kubernetes
/
website
mirror of https://github.com/kubernetes/website.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
52,263 Commits 69 Branches 73 Tags 934 MiB
Commit Graph

124 Commits

Author SHA1 Message Date
Vinayak Goyal 7a1cdab150 KEP-4633: Graduate to BETA. 
Signed-off-by: Vinayak Goyal <vinaygo@google.com>
 2024-10-25 15:42:32 +00:00
Anish Ramasekar 3ff8a9c65a
Add note about k8s.io, kubernetes disallowed prefix for structured authn 
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
 2024-09-06 09:46:43 -07:00
Vinayak Goyal 4b2940eb26 KEP-4633: Add documentation for Configurable Endpoints for Anonymous Auth. 
Signed-off-by: Vinayak Goyal <vinaygo@google.com>
 2024-06-29 06:48:39 +00:00
Michael ea91c4b588 clean up access-authn-authz/authentication.md 2024-05-26 21:05:31 +08:00
Vyom-Yadav 37b0b3ed72
Merge remote-tracking branch 'upstream/main' into dev-1.30 2024-04-10 23:04:57 +05:30
Anish Ramasekar ba458ace13
Add certificateAuthority in structured authn docs 
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
 2024-04-09 14:31:37 -07:00
Anish Ramasekar 3ef1d0bb84
Fix docs for authentication: s/errors/error 2024-03-24 09:56:05 -07:00
Anish Ramasekar b35e434193
Add docs for Structured Authn beta 
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
 2024-03-19 13:51:32 -07:00
Saketh Kalaga 121d47db90
Update authentication.md 
Azure Active Directory is now Microsoft Entra ID.
Changing for the sake of correctness.
 2024-01-19 01:06:19 +05:30
Anish Ramasekar fcfeeac989
fix value in structured authn config example 
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
 2023-12-13 21:43:11 +00:00
drewhagen deaf1b920a Merge remote-tracking branch 'upstream/main' into dev-1.29 2023-11-29 15:33:49 -06:00
Suruchi Kumari c0a72d25d8
added doc for setting up cloud provider kubectl auth via plugin 
Signed-off-by: GitHub <noreply@github.com>
 2023-11-29 13:26:04 +00:00
Anish Ramasekar 74caa0daaa
review feedback 
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
 2023-11-27 20:03:23 +00:00
Anish Ramasekar 01e6f317e3
add docs for StructuredAuthenticationConfig v1alpha1 
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
 2023-11-21 19:28:05 +00:00
windsonsea 676f862137 Clean up /access-authn-authz/authentication.md 2023-11-17 21:32:04 +08:00
nnlkcncff f932a74483
fix description --oidc-issuer-url.md (#42941) 
* fix description --oidc-issuer-url.md

https://accounts.google.com/           <= above
└─ .well-known/openid-configuration    <= below

* Update authentication.md

Fixed the description of `--oidc-issuer-url`.
 2023-09-27 16:22:38 -07:00
Kubernetes Prow Robot 610b895266
Merge pull request #41308 from kubernetes/main 
Sync `dev-1.28` branch with `main`
 2023-05-29 23:01:44 -07:00
Eric Chiang 5d6e0ca1bb remove ericchiang from reviewers 2023-05-16 18:13:33 +00:00
Maksim Nabokikh 30841950a6
Apply suggestions from code review 
Co-authored-by: Tim Bannister <tim@scalefactory.com>
 2023-05-04 22:25:45 +02:00
m.nabokikh d2d1242815 KEP-3325: Promote SelfSubjectReview to GA 
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
 2023-05-04 11:37:01 +02:00
m.nabokikh bb14c6db8d Promote SelfSubjectReview to Beta 
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
 2023-03-12 15:09:39 +01:00
Maksim Nabokikh cb9dc5a4ac Update content/en/docs/reference/access-authn-authz/authentication.md 
Co-authored-by: Tim Bannister <tim@scalefactory.com>
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
 2022-11-27 22:31:16 +01:00
Maksim Nabokikh 5d61921a11 Apply suggestions from code review 
Co-authored-by: Tim Bannister <tim@scalefactory.com>
 2022-11-10 12:53:21 +01:00
Maksim Nabokikh 0a5e274a42 Add doc about how to get self subject attributes 
Documentation for https://github.com/kubernetes/enhancements/issues/3325
 2022-11-10 12:52:53 +01:00
Kubernetes Prow Robot d772e76af9
Merge pull request #36709 from gaeljw/patch-1 
docs: update OIDC documentation to mention the signing algorithms configuration
 2022-09-30 06:58:29 -07:00
Gaël Jourdan-Weil 699ed970ae
docs: update OIDC documentation to mention the signing algorithms configuration 2022-09-09 17:34:17 +02:00
Jordan Liggitt 79f26d5922
Update service account token documentation 
* Make example service account output match 1.24+ output with auto-generated tokens omitted
* Prefer `kubectl create token` as token creation mechanism
 2022-09-07 16:00:27 -04:00
Rohit Agarwal 4747731407
Fix --service-account-key-file description 
--service-account-key-file flag to the kube-api-server is used to verify ServiceAccount tokens (and not to sign them).

--service-account-signing-key-file is the kube-api-server flag that's used to sign ServiceAccount tokens (short-lived ones).
--service-account-private-key-file is the kube-controller-manager flag that's used to sign ServiceAccount tokens (long-lived ones).
 2022-08-02 00:37:09 -07:00
Raki af65de3877
Callout that impersonation needs (ClusterRole)Binding (#34082) 
* Callout that impersonation needs (ClusterRole)Binding

I learned through trial and error that impersonation does not work with Role and RoleBinding - this was not obvious. It would be good if the docs call this out.

* Update content/en/docs/reference/access-authn-authz/authentication.md

Co-authored-by: Qiming Teng <tengqm@outlook.com>

* Update content/en/docs/reference/access-authn-authz/authentication.md

Co-authored-by: Tim Bannister <tim@scalefactory.com>

* Update content/en/docs/reference/access-authn-authz/authentication.md

Co-authored-by: ZSC <zacharysarah@users.noreply.github.com>

* Update content/en/docs/reference/access-authn-authz/authentication.md

Co-authored-by: ZSC <zacharysarah@users.noreply.github.com>

Co-authored-by: Qiming Teng <tengqm@outlook.com>
Co-authored-by: Tim Bannister <tim@scalefactory.com>
Co-authored-by: ZSC <zacharysarah@users.noreply.github.com>
 2022-06-14 13:09:33 -07:00
Nate W f85be125b9 Merge remote-tracking branch 'upstream/main' into dev-1.24 2022-03-31 15:18:13 -07:00
Cezary Czekalski 5650e76c45 Fix typo 2022-03-29 19:27:32 +02:00
Margo Crawford a364ecae1f Remove references to client.authentication.k8s.io/v1alpha1 exec credential API 
Signed-off-by: Margo Crawford <margaretc@vmware.com>
 2022-03-21 09:27:55 -07:00
Kubernetes Prow Robot 991f671a02
Merge pull request #30721 from mlbiam/master 
making wording clearer on extra in impersonation
 2022-03-13 21:02:19 -07:00
Shubham a45bf8459d
Added Hyperlink to RFC3339. (#31836) 
* Added Hyperlink to RFC3339.

* Wrapping a line!
 2022-02-22 22:54:18 -08:00
Qiming Teng bce7fb57e2 Improve configuration API for 1.23 
The previous commit for configuration APIs has some nits to fix:

- The client-authentication API has both v1beta1 and v1 supported.
  We need to include both.
- The kube-scheduler v1alpha1 is superceded by v1alpha3 which is new.
- The links to some external type definitions should point to the 1.23
  API rather than old versions.
 2021-12-20 09:45:38 +08:00
Marc Boorshtein d4388492c5
Merge branch 'kubernetes:main' into master 2021-12-09 15:12:00 -05:00
Kubernetes Prow Robot 63db6dbf66
Merge pull request #29717 from jonassteinberg1/patch-1 
add 'the' to 'without restarting [the] API server' from Static Token …
 2021-12-05 17:56:32 -08:00
Marc Boorshtein 8dfd425486
making working clearer 
*should* implies that an `extra` can be mixed case.  but really it can't because a mixed case `extra` will mismatch on an RBAC `ClusterRole` once the header is canonicalized.
 2021-12-02 22:01:07 -05:00
Rodrigo Queiro f3921c9028
Remove "basic" from supported API auth methods 
This was removed in v1.19.
 2021-10-28 11:57:07 +02:00
Marc Boorshtein e779d2d3fc
Update link to new project documentation site 2021-10-26 15:35:17 -04:00
Jonas Steinberg f9d5ab0627
add 'the' to 'without restarting [the] API server' from Static Token File section 
smol.
 2021-09-15 09:29:37 -05:00
Kubernetes Prow Robot 5a813f1267
Merge pull request #28430 from margocrawf/master 
Add Impersonate-Uid description to Authentication docs page.
 2021-07-26 12:02:33 -07:00
Andrew Keesler a30e63dcd6
exec credential provider: v1 documentation 
Signed-off-by: Andrew Keesler <akeesler@vmware.com>
 2021-07-13 10:47:14 -04:00
Margo Crawford d77368133a Add Impersonate-Uid description to Authentication docs page. 
This change goes with https://github.com/kubernetes/kubernetes/pull/99961
in the Kubernetes repo.
 2021-07-12 13:17:42 -07:00
Smuu 1f28ec0961
Fix syntax errors (#27735) 
* Fix syntax errors

- fix wrong placed line breaks
- fix command mode start and end

* remove word 'simple'
 2021-04-28 17:06:50 -07:00
Qiming Teng b28250b68f Add reference for client-authentication v1beta1 
This is a reference for client authentication API generated from kubernetes-sigs/reference-docs/genref tool.
More specifically, it is generated using the following command:

```shell
./genref -include client-authentication
```
 2021-04-02 09:48:59 +08:00
Kubernetes Prow Robot 59d1b368c1
Merge pull request #26018 from CharlyRipp/patch-1 
Update misleading webhook authentication documentation
 2021-03-26 04:22:44 -07:00
Kubernetes Prow Robot 903ee369b2
Merge pull request #26119 from neha-viswanathan/25833-migrate-page 
Migrate https://kubernetes.io/docs/concepts/cluster-administration/certificates/ to tasks section
 2021-02-27 18:26:38 -08:00
Jens Heinrich e864d7f3ca
Fix sentence 
Add missing verb
 2021-02-27 15:37:33 +01:00
Neha Viswanathan 41220636ec Migrate https://kubernetes.io/docs/concepts/cluster-administration/certificates/ to tasks section 2021-02-24 18:33:38 -08:00