Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support --authorization-webhook-config-file and related options in API server config #7321

Closed
anderseknert opened this issue Jul 25, 2019 · 1 comment
Closed

Support --authorization-webhook-config-file and related options in API server config #7321

anderseknert opened this issue Jul 25, 2019 · 1 comment

Comments

@anderseknert
Copy link
Contributor

While configuring authentication using either OIDC or by webhooks was straightforward, trying to do the same for authorization (configured to use a webhook) didn't work at all due to these configuration attributes being missing entirely in Kops as far as I can see.

To support authorization decisions based on webhooks at least the following attributes should be supported for the API server config:

--authorization-webhook-config-file=/etc/kubernetes/my-authz-webhook.yaml
--authorization-webhook-cache-authorized-ttl=5m0s
--authorization-webhook-cache-unauthorized-ttl=30s
@anderseknert anderseknert mentioned this issue Jul 30, 2019
Merged
@anderseknert
Copy link
Contributor Author

Fixed in #7344

@apolovov apolovov mentioned this issue Aug 7, 2019
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@anderseknert