You are viewing a plain text version of this content. The canonical link for it is here.

Posted to user@mesos.apache.org by Vinod Kone <vi...@apache.org> on 2020/08/07 21:39:05 UTC

Re: mesos master default drop acl

Not sure if you came across
http://mesos.apache.org/documentation/latest/authorization/ but I hope it
can answer your questions.

On Thu, Jul 30, 2020 at 4:03 PM Marc Roos <M....@f1-outsourcing.eu> wrote:

>
>
> Currently I am running on a testing environment with some default acl I
> found[1]. I have configured  mesos-credentials, and afaik everything
> agents/marathon framework is authenticating. So I thought about
> converting the acl to default drop/deny. However I see there are quite a
> few options.
>
> Is it advicable to even set the all to deny? Is there an example how to
> set the url for GetEndpoint?
>
> [2]
>
> https://github.com/apache/mesos/blob/master/include/mesos/authorizer/acls.proto
> http://mesos.apache.org/documentation/latest/configuration/master/
>
> [1]
> {
>   "run_tasks": [
>     {
>       "principals": {
>         "type": "ANY"
>       },
>       "users": {
>         "type": "ANY"
>       }
>     }
>   ],
>   "register_frameworks": [
>     {
>       "principals": {
>         "type": "ANY"
>       },
>       "roles": {
>         "type": "ANY"
>       }
>     }
>   ]
> }
>