- Sort Score
- Result 10 results
- Languages All
Results 41 - 50 of 104 for AuthorizationPolicy (0.24 sec)
-
pilot/pkg/config/kube/crdclient/types.gen.go
} switch orig.GroupVersionKind { case gvk.AuthorizationPolicy: oldRes := &apiistioioapisecurityv1beta1.AuthorizationPolicy{ ObjectMeta: origMeta, Spec: *(orig.Spec.(*istioioapisecurityv1beta1.AuthorizationPolicy)), } modRes := &apiistioioapisecurityv1beta1.AuthorizationPolicy{ ObjectMeta: modMeta, Spec: *(mod.Spec.(*istioioapisecurityv1beta1.AuthorizationPolicy)), }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Fri Apr 12 17:37:32 UTC 2024 - 62.2K bytes - Viewed (0) -
tests/integration/security/testdata/authz/not-host.yaml.tmpl
- destination: host: "{{ .To.ClusterLocalFQDN }}" port: number: {{ (.To.PortForName "http").ServicePort }} --- apiVersion: security.istio.io/v1beta1 kind: AuthorizationPolicy metadata: name: allow-{{ .To.ServiceName }} spec: selector: matchLabels: "app": "{{ .To.ServiceName }}" action: ALLOW rules: - to: - operation:
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon May 08 07:03:01 UTC 2023 - 1K bytes - Viewed (0) -
tests/integration/security/testdata/authz/deny-principal.yaml.tmpl
apiVersion: security.istio.io/v1beta1 kind: AuthorizationPolicy metadata: name: {{ .To.ServiceName }} spec: selector: matchLabels: "app": "{{ .To.ServiceName }}" action: DENY rules: - to: - operation: # HTTP ports: [ "{{ (.To.PortForName `http`).WorkloadPort }}", "{{ (.To.PortForName `http2`).WorkloadPort }}" ] paths: [ "/deny*" ] notPaths: ["/deny/allow"]
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon May 08 07:03:01 UTC 2023 - 1K bytes - Viewed (0) -
tests/integration/pilot/testdata/a.yaml
apiVersion: networking.istio.io/v1alpha3 kind: DestinationRule metadata: name: a spec: host: a subsets: - name: v1 labels: version: v1 --- apiVersion: security.istio.io/v1beta1 kind: AuthorizationPolicy metadata: name: integ-test spec: rules: - from: - source: principals: ["cluster.local/ns/default/sa/sleep"] to: - operation: methods: ["GET"] when:
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon May 08 07:03:01 UTC 2023 - 942 bytes - Viewed (0) -
pilot/pkg/serviceregistry/kube/controller/ambient/testdata/deny-groups-in.yaml
apiVersion: security.istio.io/v1beta1 kind: AuthorizationPolicy metadata: name: groups-deny spec: action: DENY rules: # Has mix of L4 and L7 in from - from: - source: principals: ["from-mix-principal"] requestPrincipals: ["from-mix-requestPrincipals"] namespaces: ["from-mix-ns"] to: - operation: ports: ["80"] # Has mix of L4 and L7 in to - from: - source:
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Feb 29 18:40:34 UTC 2024 - 1.4K bytes - Viewed (0) -
tests/integration/security/testdata/authz/deny-global.yaml.tmpl
# The following policy denies access to path /global-deny for all workloads apiVersion: security.istio.io/v1beta1 kind: AuthorizationPolicy metadata: name: policy-deny-system spec: action: DENY rules: - to: - operation: # Generally we don't expect users to set global policies, since they # impact anything in the istio-system namespace. For these tests,
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon May 08 07:03:01 UTC 2023 - 796 bytes - Viewed (0) -
pilot/pkg/serviceregistry/kube/controller/ambient/policies.go
"istio.io/istio/pkg/kube/krt" "istio.io/istio/pkg/slices" "istio.io/istio/pkg/spiffe" "istio.io/istio/pkg/workloadapi/security" ) func PolicyCollections( AuthzPolicies krt.Collection[*securityclient.AuthorizationPolicy], PeerAuths krt.Collection[*securityclient.PeerAuthentication], MeshConfig krt.Singleton[MeshConfig], Waypoints krt.Collection[Waypoint], Pods krt.Collection[*v1.Pod],
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Jun 13 16:51:29 UTC 2024 - 5.2K bytes - Viewed (0) -
tests/integration/security/testdata/requestauthn/global-jwt.yaml.tmpl
- issuer: "******@****.***" jwksUri: "https://raw.githubusercontent.com/istio/istio/master/tests/common/jwt/jwks.json" --- apiVersion: security.istio.io/v1beta1 kind: AuthorizationPolicy metadata: name: authz-ingress spec: selector: matchLabels: istio: {{.GatewayIstioLabel | default "ingressgateway"}} rules: - to: - operation: hosts:
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon May 08 07:03:01 UTC 2023 - 1K bytes - Viewed (0) -
pilot/pkg/networking/grpcgen/grpcgen_test.go
ServicePortName: "grpc-main", }, }) store.Create(config.Config{ Meta: config.Meta{ GroupVersionKind: gvk.AuthorizationPolicy, Name: svcname, Namespace: ns, }, Spec: &security.AuthorizationPolicy{ Rules: []*security.Rule{ { When: []*security.Condition{ { Key: "request.headers[echo]", Values: []string{
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Mar 28 09:04:02 UTC 2024 - 16.9K bytes - Viewed (0) -
tests/integration/security/policy_attachment_only/testdata/requestauthn/gateway-jwt.yaml.tmpl
jwtRules: - issuer: "******@****.***" jwksUri: "https://raw.githubusercontent.com/istio/istio/master/tests/common/jwt/jwks.json" --- apiVersion: security.istio.io/v1beta1 kind: AuthorizationPolicy metadata: name: authz-gateway-{{ .To.ServiceName }} spec: targetRef: name: {{ .To.ServiceName }}-gateway kind: Gateway group: gateway.networking.k8s.io rules: - to:
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Tue Dec 05 21:52:53 UTC 2023 - 1.7K bytes - Viewed (0)