Open zvlb opened 1 month ago
which envoy version are you using? I don't see any field called whitelist
in the policy spec: https://www.envoyproxy.io/docs/envoy/v1.31.2/api-v3/config/rbac/v3/rbac.proto#envoy-v3-api-msg-config-rbac-v3-policy
envoy --version
envoy version: 10e1e425fd84cc2cde985179655da08f68c9cb30/1.29.3/Modified/RELEASE/BoringSSL
whitelist - it's just policy name. I can use any name for policies - https://www.envoyproxy.io/docs/envoy/v1.31.2/api-v3/config/rbac/v3/rbac.proto#config-rbac-v3-rbac
policies - (repeated map<[string](https://developers.google.com/protocol-buffers/docs/proto#scalar), [config.rbac.v3.Policy](https://www.envoyproxy.io/docs/envoy/v1.31.2/api-v3/config/rbac/v3/rbac.proto#envoy-v3-api-msg-config-rbac-v3-policy)>)
please assign this to me, I would like to find the root cause and hopefully produce a fix for this.
This issue has been automatically marked as stale because it has not had activity in the last 30 days. It will be closed in the next 7 days unless it is tagged "help wanted" or "no stalebot" or other activity occurs. Thank you for your contributions.
Title: Not logging policies name if denied
Description:
If i create requests from localhost all work good, and i see in logs:
But if I create request from external server, envoy block my request (
RBAC: access denied
), but in logs:Envoy doesn't print policy name(