-
Notifications
You must be signed in to change notification settings - Fork 497
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Feature flag to disable log browser #4737
Comments
isn't the logs a RBAC permission you can disable per user? e.g. the service account for the user can just be denied pods/log read permission. |
Hi, thanks for your quick reply. Do you know if there is any way of removing the log rbac permission with the operator; or is the only solution available to me to roll my own deployment? |
What auth strategy are you using? In your Kiali CR, what is "spec.auth.strategy" set to? |
Right now |
Using But regardless of that, the current workaround that you can employ is: remove the |
logs come through the k8s api, not sure if you can disable logs at the k8s layer. |
AFAIK only if the user has been denied access by not giving the user that pods/log permission. |
@larhauga just to confirm the scenario:
Is that right? |
Thanks for the response!
|
This is an interesting enhancement request and conceivably could be expanded. The issue as I see it is "don't allow the user to even SEE something, even in view-only mode". We added that "view-only" mode because people want to allow users to SEE things but not MODIFY things. But this takes that feature a step further - even if Kiali is in view-only mode (but not required to be), there are a subset of data that you might not want users to even SEE. Perhaps we need a feature flag group to allow us to do something in the future to hide other things in the UI (not just logs). Something like:
I don't know if that is thinking too hard about this problem. If so, and we don't think we will have any other features we want to disable in the future, we could just add a boolean |
Working on these PRs: |
* provide the ability to disable features part of: kiali/kiali#4737 * changing feature name to logs-tab
* provide the ability to disable features part of: kiali/kiali#4737 * changing feature name to logs-tab
* provide the ability to disable features part of: #4737 * changing feature name to logs-tab * if things are disabled, add message at login * UI notification of disabled features * fix the INFO notification color and icon. fixes: #4871 * hide the popup notification * fail fast if the feature name is invalid.
feature implemented and merged in master |
Supposed the ui is being ipwhitelisted to only trusted IPs, and kiali is run in view-only mode. What will be the other things that we'll need to be worried about ? |
I only made that remark because the person said they were using "anonymous" strategy - so anyone that can access the Kiali URL could see everything in Kiali (even if view-only mode) - so all your Istio resources (the Virtual Services, the Destination Rules, etc, etc) along with the graph of the entire mesh, for example, would be things exposed. If you feel you have limited the access to the Kiali UI to only those people you want to grant access, then you should be Ok. Otherwise, just look at the Kiali UI and see all the things you can see (traces, metrics, mesh graph, Istio resources). There may be some of those things you don't want to leak to unauthorized persons. This is why it is not recommended to use "anonymous" auth.strategy - integrate Kiali with your auth system like OpenID to have true RBAC security. |
* provide the ability to disable features part of: kiali/kiali#4737 * changing feature name to logs-tab
* provide the ability to disable features part of: kiali/kiali#4737 * changing feature name to logs-tab * if things are disabled, add message at login * UI notification of disabled features * fix the INFO notification color and icon. fixes: kiali/kiali#4871 * hide the popup notification * fail fast if the feature name is invalid.
* provide the ability to disable features part of: kiali/kiali#4737 * changing feature name to logs-tab * if things are disabled, add message at login * UI notification of disabled features * fix the INFO notification color and icon. fixes: kiali/kiali#4871 * hide the popup notification * fail fast if the feature name is invalid.
Hi, it would be nice if it was possible to turn off the logs browser for workloads.
My use case
Logs can contain sensitive information that we dont want accessible through the kiali dashboards.
The text was updated successfully, but these errors were encountered: