envoyproxy/gateway

Support XFFC validation as First class api in SecurityPolicy

Open

#5.392 aberto em 3 de mar. de 2025

Ver no GitHub
 (5 comments) (0 reactions) (0 assignees)Go (802 forks)auto 404
area/apiarea/policyhelp wanted

Métricas do repositório

Stars
 (2.871 stars)
Métricas de merge de PR
 (Métricas PR pendentes)

Description

Description:

When using mTLS for AuthN, RBAC AuthZ should support client certification validation

    authorization:
      defaultAction: Deny
      rules:
        principal:
          clientCert:
            Subject: foo.bar.com
            URI: http://foo.bar.com

[optional Relevant Links:] https://github.com/envoyproxy/gateway/issues/2250 https://github.com/envoyproxy/gateway/pull/5310

Guia do colaborador