Daniel Nephin
|
07a33a1526
|
ca: accept only the cluster ID to SpiffeIDSigningForCluster
To make it more obivous where ClusterID is used, and remove the need to create a struct
when only one field is used.
|
2021-11-16 16:57:21 -05:00 |
R.B. Boyer
|
30ccd5c2d9
|
connect: include optional partition prefixes in SPIFFE identifiers (#10507)
NOTE: this does not include any intentions enforcement changes yet
|
2021-06-25 16:47:47 -05:00 |
freddygv
|
d7f3bcc8bb
|
Replace CertURI.Authorize() calls.
AuthorizeIntentionTarget is a generalized version of the old function,
and can be evaluated against sources or destinations.
|
2021-03-15 18:06:04 -06:00 |
Jono Sosulska
|
7a13c96a2a
|
Replace whitelist/blacklist terminology with allowlist/denylist (#7971)
* Replace whitelist/blacklist terminology with allowlist/denylist
|
2020-05-29 14:19:16 -04:00 |
R.B. Boyer
|
91e78e00c7
|
fix typos reported by golangci-lint:misspell (#5434)
|
2019-03-06 11:13:28 -06:00 |
Kyle Havlovitz
|
138a39026b
|
connect/ca: add intermediate functions to Consul CA provider
|
2018-09-13 13:09:21 -07:00 |
Paul Banks
|
30d90b3be4
|
Generate CSR using real trust-domain
|
2018-06-14 09:42:16 -07:00 |
Paul Banks
|
5a1408f186
|
Add CSR signing verification of service ACL, trust domain and datacenter.
|
2018-06-14 09:42:16 -07:00 |
Paul Banks
|
c808833a78
|
Return TrustDomain from CARoots RPC
|
2018-06-14 09:42:15 -07:00 |
Mitchell Hashimoto
|
7af99667b6
|
agent/connect: Authorize for CertURI
|
2018-06-14 09:41:54 -07:00 |