You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We would like to use ISTIO to secure access to Jupyter notebooks. This is part of the larger effort (#1630) to replace JupyterHub with a set of Cloud Native microservices to manage notebooks.
I think what we want to do is be able to spawn notebooks for each user in their own namespace. We can then rely on RBAC to restrict access to the K8s resources.
However, we still need a way to restrict access to the Jupyter web servers. For this I think we'd like to use ISTIO.
A strawman would be to use ISTIO and JWT's to restrict access to specific notebooks. So we would use ISTIO to enforce policies restricting access to specific notebooks to specific users.
ISTIO would use the JWT in the request to determine the identity of the user making the request.
The text was updated successfully, but these errors were encountered:
Background: #1630
We would like to use ISTIO to secure access to Jupyter notebooks. This is part of the larger effort (#1630) to replace JupyterHub with a set of Cloud Native microservices to manage notebooks.
I think what we want to do is be able to spawn notebooks for each user in their own namespace. We can then rely on RBAC to restrict access to the K8s resources.
However, we still need a way to restrict access to the Jupyter web servers. For this I think we'd like to use ISTIO.
A strawman would be to use ISTIO and JWT's to restrict access to specific notebooks. So we would use ISTIO to enforce policies restricting access to specific notebooks to specific users.
ISTIO would use the JWT in the request to determine the identity of the user making the request.
The text was updated successfully, but these errors were encountered: