kubernetes
/
website
mirror of https://github.com/kubernetes/website.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
37,197 Commits 69 Branches 73 Tags 934 MiB
Commit Graph

103 Commits

Author SHA1 Message Date
Maksim Nabokikh cb9dc5a4ac Update content/en/docs/reference/access-authn-authz/authentication.md 
Co-authored-by: Tim Bannister <tim@scalefactory.com>
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
 2022-11-27 22:31:16 +01:00
Maksim Nabokikh 5d61921a11 Apply suggestions from code review 
Co-authored-by: Tim Bannister <tim@scalefactory.com>
 2022-11-10 12:53:21 +01:00
Maksim Nabokikh 0a5e274a42 Add doc about how to get self subject attributes 
Documentation for https://github.com/kubernetes/enhancements/issues/3325
 2022-11-10 12:52:53 +01:00
Kubernetes Prow Robot d772e76af9
Merge pull request #36709 from gaeljw/patch-1 
docs: update OIDC documentation to mention the signing algorithms configuration
 2022-09-30 06:58:29 -07:00
Gaël Jourdan-Weil 699ed970ae
docs: update OIDC documentation to mention the signing algorithms configuration 2022-09-09 17:34:17 +02:00
Jordan Liggitt 79f26d5922
Update service account token documentation 
* Make example service account output match 1.24+ output with auto-generated tokens omitted
* Prefer `kubectl create token` as token creation mechanism
 2022-09-07 16:00:27 -04:00
Rohit Agarwal 4747731407
Fix --service-account-key-file description 
--service-account-key-file flag to the kube-api-server is used to verify ServiceAccount tokens (and not to sign them).

--service-account-signing-key-file is the kube-api-server flag that's used to sign ServiceAccount tokens (short-lived ones).
--service-account-private-key-file is the kube-controller-manager flag that's used to sign ServiceAccount tokens (long-lived ones).
 2022-08-02 00:37:09 -07:00
Raki af65de3877
Callout that impersonation needs (ClusterRole)Binding (#34082) 
* Callout that impersonation needs (ClusterRole)Binding

I learned through trial and error that impersonation does not work with Role and RoleBinding - this was not obvious. It would be good if the docs call this out.

* Update content/en/docs/reference/access-authn-authz/authentication.md

Co-authored-by: Qiming Teng <tengqm@outlook.com>

* Update content/en/docs/reference/access-authn-authz/authentication.md

Co-authored-by: Tim Bannister <tim@scalefactory.com>

* Update content/en/docs/reference/access-authn-authz/authentication.md

Co-authored-by: ZSC <zacharysarah@users.noreply.github.com>

* Update content/en/docs/reference/access-authn-authz/authentication.md

Co-authored-by: ZSC <zacharysarah@users.noreply.github.com>

Co-authored-by: Qiming Teng <tengqm@outlook.com>
Co-authored-by: Tim Bannister <tim@scalefactory.com>
Co-authored-by: ZSC <zacharysarah@users.noreply.github.com>
 2022-06-14 13:09:33 -07:00
Nate W f85be125b9 Merge remote-tracking branch 'upstream/main' into dev-1.24 2022-03-31 15:18:13 -07:00
Cezary Czekalski 5650e76c45 Fix typo 2022-03-29 19:27:32 +02:00
Margo Crawford a364ecae1f Remove references to client.authentication.k8s.io/v1alpha1 exec credential API 
Signed-off-by: Margo Crawford <margaretc@vmware.com>
 2022-03-21 09:27:55 -07:00
Kubernetes Prow Robot 991f671a02
Merge pull request #30721 from mlbiam/master 
making wording clearer on extra in impersonation
 2022-03-13 21:02:19 -07:00
Shubham a45bf8459d
Added Hyperlink to RFC3339. (#31836) 
* Added Hyperlink to RFC3339.

* Wrapping a line!
 2022-02-22 22:54:18 -08:00
Qiming Teng bce7fb57e2 Improve configuration API for 1.23 
The previous commit for configuration APIs has some nits to fix:

- The client-authentication API has both v1beta1 and v1 supported.
  We need to include both.
- The kube-scheduler v1alpha1 is superceded by v1alpha3 which is new.
- The links to some external type definitions should point to the 1.23
  API rather than old versions.
 2021-12-20 09:45:38 +08:00
Marc Boorshtein d4388492c5
Merge branch 'kubernetes:main' into master 2021-12-09 15:12:00 -05:00
Kubernetes Prow Robot 63db6dbf66
Merge pull request #29717 from jonassteinberg1/patch-1 
add 'the' to 'without restarting [the] API server' from Static Token …
 2021-12-05 17:56:32 -08:00
Marc Boorshtein 8dfd425486
making working clearer 
*should* implies that an `extra` can be mixed case.  but really it can't because a mixed case `extra` will mismatch on an RBAC `ClusterRole` once the header is canonicalized.
 2021-12-02 22:01:07 -05:00
Rodrigo Queiro f3921c9028
Remove "basic" from supported API auth methods 
This was removed in v1.19.
 2021-10-28 11:57:07 +02:00
Marc Boorshtein e779d2d3fc
Update link to new project documentation site 2021-10-26 15:35:17 -04:00
Jonas Steinberg f9d5ab0627
add 'the' to 'without restarting [the] API server' from Static Token File section 
smol.
 2021-09-15 09:29:37 -05:00
Kubernetes Prow Robot 5a813f1267
Merge pull request #28430 from margocrawf/master 
Add Impersonate-Uid description to Authentication docs page.
 2021-07-26 12:02:33 -07:00
Andrew Keesler a30e63dcd6
exec credential provider: v1 documentation 
Signed-off-by: Andrew Keesler <akeesler@vmware.com>
 2021-07-13 10:47:14 -04:00
Margo Crawford d77368133a Add Impersonate-Uid description to Authentication docs page. 
This change goes with https://github.com/kubernetes/kubernetes/pull/99961
in the Kubernetes repo.
 2021-07-12 13:17:42 -07:00
Smuu 1f28ec0961
Fix syntax errors (#27735) 
* Fix syntax errors

- fix wrong placed line breaks
- fix command mode start and end

* remove word 'simple'
 2021-04-28 17:06:50 -07:00
Qiming Teng b28250b68f Add reference for client-authentication v1beta1 
This is a reference for client authentication API generated from kubernetes-sigs/reference-docs/genref tool.
More specifically, it is generated using the following command:

```shell
./genref -include client-authentication
```
 2021-04-02 09:48:59 +08:00
Kubernetes Prow Robot 59d1b368c1
Merge pull request #26018 from CharlyRipp/patch-1 
Update misleading webhook authentication documentation
 2021-03-26 04:22:44 -07:00
Kubernetes Prow Robot 903ee369b2
Merge pull request #26119 from neha-viswanathan/25833-migrate-page 
Migrate https://kubernetes.io/docs/concepts/cluster-administration/certificates/ to tasks section
 2021-02-27 18:26:38 -08:00
Jens Heinrich e864d7f3ca
Fix sentence 
Add missing verb
 2021-02-27 15:37:33 +01:00
Neha Viswanathan 41220636ec Migrate https://kubernetes.io/docs/concepts/cluster-administration/certificates/ to tasks section 2021-02-24 18:33:38 -08:00
Sahadat Hossain 4a0574a083
Update authentication.md 2021-02-13 17:19:13 +06:00
Sahadat Hossain 11f542a599
Update authentication.md 2021-02-12 22:38:11 +06:00
Sahadat Hossain 5ad27062f6
Update content/en/docs/reference/access-authn-authz/authentication.md 
Co-authored-by: Irvi Aini <7439590+irvifa@users.noreply.github.com>
 2021-02-12 22:33:37 +06:00
Sahadat Hossain 2ae6da3c19
Merge branch 'master' into master 2021-02-12 17:04:39 +06:00
sahadat_hossain c0770869ff fixed some grammatical mistakes 2021-02-12 16:57:50 +06:00
Karen Bradshaw 3fd65482e8 clean up use of word: simply 2021-02-07 12:15:29 -05:00
Kubernetes Prow Robot d2e7f4acab
Merge pull request #26352 from kbhawkey/fixup-remove-word-easy 
clean up use of word: easy
 2021-02-04 10:48:26 -08:00
Margo Crawford 67a750b5e0 Incorporated suggestions for provideClusterInfo paragraph 
Signed-off-by: Margo Crawford <margaretc@vmware.com>
 2021-02-01 15:35:49 -08:00
Karen Bradshaw 7d9916af0c clean up use of word: easy 2021-02-01 15:14:25 -05:00
Margo Crawford 5accf8f128 Rewording of paragraph about provideClusterInfo key 
Signed-off-by: Margo Crawford <margaretc@vmware.com>
 2021-01-12 13:51:15 -08:00
Charly Rippenkroeger 7347a9d008
Remove code reference 
Remove reference in favor of https://github.com/kubernetes/website/issues/23889
 2021-01-11 11:57:32 -06:00
Charly Rippenkroeger e72ec8fbd0
Update misleading documentation 
Update misleading information that HTTPS is required and link to self-documented code to find more edge-case configuration options
 2021-01-08 13:40:07 -06:00
Kristin Martin 86d9492ccb Merge remote-tracking branch 'upstream/master' into merged-master-dev-1.20 2020-12-03 11:58:44 -08:00
TAKAHASHI Shuuji 2bc7fbad27
Fix the text in the authorization diagram 2020-11-26 19:09:42 +09:00
Kubernetes Prow Robot cb802d23b1
Merge pull request #25147 from timhughes/patch-1 
Updates links to Dex
 2020-11-25 21:46:19 -08:00
reylejano-rxm d8ae37587e Merge remote-tracking branch 'upstream/master' into dev-1.20 to keep in sync - 11-25-2020 2020-11-25 07:03:22 -08:00
Tim Hughes f5132af21e Updates links to Dex 2020-11-25 13:48:56 +00:00
TAKAHASHI Shuuji b5c0e5ea14 Replace the diagram on authentication page with the one by mermaid. 2020-11-23 14:12:21 +09:00
mkontani c2a33c3403 fix dex/kubernetes link 2020-11-19 18:09:22 +00:00
Kubernetes Prow Robot 44fd64ef5c
Merge pull request #24639 from ankeesler/exec-cred-prov-cluster-info 
exec credential provider: cluster info details
 2020-11-04 11:20:52 -08:00
Andrew Keesler c855d5d68c
exec credential provider: make arbitrary JSON more explicit 
Signed-off-by: Andrew Keesler <akeesler@vmware.com>
 2020-11-03 12:19:16 -05:00