Feature #18015
Updated by Peter Amstutz over 2 years ago
User needs to restrict ability to get blocks from keep to system components only (keep-web, crunch-run?). Boundary security via keepproxy (as implemented in #17464) turns out to not be a solution because the private network is shared by multiple clusters and users, and they would like to limit the use of arv-mount on the shell node.