Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add secured namespaces possibility #497

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

Add secured namespaces possibility #497

wants to merge 2 commits into from

Conversation

ThomasCAI-mlv
Copy link
Collaborator

@ThomasCAI-mlv ThomasCAI-mlv commented Dec 17, 2024
edited
Loading

I propose the concept of secured namespaces.
The idea is to add an extra layer of security to protect sensitive data produced by given namespaces, so that only a secured namespace can consume data from another secured namespace. The basic namespaces will not be able to consume data produced by secured namespaces.

In ns4kafka, this protection will be at the ACL level:

  • ✅ Secured namespace can grant ACL to another secured namespace
  • ❌ Secured namespace cannot grant ACL to a basic namespace
  • ✅ Basic namespace can grant ACL to a secured namespace
  • ✅ Basic namespace can grant ACL to another basic namespace
  • ❌ Secured namespace cannot create public ACL (giving access to all other namespaces of the cluster)

Other info:

  • Namespaces are considered secured if their config spec.secured is true
  • Namespaces will be basic by default.
  • For Michelin D2 data use case, it would provide an extra security in addition to the usage of Oauth2 (which replaces basic auth).

Instead of secured, we can use the name guarded, limited, or restricted. What do you think?

@ThomasCAI-mlv ThomasCAI-mlv self-assigned this Dec 17, 2024
@ThomasCAI-mlv ThomasCAI-mlv marked this pull request as draft December 17, 2024 16:46
@ThomasCAI-mlv ThomasCAI-mlv added the feature This issue adds a new feature label Dec 17, 2024
@ThomasCAI-mlv ThomasCAI-mlv changed the title Add secured namespaces concept Add secured namespaces possibility Dec 17, 2024
@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
100.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

ThomasCAI-mlv
ThomasCAI-mlv commented Dec 18, 2024
View reviewed changes
src/main/java/com/michelin/ns4kafka/controller/acl/AclController.java
@@ -105,10 +108,25 @@ public HttpResponse<AccessControlEntry> apply(Authentication authentication,
@QueryValue(defaultValue = "false") boolean dryrun) {
Namespace ns = getNamespace(namespace);

boolean grantorIsSecured = getNamespace(accessControlEntry.getMetadata().getNamespace()).getSpec().isSecured();
boolean granteeIsPublic = PUBLIC_GRANTED_TO.equals(accessControlEntry.getSpec().getGrantedTo());
boolean granteeIsSecured = !granteeIsPublic
Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I put this additional condition !granteeIsPublic, because when the ACL is granted to *, getNamespace("*") will fail.

Feel free to challenge if you think there is a prettier way to forbid secured namespaces granting ACL to all or to basic namespaces.

@ThomasCAI-mlv ThomasCAI-mlv marked this pull request as ready for review December 18, 2024 14:33
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@ThomasCAI-mlv ThomasCAI-mlv

Labels
feature This issue adds a new feature
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@ThomasCAI-mlv