From 49538db8ebafdc016bddb47c95d3e785929c3c37 Mon Sep 17 00:00:00 2001 From: Han Kang Date: Fri, 17 Jul 2020 15:10:26 -0700 Subject: [PATCH] add bootstrap policy for monitoring roles (we enable metrics and pprof by default, but that doesn't mean we should have full cluster-admin access to use those endpoints) Change-Id: I20cf1a0c817ffe3b7fb8e5d3967f804dc063ab03 remove pprof but add read access to detailed health checks Change-Id: I96c0997be2a538aa8c689dea25026bba638d6e7d add base health check endpoints and remove the todo for flowcontrol, as there is an existing ticket Change-Id: I8a7d6debeaf91e06d8ace3cb2bd04d71ef3e68a9 drop blank line Change-Id: I691e72e9dee3cf7276c725a12207d64db88f4651 Kubernetes-commit: f57611970c0790b325719e0279bfae334537e2de --- pkg/authentication/user/user.go | 1 + 1 file changed, 1 insertion(+) diff --git a/pkg/authentication/user/user.go b/pkg/authentication/user/user.go index f02dc39ec..4d6ec0980 100644 --- a/pkg/authentication/user/user.go +++ b/pkg/authentication/user/user.go @@ -70,6 +70,7 @@ func (i *DefaultInfo) GetExtra() map[string][]string { const ( SystemPrivilegedGroup = "system:masters" NodesGroup = "system:nodes" + MonitoringGroup = "system:monitoring" AllUnauthenticated = "system:unauthenticated" AllAuthenticated = "system:authenticated"