RBAC

Role-Based Access Control configuration overview.

config.filter.http.rbac.v2.RBAC

[config.filter.http.rbac.v2.RBAC proto]

RBAC filter config.

{
  "rules": "{...}",
  "shadow_rules": "{...}"
}
rules
(config.rbac.v2alpha.RBAC) Specify the RBAC rules to be applied globally. If absent, no enforcing RBAC policy will be applied.
shadow_rules
(config.rbac.v2alpha.RBAC) Shadow rules are not enforced by the filter (i.e., returning a 403) but will emit stats and logs and can be used for rule testing. If absent, no shadow RBAC policy will be applied.

config.filter.http.rbac.v2.RBACPerRoute

[config.filter.http.rbac.v2.RBACPerRoute proto]

{
  "rbac": "{...}"
}
rbac
(config.filter.http.rbac.v2.RBAC) Override the global configuration of the filter with this new config. If absent, the global RBAC policy will be disabled for this route.