pilot/pkg/security/authz/builder/testdata/http/deny-and-allow-out1.yaml - dubbo-go-pixiu - Git at Google

 name: envoy.filters.http.rbac
 typedConfig:
   '@type': type.googleapis.com/envoy.extensions.filters.http.rbac.v3.RBAC
   rules:
     action: DENY
     policies:
       ns[foo]-policy[httpbin-deny]-rule[0]:
         permissions:
         - andRules:
             rules:
             - any: true
         principals:
         - andIds:
             ids:
             - orIds:
                 ids:
                 - authenticated:
                     principalName:
                       exact: spiffe://deny
   shadowRulesStatPrefix: istio_dry_run_allow_
	name: envoy.filters.http.rbac
	typedConfig:
	'@type': type.googleapis.com/envoy.extensions.filters.http.rbac.v3.RBAC
	rules:
	action: DENY
	policies:
	ns[foo]-policy[httpbin-deny]-rule[0]:
	permissions:
	- andRules:
	rules:
	- any: true
	principals:
	- andIds:
	ids:
	- orIds:
	ids:
	- authenticated:
	principalName:
	exact: spiffe://deny
	shadowRulesStatPrefix: istio_dry_run_allow_