Kalmalyzer
commented
3 years ago https://www.opcito.com/blogs/securing-jenkins-on-gke-with-iap looks like a useful reference.
Closed Kalmalyzer closed 3 years ago
Kalmalyzer
commented
3 years ago https://www.opcito.com/blogs/securing-jenkins-on-gke-with-iap looks like a useful reference.
Kalmalyzer
commented
3 years ago Done!
The Jenkins web UI is currently exposed to the world over plain HTTP. There are regular vulnerabilities that involve working around the application-level permissions checks in the service.
It should be possible to use IAP as a proxy that enforces authentication (using people's Google accounts). Can we use that, and also avoid dual authentication?