On Feb 23, 2015, at 9:22 AM, Henrik Lindberg <henrik.lindb...@cloudsmith.com> wrote: > On 2015-23-02 17:47, Chris Price wrote: >> Totally agree that we have too many formats. That's why we tried to put >> a lot of thought into picking one that we think is robust enough to >> standardize on going forward. :) Also, the current auth.conf format is >> none of the above, so moving it to any of the above would mean 'n - 1' >> formats :) > Is there an overlap with Node Classifier and RBAC as they also specify rules? > We would want to have a common way to handle rules in different domains.
Do you mean the rules that these services themselves model? (Like mapping objects to permission levels in RBAC) Because that is a very different data model that I wouldn't expect to render in a config file format at all. On the other hand these services _should_ be able to use the auth.conf replacement to control access their HTTP endpoints, though. Right now all the clj services just have simplistic certificate whitelists. Eric Sorenson - eric.soren...@puppetlabs.com - freenode #puppet: eric0 puppet platform // coffee // techno // bicycles -- You received this message because you are subscribed to the Google Groups "Puppet Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-dev+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-dev/7685A807-C0C7-4C49-9035-3EE9BE191227%40puppetlabs.com. For more options, visit https://groups.google.com/d/optout.
