You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
As an enhancement, Fleet could limit the access to registration secrets to only the cluster that's going to read it.
The name is generated randomly and a different downstream cluster would need to apply brute force to guess the secret name, but as an enhancement it would be to good to fine grain the access rights.
Also, another enhancement related to cluster registration would be to reject ClusterRegistrationTokens with TTL set to 0 or nil.
As an enhancement, Fleet could limit the access to registration secrets to only the cluster that's going to read it.
The name is generated randomly and a different downstream cluster would need to apply brute force to guess the secret name, but as an enhancement it would be to good to fine grain the access rights.
Also, another enhancement related to cluster registration would be to reject
ClusterRegistrationTokenswith TTL set to 0 or nil.