Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Integrate Istio Citadel agent and Vault #10356

Closed
myidpt opened this issue Dec 7, 2018 · 4 comments
Closed

Integrate Istio Citadel agent and Vault #10356

myidpt opened this issue Dec 7, 2018 · 4 comments
Assignees
@myidpt @lei-tang
Labels
area/security kind/customer issue
Milestone
1.1

Comments

@myidpt
Copy link
Contributor

myidpt commented Dec 7, 2018
edited
Loading

Describe the feature request
Enable the Citadel agent to call the Vault server to provision X.509 certificates. The authentication and authorization (based on K8s JWT) are conducted on Vault (assume the customer maintains a syncer from K8s service account to Vault roles).

Describe alternatives you've considered
Delegate the authn and authz to Citadel, and hook up Citadel with Vault.
@myidpt myidpt assigned myidpt and lei-tang and unassigned myidpt Dec 8, 2018
@myidpt
Copy link
Contributor Author

myidpt commented Dec 8, 2018
edited
Loading

Sub-tasks:

  • Implement Vault client adaptor on Citadel agent to call to Vault
  • Implement end-to-end test for K8s
  • user instructions

@lei-tang
Copy link
Contributor

@myidpt Thanks for creating the task! I have started working on it.

@lei-tang lei-tang mentioned this issue Dec 20, 2018
Closed
@munrodg munrodg added this to the 1.1 milestone Dec 21, 2018
@lei-tang lei-tang mentioned this issue Dec 22, 2018
Merged
@myidpt myidpt assigned incfly and unassigned incfly Jan 2, 2019
@myidpt myidpt mentioned this issue Jan 2, 2019
Closed
@jasminejaksic
Copy link

Only pending task is user instructions, so moving this to P1. Oliver is working on it, ETA EoM

@lei-tang lei-tang mentioned this issue Jan 15, 2019
Closed
@lei-tang
Copy link
Contributor

The issue #10968 has been created to track the task of user instructions and is assigned to @lei-tang.

@lei-tang lei-tang mentioned this issue Jan 16, 2019
Merged
@myidpt myidpt closed this as completed Feb 12, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@myidpt myidpt

@lei-tang lei-tang

Labels
area/security kind/customer issue
Projects
None yet
Milestone
1.1
Development

No branches or pull requests
5 participants
@myidpt @incfly @lei-tang @munrodg @jasminejaksic