authorization

package
v1.86.5 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Aug 9, 2024 License: Apache-2.0 Imports: 11 Imported by: 5

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type MtlsEnabledChecker added in v1.22.0

type MtlsEnabledChecker struct {
	AuthorizationPolicies []*security_v1.AuthorizationPolicy
	MtlsDetails           kubernetes.MTLSDetails
	ServiceEntries        []networking_v1.ServiceEntry
	RegistryServices      []*kubernetes.RegistryService
}

func (MtlsEnabledChecker) Check added in v1.22.0

Checks if mTLS is enabled, mark all Authz Policies with error

func (MtlsEnabledChecker) IsMtlsEnabledFor added in v1.31.0

func (c MtlsEnabledChecker) IsMtlsEnabledFor(labels labels.Set, namespace string) bool

type NamespaceMethodChecker added in v1.14.0

type NamespaceMethodChecker struct {
	AuthorizationPolicy *security_v1.AuthorizationPolicy
	Namespaces          models.NamespaceNames
}

func (NamespaceMethodChecker) Check added in v1.14.0

func (ap NamespaceMethodChecker) Check() ([]*models.IstioCheck, bool)

type NoHostChecker added in v1.15.0

type NoHostChecker struct {
	AuthorizationPolicy *security_v1.AuthorizationPolicy
	Namespaces          models.Namespaces
	ServiceEntries      map[string][]string
	VirtualServices     []*networking_v1.VirtualService
	RegistryServices    []*kubernetes.RegistryService
	PolicyAllowAny      bool
}

func (NoHostChecker) Check added in v1.15.0

func (n NoHostChecker) Check() ([]*models.IstioCheck, bool)

type PrincipalsChecker added in v1.51.1

type PrincipalsChecker struct {
	AuthorizationPolicy *security_v1.AuthorizationPolicy
	Cluster             string
	ServiceAccounts     map[string][]string
}

func (PrincipalsChecker) Check added in v1.51.1

func (pc PrincipalsChecker) Check() ([]*models.IstioCheck, bool)

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL