Skip to content
This repository has been archived by the owner on Oct 20, 2023. It is now read-only.

Need a discussion on validating user intent in SMI policy #105

Closed
asridharan opened this issue Feb 19, 2020 · 3 comments
Closed

Need a discussion on validating user intent in SMI policy #105

asridharan opened this issue Feb 19, 2020 · 3 comments

Comments

@asridharan
Copy link

In an ongoing PR #67 there has been consensus in re-defining the notion of a service within the context of an SMI policy to allow SMI spec to support multiple Kubernetes clusters as well as to support services running outside a Kubernetes cluster such as on VMs.

The proposal led to a debate, revolving around the notion of authorization within the SMI policy, namely, how does the service mesh implementation determine whether the access that is specified between two services within the policy is valid, and given its validity how does the service mesh enforce this access?

Creating this issue to track the discussion.
@asridharan
Copy link
Author

Here is a proposal on this topic:
https://docs.google.com/document/d/1tiEDUgx9wjdBBi-AjBMr6I94XnzX57rezPvamZ0djBE/edit?usp=sharing

@grampelberg
Copy link
Collaborator

Would you mind either doing a PR or opening up comment access on that?

@lachie83 lachie83 mentioned this issue Feb 19, 2020
Closed
@asridharan
Copy link
Author

@grampelberg just opened it up for comments. Could you give it a try?

Thanks !!

@draychev draychev mentioned this issue Jun 30, 2021
Closed
6 tasks
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@grampelberg @bridgetkromhout @asridharan