On Feb 23, 2015, at 9:22 AM, Henrik Lindberg <[email protected]> wrote: > On 2015-23-02 17:47, Chris Price wrote: >> Totally agree that we have too many formats. That's why we tried to put >> a lot of thought into picking one that we think is robust enough to >> standardize on going forward. :) Also, the current auth.conf format is >> none of the above, so moving it to any of the above would mean 'n - 1' >> formats :) > Is there an overlap with Node Classifier and RBAC as they also specify rules? > We would want to have a common way to handle rules in different domains.
Do you mean the rules that these services themselves model? (Like mapping objects to permission levels in RBAC) Because that is a very different data model that I wouldn't expect to render in a config file format at all. On the other hand these services _should_ be able to use the auth.conf replacement to control access their HTTP endpoints, though. Right now all the clj services just have simplistic certificate whitelists. Eric Sorenson - [email protected] - freenode #puppet: eric0 puppet platform // coffee // techno // bicycles -- You received this message because you are subscribed to the Google Groups "Puppet Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-dev/7685A807-C0C7-4C49-9035-3EE9BE191227%40puppetlabs.com. For more options, visit https://groups.google.com/d/optout.
