Documentation ¶
Overview ¶
Package rbac provides service-level and method-level access control for a service. See https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/rbac/v3/rbac.proto#role-based-access-control-rbac for documentation.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type ChainEngine ¶ added in v1.40.0
type ChainEngine struct {
// contains filtered or unexported fields
}
ChainEngine represents a chain of RBAC Engines, used to make authorization decisions on incoming RPCs.
func NewChainEngine ¶ added in v1.40.0
func NewChainEngine(policies []*v3rbacpb.RBAC) (*ChainEngine, error)
NewChainEngine returns a chain of RBAC engines, used to make authorization decisions on incoming RPCs. Returns a non-nil error for invalid policies.
func (*ChainEngine) IsAuthorized ¶ added in v1.40.0
func (cre *ChainEngine) IsAuthorized(ctx context.Context) error
IsAuthorized determines if an incoming RPC is authorized based on the chain of RBAC engines and their associated actions.
Errors returned by this function are compatible with the status package.