Impersonation uses a reverse proxy to inject a user's identifying information (username, groups and extra scopes) as headers in each request to the API server. The Dashboard can pass these headers to the API server if your reverse proxy will inject them in the requests.
Impersonation is useful in situations where using a user's token isn't available, such as cloud-hosted Kubernetes services. To use impersonation a reverse proxy must:
Impersonate-User
header with a unique name identifying the userImpersonate-Group
header(s) with the impersonated user's group dataImpersonate-Extra
header(s) with additional authorization dataImpersonation will only work when the reverse proxy provides the Authorization
header with a valid service account. It will not work with any other method of authenticating to the dashboard.
Copyright 2019 The Kubernetes Dashboard Authors
此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。
如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。