You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Vertical Pod Autoscaler Is your feature request designed to solve a problem? If so describe the problem this feature should solve.:
At my company we have stricter TLS rules than normal. Currently VPA's admission controller is accepting TLS ciphers for ECDHE-RSA-DES-CBC3-SHA and DES-CBC3-SHA which are considered to be weak ciphers. We are being pinged for vulnerabilities when we use VPA.
With this feature, it would solve our issue as we could just have an allow-list of ciphers we accept or just bump the minimum TLS version to 1.3. Describe the solution you'd like.:
I would like to see two new flags exposed --min-tls-version and --tls-ciphers on the VPA admission-controller as it would allow for customers to adjust the server to their needs. Describe any alternative solutions you've considered.:
N/A Additional context.:
The text was updated successfully, but these errors were encountered:
Which component are you using?:
Vertical Pod Autoscaler
Is your feature request designed to solve a problem? If so describe the problem this feature should solve.:
At my company we have stricter TLS rules than normal. Currently VPA's admission controller is accepting TLS ciphers for
ECDHE-RSA-DES-CBC3-SHA
andDES-CBC3-SHA
which are considered to be weak ciphers. We are being pinged for vulnerabilities when we use VPA.With this feature, it would solve our issue as we could just have an allow-list of ciphers we accept or just bump the minimum TLS version to 1.3.
Describe the solution you'd like.:
I would like to see two new flags exposed
--min-tls-version
and--tls-ciphers
on the VPA admission-controller as it would allow for customers to adjust the server to their needs.Describe any alternative solutions you've considered.:
N/A
Additional context.:
The text was updated successfully, but these errors were encountered: