[jira] [Closed] (CLOUDSTACK-418) Separate API endpoints for Admin/End user APIs

Daan Hoogland (JIRA) Wed, 08 Feb 2017 05:12:02 -0800

     [ 
https://issues.apache.org/jira/browse/CLOUDSTACK-418?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Daan Hoogland closed CLOUDSTACK-418.
------------------------------------
    Resolution: Later

> Separate API endpoints for Admin/End user APIs
> ----------------------------------------------
>
>                 Key: CLOUDSTACK-418
>                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-418
>             Project: CloudStack
>          Issue Type: Improvement
>      Security Level: Public(Anyone can view this level - this is the 
> default.) 
>          Components: API
>    Affects Versions: 4.0.0
>            Reporter: Clement Chen
>              Labels: considerForGsoc
>
> For security reasons customers might want to block remote access to root 
> admin APIs or limit access to domain admin APIs to certain IP addresses.
> It can be easily done on WAF if we have separate API endpoints for root 
> admin/domain admin/end user APIs. For example, in case of VMWare vCloud 
> Director, APIs accessible only to system admins are under 
> http://hostname/cloud/api/1.0/admin/extension and this can be easily blocked 
> on a WAF.
> We should consider separating API endpoints for admin/end user APIs. 



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Closed] (CLOUDSTACK-418) Separate API endpoints for Admin/End user APIs

Reply via email to