Add auth to /metrics path

Question

sadath-12 opened this issue 2 months ago · comments

metrics

Add auth to /metrics path so our system information can't be exploited

Auth in similar way you did for logs

Not yet considered

Prabhat Sharma · Answer 1 · Sun May 05 2024 02:25:34 GMT+0800 (China Standard Time)

For now, you can use the following annotation in nginx ingress:

nginx.ingress.kubernetes.io/configuration-snippet: |
        location ~* ^/metrics {
          return 404;
        }

Juan Calderon-Perez · Answer 2 · Mon May 06 2024 00:25:07 GMT+0800 (China Standard Time)

@prabhatsharma That will block access to the endpoint though.

Ashish Kolhe · Answer 3 · Wed Jun 05 2024 21:11:47 GMT+0800 (China Standard Time)

Closing it with recommendation to handle it at ingress layer.