- Sort Score
- Result 10 results
- Languages All
Results 11 - 20 of 31 for requestPrincipals (0.2 sec)
-
tests/integration/security/testdata/requestauthn/global-jwt.yaml.tmpl
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon May 08 07:03:01 UTC 2023 - 1K bytes - Viewed (0) -
tests/integration/ambient/testdata/requestauthn/waypoint-jwt.yaml.tmpl
spec: targetRefs: - kind: Gateway group: gateway.networking.k8s.io name: waypoint rules: - from: - source: requestPrincipals: ["******@****.***/sub-1"] - source: requestPrincipals: ["******@****.***/sub-1"] - to: - operation:
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Apr 15 16:23:36 UTC 2024 - 1.3K bytes - Viewed (0) -
tests/integration/security/testdata/requestauthn/authn-authz.yaml.tmpl
metadata: name: {{ .To.ServiceName }} spec: selector: matchLabels: app: {{ .To.ServiceName }} rules: - to: - operation: methods: ["GET"] from: - source:
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon May 08 07:03:01 UTC 2023 - 699 bytes - Viewed (0) -
tests/integration/security/testdata/requestauthn/headers-params.yaml.tmpl
metadata: name: {{ .To.ServiceName }} spec: selector: matchLabels: app: {{ .To.ServiceName }} rules: - to: - operation: methods: ["GET"] from: - source:
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon May 08 07:03:01 UTC 2023 - 867 bytes - Viewed (0) -
tests/integration/security/policy_attachment_only/testdata/authz/gateway-authz.yaml.tmpl
action: ALLOW rules: - to: - operation: hosts: {{- range $svc := .Services }} - "example.{{ $svc.ServiceName }}.com" {{- end }} from: - source:
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Tue Oct 24 19:50:43 UTC 2023 - 847 bytes - Viewed (0) -
pilot/pkg/security/authz/model/model_test.go
} } }) } } func TestModel_Generate(t *testing.T) { rule := yamlRule(t, ` from: - source: requestPrincipals: ["td-1/ns/foo/sa/sleep-1"] notRequestPrincipals: ["td-1/ns/foo/sa/sleep-2"] - source: requestPrincipals: ["td-1/ns/foo/sa/sleep-3"] notRequestPrincipals: ["td-1/ns/foo/sa/sleep-4"] to: - operation: ports: ["8001"] notPorts: ["8002"]
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Nov 20 22:15:12 UTC 2023 - 10K bytes - Viewed (0) -
tests/integration/security/testdata/authz/jwt.yaml.tmpl
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed May 08 23:36:51 UTC 2024 - 3K bytes - Viewed (0) -
tests/integration/security/testdata/authz/egress-gateway.yaml.tmpl
from: - source: requestPrincipals: [ "******@****.***/sub-1" ] - to: # checks only a can call 443 over istio mutual with JWT - operation: hosts: [ "jwt-and-{{ .Allowed.ServiceName }}-{{ .Allowed.NamespaceName }}-only.com" ] from: - source: requestPrincipals: [ "******@****.***/sub-1" ]
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Jul 31 15:08:52 UTC 2023 - 5.2K bytes - Viewed (0) -
pilot/pkg/security/authz/model/model.go
if useExtendedJwt { merged.insertFrontExtended(requestPrincipalGenerator{}, attrRequestPrincipal, s.RequestPrincipals, s.NotRequestPrincipals) } else { merged.insertFront(requestPrincipalGenerator{}, attrRequestPrincipal, s.RequestPrincipals, s.NotRequestPrincipals) } merged.insertFront(srcPrincipalGenerator{}, attrSrcPrincipal, s.Principals, s.NotPrincipals) }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Mar 25 10:39:25 UTC 2024 - 13.8K bytes - Viewed (0) -
pilot/pkg/serviceregistry/kube/controller/ambient/authorization.go
} fromMatches := []*security.Match{} for _, from := range rule.From { op := from.Source if action == security.Action_ALLOW && anyNonEmpty(op.RemoteIpBlocks, op.NotRemoteIpBlocks, op.RequestPrincipals, op.NotRequestPrincipals) { // L7 policies never match for ALLOW // For DENY they will always match, so it is more restrictive return nil } match := &security.Match{
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Apr 15 16:23:36 UTC 2024 - 18.4K bytes - Viewed (0)