Uploaded image for project: 'OpenShift Monitoring'
  1. OpenShift Monitoring
  2. MON-1679

use static authorizer feature of kube-rbac-proxy

XMLWordPrintable

    • False
    • False
    • NEW
    • NEW
    • Undefined
    • Monitoring - Sprint 205, Monitoring - Sprint 206, Monitoring - Sprint 207, Monitoring - Sprint 208, Monitoring - Sprint 209

      The static authorizer feature has landed in upstream kube-rbac-proxy. Lets use it by configuring a static authorizer for all requests that hit a /metrics endpoint.

      DoD:

      • Downstream kube-rbac-proxy is synced.
      • All CMO operands are configured with static authorization.
      • Bugzillas created for all non-monitoring components using kube-rbac-proxy for metrics authn/authz.

          1.
          		 Implementation of static auth for Node exporter Sub-task Closed Undefined Prashant Balachandran (Inactive)
          2.
          		 Implementation of static auth for OSM Sub-task Closed Undefined Prashant Balachandran (Inactive)
          3.
          		 Implementation of static auth for Prometheus Operator Sub-task Closed Undefined Prashant Balachandran (Inactive)
          4.
          		 Implementation of static auth for Prometheus Operator in UWM Sub-task Closed Undefined Prashant Balachandran (Inactive)
          5.
          		 Implementation of static auth for telemeter client Sub-task Closed Undefined Prashant Balachandran (Inactive)
          6.
          		 Implementation of static auth for KSM Sub-task Closed Undefined Prashant Balachandran (Inactive)

              pnair2 Prashant Balachandran (Inactive)
              jfajersk@redhat.com Jan Fajerski
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved: