Yangmin Zhu
Yangmin Zhu
> @yangminzhu @howardjohn > Thanks for reminding, I noticed the newly opened https://github.com/istio/enhancements repository, open an issues to add documentation? I think you could start a short doc with some...
the API is referring to the correct istio.type.v1beta1.WorkloadSelector https://github.com/istio/api/blob/0d3a960deddb1dead06c8bf35b9b01e4e95dbb0a/security/v1beta1/peer_authentication.proto#L124-L127 but the generated documentation is pointing to the wrong workload selector, @howardjohn do you know who is the owner of the...
> There is no owner, I think the owners of certain APIs should fix the issues. Its probably not actually the tool thats broken but something in the proto. tool...
Thanks for the comment @robscott ! > 1. Explore a built in JWT matcher + built in matches for other attributes as needed I feel this might be a bit...
thanks for the comment everyone! @youngnick sorry if I was not clear, I don't mean to use the literal `map[string]string` field but rather a structure similar to the [HTTPHeaderMatch](https://gateway-api.sigs.k8s.io/v1alpha2/references/spec/#gateway.networking.k8s.io/v1alpha2.HTTPHeaderMatch) which...
> Have we considered creating specific matching in extended support for JWT? It is an Internet standard with RFC specification? @bowei The JWT is standardized in [RFC 7519](https://datatracker.ietf.org/doc/html/rfc7519) but I...
sorry for the late reply it got lost in my inbox. I like this idea and I think it will be very helpful for people to use the RBAC filter....
See the comment: `TestAuthorization_Audit tests that the AUDIT action does not impact allowing or denying a request`, TestAuthorization_Audit explicitly does not cover the logging part. The logging part is checked...
No, the test is to check the audit action does NOT impact the allow/deny behavior, it applies different combinations of the audit action and makes sure it does NOT change...
@nmittler It is a negative test but I do not think it's useless. It covers corner cases when combining audit actions with other actions (allow/deny) with different workload selectors and...