Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enhance the admin_ids configuration option to support foreign trust #3400

Closed
amartinezfayo opened this issue Sep 1, 2022 · 2 comments · Fixed by #3642
Closed

Enhance the admin_ids configuration option to support foreign trust #3400

amartinezfayo opened this issue Sep 1, 2022 · 2 comments · Fixed by #3642
Assignees
@guilhermocc
Labels
priority/backlog Issue is approved and in the backlog

Comments

@amartinezfayo
Copy link
Member

The admin_ids configuration option allows to configure SPIFFE IDs that, when present in a caller's X509-SVID, grant that caller admin privileges. The admin IDs must reside in the same trust domain as the server.

There are some scenarios where this restriction to have the SPIFFE IDs in the same trust domain as the server is a limitation. #3282 provides context about legitimate scenarios where this is a limitation.

This issue tracks the work to enhance this configuration option to allow foreign trust domains.
@amartinezfayo amartinezfayo added help wanted Issues with this label are ready to start work but are in need of someone to do it priority/backlog Issue is approved and in the backlog labels Sep 1, 2022
@amartinezfayo amartinezfayo mentioned this issue Sep 1, 2022
Closed
@guilhermocc
Copy link
Contributor

Hi @amartinezfayo, I would love to contribute to this issue, could it be assigned to me, please? 😄

@amartinezfayo
Copy link
Member Author

Sure, that would be great, Thank you @guilhermocc!

@amartinezfayo amartinezfayo removed the help wanted Issues with this label are ready to start work but are in need of someone to do it label Nov 24, 2022
@guilhermocc guilhermocc mentioned this issue Nov 28, 2022
Merged
3 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@guilhermocc guilhermocc

Labels
priority/backlog Issue is approved and in the backlog
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Support foreign trust domains admin ids config guilhermocc/spire
2 participants
@amartinezfayo @guilhermocc