07:03:01 UTC 2023 - 1017 bytes - Viewed (0) -
pkg/config/analysis/analyzers/k8sgateway/workloadselector.go
"istio.io/istio/pkg/config/schema/gvk" "istio.io/istio/pkg/maps" ) var _ analysis.Analyzer = &SelectorAnalyzer{} type SelectorAnalyzer struct{} var policyGVKs = []config.GroupVersionKind{ gvk.AuthorizationPolicy, gvk.RequestAuthentication, gvk.Telemetry, gvk.WasmPlugin, } type policy interface { GetSelector() *typev1beta1.WorkloadSelector GetTargetRef() *typev1beta1.PolicyTargetReference }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Fri Dec 15 01:19:33 UTC 2023 - 2.8K bytes - Viewed (0) -
pilot/pkg/security/authz/builder/testdata/http/allow-host-before-111-in.yaml
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Fri Sep 10 17:02:56 UTC 2021 - 390 bytes - Viewed (0) -
pilot/pkg/security/authz/builder/testdata/http/simple-policy-principal-with-wildcard-in.yaml
apiVersion: security.istio.io/v1beta1 kind: AuthorizationPolicy metadata: name: httpbin namespace: foo spec: selector: matchLabels: app: httpbin version: v1 rules: - from: - source: principals: ["*"] - source:
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Apr 01 19:25:01 UTC 2021 - 381 bytes - Viewed (0)