istio: istio.io/istio/istioctl/pkg/authz Index | Files

package authz

import "istio.io/istio/istioctl/pkg/authz"

The auth package provides support for checking the authentication and authorization policy applied in the mesh. It aims to increase the debuggability and observability of auth policies. Note: this is still under active development and is not ready for real use.

Index

Package Files

analyzer.go listener.go util.go

func PrintParsedListeners Uses

func PrintParsedListeners(writer io.Writer, parsedListeners []*ParsedListener, printAll bool)

func StructToGoGoMessage Uses

func StructToGoGoMessage(pbst *structpb.Struct, out proto.Message) error

type Analyzer Uses

type Analyzer struct {
    // contains filtered or unexported fields
}

Analyzer that can be used to check authentication and authorization policy status.

func NewAnalyzer Uses

func NewAnalyzer(envoyConfig *configdump.Wrapper) (*Analyzer, error)

NewAnalyzer creates a new analyzer for a given pod based on its envoy config.

func (*Analyzer) Print Uses

func (a *Analyzer) Print(writer io.Writer, printAll bool)

Print checks the AuthZ setting for the given envoy config stored in the analyzer.

type ParsedListener Uses

type ParsedListener struct {
    // contains filtered or unexported fields
}

func ParseListener Uses

func ParseListener(listener *v2.Listener) *ParsedListener

ParseListener parses the envoy listener config by extracting the auth related config.

type PolicyTypeToConfigs Uses

type PolicyTypeToConfigs map[string][]model.Config

PolicyTypeToConfigs maps policy type (e.g. service-role) to a list of its config.

Package authz imports 28 packages (graph) and is imported by 2 packages. Updated 2019-12-09. Refresh now. Tools for package owners.