istio
/
istio.io
mirror of https://github.com/istio/istio.io.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add clarification on behaviour in absence of policy (#4354) (#4631) 

* Add clarification on behaviour in absence of policy

* Content fixes for clarity

* Remove example manifest in favor of explanation

The example manifest was confusing because it wasn't technically valid
if applied to a cluster. This removes it in favor of just spelling out
that both origin and transport auth are disabled.

(cherry picked from commit bb8af722b2)
This commit is contained in:
mergify[bot] 2019-07-03 11:04:15 -04:00 committed by Frank Budinsky
parent 19dfc4e90c
commit e9f84975df
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
content/docs/concepts/security/index.md
View File

@ -456,6 +456,9 @@ only one authentication policy per mesh and one authentication policy per
namespace. Istio also requires mesh-wide and namespace-wide policies to have
the specific name `default`.
If a service has no matching policies, both transport authentication and
origin authentication are disabled.
#### Transport authentication
The `peers:` section defines the authentication methods and associated