Set Authorization

Flags

Examples

Set predefined authorization rules policy where policy.json is json array of access control rules:

kubemqctl create cluster --authorization-enabled --authorization-policy-file ./policy.json

Set authorization web service rules source:

kubemqctl create cluster --authorization-enabled --authorization-url "http://your.url.rules/" --authorization-auto-reload 120

KubeMQ will call "http://your.url.rules" every 120 seconds and pulls the Authorization policy json array

Values

Examples

Set predefined authorization rules policy where policy.json is json array of access control rules:

helm install kubemq-cluster --set-file authorization.policyData=./policy.json kubemq-charts/kubemq

Set authorization web service rules source:

helm install kubemq-cluster --set authorization.url="http://your.url.rules/",authorization.autoReload=120 kubemq-charts/kubemq

Fields

Examples

Set predefined authorization rules policy where policy.json is json array of access control rules:

Run:

kubectl apply -f {below-yaml-file}

apiVersion: core.k8s.kubemq.io/v1alpha1
kind: KubemqCluster
metadata:
  name: kubemq-cluster
  namesapce: kubemq
  labels:
    app: kubemq-cluster
spec:
  replicas: 3
  authorization:
    policy: |-
      [
         {
            "ClientID":"client-1",
            "Events":true,
            "EventsStore": false,
            "Queues": false,
            "Commands": false,
            "Queries": false,
            "Channel":"foo.bar.1",
            "Read":false,
            "Write": true
         },
         {
            "ClientID":"client-2",
            "Events":true,
            "EventsStore": false,
            "Queues": false,
            "Commands": false,
            "Queries": false,
            "Channel":"foo.bar.2",
            "Read":false,
            "Write": true
         },
      ]

Set authorization web service rules source:

Run:

kubectl apply -f {below-yaml-file}

apiVersion: core.k8s.kubemq.io/v1alpha1
kind: KubemqCluster
metadata:
  name: kubemq-cluster
  namesapce: kubemq
  labels:
    app: kubemq-cluster
spec:
  replicas: 3
  authorization:
    url: "http://your.url.rules/"
    autoReload: 120

Learn Access Control - Authorization Feature

PreviousSet Authentication NextSet Notification

Last updated 4 years ago