diff options
| author | RichieEscarez <rescarez@google.com> | 2015-06-16 14:48:51 -0700 |
|---|---|---|
| committer | RichieEscarez <rescarez@google.com> | 2015-06-17 08:48:59 -0700 |
| commit | 9e35c48d4abfa4b1bae2b4ed3a81047d6604985e (patch) | |
| tree | 1eb0b3fc2003558004f88d3ad05cfe7c29a94b62 /access.md | |
| parent | a407b64a3d2be8e3ddca9192609c72e92b64a6a9 (diff) | |
Qualified all references to "controller" so that references to "replication controller" are clear. fixes #9404
Also ran hacks/run-gendocs.sh
Diffstat (limited to 'access.md')
| -rw-r--r-- | access.md | 2 |
1 files changed, 1 insertions, 1 deletions
@@ -193,7 +193,7 @@ K8s authorization should: - Allow for a range of maturity levels, from single-user for those test driving the system, to integration with existing to enterprise authorization systems. - Allow for centralized management of users and policies. In some organizations, this will mean that the definition of users and access policies needs to reside on a system other than k8s and encompass other web services (such as a storage service). - Allow processes running in K8s Pods to take on identity, and to allow narrow scoping of permissions for those identities in order to limit damage from software faults. -- Have Authorization Policies exposed as API objects so that a single config file can create or delete Pods, Controllers, Services, and the identities and policies for those Pods and Controllers. +- Have Authorization Policies exposed as API objects so that a single config file can create or delete Pods, Replication Controllers, Services, and the identities and policies for those Pods and Replication Controllers. - Be separate as much as practical from Authentication, to allow Authentication methods to change over time and space, without impacting Authorization policies. K8s will implement a relatively simple |