Skip to content

Add whitelisted namespaced resources support #2900

New issue
New issue
Closed
Closed
Add whitelisted namespaced resources support#2900
Assignees
rachelwang20
Labels
enhancementNew feature or requestgood first issueGood for newcomers
@dontreboot

Description

@dontreboot
dontreboot
opened on Dec 18, 2019

Summary

Support whitelisted namespaces resources instead of supporting blacklisted namespaced resources

Motivation

I think it's harder to maintain a blacklist than a whitelist here. With a blacklist, whenever people add CRDs, they will have to remember to update the blacklist to explicitly deny access the new resources. With a whilelist, we define a list of known resources.

The model is similar to grant user access with deny all as the default when we grant more access based on needed which is a basically a "whiltelist" model.

Proposal

See #Motivation

Metadata

Metadata

Assignees

Labels

enhancementNew feature or requestgood first issueGood for newcomers

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions