You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Right now in CKF user-a can connect to the url of notebook that is deployed in a Profile that belongs touser-b, where UserA should not have any access.
This is not the case for upstream Kubeflow.
The reason this is the case for CKF is because of this issue we initially encountered in KFP canonical/kfp-operators#355. Specifically, in CKF we now have an extra AuthorizationPolicy that allows any user (any value of kubeflow-userid) header to talk to the workloads of a Profile.
This will block users to access other notebooks from their browsers.
The following though would still mean that users from their Pods (notebooks) could curl K8s svc urls of other notebooks, explicitly set the kubeflow-userid header, and reach workloads in other user namespaces.
The text was updated successfully, but these errors were encountered:
Bug Description
Right now in CKF
user-a
can connect to the url of notebook that is deployed in a Profile that belongs touser-b
, where UserA should not have any access.This is not the case for upstream Kubeflow.
The reason this is the case for CKF is because of this issue we initially encountered in KFP canonical/kfp-operators#355. Specifically, in CKF we now have an extra AuthorizationPolicy that allows any user (any value of
kubeflow-userid
) header to talk to the workloads of a Profile.The root cause of this is as explained in canonical/kfp-operators#355 (comment), that KFP API pod does not have any sidecar. So the default upstream AuthorizationPolicy doesn't allow KFP to talk to pods in user's namespaces. More on this can be found in canonical/kfp-operators#355 (comment)
To Reproduce
admin
profilekimonas
namespaceadmin
Environment
CKF 1.9
Relevant Log Output
Additional Context
A temporary workaround is to update the following AuthorizationPolicy from allowing all requests to just the namespace owner, and not
*
.https://github.com/canonical/kfp-operators/blob/track/2.2/charms/kfp-profile-controller/files/upstream/sync.py#L480
This will block users to access other notebooks from their browsers.
The following though would still mean that users from their Pods (notebooks) could curl K8s svc urls of other notebooks, explicitly set the
kubeflow-userid
header, and reach workloads in other user namespaces.The text was updated successfully, but these errors were encountered: