mirror of
https://github.com/status-im/consul.git
synced 2025-01-09 13:26:07 +00:00
2c244b6f42
* Fixes issues in setting status * Update golden files for changes to xds generation to not use deprecated methods * Fixed default for validation of JWT for route
59 lines
1.6 KiB
Plaintext
59 lines
1.6 KiB
Plaintext
{
|
|
"name": "envoy.filters.network.rbac",
|
|
"typedConfig": {
|
|
"@type": "type.googleapis.com/envoy.extensions.filters.network.rbac.v3.RBAC",
|
|
"rules": {
|
|
"action": "DENY",
|
|
"policies": {
|
|
"consul-intentions-layer4": {
|
|
"permissions": [
|
|
{
|
|
"any": true
|
|
}
|
|
],
|
|
"principals": [
|
|
{
|
|
"authenticated": {
|
|
"principalName": {
|
|
"safeRegex": {
|
|
"googleRe2": {},
|
|
"regex": "^spiffe://test.consul/ns/default/dc/[^/]+/svc/web$"
|
|
}
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"andIds": {
|
|
"ids": [
|
|
{
|
|
"authenticated": {
|
|
"principalName": {
|
|
"safeRegex": {
|
|
"googleRe2": {},
|
|
"regex": "^spiffe://test.consul/ns/default/dc/[^/]+/svc/[^/]+$"
|
|
}
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"notId": {
|
|
"authenticated": {
|
|
"principalName": {
|
|
"safeRegex": {
|
|
"googleRe2": {},
|
|
"regex": "^spiffe://test.consul/ns/default/dc/[^/]+/svc/web$"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
},
|
|
"statPrefix": "connect_authz"
|
|
}
|
|
} |