Marcelo Giles
|
cdff2b4b6b
|
Add systems:master paragraph
|
2024-10-30 18:09:24 -07:00 |
Rita Zhang
|
1f1779e777
|
Update structured authz examples
Signed-off-by: Rita Zhang <rita.z.zhang@gmail.com>
|
2024-10-16 13:30:08 -07:00 |
Simon Bäumer
|
3b267126e9
|
Add checkpoint subresource to Kublet authorization doc (#48012)
* Add checkpoint subresource to Kublet authorization doc
* Update kubelet-authn-authz.md
* Replace `spec` with `checkpoint` in subresource
|
2024-10-03 05:38:26 +01:00 |
ChinoUkaegbu
|
2e7c1d4935
|
add hyperlink for RFC3339 in bootstrap-tokens.md
|
2024-09-11 11:29:12 +04:00 |
Kubernetes Prow Robot
|
5bc26c7ff3
|
Merge pull request #47404 from aleskandro/patch-1
Clarify expiration time for service accounts and tokens of pods pending deletion despite finalizers
|
2024-08-14 01:15:56 -07:00 |
Alessandro Di Stefano
|
300519c850
|
Apply suggestions from code review
Co-authored-by: Tim Bannister <tim@scalefactory.com>
|
2024-08-09 10:06:32 -04:00 |
|
Alessandro Di Stefano
|
45aa0d800a
|
Clarify expiration time for service accounts and tokens of pods pending deletion despite finalizers
Refers #47403
Signed-off-by: aleskandro <aleskandro@redhat.com>
|
2024-08-09 09:46:08 -04:00 |
Daniel Chan
|
c2ab3112f1
|
Merge main into dev-1.31 to keep in sync
|
2024-08-05 11:47:31 -04:00 |
Gergely Nagy
|
d77111d096
|
Remove beta pre-requisites
With 1.30 stable, the feature does not need to be enabled and the v1beta1 API group is not needed.
|
2024-08-01 09:08:20 +02:00 |
|
Kubernetes Prow Robot
|
ee1fa4340f
|
Merge pull request #46544 from my-git9/pt-10139
improve format for bootstrap-tokens certificate-signing-requests
|
2024-07-31 22:08:06 -07:00 |
xin.li
|
7215e3919f
|
improve format for bootstrap-tokens certificate-signing-requests
Signed-off-by: xin.li <xin.li@daocloud.io>
|
2024-07-30 19:59:39 +08:00 |
|
Kubernetes Prow Robot
|
ce56779401
|
Merge pull request #45466 from tuladhar/improve-rbac-doc
Improve RBAC document with correct references to cluster role binding
|
2024-07-30 02:18:52 -07:00 |
Jordan Liggitt
|
5dab30d474
|
KEP-4601: alpha docs
|
2024-07-26 23:27:51 -04:00 |
|
Kubernetes Prow Robot
|
a77fcc771b
|
Merge pull request #46988 from vinayakankugoyal/kep4633
KEP-4633: Add documentation for Configurable Endpoints for Anonymous Auth.
|
2024-07-23 19:54:11 -07:00 |
|
Kubernetes Prow Robot
|
7e90855773
|
Merge pull request #47246 from haircommander/container_engine_t-1.31
PSS: add container_engine_t to allowed list of selinux types
|
2024-07-23 16:14:17 -07:00 |
Peter Hunt
|
06aff012a2
|
PSS: add container_engine_t to allowed list of selinux types
Signed-off-by: Peter Hunt <pehunt@redhat.com>
|
2024-07-23 12:19:14 -04:00 |
|
Kubernetes Prow Robot
|
ebd7ff0b64
|
Merge pull request #47234 from salaxander/merged-main-dev-1.31
Merged main dev 1.31
|
2024-07-22 16:20:03 -07:00 |
|
Kubernetes Prow Robot
|
c079d3a7cd
|
Merge pull request #47184 from salaxander/merged-main-dev-1.31
Merged main dev 1.31
|
2024-07-18 00:06:01 -07:00 |
|
Kubernetes Prow Robot
|
1f9b4761a2
|
Merge pull request #47193 from rodrigc/certificatesigningrequest-link
Add links to CertificateSigningRequest API
|
2024-07-18 00:02:07 -07:00 |
|
Kubernetes Prow Robot
|
2aa8266591
|
Merge pull request #47121 from micahhausler/csr-node-clarification
Clarify kubelet serving and client cert CN values
|
2024-07-17 23:53:52 -07:00 |
Qiming Teng
|
8e59b9f392
|
Update certificate-signing-requests.md
|
2024-07-18 14:52:26 +08:00 |
Craig Rodrigues
|
a55b1057be
|
Add links to CertificateSigningRequest API
Signed-off-by: Craig Rodrigues <rodrigc@crodrigues.org>
|
2024-07-17 20:41:13 -07:00 |
David Xia
|
80d2f96c93
|
Update extensible-admission-controllers.md
fix typo
|
2024-07-16 13:26:09 -04:00 |
Micah Hausler
|
a2ca418a9a
|
Clarify kubelet serving and client cert CN values
Signed-off-by: Micah Hausler <mhausler@amazon.com>
|
2024-07-09 08:27:50 -07:00 |
Vinayak Goyal
|
4b2940eb26
|
KEP-4633: Add documentation for Configurable Endpoints for Anonymous Auth.
Signed-off-by: Vinayak Goyal <vinaygo@google.com>
|
2024-06-29 06:48:39 +00:00 |
Puru
|
a7fe6cf8c5
|
Update content/en/docs/reference/access-authn-authz/rbac.md
Co-authored-by: Junya Okabe <86868255+Okabe-Junya@users.noreply.github.com>
|
2024-06-28 15:48:33 +05:45 |
|
Kubernetes Prow Robot
|
56d3c640f8
|
Merge pull request #46809 from hacktivist123/merged-main-dev-1.31
Merged main dev 1.31
|
2024-06-13 22:43:26 -07:00 |
|
Kubernetes Prow Robot
|
c05e239c86
|
Merge pull request #44643 from T-Lakshmi/rbac
Reworded 'beyond discovery permissions' wording in "Using RBAC Authorization" page
|
2024-06-11 09:48:44 -07:00 |
|
Daniel Chan
|
d989445929
|
resolved conflict as discussed, accepted current change with CRICTL_VERSION=v1.31.0
|
2024-06-03 18:26:28 -04:00 |
Michael
|
ea91c4b588
|
clean up access-authn-authz/authentication.md
|
2024-05-26 21:05:31 +08:00 |
Oluebube Princes Egbuna
|
e941a6ab1d
|
Merge main into dev-1.31 to keep in sync
|
2024-05-22 16:16:00 +01:00 |
vijaynag-bs
|
8201801a97
|
Fixing heading in authorization.md
Signed-off-by: vijaynag-bs <vijaynag.bs@gmail.com>
|
2024-05-12 14:28:59 +05:30 |
carlory
|
8c773b2e31
|
update PersistentVolumeLabel admission plugin
|
2024-05-10 11:40:49 +08:00 |
Tim Bannister
|
8a122ff9ca
|
Fix page title
Omit “Overview” to match the authentication topic.
|
2024-04-23 01:42:43 +01:00 |
|
Tim Bannister
|
5fdccf9f2f
|
Revise advice about authz modes
|
2024-04-23 01:42:42 +01:00 |
|
Rita Zhang
|
f833f4f671
|
Revise authz page
Improve how we explain authz, and remove some existing duplication.
Co-Authored-By: Rita Zhang <rita.z.zhang@gmail.com>
|
2024-04-23 01:42:20 +01:00 |
|
Tim Bannister
|
9f327512c6
|
Reorder authn/authz pages
Group topics together, in order of how these happen within Kubernetes'
API server's processing chain (authn, then authz, then admission
control).
|
2024-04-23 01:42:18 +01:00 |
Vyom-Yadav
|
37b0b3ed72
|
Merge remote-tracking branch 'upstream/main' into dev-1.30
|
2024-04-10 23:04:57 +05:30 |
Anish Ramasekar
|
ba458ace13
|
Add certificateAuthority in structured authn docs
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
|
2024-04-09 14:31:37 -07:00 |
|
Daniel Chan
|
cdf1ed1236
|
Merge remote-tracking branch 'upstream/main' into dev-1.30
Merge main into dev-1.30 to keep in sync
|
2024-04-02 10:05:03 -04:00 |
James Munnelly
|
00d526659e
|
Make KEP-4193 documentation updates (#45292)
* KEP-4193: beta documentation updates
* Apply suggestions from code review
Co-authored-by: Jordan Liggitt <jordan@liggitt.net>
* Apply suggestions from code review
Co-authored-by: Dipesh Rawat <rawat.dipesh@gmail.com>
* include example JTI and node-name/uid output
* Update service-accounts-admin.md
Co-authored-by: Jordan Liggitt <jordan@liggitt.net>
---------
Co-authored-by: Jordan Liggitt <jordan@liggitt.net>
Co-authored-by: Dipesh Rawat <rawat.dipesh@gmail.com>
|
2024-03-26 13:45:05 -07:00 |
|
Anish Ramasekar
|
3ef1d0bb84
|
Fix docs for authentication: s/errors/error
|
2024-03-24 09:56:05 -07:00 |
|
Kubernetes Prow Robot
|
864ac8bec6
|
Merge pull request #45108 from aramase/aramase/d/kep_3331_beta_docs
Add docs for Structured Authn beta
|
2024-03-24 03:08:39 -07:00 |
|
Anish Ramasekar
|
c4e3177ff3
|
Add feature gate metadata for structured authz config
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
|
2024-03-19 14:02:50 -07:00 |
|
Anish Ramasekar
|
b35e434193
|
Add docs for Structured Authn beta
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
|
2024-03-19 13:51:32 -07:00 |
Dipesh Rawat
|
c889d9b251
|
Add metadata to use mechanism for API reference links
|
2024-03-14 14:50:24 +00:00 |
|
Kubernetes Prow Robot
|
0f8e1fadea
|
Merge pull request #45249 from cici37/3488
[KEP-3488]Promoting ValidatingAdmissionPolicy to GA
|
2024-03-12 17:05:49 -07:00 |
|
Kubernetes Prow Robot
|
b8514fcb5e
|
Merge pull request #45138 from ritazh/kep_3221_beta_docs
Add docs for Structured Authz beta
|
2024-03-12 10:59:04 -07:00 |
Igor Velichkovich
|
4bffa3c7fa
|
Mark feature AdmissionWebhookMatchConditions to stable in 1.30
|
2024-03-12 10:14:31 -07:00 |
cici37
|
0fc8d236e0
|
Promote ValidatingAdmissionPolicy to GA
|
2024-03-11 22:48:54 +00:00 |