RBAC¶
Role-Based Access Control configuration overview.
config.filter.http.rbac.v2.RBAC¶
[config.filter.http.rbac.v2.RBAC proto]
RBAC filter config.
{
"rules": "{...}",
"shadow_rules": "{...}"
}
- rules
- (config.rbac.v2alpha.RBAC) Specify the RBAC rules to be applied globally. If absent, no enforcing RBAC policy will be applied.
- shadow_rules
- (config.rbac.v2alpha.RBAC) Shadow rules are not enforced by the filter (i.e., returning a 403) but will emit stats and logs and can be used for rule testing. If absent, no shadow RBAC policy will be applied.
config.filter.http.rbac.v2.RBACPerRoute¶
[config.filter.http.rbac.v2.RBACPerRoute proto]
{
"rbac": "{...}"
}
- rbac
- (config.filter.http.rbac.v2.RBAC) Override the global configuration of the filter with this new config. If absent, the global RBAC policy will be disabled for this route.