Set Authorization

Kubemqctl
Helm
kubectl
Flags
Flag
Type/Options
Default
Description
--authorization-enabled
string
false
Enable authorization configuration
--authorization-policy-data
string
""
Set authorization policy data
--authorization-policy-file
string
""
set authorization policy filename
--authorization-url
string url
""
Set authorization policy loading url
--authorization-auto-reload
int
0
Set auto reload policy data from url
Examples
Set predefined authorization rules policy where policy.json is json array of access control rules:
1
kubemqctl create cluster --authorization-enabled --authorization-policy-file ./policy.json
Copied!
Set authorization web service rules source:
1
kubemqctl create cluster --authorization-enabled --authorization-url "http://your.url.rules/" --authorization-auto-reload 120
Copied!
KubeMQ will call "http://your.url.rules" every 120 seconds and pulls the Authorization policy json array
Values
Value
Type/Options
Default
Description
authorization.PolicyData
string
""
Set Authorization policy data
authorization.url
string url
""
Set Optional authorization server url for policy data
authorization.autoReload
int
0
Set auto reload policy data from url
Examples
Set predefined authorization rules policy where policy.json is json array of access control rules:
1
helm install kubemq-cluster --set-file authorization.policyData=./policy.json kubemq-charts/kubemq
Copied!
Set authorization web service rules source:
1
helm install kubemq-cluster --set authorization.url="http://your.url.rules/",authorization.autoReload=120 kubemq-charts/kubemq
Copied!
Fields
Field
Type/Options
Default
Description
policyData
string
""
Set Authorization policy data
url
string url
""
Set Optional authorization server url for policy data
autoReload
int
0
Set auto reload policy data from url
Examples
Set predefined authorization rules policy where policy.json is json array of access control rules:
Run:
1
kubectl apply -f {below-yaml-file}
Copied!
1
apiVersion: core.k8s.kubemq.io/v1alpha1
2
kind: KubemqCluster
3
metadata:
4
  name: kubemq-cluster
5
  namesapce: kubemq
6
  labels:
7
    app: kubemq-cluster
8
spec:
9
  replicas: 3
10
  authorization:
11
    policy: |-
12
      [
13
         {
14
            "ClientID":"client-1",
15
            "Events":true,
16
            "EventsStore": false,
17
            "Queues": false,
18
            "Commands": false,
19
            "Queries": false,
20
            "Channel":"foo.bar.1",
21
            "Read":false,
22
            "Write": true
23
         },
24
         {
25
            "ClientID":"client-2",
26
            "Events":true,
27
            "EventsStore": false,
28
            "Queues": false,
29
            "Commands": false,
30
            "Queries": false,
31
            "Channel":"foo.bar.2",
32
            "Read":false,
33
            "Write": true
34
         },
35
      ]
Copied!
Set authorization web service rules source:
Run:
1
kubectl apply -f {below-yaml-file}
Copied!
1
apiVersion: core.k8s.kubemq.io/v1alpha1
2
kind: KubemqCluster
3
metadata:
4
  name: kubemq-cluster
5
  namesapce: kubemq
6
  labels:
7
    app: kubemq-cluster
8
spec:
9
  replicas: 3
10
  authorization:
11
    url: "http://your.url.rules/"
12
    autoReload: 120
Copied!
​Learn Access Control - Authorization Feature​

Set Authentication

Set Notification

Last modified 2yr ago

Copy link