-
Notifications
You must be signed in to change notification settings - Fork 36
Issues
is:issue state:open
is:issue state:open
Issue creation is restricted in this repository
Search results
- Status: Open.#545 In kagenti/kagenti-extensions;
- Status: Open.#533 In kagenti/kagenti-extensions;
- Status: Open.#532 In kagenti/kagenti-extensions;
Support operator-independent and non-sidecar (separate-pod egress gateway) deployment of AuthBridge
enhancementNew feature or requestNew feature or requestIdentityIssues related to agent identity attestation, SPIFFE, and Authorization bearer tokensIssues related to agent identity attestation, SPIFFE, and Authorization bearer tokensStatus: Open.#531 In kagenti/kagenti-extensions;Add static credential injection plugin to AuthBridge outbound pipeline
enhancementNew feature or requestNew feature or requestIdentityIssues related to agent identity attestation, SPIFFE, and Authorization bearer tokensIssues related to agent identity attestation, SPIFFE, and Authorization bearer tokensStatus: Open.#530 In kagenti/kagenti-extensions;Investigate swapping AuthBridge in as the egress data plane for dam-agents/dam (kagenti/platform)
enhancementNew feature or requestNew feature or requestIdentityIssues related to agent identity attestation, SPIFFE, and Authorization bearer tokensIssues related to agent identity attestation, SPIFFE, and Authorization bearer tokensStatus: Open.#529 In kagenti/kagenti-extensions;Feasibility/design: SSH bridge for AuthBridge (proxy-sidecar mode) — guardrails, authz, audit for agent SSH egress
enhancementNew feature or requestNew feature or requestIdentityIssues related to agent identity attestation, SPIFFE, and Authorization bearer tokensIssues related to agent identity attestation, SPIFFE, and Authorization bearer tokensStatus: Open.#528 In kagenti/kagenti-extensions;- Status: Open.#525 In kagenti/kagenti-extensions;
- Status: Open.#519 In kagenti/kagenti-extensions;
harden(ibac): bind intent/session to the JWT subject, not the client-supplied contextId
enhancementNew feature or requestNew feature or requestStatus: Open.#515 In kagenti/kagenti-extensions;harden(authbridge): pin SNI to the resolved IP to close the HTTPS allowlist spoof
enhancementNew feature or requestNew feature or requestStatus: Open.#514 In kagenti/kagenti-extensions;harden(authbridge): derive token audience from the route, not the client Host header
enhancementNew feature or requestNew feature or requestStatus: Open.#513 In kagenti/kagenti-extensions;