john/soteria
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

comments

Browse Source
This commit is contained in:
John Lancaster
2026-01-02 14:49:10 -06:00
parent a5d0b1cb2f
commit cb530aa864
1 changed files with 2 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
envoy.yaml
View File

@@ -18,7 +18,7 @@ static_resources:
require_client_certificate: true require_client_certificate: true
common_tls_context: common_tls_context:
tls_params: tls_params:
tls_minimum_protocol_version: TLSv1_3 tls_minimum_protocol_version: TLSv1_3 # (1)!
validation_context: validation_context:
trusted_ca: { filename: /certs/root_ca.crt } trusted_ca: { filename: /certs/root_ca.crt }
match_typed_subject_alt_names: match_typed_subject_alt_names:
@@ -29,7 +29,6 @@ static_resources:
- certificate_chain: { filename: /certs/cert.pem } - certificate_chain: { filename: /certs/cert.pem }
private_key: { filename: /certs/envoy.pem } private_key: { filename: /certs/envoy.pem }
# --8<-- [end:transport_socket] # --8<-- [end:transport_socket]
# --8<-- [start:http]
filters: filters:
- name: envoy.filters.network.http_connection_manager - name: envoy.filters.network.http_connection_manager
typed_config: typed_config:
@@ -65,7 +64,7 @@ static_resources:
rules: rules:
action: ALLOW action: ALLOW
policies: policies:
"data_policy": "test_policy":
permissions: permissions:
- and_rules: - and_rules:
rules: rules: