envoyproxy/gateway

Support XFFC validation as First class api in SecurityPolicy

Open

#5392 aperta il 3 mar 2025

Vedi su GitHub
 (5 commenti) (0 reazioni) (0 assegnatari)Go (802 fork)auto 404
area/apiarea/policyhelp wanted

Metriche repository

Star
 (2871 star)
Metriche merge PR
 (Metriche PR in attesa)

Descrizione

Description:

When using mTLS for AuthN, RBAC AuthZ should support client certification validation

    authorization:
      defaultAction: Deny
      rules:
        principal:
          clientCert:
            Subject: foo.bar.com
            URI: http://foo.bar.com

[optional Relevant Links:] https://github.com/envoyproxy/gateway/issues/2250 https://github.com/envoyproxy/gateway/pull/5310

Guida contributor