Skip to content

Changes for data plane AuthN/Z in PaaS

Abhishek Patil requested to merge abpatil/oep-august-21 into oep-august-21
  • Updated istio rules to allow pod identity tokens.
  • Updated EnvoyFilters to extract appid from pod identity tokens and populate in x-user-id header.
  • Onboarded podIdentityAuthEnabled flag. This will enable the use of pod identity for token generation instead of SPN credentials if set to true.
  • Onboarded oidAuthEnabled flag. This will enable the use of oid for x-user-id header instead of upn and unique_name if set to true.
Edited by Abhishek Patil

Merge request reports

Loading