kube-mgmt icon indicating copy to clipboard operation
kube-mgmt copied to clipboard

Published 20 hours ago verified publisher icon open-policy-agent

OPA TLS based client authentication with kube-mgmt

Open sandeepsharmadevops opened this issue 6 years ago • 3 comments

OPA authentication supports bearer token and TLS based.

  • referencing document is available when OPA is configured with token-based authN and kube-mgmt, but what if OPA is configured with TLS base authN, in that case how kube-mgmt gets authenticated by OPA, does mgmt support any other cmd line flag to be passed if yes please suggest with an example if possible if not guide me about the solution considering we want to opt for TLS based authN within OPA, how mgmt authentication can be handled by OPA

sandeepsharmadevops avatar May 30 '19 15:05 sandeepsharmadevops

Is it still pending, or is the TLS based authn available in recent releases ? If not available, am I correct thinking TLS based authn is working on a single machine but not within a Kubernetes cluster ? Thanks

manicole avatar Nov 18 '19 13:11 manicole

kube-mgmt only supports token-based auth/n at this point in time. Single machine-vs-within Kubernetes should not matter since it's the Go HTTP client that needs to be configured w/ a client certificate in order for TLS-based authentication to be used.

tsandall avatar Nov 25 '19 12:11 tsandall

OK I understand, thanks for answering :)

manicole avatar Nov 27 '19 09:11 manicole