-
Notifications
You must be signed in to change notification settings - Fork 8
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Initial security hardening doc #65
Initial security hardening doc #65
Conversation
how-to/security_hardening.rst
Outdated
JAAS uses the Canonical Identity Platform for authentication. The communication between JAAS | ||
and the identity platform can be secured via TLS. | ||
|
||
You will require the identity Platform and the self-signed-certificates charm deployed. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
hmm ideally they should have proper cert, perhaps using the httprequest-lego-k8s charm.. you may suggest
using the self-signed-certificates charm for local deploy, but definitely not for production
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this is in-cluster tohugh isnt it??
and the identity platform can be secured via TLS. | ||
|
||
You will require the identity Platform and the self-signed-certificates charm deployed. | ||
See `here <https://charmhub.io/topics/canonical-identity-platform/tutorials/e2e-tutorial>`__ for deploying the identity platform. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this guide seems to suggest the self signed certs.. maybe that's enough and we just add the bits that are needed to relate jimm to self-signed-certs
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
responded on other comment
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
good job, writing doc is hard
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
With just a few changes.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Great work. ❤️
No description provided.