kubernetes
/
apiserver
mirror of https://github.com/kubernetes/apiserver.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
apiserver/plugin/pkg/authenticator
History
Monis Khan bcfdd8b141 Add egress selector support to JWT authenticator 
This change adds the StructuredAuthenticationConfigurationEgressSelector
beta feature (default on).  When enabled, each JWT authenticator
specified via the AuthenticationConfiguration.jwt array can
optionally specify either the controlplane or cluster egress
selector by setting the issuer.egressSelectorType field.  When
unset, the prior behavior of using no egress selector is retained.

Egress selection is valuable when the persona configuring the JWT
authenticator and the persona managing the control plane are
different individuals.  This change allows the latter to protect
control plane network services from unexpected connections.

Signed-off-by: Monis Khan <mok@microsoft.com>

Kubernetes-commit: b69fd9d42c4d03b8fe5b37433d59f85483835d30
 		2025-06-24 17:12:28 -04:00
..
token Add egress selector support to JWT authenticator 2025-06-24 17:12:28 -04:00
OWNERS Check in OWNERS modified by update-yamlfmt.sh 2021-12-09 21:31:26 -05:00
doc.go remove import doc comments 2024-12-02 14:43:58 +01:00