istio: istio.io/istio/pilot/pkg/security/authz/model Index | Files

package model

import "istio.io/istio/pilot/pkg/security/authz/model"

Index

Package Files

generator.go model.go permission.go principal.go util.go

Constants

const (
    // RBACHTTPFilterName is the name of the RBAC http filter in envoy.
    RBACHTTPFilterName = "envoy.filters.http.rbac"

    // RBACTCPFilterName is the name of the RBAC network filter in envoy.
    RBACTCPFilterName       = "envoy.filters.network.rbac"
    RBACTCPFilterStatPrefix = "tcp."
)

type Model Uses

type Model struct {
    // contains filtered or unexported fields
}

Model represents a single rule from an authorization policy. The conditions of the rule are consolidated into permission or principal to align with the Envoy RBAC filter API.

func New Uses

func New(r *authzpb.Rule, isIstioVersionGE15 bool) (*Model, error)

New returns a model representing a single authorization policy.

func (Model) Generate Uses

func (m Model) Generate(forTCP, forDeny bool) (*rbacpb.Policy, error)

Generate generates the Envoy RBAC config from the model.

func (*Model) MigrateTrustDomain Uses

func (m *Model) MigrateTrustDomain(tdBundle trustdomain.Bundle)

MigrateTrustDomain replaces the trust domain in source principal based on the trust domain aliases information.

Package model imports 12 packages (graph) and is imported by 3 packages. Updated 2020-07-15. Refresh now. Tools for package owners.