- Sort Score
- Result 10 results
- Languages All
Results 21 - 30 of 58 for AuthorizationPolicy (0.54 sec)
-
pilot/pkg/serviceregistry/kube/controller/ambient/testdata/allow-groups-in.yaml
apiVersion: security.istio.io/v1beta1 kind: AuthorizationPolicy metadata: name: groups spec: rules: # Has mix of L4 and L7 in from - from: - source: principals: ["from-mix-principal"] requestPrincipals: ["from-mix-requestPrincipals"] namespaces: ["from-mix-ns"] to: - operation: ports: ["80"] # Has mix of L4 and L7 in to - from: - source:
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Feb 29 18:40:34 UTC 2024 - 1.3K bytes - Viewed (0) -
tests/integration/ambient/testdata/requestauthn/waypoint-jwt.yaml.tmpl
jwtRules: - issuer: "******@****.***" jwksUri: "https://raw.githubusercontent.com/istio/istio/master/tests/common/jwt/jwks.json" --- apiVersion: security.istio.io/v1beta1 kind: AuthorizationPolicy metadata: name: authz-gateway-{{ .To.ServiceName }} spec: targetRefs: - kind: Gateway group: gateway.networking.k8s.io name: waypoint rules: - from: - source:
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Apr 15 16:23:36 UTC 2024 - 1.3K bytes - Viewed (0) -
pkg/config/analysis/analyzers/analyzers_test.go
{msg.NoMatchingWorkloadsFound, "AuthorizationPolicy istio-system/meshwide-httpbin-v1"}, {msg.NoMatchingWorkloadsFound, "AuthorizationPolicy httpbin-empty/httpbin-empty-namespace-wide"}, {msg.NoMatchingWorkloadsFound, "AuthorizationPolicy httpbin/httpbin-nopods"}, {msg.ReferencedResourceNotFound, "AuthorizationPolicy httpbin/httpbin-bogus-ns"}, {msg.ReferencedResourceNotFound, "AuthorizationPolicy httpbin/httpbin-bogus-ns"},
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Fri Jun 14 07:22:31 UTC 2024 - 42.6K bytes - Viewed (0) -
istioctl/pkg/authz/analyzer_test.go
}, ClientStatus: 453, }, }, } for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { var buf bytes.Buffer a.Print(&buf) expectedOutput := "ACTION AuthorizationPolicy RULES\n" actualOutput := buf.String() if !reflect.DeepEqual(expectedOutput, actualOutput) { t.Errorf("Found %v, wanted %v", actualOutput, expectedOutput) } }) }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Sun Apr 21 17:42:54 UTC 2024 - 2.8K bytes - Viewed (0) -
pilot/pkg/xds/workload_test.go
func createAuthorizationPolicy(s *xds.FakeDiscoveryServer, name string, ns string) { clienttest.NewWriter[*securityclient.AuthorizationPolicy](s.T(), s.KubeClient()).Create(&securityclient.AuthorizationPolicy{ ObjectMeta: metav1.ObjectMeta{ Name: name, Namespace: ns, }, Spec: v1beta1.AuthorizationPolicy{}, }) } func deletePeerAuthentication(s *xds.FakeDiscoveryServer, name string, ns string) {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Apr 18 19:09:43 UTC 2024 - 15.9K bytes - Viewed (0) -
pilot/pkg/serviceregistry/kube/controller/ambient/ambientindex.go
authzPolicies := kclient.NewDelayedInformer[*securityclient.AuthorizationPolicy](options.Client, gvr.AuthorizationPolicy, kubetypes.StandardInformer, filter) AuthzPolicies := krt.WrapClient[*securityclient.AuthorizationPolicy](authzPolicies, krt.WithName("AuthorizationPolicies")) peerAuths := kclient.NewDelayedInformer[*securityclient.PeerAuthentication](options.Client,
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Fri Apr 19 17:19:41 UTC 2024 - 15.8K bytes - Viewed (0) -
pilot/pkg/xds/rds.go
} var _ model.XdsResourceGenerator = &RdsGenerator{} // Map of all configs that do not impact RDS var skippedRdsConfigs = sets.New[kind.Kind]( kind.WorkloadEntry, kind.WorkloadGroup, kind.AuthorizationPolicy, kind.RequestAuthentication, kind.PeerAuthentication, kind.Secret, kind.WasmPlugin, kind.Telemetry, kind.ProxyConfig, kind.DNSName, ) func rdsNeedsPush(req *model.PushRequest) bool {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Tue Feb 27 07:19:38 UTC 2024 - 1.9K bytes - Viewed (0) -
pilot/pkg/security/authz/builder/testdata/http/allow-full-rule-in.yaml
apiVersion: security.istio.io/v1beta1 kind: AuthorizationPolicy metadata: name: httpbin-1 namespace: foo spec: selector: matchLabels: app: httpbin version: v1 rules: - from: - source: principals: ["principal", "principal-prefix-*", "*-suffix-principal", "*"] requestPrincipals: ["requestPrincipals", "requestPrincipals-prefix-*", "*-suffix-requestPrincipals", "*"]
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Sat Apr 20 01:58:53 UTC 2024 - 4.1K bytes - Viewed (0) -
pilot/pkg/serviceregistry/kube/controller/ambient/testdata/allow-full-in.yaml
apiVersion: security.istio.io/v1beta1 kind: AuthorizationPolicy metadata: name: allow spec: action: ALLOW rules: - from: - source: principals: [ "principal", "principal-prefix-*", "*-suffix-principal", "*" ] notPrincipals: [ "not-principal", "not-principal-prefix-*", "*-suffix-not-principal", "*" ] - from: - source:
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Feb 29 18:40:34 UTC 2024 - 4K bytes - Viewed (0) -
tests/integration/security/testdata/authz/jwt.yaml.tmpl
# - Allow request with valid JWT token of audiences foo to access path with suffix "/audiences" apiVersion: security.istio.io/v1beta1 kind: AuthorizationPolicy metadata: name: {{ .To.ServiceName }} spec: selector: matchLabels: "app": "{{ .To.ServiceName }}" rules: - to: - operation: paths: ["/token1"]
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed May 08 23:36:51 UTC 2024 - 3K bytes - Viewed (0)