You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@mesos.apache.org by "Adam B (JIRA)" <ji...@apache.org> on 2016/04/27 08:00:24 UTC

[jira] [Commented] (MESOS-2222) Add ACLs for the maintenance HTTP endpoints.

    [ https://issues.apache.org/jira/browse/MESOS-2222?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15259603#comment-15259603 ] 

Adam B commented on MESOS-2222:
-------------------------------

Recommend we do coarse-grained authz using GET|POST_ENDPOINT_WITH_PATH, since it's hard to say who should be able to shut down which machines, except to say that only and administrator should do it (regardless of IP/hostname).
Lower priority though, so dropping this out of the current Mesosphere sprint.

> Add ACLs for the maintenance HTTP endpoints.
> --------------------------------------------
>
>                 Key: MESOS-2222
>                 URL: https://issues.apache.org/jira/browse/MESOS-2222
>             Project: Mesos
>          Issue Type: Task
>          Components: master, security
>    Affects Versions: 0.25.0
>            Reporter: Benjamin Mahler
>              Labels: authorization, maintenance, mesosphere, security
>
> In order to authorize the HTTP endpoints for maintenance (to be added in MESOS-2067), we will need to add an ACL definition for performing maintenance operations.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)