You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@mesos.apache.org by "Gavin (JIRA)" <ji...@apache.org> on 2019/04/29 09:27:52 UTC
[jira] [Issue Comment Deleted] (MESOS-5164) Add authorization to
agent's /monitor/statistics endpoint.
[ https://issues.apache.org/jira/browse/MESOS-5164?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Gavin updated MESOS-5164:
-------------------------
Comment: was deleted
(was: www.rtat.net)
> Add authorization to agent's /monitor/statistics endpoint.
> ----------------------------------------------------------
>
> Key: MESOS-5164
> URL: https://issues.apache.org/jira/browse/MESOS-5164
> Project: Mesos
> Issue Type: Task
> Components: agent, security
> Reporter: Adam B
> Assignee: Benjamin Bannier
> Priority: Major
> Labels: authorization, mesosphere, security
> Fix For: 1.0.0
>
>
> Operators may want to enforce that only specific authorized users be able to view per-executor resource usage statistics. For 0.29 MVP, we can make this coarse-grained, and assume that only the operator or a operator-privileged monitoring service will be accessing the endpoint.
> For a future release, we can consider fine-grained authz that filters statistics like we plan to do for /tasks.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)