You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@mesos.apache.org by "Adam B (JIRA)" <ji...@apache.org> on 2016/04/27 08:00:24 UTC
[jira] [Commented] (MESOS-2222) Add ACLs for the maintenance HTTP
endpoints.
[ https://issues.apache.org/jira/browse/MESOS-2222?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15259603#comment-15259603 ]
Adam B commented on MESOS-2222:
-------------------------------
Recommend we do coarse-grained authz using GET|POST_ENDPOINT_WITH_PATH, since it's hard to say who should be able to shut down which machines, except to say that only and administrator should do it (regardless of IP/hostname).
Lower priority though, so dropping this out of the current Mesosphere sprint.
> Add ACLs for the maintenance HTTP endpoints.
> --------------------------------------------
>
> Key: MESOS-2222
> URL: https://issues.apache.org/jira/browse/MESOS-2222
> Project: Mesos
> Issue Type: Task
> Components: master, security
> Affects Versions: 0.25.0
> Reporter: Benjamin Mahler
> Labels: authorization, maintenance, mesosphere, security
>
> In order to authorize the HTTP endpoints for maintenance (to be added in MESOS-2067), we will need to add an ACL definition for performing maintenance operations.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)