Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Missing KIC guide on Key Authentication with ACL per service or route #5324

Open
2 tasks done
mloskot opened this issue Mar 21, 2023 · 1 comment
Open
2 tasks done

Missing KIC guide on Key Authentication with ACL per service or route #5324

mloskot opened this issue Mar 21, 2023 · 1 comment
Labels
team-k8s Kubernetes task tracking (including KIC,KGO)
Milestone
KIC v3.4.x

Comments

@mloskot
Copy link
Contributor

mloskot commented Mar 21, 2023
edited
Loading

Where is the problem?

https://docs.konghq.com/hub/kong-inc/key-auth/

What happened?

It would be good if there is a guide describing non-trivial case of configuration:

  • Two services or routes, A and B
  • Two API keys, 1 and 2
  • Key 1 can access A, but can not access B
  • Key 2 can access B, but can not access A

It requires combination of the Key Authentication plugin and ACL plugin.
It would be useful if presented with declarative configuration.

Such configuration for Kong Ingress Controller is especially not trivial, because it requires

  1. Creation of 'conceptual/logical' ACL group via Kubernetes secret which is not very intuitive and not well documented, if at all, especially after deprecating kind: KongCredential
  2. API key stored in secret
  3. Consumer using the two secrets as credentials: one to authorise access to specific service/route and the other to authenticate consumer

What did you expect to happen?

Add a guide for Kong Ingress Controller with non-trivial authentication and authorisation scenarios.

Code of Conduct and Community Expectations

  • I agree to follow this project's Code of Conduct
  • I agree to abide by the Community Expectations
@eschbach-dd
Copy link

I'm also interested in this

@lahabana lahabana added this to the KIC v3.4.x milestone Oct 18, 2024
@lahabana lahabana added the team-k8s Kubernetes task tracking (including KIC,KGO) label Oct 18, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
team-k8s Kubernetes task tracking (including KIC,KGO)
Projects
None yet
Milestone
KIC v3.4.x
Development

No branches or pull requests
3 participants
@mloskot @lahabana @eschbach-dd