envoyproxy/gateway

Support XFFC validation as First class api in SecurityPolicy

Open

#5.392 geöffnet am 3. März 2025

Auf GitHub ansehen
 (5 Kommentare) (0 Reaktionen) (0 zugewiesene Personen)Go (802 Forks)auto 404
area/apiarea/policyhelp wanted

Repository-Metriken

Stars
 (2.871 Stars)
PR-Merge-Metriken
 (PR-Metriken ausstehend)

Beschreibung

Description:

When using mTLS for AuthN, RBAC AuthZ should support client certification validation

    authorization:
      defaultAction: Deny
      rules:
        principal:
          clientCert:
            Subject: foo.bar.com
            URI: http://foo.bar.com

[optional Relevant Links:] https://github.com/envoyproxy/gateway/issues/2250 https://github.com/envoyproxy/gateway/pull/5310

Contributor Guide