MyFavMirrors/minio
1
0
Fork 0
mirror of https://github.com/minio/minio.git synced 2025-11-20 01:50:24 -05:00
Code Issues Packages Projects Releases Wiki Activity

feat: allow prometheus for only authorized users (#12121)

Browse Source 
allow restrictions on who can access Prometheus
endpoint, additionally add prometheus as part of
diagnostics canned policy.

Signed-off-by: Harshavardhana <harsha@minio.io>
This commit is contained in:
Harshavardhana
2021-04-22 18:55:30 -07:00
committed by GitHub
parent 4438124948
commit d0d67f9de0
3 changed files with 19 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
pkg/iam/policy/admin-action.go
View File

@@ -31,6 +31,8 @@ const (
// StorageInfoAdminAction - allow listing server info
StorageInfoAdminAction = "admin:StorageInfo"
// PrometheusAdminAction - prometheus info action
PrometheusAdminAction = "admin:Prometheus"
// DataUsageInfoAdminAction - allow listing data usage info
DataUsageInfoAdminAction = "admin:DataUsageInfo"
// ForceUnlockAdminAction - allow force unlocking locks
@@ -141,6 +143,7 @@ var supportedAdminActions = map[AdminAction]struct{}{
DataUsageInfoAdminAction: {},
TopLocksAdminAction: {},
ProfilingAdminAction: {},
PrometheusAdminAction: {},
TraceAdminAction: {},
ConsoleLogAdminAction: {},
KMSKeyStatusAdminAction: {},

4
pkg/iam/policy/constants.go
View File

@@ -76,7 +76,9 @@ var AdminDiagnostics = Policy{
Actions: NewActionSet(ProfilingAdminAction,
TraceAdminAction, ConsoleLogAdminAction,
ServerInfoAdminAction, TopLocksAdminAction,
HealthInfoAdminAction, BandwidthMonitorAction),
HealthInfoAdminAction, BandwidthMonitorAction,
PrometheusAdminAction,
),
Resources: NewResourceSet(NewResource("*", "")),
},
},