The documentation here explains how the http.send() method can be used to make GET requests to external data sources. However for calls to internal sources the request would require a token of some kind to be supplied.
这里的文档解释了如何使用HTTP.Send()方法向外部数据源发出GET请求。但是,对于对内部来源的调用,请求将需要提供某种令牌。
Is there a way of doing this in a secure manner such that the token is not hard-coded into the body of the policy? For instance calling on it when the policy is called to check against a request.
有没有办法以一种安全的方式完成这项工作,使令牌不会被硬编码到策略的主体中?例如,当策略被调用以针对请求进行检查时调用它。
As I am using Gatekeeper from a Kubernetes environment, my idea was of mounting a file containing the secret to the pod running Gatekeeper, but that seems a bit overkill and still prone to breaches so wanted to see if there is a better way of handling things?
当我从Kubernetes环境中使用GateKeeper时,我的想法是挂载一个包含运行GateKeeper的Pod的秘密的文件,但这似乎有点过分,仍然容易被攻破,所以想看看是否有更好的方法来处理事情?
更多回答
优秀答案推荐
我是一名优秀的程序员,十分优秀!