Documentation ¶
Index ¶
Constants ¶
View Source
const ( RBACTCPFilterStatPrefix = "tcp." RBACShadowEngineResult = "shadow_engine_result" RBACShadowEffectivePolicyID = "shadow_effective_policy_id" RBACShadowRulesAllowStatPrefix = "istio_dry_run_allow_" RBACShadowRulesDenyStatPrefix = "istio_dry_run_deny_" RBACExtAuthzShadowRulesStatPrefix = "istio_ext_authz_" )
Variables ¶
This section is empty.
Functions ¶
func MetadataMatcherForJWTClaims ¶
func MetadataMatcherForJWTClaims(claims []string, value *matcherpb.StringMatcher) *matcherpb.MetadataMatcher
MetadataMatcherForJWTClaims is a convenient method for generating metadata matcher for JWT claims.
Types ¶
type Model ¶
type Model struct {
// contains filtered or unexported fields
}
Model represents a single rule from an authorization policy. The conditions of the rule are consolidated into permission or principal to align with the Envoy RBAC filter API.
func (*Model) MigrateTrustDomain ¶
func (m *Model) MigrateTrustDomain(tdBundle trustdomain.Bundle)
MigrateTrustDomain replaces the trust domain in source principal based on the trust domain aliases information.
Click to show internal directories.
Click to hide internal directories.