Can you please ensure it's in the Security section of the documentation? It's not mentioned there at all! https://coreos.com/etcd/docs/latest/op-guide/security.html
Also, "authentication" is not identical to "authorization" or "access control" -- and it's not obvious to the reader that discussion of one includes the other. The words "ACL" and/or "access control" really need to be specifically used in the title and body of the pertinent documentation to be easily locatable by the researcher.
Finally, it doesn't appear that the K8S API server can authenticate to etcd yet. (That's not etcd's fault, but it does contribute to my impression of the integration's overall security posture.) Again, please correct me if I'm mistaken.
https://github.com/coreos/etcd/blob/master/Documentation/v2/... and https://github.com/coreos/etcd/blob/master/Documentation/op-... are the two pages.
"I (and others) would kindly appreciate it if you'd stop"
"If you'd like to find a place to help, I'd suggest"
"engineering teams need to do a better job of integrating community PRs "
"Finally, I'd like to see deadlines and decision-makers appointed"
"What facts do you think I don't possess?"
They don't owe me anything in particular, but I do wish more people would let their fruit ripen on the vine instead of in the grocery store (or worse, at the purchaser's house).
And judging by the comment scores, I'm not the only one who feels this way.
Conversely, you may note that I do get very excited and happy about products that are well-designed, well-documented, and aren't dumped onto an unsuspecting public before they are mature.
