Uploaded image for project: 'OpenShift Monitoring'
  1. OpenShift Monitoring
  2. MON-1679

use static authorizer feature of kube-rbac-proxy

XMLWordPrintable

    • False
    • False
    • NEW
    • NEW
    • Undefined
    • Monitoring - Sprint 205, Monitoring - Sprint 206, Monitoring - Sprint 207, Monitoring - Sprint 208, Monitoring - Sprint 209

      The static authorizer feature has landed in upstream kube-rbac-proxy. Lets use it by configuring a static authorizer for all requests that hit a /metrics endpoint.

      DoD:

      • Downstream kube-rbac-proxy is synced.
      • All CMO operands are configured with static authorization.
      • Bugzillas created for all non-monitoring components using kube-rbac-proxy for metrics authn/authz.

        1.
        		 Implementation of static auth for Node exporter Sub-task Closed Undefined Prashant Balachandran (Inactive)
        2.
        		 Implementation of static auth for OSM Sub-task Closed Undefined Prashant Balachandran (Inactive)
        3.
        		 Implementation of static auth for Prometheus Operator Sub-task Closed Undefined Prashant Balachandran (Inactive)
        4.
        		 Implementation of static auth for Prometheus Operator in UWM Sub-task Closed Undefined Prashant Balachandran (Inactive)
        5.
        		 Implementation of static auth for telemeter client Sub-task Closed Undefined Prashant Balachandran (Inactive)
        6.
        		 Implementation of static auth for KSM Sub-task Closed Undefined Prashant Balachandran (Inactive)

            pnair2 Prashant Balachandran (Inactive)
            jfajersk@redhat.com Jan Fajerski
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: