tamalsaha
commented
4 years ago @krdhruva, are you part of the Azure team? Either way, we would love to have your contribution on this feature.
cc: @amanohar , as contributed previously to Azure feature.
Open krdhruva opened 4 years ago
tamalsaha
commented
4 years ago @krdhruva, are you part of the Azure team? Either way, we would love to have your contribution on this feature.
cc: @amanohar , as contributed previously to Azure feature.
krdhruva
commented
4 years ago @tamalsaha, yes I'm part of Azure team.
tamalsaha
commented
4 years ago https://github.com/appscode/guard/pull/236 pr coming from your team?
krdhruva
commented
4 years ago Yes. @weinong is part of Azure team.
Currently guard is being used in AKS as authentication server for AAD users. In this scenario guard requires to have certain kind of read permission to fetch user information from AAD. By adding some more read permissions, Guard can be enhanced as Authorization server such that it can verify AAD user access on Kubernetes resources. This will ensure that user doesn't need any additional solution for Authorization.
This issue is a feature request to add Authorization webhook server support in Guard for Azure.