authorize

package
v1.14.2-rc.2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 19, 2024 License: Apache-2.0 Imports: 8 Imported by: 6

Documentation

Overview

Package authorize provides authz checks for incoming or returning connections.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func NewMonitorConnectionServer

func NewMonitorConnectionServer(opts ...Option) networkservice.MonitorConnectionServer

NewMonitorConnectionServer - returns a new authorization networkservicemesh.MonitorConnectionServer

Types

type MonitorOpaInput

type MonitorOpaInput struct {
	SpiffeIDConnectionMap map[string][]string `json:"spiffe_id_connection_map"`
	SelectorConnectionIDs []string            `json:"selector_connection_ids"`
	ServiceSpiffeID       string              `json:"service_spiffe_id"`
}

MonitorOpaInput - used to pass complex structure to monitor policies

type Option

type Option func(*options)

Option is authorization option for monitor connection server

func Any

func Any() Option

Any authorizes any call of request/close

func WithPolicies

func WithPolicies(p ...Policy) Option

WithPolicies sets custom policies

func WithSpiffeIDConnectionMap

func WithSpiffeIDConnectionMap(s *genericsync.Map[spiffeid.ID, *genericsync.Map[string, struct{}]]) Option

WithSpiffeIDConnectionMap sets map to keep spiffeIDConnectionMap to authorize connections with MonitorServer

type Policy

type Policy interface {
	// Name returns policy name
	Name() string
	// Check checks authorization
	Check(ctx context.Context, input interface{}) error
}

Policy represents authorization policy for monitor connection.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL