- Sort Score
- Result 10 results
- Languages All
Results 41 - 50 of 172 for Authz (0.05 sec)
-
pkg/config/analysis/analyzers/all.go
// limitations under the License. package analyzers import ( "istio.io/istio/pkg/config/analysis" "istio.io/istio/pkg/config/analysis/analyzers/annotations" "istio.io/istio/pkg/config/analysis/analyzers/authz" "istio.io/istio/pkg/config/analysis/analyzers/deployment" "istio.io/istio/pkg/config/analysis/analyzers/deprecation" "istio.io/istio/pkg/config/analysis/analyzers/destinationrule"
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed May 22 10:13:03 UTC 2024 - 3.6K bytes - Viewed (0) -
pilot/pkg/security/authz/builder/builder_test.go
AuthzPolicies: yamlPolicy(t, basePath+input), Mesh: mc, } p.ServiceIndex.HostnameAndNamespace = map[host.Name]map[string]*model.Service{ "my-custom-ext-authz.foo.svc.cluster.local": { "foo": &model.Service{ Hostname: "my-custom-ext-authz.foo.svc.cluster.local", }, }, } return p } func node(version *model.IstioVersion) *model.Proxy { return &model.Proxy{
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Apr 17 22:20:44 UTC 2024 - 13.8K bytes - Viewed (0) -
internal/config/policy/plugin/config.go
} // Handle large OPA responses when OPA URL is of // form http://localhost:8181/v1/data/httpapi/authz type opaResultAllow struct { Result struct { Allow bool `json:"allow"` } `json:"result"` } // Handle simpler OPA responses when OPA URL is of // form http://localhost:8181/v1/data/httpapi/authz/allow type opaResult struct { Result bool `json:"result"` }
Registered: Sun Jun 16 00:44:34 UTC 2024 - Last Modified: Fri May 24 23:05:23 UTC 2024 - 5.8K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/pkg/admission/plugin/policy/validating/dispatcher.go
"k8s.io/klog/v2" ) type dispatcher struct { matcher generic.PolicyMatcher authz authorizer.Authorizer } var _ generic.Dispatcher[PolicyHook] = &dispatcher{} func NewDispatcher( authorizer authorizer.Authorizer, matcher generic.PolicyMatcher, ) generic.Dispatcher[PolicyHook] { return &dispatcher{ matcher: matcher, authz: authorizer, } }
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Wed Mar 06 00:00:21 UTC 2024 - 14.4K bytes - Viewed (0) -
samples/extauthz/cmd/extauthz/main.go
"google.golang.org/grpc" "google.golang.org/grpc/codes" ) const ( checkHeader = "x-ext-authz" allowedValue = "allow" resultHeader = "x-ext-authz-check-result" receivedHeader = "x-ext-authz-check-received" overrideHeader = "x-ext-authz-additional-header-override" overrideGRPCValue = "grpc-additional-header-override-value" resultAllowed = "allowed"
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Feb 15 18:23:48 UTC 2024 - 10.4K bytes - Viewed (0) -
tools/docker.yaml
# Test images - name: app dockerfile: pkg/test/echo/docker/Dockerfile.app files: - tests/testdata/certs targets: - ${TARGET_OUT_LINUX}/client - ${TARGET_OUT_LINUX}/server # Sample authz server - name: ext-authz dockerfile: samples/extauthz/docker/Dockerfile targets: - ${TARGET_OUT_LINUX}/extauthz # TODO(https://github.com/istio/istio/issues/38224) - name: app_sidecar_rockylinux_9
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu May 09 12:26:52 UTC 2024 - 4.4K bytes - Viewed (0) -
tests/integration/security/testdata/requestauthn/global-jwt.yaml.tmpl
- issuer: "******@****.***" jwksUri: "https://raw.githubusercontent.com/istio/istio/master/tests/common/jwt/jwks.json" --- apiVersion: security.istio.io/v1beta1 kind: AuthorizationPolicy metadata: name: authz-ingress spec: selector: matchLabels: istio: {{.GatewayIstioLabel | default "ingressgateway"}} rules: - to: - operation: hosts: {{- range $svc := .Services }}
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon May 08 07:03:01 UTC 2023 - 1K bytes - Viewed (0) -
pkg/test/framework/components/echo/kube/templates/deployment.yaml
imagePullPolicy: {{ $.ImagePullPolicy }} securityContext: # to allow core dumps readOnlyRootFilesystem: false {{- end }} {{- if $.IncludeExtAuthz }} - name: ext-authz image: {{ $.ImageHub }}/ext-authz:{{ $.ImageTag }} imagePullPolicy: {{ $.ImagePullPolicy }} ports: - containerPort: 8000 - containerPort: 9000 {{- end }}
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu May 02 21:29:40 UTC 2024 - 6.1K bytes - Viewed (0) -
tests/integration/security/testdata/authz/plaintext.yaml.tmpl
kind: DestinationRule metadata: name: default namespace: {{ .To.NamespaceName }} spec: host: "*.{{ .To.NamespaceName }}.svc.cluster.local" trafficPolicy: tls: mode: ISTIO_MUTUAL --- # This authz policy denies access to the service if the request was not mTLS, since # mTLS is required in order to match source principals. apiVersion: security.istio.io/v1beta1 kind: AuthorizationPolicy metadata:
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon May 08 07:03:01 UTC 2023 - 1.3K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/pkg/admission/plugin/policy/validating/validator.go
var f v1.FailurePolicyType if v.failPolicy == nil { f = v1.Fail } else { f = *v.failPolicy } if v.celMatcher != nil { matchResults := v.celMatcher.Match(ctx, versionedAttr, versionedParams, authz) if matchResults.Error != nil { return ValidateResult{ Decisions: []PolicyDecision{
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Wed Feb 28 23:31:44 UTC 2024 - 9.2K bytes - Viewed (0)