Implement Authentication for the Tetragon gRPC endpoint similar to Hubble #970
Labels
kind/enhancement
This improves or streamlines existing functionality
Comments
|
Hi, TLS support would definitely be a useful feature, but it is not currently supported. |
kkourt
added
kind/enhancement
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Is there an existing issue for this?
What happened?
I am currently working in a multi-tenant Kubernetes environment and want to ensure that only authorized Kubernetes workloads have access to the Tetragon GRPC endpoint. I am collecting Tetragon events from a different pod running on the same node. While deploying Tetragon, I expose the gRPC endpoint on the network by passing
--set=tetragon.grpc.address=":54321". I have a daemonset that collects Tetragon events from the local Tetragon pod instance using the gRPC endpoint. Is there a way to enforce authentication/authorization at the network level? For example, Hubble supports TLS mutual authentication.Tetragon Version
All versions
Kernel Version
All versions
Kubernetes Version
All versions
Bugtool
No response
Relevant log output
No response
Anything else?
No response
Code of Conduct
The text was updated successfully, but these errors were encountered: