Add option to restrict inbound connectivity to k8s (or all deployments) #306
Comments
|
This option is added in the TOSCA document. |
|
Many thanks, @micafer Please add it to https://appsgrycap.i3m.upv.es:31443/im-dashboard/configure?selected_tosca=kubernetes.yaml first. I will do a test and then propose a list for the rest of them. |
|
Yo have it done in the devel instance: Could you please test it? |
|
Thanks, @micafer Port 22 is still allowing connections from 0.0.0.0/0
I have the following Port 80 is still allowing connections from 0.0.0.0/0 |
|
Oh wait, Restricting inbound connectivity for port 22 with
|
Yes it must be opened to allow IM service to configure it.
I have tried: |
|
I see, thanks! Ok, personally I mostly use these two templates for the time being:
I don't want to give you extra work by adding this feature to more templates unless other people find it useful, so from my point of view, this is the change that I would like to see in the production instance of IM Dashboard. Regarding SSH, I just had a random idea. Would it be a good idea that IM added its own |
Yes but it should be implemented at the level of the IM service. I have to think about it. |
|
Thanks, but in my opinion this is an "optional, nice to have" feature so do not include it in the top priority list of things to do. |
Hi,
The option to restrict inbound connectivity is available to deploy VMs:
However, it's not available when deploying k8s, which is desirable to restrict public access to the admin endpoints.
Would it be possible add this option?
In general it would be good to have this option available across all the templates so the end user can enable an additional security layer to protect the virtual infrastructure.
Best regards,
Sebastian
The text was updated successfully, but these errors were encountered: