You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@mesos.apache.org by "Adam B (JIRA)" <ji...@apache.org> on 2016/04/11 09:47:25 UTC
[jira] [Updated] (MESOS-5164) Add authorization to agent's
/monitor/statistics endpoint
[ https://issues.apache.org/jira/browse/MESOS-5164?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Adam B updated MESOS-5164:
--------------------------
Summary: Add authorization to agent's /monitor/statistics endpoint (was: Add authentication to agent's /monitor/statistics endpoint)
> Add authorization to agent's /monitor/statistics endpoint
> ---------------------------------------------------------
>
> Key: MESOS-5164
> URL: https://issues.apache.org/jira/browse/MESOS-5164
> Project: Mesos
> Issue Type: Task
> Components: security, slave
> Reporter: Adam B
> Assignee: Benjamin Bannier
> Labels: authorization, mesosphere, security
> Fix For: 0.29.0
>
>
> Operators may want to enforce that only specific authorized users be able to view per-executor resource usage statistics. For 0.29 MVP, we can make this coarse-grained, and assume that only the operator or a operator-privileged monitoring service will be accessing the endpoint.
> For a future release, we can consider fine-grained authz that filters statistics like we plan to do for /tasks.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)