From f5da1e3d271f8d165774e1958334d04faf505449 Mon Sep 17 00:00:00 2001 From: Tal Nordan Date: Wed, 18 Jul 2018 17:44:46 -0700 Subject: [PATCH] authz: fix RBAC filter config PB docs Fix the description of an `RBAC` Protobuf message example, so that it matches the changes made to the YAML code block in PR #3477. Risk Level: Low Testing: N/A Docs Changes: N/A Release Notes: N/A Signed-off-by: Tal Nordan --- api/envoy/config/rbac/v2alpha/rbac.proto | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/api/envoy/config/rbac/v2alpha/rbac.proto b/api/envoy/config/rbac/v2alpha/rbac.proto index 4fdebe3bf331..ab32aaf475fd 100644 --- a/api/envoy/config/rbac/v2alpha/rbac.proto +++ b/api/envoy/config/rbac/v2alpha/rbac.proto @@ -16,12 +16,11 @@ option go_package = "v2alpha"; // // Here is an example of RBAC configuration. It has two policies: // -// * Service account "cluster.local/ns/default/sa/admin" has full access (empty permission entry -// means full access) to the service. +// * Service account "cluster.local/ns/default/sa/admin" has full access to the service, and so +// does "cluster.local/ns/default/sa/superuser". // -// * Any user (empty principal entry means any user) can read ("GET") the service at paths with -// prefix "/products" or suffix "/reviews" when request header "version" set to either "v1" or -// "v2". +// * Any user can read ("GET") the service at paths with prefix "/products", so long as the +// destination port is either 80 or 443. // // .. code-block:: yaml //