istio: Index | Files

package model

import ""


Package Files

generator.go model.go permission.go principal.go util.go


const (
    // RBACHTTPFilterName is the name of the RBAC http filter in envoy.
    RBACHTTPFilterName = "envoy.filters.http.rbac"

    // RBACTCPFilterName is the name of the RBAC network filter in envoy.
    RBACTCPFilterName       = ""
    RBACTCPFilterStatPrefix = "tcp."

type Model Uses

type Model struct {
    // contains filtered or unexported fields

Model represents a single rule from an authorization policy. The conditions of the rule are consolidated into permission or principal to align with the Envoy RBAC filter API.

func New Uses

func New(r *authzpb.Rule) (*Model, error)

New returns a model representing a single authorization policy.

func (Model) Generate Uses

func (m Model) Generate(forTCP bool, action rbacpb.RBAC_Action) (*rbacpb.Policy, error)

Generate generates the Envoy RBAC config from the model.

func (*Model) MigrateTrustDomain Uses

func (m *Model) MigrateTrustDomain(tdBundle trustdomain.Bundle)

MigrateTrustDomain replaces the trust domain in source principal based on the trust domain aliases information.

Package model imports 12 packages (graph) and is imported by 3 packages. Updated 2020-11-20. Refresh now. Tools for package owners.