mesos master default drop acl

Marc Roos Thu, 30 Jul 2020 14:04:14 -0700


Currently I am running on a testing environment with some default acl I 
found[1]. I have configured  mesos-credentials, and afaik everything 
agents/marathon framework is authenticating. So I thought about 
converting the acl to default drop/deny. However I see there are quite a 
few options.

Is it advicable to even set the all to deny? Is there an example how to 
set the url for GetEndpoint?

[2]
https://github.com/apache/mesos/blob/master/include/mesos/authorizer/acls.proto
http://mesos.apache.org/documentation/latest/configuration/master/

[1]
{
  "run_tasks": [
    {
      "principals": {
        "type": "ANY"
      },
      "users": {
        "type": "ANY"
      }
    }
  ],
  "register_frameworks": [
    {
      "principals": {
        "type": "ANY"
      },
      "roles": {
        "type": "ANY"
      }
    }
  ]
}

mesos master default drop acl

Reply via email to