2020-08-27 17:20:58 +00:00
|
|
|
{
|
|
|
|
"name": "envoy.filters.network.rbac",
|
|
|
|
"config": {
|
|
|
|
"rules": {
|
|
|
|
"policies": {
|
2020-10-06 22:09:13 +00:00
|
|
|
"consul-intentions-layer4": {
|
2020-08-27 17:20:58 +00:00
|
|
|
"permissions": [
|
|
|
|
{
|
|
|
|
"any": true
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"principals": [
|
|
|
|
{
|
|
|
|
"and_ids": {
|
|
|
|
"ids": [
|
|
|
|
{
|
|
|
|
"authenticated": {
|
|
|
|
"principal_name": {
|
|
|
|
"safe_regex": {
|
|
|
|
"google_re2": {
|
|
|
|
},
|
|
|
|
"regex": "^spiffe://[^/]+/ns/default/dc/[^/]+/svc/[^/]+$"
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"not_id": {
|
|
|
|
"authenticated": {
|
|
|
|
"principal_name": {
|
|
|
|
"safe_regex": {
|
|
|
|
"google_re2": {
|
|
|
|
},
|
|
|
|
"regex": "^spiffe://[^/]+/ns/default/dc/[^/]+/svc/web$"
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
]
|
|
|
|
}
|
|
|
|
}
|
|
|
|
]
|
|
|
|
}
|
|
|
|
}
|
|
|
|
},
|
|
|
|
"stat_prefix": "connect_authz"
|
|
|
|
}
|
|
|
|
}
|