This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Announcements
This site is in read only until July 22 as we migrate to a new platform; refer to this community post for more details.
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

Limit access by API proxy to specific admin/config objects?

Posted on 11-05-2020 01:00 AM
guycrets
Silver 1
Silver 1
Reply posted on --/--/---- --:-- AM

A proxy can by default access all objects in a single environment: KVM's, Caches, Target Servers...

Q: is there a way to limit access by an API proxy to specific admin/config objects?

Context of my question are multiple teams working in a single tenant:

  • Through RBAC, it is possible (but not trivial) to restrict access via Edge UI or Management API.
  • But any API proxy can access all admin objects in its environment. E.g. a proxy of team B can directly access team A's caches or (environment) KVM's
  • For KVM's, there is ultimately the option for proxy specific KVM's. But not for caches a.o. Neither shared flow specific KVM's.
0 3 257
Topic Labels
0 Likes
Reply
3 REPLIES 3
Top Solution Authors
View all