epic: authentication & authorization system (Vault dynamic secrets, service accounts, users, path ACLs) #79
Reference in New Issue
Block a user
Delete Branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Currently the management API and proxy are fully open. Build an auth/authz system, default-open (no behaviour change until enabled).
Components
remote/<remote-name>/<path-in-remote>; capabilitiesread,write,delete,create. Also cover management resources (remotes/virtuals/etc.).Deliverables (tracked as sub-PRs)
Cross-repo: terraform-vault (K8s auth role, policies), argocd-apps (deploy Vault plugin / SA).