Context-Based Authorization Support across Flux Controllers

This issue tracks the implementation of context-based authorization across Flux controllers.

Below is a list Flux features that could support such functionality, and their current status.

| Status | Component | Feature | Provider | Ref |
| ------ | ----------------- | ------- | -------- | ------ |
| Supported | Source Controller | Bucket Repository Authentication | AWS | [Guide][AWS Buckets] |
| Supported | Source Controller | Bucket Repository Authentication | Azure | [Guide][Azure Buckets] |
| Supported | Source Controller | Bucket Repository Authentication | GCP | [Guide][GCP Buckets] |
| Supported | Source Controller | OCI Repository Authentication | AWS | [Guide][AWS OCI Repository]  |
| Supported | Source Controller | OCI Repository Authentication | Azure | [Guide][Azure OCI Repository]  |
| Supported | Source Controller | OCI Repository Authentication | GCP | [Guide][GCP OCI Repository]  |
| Supported | Image Reflector Controller | Container Registry Authentication | AWS | [Guide][AWS Container Registry] |
| Supported | Image Reflector Controller | Container Registry Authentication | Azure | [Guide][Azure Container Registry] |
| Supported | Image Reflector Controller | Container Registry Authentication | GCP | [Guide][GCP Container Registry] |
| Supported | Kustomize Controller | SOPS Integration with Cloud KMS | AWS | [Guide][AWS KMS] |
| Supported | Kustomize Controller | SOPS Integration with Cloud KMS | Azure | [Guide][Azure KMS] |
| Supported | Kustomize Controller | SOPS Integration with Cloud KMS | GCP | [Guide][GCP KMS] |
| Supported | Source Controller | Helm OCI Repository Authentication | AWS | [Guide][AWS Helm Repository] |
| Supported | Source Controller | Helm OCI Repository Authentication | Azure | [Guide][Azure Helm Repository] |
| Supported | Source Controller | Helm OCI Repository Authentication | GCP | [Guide][GCP Helm Repository] |
| Not Supported | Source Controller | Git Repository Authentication (RO) | AWS | https://github.com/fluxcd/source-controller/issues/835 |
| Not Supported | Source Controller | Git Repository Authentication (RO) | Azure | https://github.com/fluxcd/source-controller/issues/1284 |
| Not Supported | Source Controller | Git Repository Authentication (RO) | GCP | |
| Not Supported | Image Automation Controller | Git Repository Authentication (RW) | AWS | |
| Not Supported | Image Automation Controller | Git Repository Authentication (RW) | Azure | |
| Not Supported | Image Automation Controller | Git Repository Authentication (RW) | GCP | |

As we add support for the features above, we should update the page: https://fluxcd.io/docs/security/contextual-authorization/.

[AWS Buckets]: https://fluxcd.io/docs/components/source/buckets/#aws
[Azure Buckets]: https://fluxcd.io/docs/components/source/buckets/#azure
[GCP Buckets]: https://fluxcd.io/docs/components/source/buckets/#gcp
[AWS OCI Repository]: https://fluxcd.io/docs/components/source/ocirepositories/#aws
[Azure OCI Repository]: https://fluxcd.io/docs/components/source/ocirepositories/#azure
[GCP OCI Repository]: https://fluxcd.io/docs/components/source/ocirepositories/#gcp
[AWS Container Registry]: https://fluxcd.io/docs/guides/image-update/#using-native-aws-ecr-auto-login
[Azure Container Registry]: https://fluxcd.io/docs/guides/image-update/#using-native-azure-acr-auto-login
[GCP Container Registry]: https://fluxcd.io/docs/guides/image-update/#using-native-gcp-gcr-auto-login
[AWS KMS]: https://fluxcd.io/docs/guides/mozilla-sops/#aws
[Azure KMS]: https://fluxcd.io/docs/guides/mozilla-sops/#azure
[GCP KMS]: https://fluxcd.io/docs/guides/mozilla-sops/#google-cloud
[AWS Helm Repository]: https://fluxcd.io/flux/components/source/helmrepositories/#aws
[Azure Helm Repository]: https://fluxcd.io/flux/components/source/helmrepositories/#azure
[GCP Helm Repository]: https://fluxcd.io/flux/components/source/helmrepositories/#gcp

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Context-Based Authorization Support across Flux Controllers #3003

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Status	Component	Feature	Provider	Ref
Supported	Source Controller	Bucket Repository Authentication	AWS	Guide
Supported	Source Controller	Bucket Repository Authentication	Azure	Guide
Supported	Source Controller	Bucket Repository Authentication	GCP	Guide
Supported	Source Controller	OCI Repository Authentication	AWS	Guide
Supported	Source Controller	OCI Repository Authentication	Azure	Guide
Supported	Source Controller	OCI Repository Authentication	GCP	Guide
Supported	Image Reflector Controller	Container Registry Authentication	AWS	Guide
Supported	Image Reflector Controller	Container Registry Authentication	Azure	Guide
Supported	Image Reflector Controller	Container Registry Authentication	GCP	Guide
Supported	Kustomize Controller	SOPS Integration with Cloud KMS	AWS	Guide
Supported	Kustomize Controller	SOPS Integration with Cloud KMS	Azure	Guide
Supported	Kustomize Controller	SOPS Integration with Cloud KMS	GCP	Guide
Supported	Source Controller	Helm OCI Repository Authentication	AWS	Guide
Supported	Source Controller	Helm OCI Repository Authentication	Azure	Guide
Supported	Source Controller	Helm OCI Repository Authentication	GCP	Guide
Not Supported	Source Controller	Git Repository Authentication (RO)	AWS	fluxcd/source-controller#835
Not Supported	Source Controller	Git Repository Authentication (RO)	Azure	fluxcd/source-controller#1284
Not Supported	Source Controller	Git Repository Authentication (RO)	GCP
Not Supported	Image Automation Controller	Git Repository Authentication (RW)	AWS
Not Supported	Image Automation Controller	Git Repository Authentication (RW)	Azure
Not Supported	Image Automation Controller	Git Repository Authentication (RW)	GCP

Context-Based Authorization Support across Flux Controllers #3003

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions