You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@mesos.apache.org by "Adam B (JIRA)" <ji...@apache.org> on 2016/04/11 09:47:25 UTC

[jira] [Updated] (MESOS-5164) Add authorization to agent's /monitor/statistics endpoint

     [ https://issues.apache.org/jira/browse/MESOS-5164?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Adam B updated MESOS-5164:
--------------------------
    Summary: Add authorization to agent's /monitor/statistics endpoint  (was: Add authentication to agent's /monitor/statistics endpoint)

> Add authorization to agent's /monitor/statistics endpoint
> ---------------------------------------------------------
>
>                 Key: MESOS-5164
>                 URL: https://issues.apache.org/jira/browse/MESOS-5164
>             Project: Mesos
>          Issue Type: Task
>          Components: security, slave
>            Reporter: Adam B
>            Assignee: Benjamin Bannier
>              Labels: authorization, mesosphere, security
>             Fix For: 0.29.0
>
>
> Operators may want to enforce that only specific authorized users be able to view per-executor resource usage statistics. For 0.29 MVP, we can make this coarse-grained, and assume that only the operator or a operator-privileged monitoring service will be accessing the endpoint.
> For a future release, we can consider fine-grained authz that filters statistics like we plan to do for /tasks.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)