On 2022-11-28 10:56, Jesús Samitier wrote:
Hi
The idea is to integrate kube-rbac-proxy to add an extra (and
optional) security feature in a new exporter, so the final user can
rely on RBAC to assure that only Prometheus can scrape its metrics.
This is something you get when you install Prometheus in K8s using the
official helm chart - only Prometheus can scrape the Prometheus
metrics exposed by the K8s internals. The idea is to have something
similar but for any exporter.
Any developer can integrate it in its exporter (as shown here
https://www.brancz.com/2018/02/27/using-kube-rbac-proxy-to-secure-kubernetes-workloads),
but someone pointed out on Mastodon that we could also integrate in in
the exporter toolkit so it's even easier.
What would actually be needed in the toolkit though? Is it just some
docs explaining how to deploy the sidecar with the exporter, or actual
code changes?
--
Stuart Clark
--
You received this message because you are subscribed to the Google Groups
"Prometheus Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/prometheus-developers/3883faab86ed1a93de7ad2d8f8598ea5%40Jahingo.com.
