mt-broker ingress: Reject unauthorized requests #7980
Labels
good first issue
Denotes an issue ready for a new contributor, according to the "help wanted" guidelines.
help wanted
Denotes an issue that needs help from a contributor. Must meet "help wanted" guidelines.
triage/accepted
Issues which should be fixed (post-triage)
We need to verify in the mt-broker ingress, that an request is authorized. Therefor we should do the following in the mt-broker ingress handler:
.status.policies
is set:EventPolicies
(in their.status.from[]
).403
status code.status.policies
is empty:default-authorization-mode
and do the following depending on its value:allow-all
: Continue with the requestdeny-all
: reject the request with a403
status codeallow-same-namespace
: check, if the senders identity is from the same namespace, as the Broker. If so, continue with the request, otherwise reject with a403
We should also add an e2e test for the above scenarios
Prerequisites:
default-authorization-mode
feature flag #7974.status.policies
#7976Additional context:
Additional hints for new contributors before starting with this issue:
Draft
status, the issue is subject to change and thus should not be started to be worked on/assign
). Please be aware that we might unassign you, if we don't see any progress from your side to give other contributors also a chance to work on this issue.The text was updated successfully, but these errors were encountered: