paralus icon indicating copy to clipboard operation
paralus copied to clipboard

Published 20 hours ago verified publisher icon paralus

Add mutual auth for systems interaction

Open niravparikh05 opened this issue 2 years ago • 1 comments

Briefly describe the feature

  • Add auth for mutually verifying authenticity of requests from sentry bootstrapping, kratos, prompt for certain open endpoints currently excluded for authz "/paralus.dev.sentry.rpc.BootstrapService/GetBootstrapAgentTemplate" "/paralus.dev.sentry.rpc.BootstrapService/RegisterBootstrapAgent" "/paralus.dev.sentry.rpc.KubeConfigService/GetForClusterWebSession" "/paralus.dev.rpc.auth.v3.AuthService/IsRequestAllowed" "/paralus.dev.rpc.user.v3.UserService/AuditLogWebhook"

What problem does this feature solve? Please link any relevant documentation or Issues

  • Enforces zero trust principles

niravparikh05 avatar Dec 26 '22 05:12 niravparikh05

Endpoints that needs auth (excluded right now): https://github.com/paralus/paralus/blob/1e7b2eaf637b5b877f8e53edec1566c5966ceec1/main.go#L634-L646

akshay196 avatar Mar 24 '23 18:03 akshay196