Elastic operator all-in-one can read all secrets in all namespaces

data_smith · April 2, 2020, 1:12pm

The Elastic operator all-in-one install can read all secrets in all namespaces. Are there plans to make it more secure?

Thibault_Richard · April 9, 2020, 11:48am

The Elastic Operator can be deployed in 2 different modes.

Either watching all namespaces or a subset of namespaces with restricted RBAC permissions.

Furthermore it is possible to deploy the operator into the same namespace as the workloads it is managing.

We are still working to bring a tool to ease the configuration of the operator:
https://github.com/elastic/cloud-on-k8s/issues/2406.

Topic		Replies	Views
About the Elastic Cloud on Kubernetes (ECK) category Elastic Cloud on Kubernetes (ECK)	2	2991	November 4, 2022
Run elastic-operator with fewer permissions? Disable webhook? Elastic Cloud on Kubernetes (ECK)	2	538	November 4, 2022
How to have Multiple operators in a single namespace managing different clusters Elastic Cloud on Kubernetes (ECK)	1	395	November 4, 2022
Broad Permissions on Operator in Restricted mode Elastic Cloud on Kubernetes (ECK)	1	472	June 30, 2021
Deploy ECK to a Single Namespace Elastic Cloud on Kubernetes (ECK)	8	1565	November 4, 2022