Commit Graph

46 Commits (16e024100a98a454ef0003d60962adfa15d3c305)

Author SHA1 Message Date
sarahalsmiller 32ce33825d
[Security] Secvuln 8633 Consul configuration allowed repeated keys (#21908)
1 week ago
hashicorp-copywrite[bot] 5fb9df1640
[COMPLIANCE] License changes (#18443)
1 year ago
Jeremy Jacobson 6424ef6a56
[CC-5719] Add support for builtin global-read-only policy (#18319)
1 year ago
Ronald 4b2137c2fa
Add copyright headers for acl, api and bench folders (#16706)
2 years ago
skpratt db2bd404bf
Synthesize anonymous token pre-bootstrap when needed (#16200)
2 years ago
Chris S. Kim a7b34d50fc
Output user-friendly name for anonymous token (#15884)
2 years ago
malizz b51f0e25e9
update ACLs for cluster peering (#15317)
2 years ago
freddygv ed6076db26 Rename partition-exports to exported-services
3 years ago
freddygv 43360eb216 Rework acl exports interface
3 years ago
freddygv 22bdf279d1 Update NodeRead for partition-exports
3 years ago
Kyle Havlovitz 65c9109396 acl: pass PartitionInfo through ent ACLConfig
3 years ago
Warren 40f080576e
Small typo in docstring (#8280)
4 years ago
Matt Keeler 8bd34e126f
Intentions ACL enforcement updates (#7028)
5 years ago
Matt Keeler 80d13d500b
Miscellaneous acl package cleanup
5 years ago
Matt Keeler 973341a592
ACL Authorizer overhaul (#6620)
5 years ago
Jack Pearkes 36ebca1fd0 Fix to prevent allowing recursive KV deletions when we shouldn’t
6 years ago
Matt Keeler 18b29c45c4
New ACLs (#4791)
6 years ago
Matt Keeler 883c5dd001 Fix ACL enforcement
6 years ago
Mitchell Hashimoto 5a47a53c70
acl: IntentionDefault => IntentionDefaultAllow
7 years ago
Mitchell Hashimoto ac72a0c5fd
agent: ACL checks for authorize, default behavior
7 years ago
Mitchell Hashimoto 193f93107a
acl: implement IntentionRead/Write methods on ACL interface
7 years ago
Josh Soref 94835a2715 Spelling (#3958)
7 years ago
James Phillips 575d70aaa7
Cleans up some drift between the OSS and Enterprise trees.
7 years ago
Preetha Appan 51a04ec87d Introduces new 'list' permission that applies to KV store recursive reads, and enforced only when opted in.
7 years ago
Preetha Appan d7e27e67c1 Introduce Code Policy validation via sentinel, with a noop implementation
7 years ago
James Phillips 022baeea13
Adds support to the ACL package for agent policies.
8 years ago
James Phillips 60d4322c49
Adds support to ACL package for session policies.
8 years ago
James Phillips 7fa4ab3fd1
Adds support to ACL package for node policies.
8 years ago
James Phillips 9b4f316b21
Sorts all the ACl policy handlers for easier navigation (no functional changes).
8 years ago
James Phillips c01a3871c9 Adds support for snapshots and restores. (#2396)
8 years ago
James Phillips e5850d8a26
Adds new consul operator endpoint, CLI, and ACL and some basic Raft commands.
8 years ago
James Phillips 67de77482e Creates new "prepared-query" ACL type and new token capture behavior.
9 years ago
James Phillips ce0881a99a Adds a new management ACL for prepared queries.
9 years ago
Dale Wijnand 5a28ebcaa3 Fix a bunch of typos.
9 years ago
Ryan Uber 7e50a457d9 acl: allow omitting keyring policy, add tests
10 years ago
Ryan Uber 47a33e3f1a acl: keyring policy uses a flat string
10 years ago
Ryan Uber 1b8051a783 acl: initial pass at keyring ACLs
10 years ago
Ryan Uber 0c624350eb acl: support for user events
10 years ago
Maciej Bryński 11425734d5 Consul prefix services ACLs
10 years ago
Armon Dadgar 8ff08819c8 acl: Expose service policy checks
10 years ago
Armon Dadgar 705c6cdb86 acl: Support checking write permissions on a prefix
10 years ago
Armon Dadgar 78580a733e acl: Avoid infinite recursion...
10 years ago
Armon Dadgar c2153843c6 acl: Support ACL checks, adding new root policy
10 years ago
Armon Dadgar 5c0da3a4d7 acl: Simplify parent ACL, adding root policies
10 years ago
Armon Dadgar 468c8c3013 acl: Use only a single Radix tree per ACL
10 years ago
Armon Dadgar 7a1d778474 acl: First pass
10 years ago