Not sure if you came across
http://mesos.apache.org/documentation/latest/authorization/ but I hope it
can answer your questions.
On Thu, Jul 30, 2020 at 4:03 PM Marc Roos wrote:
>
>
> Currently I am running on a testing environment with some default acl I
> found[1]. I have configured mesos-credentials, and afaik everything
> agents/marathon framework is authenticating. So I thought about
> converting the acl to default drop/deny. However I see there are quite a
> few options.
>
> Is it advicable to even set the all to deny? Is there an example how to
> set the url for GetEndpoint?
>
> [2]
>
> https://github.com/apache/mesos/blob/master/include/mesos/authorizer/acls.proto
> http://mesos.apache.org/documentation/latest/configuration/master/
>
> [1]
> {
> "run_tasks": [
> {
> "principals": {
> "type": "ANY"
> },
> "users": {
> "type": "ANY"
> }
> }
> ],
> "register_frameworks": [
> {
> "principals": {
> "type": "ANY"
> },
> "roles": {
> "type": "ANY"
> }
> }
> ]
> }
>