Details

    • Epic Name:
      Agent HTTP Authz

      Description

      As we add authentication in agent http endpoint handlers in MESOS-4847, we now have the opportunity to perform ACL-based authorization on these endpoints.

      Most important is the authorization of the /files endpoints, as those allow access to executor sandboxes (and agent logs), and the operator may wish to control which users may access which sandboxes.

      Similarly, the operator may only want certain users to be able to view agent flags, change logging level, enable the profiler, etc.

        Attachments

          Activity

            People

            • Assignee:
              arojas Alexander Rojas
              Reporter:
              adam-mesos Adam B
              Shepherd:
              Adam B
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: