Skip to content

Add CIDR binding to token for Vault k8s auth #38

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
justbert opened this issue May 6, 2020 · 3 comments
Closed

Add CIDR binding to token for Vault k8s auth #38

justbert opened this issue May 6, 2020 · 3 comments
Labels
area/security kind/feature New feature or request priority/longterm size/S ~1 day

Comments

@justbert
Copy link

justbert commented May 6, 2020

Tokens generated by Vault when Kubernetes Service accounts are used for authentication should be bound to only be valid from IPs within the Cluster through the use of token_bound_cidrs if possible.
@justbert justbert changed the title Add CIDR token binding for Vault k8s auth Add CIDR binding to token for Vault k8s auth May 6, 2020
@justbert justbert added the size/S ~1 day label May 6, 2020
@justbert
Copy link
Author

justbert commented Jun 7, 2020

Attempted to CIDR bind tokens but I get 403s from Vault as soon as I do. I'll have to investigate further.

@justbert
Copy link
Author

justbert commented Jun 7, 2020

@zachomedia Maybe you can help me with this, I thought it was straightforward but maybe I'm missing something.

@wg102 wg102 mentioned this issue Jul 12, 2022
Closed
14 tasks
@Souheil-Yazji
Copy link
Contributor

Stale

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area/security kind/feature New feature or request priority/longterm size/S ~1 day
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@brendangadd @justbert @Souheil-Yazji