- Sort Score
- Result 10 results
- Languages All
Results 81 - 90 of 131 for AuthorizationPolicy (0.51 sec)
-
pilot/pkg/serviceregistry/kube/controller/ambient/testdata/allow-groups-in.yaml
apiVersion: security.istio.io/v1beta1 kind: AuthorizationPolicy metadata: name: groups spec: rules: # Has mix of L4 and L7 in from - from: - source: principals: ["from-mix-principal"] requestPrincipals: ["from-mix-requestPrincipals"] namespaces: ["from-mix-ns"] to: - operation: ports: ["80"] # Has mix of L4 and L7 in to - from: - source:
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Feb 29 18:40:34 UTC 2024 - 1.3K bytes - Viewed (0) -
tests/integration/ambient/testdata/requestauthn/waypoint-jwt.yaml.tmpl
jwtRules: - issuer: "******@****.***" jwksUri: "https://raw.githubusercontent.com/istio/istio/master/tests/common/jwt/jwks.json" --- apiVersion: security.istio.io/v1beta1 kind: AuthorizationPolicy metadata: name: authz-gateway-{{ .To.ServiceName }} spec: targetRefs: - kind: Gateway group: gateway.networking.k8s.io name: waypoint rules: - from: - source:
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Apr 15 16:23:36 UTC 2024 - 1.3K bytes - Viewed (0) -
pilot/pkg/security/authz/builder/testdata/tcp/audit-both-http-tcp-in.yaml
apiVersion: security.istio.io/v1beta1 kind: AuthorizationPolicy metadata: name: httpbin-audit namespace: foo spec: action: AUDIT rules: # rule[0] `from`: all fields, `to`: all fields, `when`: all fields. - from: - source: principals: ["principal"] requestPrincipals: ["requestPrincipals"] namespaces: ["ns"] ipBlocks: ["1.2.3.4"] remoteIpBlocks: ["10.250.90.4"]
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Apr 01 19:25:01 UTC 2021 - 2.1K bytes - Viewed (0) -
pkg/config/analysis/analyzers/analyzers_test.go
{msg.NoMatchingWorkloadsFound, "AuthorizationPolicy istio-system/meshwide-httpbin-v1"}, {msg.NoMatchingWorkloadsFound, "AuthorizationPolicy httpbin-empty/httpbin-empty-namespace-wide"}, {msg.NoMatchingWorkloadsFound, "AuthorizationPolicy httpbin/httpbin-nopods"}, {msg.ReferencedResourceNotFound, "AuthorizationPolicy httpbin/httpbin-bogus-ns"}, {msg.ReferencedResourceNotFound, "AuthorizationPolicy httpbin/httpbin-bogus-ns"},
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Fri Jun 14 07:22:31 UTC 2024 - 42.6K bytes - Viewed (0) -
tests/integration/security/testdata/authz/ingress-gateway.yaml.tmpl
# and denies access to "remoteipattr.{{ .To.ServiceName }}.company.com" when the # remote ip is 10.242.5.7 or in the network 10.124.99.0/24. apiVersion: security.istio.io/v1beta1 kind: AuthorizationPolicy metadata: name: policy-{{ .To.ServiceName }} namespace: {{ .SystemNamespace.Name }} spec: action: DENY selector: matchLabels: app: {{.GatewayIstioLabel | default "istio-ingressgateway"}}
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon May 08 07:03:01 UTC 2023 - 2.5K bytes - Viewed (0) -
pkg/config/analysis/analyzers/testdata/k8sgateway-selector.yaml
spec: selector: matchLabels: gateway.networking.k8s.io/gateway-name: bookinfo-gateway --- # only selector is set, should be ineffective apiVersion: security.istio.io/v1 kind: AuthorizationPolicy metadata: namespace: default name: ap-ineffective spec: selector: matchLabels: gateway.networking.k8s.io/gateway-name: bookinfo-gateway --- # only selector is set, should be ineffective
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Fri Dec 15 01:19:33 UTC 2023 - 1.6K bytes - Viewed (0) -
istioctl/pkg/authz/analyzer_test.go
}, ClientStatus: 453, }, }, } for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { var buf bytes.Buffer a.Print(&buf) expectedOutput := "ACTION AuthorizationPolicy RULES\n" actualOutput := buf.String() if !reflect.DeepEqual(expectedOutput, actualOutput) { t.Errorf("Found %v, wanted %v", actualOutput, expectedOutput) } }) }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Sun Apr 21 17:42:54 UTC 2024 - 2.8K bytes - Viewed (0) -
pilot/pkg/xds/workload_test.go
func createAuthorizationPolicy(s *xds.FakeDiscoveryServer, name string, ns string) { clienttest.NewWriter[*securityclient.AuthorizationPolicy](s.T(), s.KubeClient()).Create(&securityclient.AuthorizationPolicy{ ObjectMeta: metav1.ObjectMeta{ Name: name, Namespace: ns, }, Spec: v1beta1.AuthorizationPolicy{}, }) } func deletePeerAuthentication(s *xds.FakeDiscoveryServer, name string, ns string) {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Apr 18 19:09:43 UTC 2024 - 15.9K bytes - Viewed (0) -
pilot/pkg/serviceregistry/kube/controller/ambient/ambientindex.go
authzPolicies := kclient.NewDelayedInformer[*securityclient.AuthorizationPolicy](options.Client, gvr.AuthorizationPolicy, kubetypes.StandardInformer, filter) AuthzPolicies := krt.WrapClient[*securityclient.AuthorizationPolicy](authzPolicies, krt.WithName("AuthorizationPolicies")) peerAuths := kclient.NewDelayedInformer[*securityclient.PeerAuthentication](options.Client,
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Fri Apr 19 17:19:41 UTC 2024 - 15.8K bytes - Viewed (0) -
pilot/test/mock/config.go
LoadBalancer: &networking.LoadBalancerSettings{ LbPolicy: new(networking.LoadBalancerSettings_Simple), }, }, } // ExampleAuthorizationPolicy is an example AuthorizationPolicy ExampleAuthorizationPolicy = &authz.AuthorizationPolicy{ Selector: &api.WorkloadSelector{ MatchLabels: map[string]string{ "app": "httpbin", "version": "v1", }, }, }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Tue May 23 17:08:31 UTC 2023 - 13.2K bytes - Viewed (0)