Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-34427

[AWS CAPI Install] SSH on private clusters is open to public internet

XMLWordPrintable

    • Important
    • No
    • Proposed
    • False
    • Hide

      None

      Show
      None
    • N/A
    • Release Note Not Required
    • In Progress

      This is a clone of issue OCPBUGS-34389. The following is the description of the original issue:

      Description of problem:

          When publish: internal, bootstrap SSH rules are still open to public internet (0.0.0.0/0) instead of restricted to the machine cidr.

      Version-Release number of selected component (if applicable):

      How reproducible:

          all private clusters

      Steps to Reproduce:

          1. set publish: internal in installconfig
    2. inspect ssh rule
    3.

      Actual results:

          ssh is open to public internet

      Expected results:

          should be restricted to machine network

      Additional info:

            padillon Patrick Dillon
            openshift-crt-jira-prow OpenShift Prow Bot
            Yunfei Jiang Yunfei Jiang
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

              Created:
              Updated:
              Resolved: