-
Hello,
**What happened**:
* My pod has access to a resource outside pod at the very beginning of its lifecycle despite a network policy blocking egress
**What you expected to happen**:
…
-
The OCI attestation currently only works for `.tar` files output from a `docker save` command. In a common workflow we first build our images with `docker build` and the image is create typically in `…
-
### What would you like to be added
I would like to be able to restrict the types of keys clients are allowed to submit to the CA for SSH certificate signing.
### Why this is needed
This woul…
-
Current xDS protocol feedback semantics is too limiting to validate the configuration is effective on the data plane:
* ACK is per group of resources, and application can be partial where only a subs…
-
I've been discussing this a lot privately, mainly as a point of comparison when considering tradeoffs in Revault's architecture and/or deployment. Especially with regard to watchtowers, which bring a …
-
Are there any plans to support the authorization endpoints of Keycloak. If we activate Policy Enforcement on an API Backend we need to convert the Access Bearer Token to a Requesting Party Token (RPT)…
-
TODO: split this into two issues
1. policy enforcement for clinical data repository
- https://informatics.kumc.edu/work/wiki/HeronAdminDev Access Policy and Authority Flow
2. research data…
-
A key idea, for me, is to be able to separate specifications from the code that uses them, so multiple modules can use the same specification. Here specification is types, contracts, tests, theorems t…
-
_Originally Opened: @adetorcy (2013-07-24 15:42:21_)
If there isn't one already there should be a generic event hook for policies or periodic rules that should be set upon startup.
##
From: https:/…
-
### Community Note
* Please vote on this issue by adding a 👍 [reaction](https://blog.github.com/2016-03-10-add-reactions-to-pull-requests-issues-and-comments/) to the original issue to help the…