[jira] [Updated] (MESOS-7415) Add authorization to master's operator maintenance API in v0 and v1

Vinod Kone (JIRA) Tue, 13 Jun 2017 13:21:09 -0700

     [ 
https://issues.apache.org/jira/browse/MESOS-7415?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Vinod Kone updated MESOS-7415:
------------------------------
    Sprint: Mesosphere Sprint 56, Mesosphere Sprint 57, Mesosphere Sprint 58  
(was: Mesosphere Sprint 56, Mesosphere Sprint 57)

> Add authorization to master's operator maintenance API in v0 and v1
> -------------------------------------------------------------------
>
>                 Key: MESOS-7415
>                 URL: https://issues.apache.org/jira/browse/MESOS-7415
>             Project: Mesos
>          Issue Type: Task
>          Components: c++ api, HTTP API, master
>            Reporter: Alexander Rojas
>            Assignee: Alexander Rojas
>              Labels: authorization, mesosphere, security
>
> None of the maintenance primitives in either API v0 or API v1 have any kind 
> of authorization, which allows any user with valid credentials to do things 
> such as shutting down a machine, schedule time off on an agent, modify 
> maintenance schedule, etc.
> The authorization support needs to be added to the v0 endpoints:
> * {{/master/machine/up}}
> * {{/master/machine/down}}
> * {{/master/maintenance/schedule}}
> * {{/master/maintenance/status}}
> as well as to the v1 calls:
> * {{GET_MAINTENANCE_STATUS}}
> * {{GET_MAINTENANCE_SCHEDULE}}
> * {{UPDATE_MAINTENANCE_SCHEDULE}}
> * {{START_MAINTENANCE}}
> * {{STOP_MAINTENANCE}}



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Updated] (MESOS-7415) Add authorization to master's operator maintenance API in v0 and v1

Reply via email to