We have a use case where we don't want the namespace added to the azure scope and request path as this allows us to validate request against resource groups directly (and potentially other resources).
However, since guard always adds this information currently, we end up with authz requests being denied for namespace based requests while its working for cluster-scoped requests. This PR adds a new option azure.skip-authz-namespace to disable adding the namespace.
Would be great if this could get merged eventually, I'm also happy to maintain a fork on our side with this change, but I believe this might be useful for others as well. I also added a unit test, if there is anything else I should change / add just let me know.
We have a use case where we don't want the namespace added to the azure scope and request path as this allows us to validate request against resource groups directly (and potentially other resources).
However, since guard always adds this information currently, we end up with authz requests being denied for namespace based requests while its working for cluster-scoped requests. This PR adds a new option
azure.skip-authz-namespaceto disable adding the namespace.Would be great if this could get merged eventually, I'm also happy to maintain a fork on our side with this change, but I believe this might be useful for others as well. I also added a unit test, if there is anything else I should change / add just let me know.