42 Commits (c0faddbe1fbd9669a91011ca23247d3955676a7d)

Author SHA1 Message Date
Iryna Shustava dfea3a0efe
acls,catalog,mesh: properly authorize workload selectors on writes (#19260) 1 year ago
skpratt 21ea527089
TrafficPermissions: add ACL hooks (#19023) 1 year ago
Chris S. Kim d090668c37
Add workload identity ACL rules (#18769) 1 year ago
hashicorp-copywrite[bot] 5fb9df1640
[COMPLIANCE] License changes (#18443) 1 year ago
Ronald 4b2137c2fa
Add copyright headers for acl, api and bench folders (#16706) 2 years ago
skpratt a010902978
Remove legacy acl policies (#15922) 2 years ago
Freddy f99df57840
[OSS] Add new peering ACL rule (#13848) 2 years ago
Riddhi Shah 95362cc5ea ACL pkg updates to support Agentless RPCs 3 years ago
Daniel Nephin 8ba760a2fc acl: remove id and revision from Policy constructors 3 years ago
R.B. Boyer ee372a854a acl: adding a new mesh resource 3 years ago
R.B. Boyer 6ba776b4f3
agent: protect the ui metrics proxy endpoint behind ACLs (#9099) 4 years ago
Daniel Nephin 068b43df90 Enable gofmt simplify 5 years ago
Matt Keeler 0b346616e9
Rename EnterpriseAuthorizerContext -> AuthorizerContext 5 years ago
Matt Keeler 973341a592
ACL Authorizer overhaul (#6620) 5 years ago
Jack Pearkes 36ebca1fd0 Fix to prevent allowing recursive KV deletions when we shouldn’t 6 years ago
Matt Keeler 18b29c45c4
New ACLs (#4791) 6 years ago
Matt Keeler fbb1a7a52b Rewrite all of acl_test.go 6 years ago
Mitchell Hashimoto 5a47a53c70
acl: IntentionDefault => IntentionDefaultAllow 7 years ago
Mitchell Hashimoto ac72a0c5fd
agent: ACL checks for authorize, default behavior 7 years ago
Mitchell Hashimoto 193f93107a
acl: implement IntentionRead/Write methods on ACL interface 7 years ago
Preetha Appan 51a04ec87d Introduces new 'list' permission that applies to KV store recursive reads, and enforced only when opted in. 7 years ago
Preetha Appan d7e27e67c1 Introduce Code Policy validation via sentinel, with a noop implementation 7 years ago
游远 ffcd2b1fc8 fix UnitTest in acl 7 years ago
James Phillips 022baeea13
Adds support to the ACL package for agent policies. 8 years ago
James Phillips 60d4322c49
Adds support to ACL package for session policies. 8 years ago
James Phillips 7fa4ab3fd1
Adds support to ACL package for node policies. 8 years ago
James Phillips 9b4f316b21
Sorts all the ACl policy handlers for easier navigation (no functional changes). 8 years ago
James Phillips c01a3871c9 Adds support for snapshots and restores. (#2396) 8 years ago
James Phillips e5850d8a26
Adds new consul operator endpoint, CLI, and ACL and some basic Raft commands. 8 years ago
James Phillips 899dcfe053 Completes switch of prepared_query ACLs to govern query names. 9 years ago
James Phillips 67de77482e Creates new "prepared-query" ACL type and new token capture behavior. 9 years ago
James Phillips ce0881a99a Adds a new management ACL for prepared queries. 9 years ago
Ryan Uber 02b49058a2 acl: more keyring tests 10 years ago
Ryan Uber 7e50a457d9 acl: allow omitting keyring policy, add tests 10 years ago
Ryan Uber 90f5eb8f69 acl: fix spelling in tests 10 years ago
Ryan Uber 0c624350eb acl: support for user events 10 years ago
Maciej Bryński 11425734d5 Consul prefix services ACLs 10 years ago
Armon Dadgar 8ff08819c8 acl: Expose service policy checks 10 years ago
Armon Dadgar 705c6cdb86 acl: Support checking write permissions on a prefix 10 years ago
Armon Dadgar c2153843c6 acl: Support ACL checks, adding new root policy 10 years ago
Armon Dadgar 5c0da3a4d7 acl: Simplify parent ACL, adding root policies 10 years ago
Armon Dadgar 7a1d778474 acl: First pass 10 years ago