Skip to content

Add references document defining NGF permissions #1985

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
bjee19 opened this issue May 16, 2024 · 2 comments
Open

Add references document defining NGF permissions #1985

bjee19 opened this issue May 16, 2024 · 2 comments
Labels
documentation Improvements or additions to documentation refined Requirements are refined and the issue is ready to be implemented. size/medium Estimated to be completed within a week
Milestone
v2.0.0

Comments

@bjee19
Copy link
Contributor

bjee19 commented May 16, 2024
edited by mpstefan
Loading

Split out of #1976 , add a references document which defines NGF permissions. Can follow https://docs.nginx.com/nginx-service-mesh/reference/permissions/.

Should explain the permissions that the NGF Deployment requires (mostly security context options and required volumes).

Acceptance

  • A document is added to NGF documentation to outline what permissions are needed by each component of NGF in order to run.
  • The documentation explains permissions needed with the context of the data and control plane being split.
  • Should include:
    • read-only filesystem
    • capabilities
    • non-root
    • volumes used
@bjee19 bjee19 added the enhancement New feature or request label May 16, 2024
@bjee19 bjee19 mentioned this issue May 16, 2024
Merged
6 tasks
@sjberman sjberman added documentation Improvements or additions to documentation and removed enhancement New feature or request labels May 17, 2024
@mpstefan mpstefan added this to the v1.4.0 milestone May 20, 2024
@mpstefan
Copy link
Member

The result of this doc should help give a conclusion to this discussion: #1961

@bjee19
Copy link
Contributor Author

bjee19 commented May 20, 2024

User from community commented on #1674

Would be great to have this documented and why we need these extra capabilities, especially the KILL.

@mpstefan mpstefan modified the milestones: v1.4.0, v2.1.0 Jul 24, 2024
@mpstefan mpstefan added refined Requirements are refined and the issue is ready to be implemented. size/medium Estimated to be completed within a week labels Oct 28, 2024
@mpstefan mpstefan modified the milestones: v1.6.0, v2.0.0 Jan 13, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
documentation Improvements or additions to documentation refined Requirements are refined and the issue is ready to be implemented. size/medium Estimated to be completed within a week
Projects
NGINX Gateway Fabric
Status: 🆕 New
Milestone
v2.0.0
Development

No branches or pull requests
3 participants
@mpstefan @sjberman @bjee19