weiguoqiang/cert-manager
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

Update design/20210203.certificate-request-identity.md

Browse Source 
Co-authored-by: Jake Sanders <i@am.so-aweso.me>
Signed-off-by: Jake Sanders <i@am.so-aweso.me>
This commit is contained in:
Josh Van Leeuwen 2021-02-04 13:48:10 +00:00 committed by Jake Sanders
parent d94880e693
commit 41dac7f9ee
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
design/20210203.certificate-request-identity.md
View File

@ -48,8 +48,8 @@ is able to determine whether that identity is allowed to request that
certificate, given some policy configuration setup by a cluster administrator.
Although auditing exists in Kubernetes and exposes the identity of the
requester, its configuration is not always exposed to end users, such as in
scenarios when using managed Kubernetes (GKE, EKS etc). In scenarios when
requester, its configuration is not always exposed to end users, such as
when using managed Kubernetes (GKE, EKS etc). In scenarios where
configuring auditing is available, it is often not preferable and an
anti-pattern to make runtime decisions on historical audit logs.