[
https://issues.apache.org/jira/browse/MESOS-2222?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15259603#comment-15259603
]
Adam B commented on MESOS-2222:
-------------------------------
Recommend we do coarse-grained authz using GET|POST_ENDPOINT_WITH_PATH, since
it's hard to say who should be able to shut down which machines, except to say
that only and administrator should do it (regardless of IP/hostname).
Lower priority though, so dropping this out of the current Mesosphere sprint.
> Add ACLs for the maintenance HTTP endpoints.
> --------------------------------------------
>
> Key: MESOS-2222
> URL: https://issues.apache.org/jira/browse/MESOS-2222
> Project: Mesos
> Issue Type: Task
> Components: master, security
> Affects Versions: 0.25.0
> Reporter: Benjamin Mahler
> Labels: authorization, maintenance, mesosphere, security
>
> In order to authorize the HTTP endpoints for maintenance (to be added in
> MESOS-2067), we will need to add an ACL definition for performing maintenance
> operations.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
