You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Is your feature request related to a problem? Please describe.
Bound CIDRs can be defined for entities, groups, and backend roles, but this same security feature cannot be defined for LDAP or Kerberos groups and/or users. It doesn't seem to me like this limitation should be there.
Describe the solution you'd like
Enable the "common token arguments" used in backend roles for LDAP: token_ttl, token_max_ttl, token_period, token_policies, token_bound_cidrs, token_explicit_max_ttl, token_no_default_policy, token_num_uses, token_type.
Describe alternatives you've considered
We could try to use a Sentinel policy on the given policy to restrict access by IP address.
Explain any additional use-cases
None.
Additional context
It seems strange that other resources would have this security feature but not LDAP.
The text was updated successfully, but these errors were encountered:
Is your feature request related to a problem? Please describe.
Bound CIDRs can be defined for entities, groups, and backend roles, but this same security feature cannot be defined for LDAP or Kerberos groups and/or users. It doesn't seem to me like this limitation should be there.
Describe the solution you'd like
Enable the "common token arguments" used in backend roles for LDAP:
token_ttl
,token_max_ttl
,token_period
,token_policies
,token_bound_cidrs
,token_explicit_max_ttl
,token_no_default_policy
,token_num_uses
,token_type
.Describe alternatives you've considered
We could try to use a Sentinel policy on the given policy to restrict access by IP address.
Explain any additional use-cases
None.
Additional context
It seems strange that other resources would have this security feature but not LDAP.
The text was updated successfully, but these errors were encountered: