Skip to content

Commit

Permalink
Update from treeverse/lakeFS@4738aff
Browse files Browse the repository at this point in the history
  • Loading branch information
docs-action committed Nov 15, 2023
1 parent 2aca0fc commit 3243e50
Show file tree
Hide file tree
Showing 97 changed files with 309 additions and 7 deletions.
3 changes: 3 additions & 0 deletions 404.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -361,6 +361,9 @@
</li><li class="nav-list-item ">
<a href="/reference/security/rbac.html"
class="nav-list-link">Role-Based Access Control (RBAC)</a>
</li><li class="nav-list-item ">
<a href="/reference/security/sso.html"
class="nav-list-link">Single Sign On (SSO)</a>
</li></ul></li><li class="nav-list-item "><a href="/reference/spark-client.html"
class="nav-list-link">Spark Client</a></li><li class="nav-list-item "><a href="/reference/api.html"
class="nav-list-link">lakeFS API</a></li><li class="nav-list-item "><a href="/reference/configuration.html"
Expand Down
6 changes: 3 additions & 3 deletions assets/js/search-data.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1653,7 +1653,7 @@
},"236": {
"doc": "Security",
"title": "lakeFS Security Reference",
"content": ". | Authentication | Remote Authenticator | Role-Based Access Control (RBAC) | Presigned URL | Access Control Lists (ACLs) | . ",
"content": ". | Authentication | Remote Authenticator | Role-Based Access Control (RBAC) | Presigned URL | Access Control Lists (ACLs) | Single Sign On (SSO) | . ",
"url": "/reference/security/#lakefs-security-reference",

"relUrl": "/reference/security/#lakefs-security-reference"
Expand Down Expand Up @@ -1695,7 +1695,7 @@
},"242": {
"doc": "Reference",
"title": "Security",
"content": ". | Authentication | Remote Authenticator | Role-Based Access Control (RBAC) | Presigned URL | Access Control Lists (ACLs) | . ",
"content": ". | Authentication | Remote Authenticator | Role-Based Access Control (RBAC) | Presigned URL | Access Control Lists (ACLs) | Single Sign On (SSO) | . ",
"url": "/reference/#security",

"relUrl": "/reference/#security"
Expand Down Expand Up @@ -3235,7 +3235,7 @@
},"462": {
"doc": "Single Sign On (SSO)",
"title": "Azure Active Directory (AD)",
"content": "Prerequisites: . | Azure account with permissions to manage applications in Azure Active Directory | . Note: If you’ve already set uplakeFS Cloud with your Azure account, you can skip the Register lakeFS Cloud with Azure and Add client secret and go directly to Add a redirect URI. Register lakeFS Cloud with Azure . Steps: . | Sign in to the Azure portal. | If you have access to multiple tenants, use the Directories + subscriptions filter in the top menu to switch to the tenant in which you want to register the application. | Search for and select Azure Active Directory. | Under Manage, select App registrations &gt; New registration. | Enter a display Name for your application. Users of your application might see the display name when they use the app, for example during sign-in. You can change the display name at any time and multiple app registrations can share the same name. The app registration’s automatically generated Application (client) ID, not its display name, uniquely identifies your app within the identity platform. | Specify who can use the application, sometimes called its sign-in audience. Note: don’t enter anything for Redirect URI (optional). You’ll configure a redirect URI in the next section. | Select Register to complete the initial app registration. | . When registration finishes, the Azure portal displays the app registration’s Overview pane. You see the Application (client) ID. Also called the client ID, this value uniquely identifies your application in the Microsoft identity platform. Important: new app registrations are hidden to users by default. When you are ready for users to see the app on their My Apps page you can enable it. To enable the app, in the Azure portal navigate to Azure Active Directory &gt; Enterprise applications and select the app. Then on the Properties page toggle Visible to users? to Yes. Add a secret . Sometimes called an application password, a client secret is a string value your app can use in place of a certificate to identity itself. Client secrets are considered less secure than certificate credentials. Application developers sometimes use client secrets during local app development because of their ease of use. However, you should use certificate credentials for any of your applications that are running in production. Steps: . | In the Azure portal, in App registrations, select your application. | Select Certificates &amp; secrets &gt; Client secrets &gt; New client secret. | Add a description for your client secret. | Select an expiration for the secret or specify a custom lifetime. | Client secret lifetime is limited to two years (24 months) or less. You can’t specify a custom lifetime longer than 24 months. | Microsoft recommends that you set an expiration value of less than 12 months. | . | Select Add. | Record the secret’s value for use in your client application code. This secret value is never displayed again after you leave this page. | . Add a redirect URI . A redirect URI is the location where the Microsoft identity platform redirects a user’s client and sends security tokens after authentication. You add and modify redirect URIs for your registered applications by configuring their platform settings. Enter https://lakefs-cloud.us.auth0.com/login/callback or https://lakefs-cloud.eu.auth0.com/login/callback (depends on your organization data location) as your redirect URI. Settings for each application type, including redirect URIs, are configured in Platform configurations in the Azure portal. Some platforms, like Web and Single-page applications, require you to manually specify a redirect URI. For other platforms, like mobile and desktop, you can select from redirect URIs generated for you when you configure their other settings. Steps: . | In the Azure portal, in App registrations, select your application. | Under Manage, select Authentication. | Under Platform configurations, select Add a platform. | Under Configure platforms, select the web option. | Select Configure to complete the platform configuration. | . Once you finish registering lakeFS Cloud with Azure AD, save the Application (Client) ID, Application Secret Value and send this to Treeverse’s team to finish the integration. ",
"content": "Prerequisites: . | Azure account with permissions to manage applications in Azure Active Directory | . Note: If you’ve already set up lakeFS Cloud with your Azure account, you can skip the Register lakeFS Cloud with Azure and Add client secret and go directly to Add a redirect URI. Register lakeFS Cloud with Azure . Steps: . | Sign in to the Azure portal. | If you have access to multiple tenants, use the Directories + subscriptions filter in the top menu to switch to the tenant in which you want to register the application. | Search for and select Azure Active Directory. | Under Manage, select App registrations &gt; New registration. | Enter a display Name for your application. Users of your application might see the display name when they use the app, for example during sign-in. You can change the display name at any time and multiple app registrations can share the same name. The app registration’s automatically generated Application (client) ID, not its display name, uniquely identifies your app within the identity platform. | Specify who can use the application, sometimes called its sign-in audience. Note: don’t enter anything for Redirect URI (optional). You’ll configure a redirect URI in the next section. | Select Register to complete the initial app registration. | . When registration finishes, the Azure portal displays the app registration’s Overview pane. You see the Application (client) ID. Also called the client ID, this value uniquely identifies your application in the Microsoft identity platform. Important: new app registrations are hidden to users by default. When you are ready for users to see the app on their My Apps page you can enable it. To enable the app, in the Azure portal navigate to Azure Active Directory &gt; Enterprise applications and select the app. Then on the Properties page toggle Visible to users? to Yes. Add a secret . Sometimes called an application password, a client secret is a string value your app can use in place of a certificate to identity itself. Client secrets are considered less secure than certificate credentials. Application developers sometimes use client secrets during local app development because of their ease of use. However, you should use certificate credentials for any of your applications that are running in production. Steps: . | In the Azure portal, in App registrations, select your application. | Select Certificates &amp; secrets &gt; Client secrets &gt; New client secret. | Add a description for your client secret. | Select an expiration for the secret or specify a custom lifetime. | Client secret lifetime is limited to two years (24 months) or less. You can’t specify a custom lifetime longer than 24 months. | Microsoft recommends that you set an expiration value of less than 12 months. | . | Select Add. | Record the secret’s value for use in your client application code. This secret value is never displayed again after you leave this page. | . Add a redirect URI . A redirect URI is the location where the Microsoft identity platform redirects a user’s client and sends security tokens after authentication. You add and modify redirect URIs for your registered applications by configuring their platform settings. Enter https://lakefs-cloud.us.auth0.com/login/callback or https://lakefs-cloud.eu.auth0.com/login/callback (depends on your organization data location) as your redirect URI. Settings for each application type, including redirect URIs, are configured in Platform configurations in the Azure portal. Some platforms, like Web and Single-page applications, require you to manually specify a redirect URI. For other platforms, like mobile and desktop, you can select from redirect URIs generated for you when you configure their other settings. Steps: . | In the Azure portal, in App registrations, select your application. | Under Manage, select Authentication. | Under Platform configurations, select Add a platform. | Under Configure platforms, select the web option. | Select Configure to complete the platform configuration. | . Once you finish registering lakeFS Cloud with Azure AD, save the Application (Client) ID, Application Secret Value and send this to Treeverse’s team to finish the integration. ",
"url": "/reference/security/sso.html#azure-active-directory-ad",

"relUrl": "/reference/security/sso.html#azure-active-directory-ad"
Expand Down
3 changes: 3 additions & 0 deletions howto/catalog_exports.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -370,6 +370,9 @@
</li><li class="nav-list-item ">
<a href="/reference/security/rbac.html"
class="nav-list-link">Role-Based Access Control (RBAC)</a>
</li><li class="nav-list-item ">
<a href="/reference/security/sso.html"
class="nav-list-link">Single Sign On (SSO)</a>
</li></ul></li><li class="nav-list-item "><a href="/reference/spark-client.html"
class="nav-list-link">Spark Client</a></li><li class="nav-list-item "><a href="/reference/api.html"
class="nav-list-link">lakeFS API</a></li><li class="nav-list-item "><a href="/reference/configuration.html"
Expand Down
3 changes: 3 additions & 0 deletions howto/copying.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -370,6 +370,9 @@
</li><li class="nav-list-item ">
<a href="/reference/security/rbac.html"
class="nav-list-link">Role-Based Access Control (RBAC)</a>
</li><li class="nav-list-item ">
<a href="/reference/security/sso.html"
class="nav-list-link">Single Sign On (SSO)</a>
</li></ul></li><li class="nav-list-item "><a href="/reference/spark-client.html"
class="nav-list-link">Spark Client</a></li><li class="nav-list-item "><a href="/reference/api.html"
class="nav-list-link">lakeFS API</a></li><li class="nav-list-item "><a href="/reference/configuration.html"
Expand Down
3 changes: 3 additions & 0 deletions howto/deploy/aws.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -370,6 +370,9 @@
</li><li class="nav-list-item ">
<a href="/reference/security/rbac.html"
class="nav-list-link">Role-Based Access Control (RBAC)</a>
</li><li class="nav-list-item ">
<a href="/reference/security/sso.html"
class="nav-list-link">Single Sign On (SSO)</a>
</li></ul></li><li class="nav-list-item "><a href="/reference/spark-client.html"
class="nav-list-link">Spark Client</a></li><li class="nav-list-item "><a href="/reference/api.html"
class="nav-list-link">lakeFS API</a></li><li class="nav-list-item "><a href="/reference/configuration.html"
Expand Down
3 changes: 3 additions & 0 deletions howto/deploy/azure.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -370,6 +370,9 @@
</li><li class="nav-list-item ">
<a href="/reference/security/rbac.html"
class="nav-list-link">Role-Based Access Control (RBAC)</a>
</li><li class="nav-list-item ">
<a href="/reference/security/sso.html"
class="nav-list-link">Single Sign On (SSO)</a>
</li></ul></li><li class="nav-list-item "><a href="/reference/spark-client.html"
class="nav-list-link">Spark Client</a></li><li class="nav-list-item "><a href="/reference/api.html"
class="nav-list-link">lakeFS API</a></li><li class="nav-list-item "><a href="/reference/configuration.html"
Expand Down
3 changes: 3 additions & 0 deletions howto/deploy/gcp.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -370,6 +370,9 @@
</li><li class="nav-list-item ">
<a href="/reference/security/rbac.html"
class="nav-list-link">Role-Based Access Control (RBAC)</a>
</li><li class="nav-list-item ">
<a href="/reference/security/sso.html"
class="nav-list-link">Single Sign On (SSO)</a>
</li></ul></li><li class="nav-list-item "><a href="/reference/spark-client.html"
class="nav-list-link">Spark Client</a></li><li class="nav-list-item "><a href="/reference/api.html"
class="nav-list-link">lakeFS API</a></li><li class="nav-list-item "><a href="/reference/configuration.html"
Expand Down
3 changes: 3 additions & 0 deletions howto/deploy/index.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -370,6 +370,9 @@
</li><li class="nav-list-item ">
<a href="/reference/security/rbac.html"
class="nav-list-link">Role-Based Access Control (RBAC)</a>
</li><li class="nav-list-item ">
<a href="/reference/security/sso.html"
class="nav-list-link">Single Sign On (SSO)</a>
</li></ul></li><li class="nav-list-item "><a href="/reference/spark-client.html"
class="nav-list-link">Spark Client</a></li><li class="nav-list-item "><a href="/reference/api.html"
class="nav-list-link">lakeFS API</a></li><li class="nav-list-item "><a href="/reference/configuration.html"
Expand Down
3 changes: 3 additions & 0 deletions howto/deploy/onprem.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -370,6 +370,9 @@
</li><li class="nav-list-item ">
<a href="/reference/security/rbac.html"
class="nav-list-link">Role-Based Access Control (RBAC)</a>
</li><li class="nav-list-item ">
<a href="/reference/security/sso.html"
class="nav-list-link">Single Sign On (SSO)</a>
</li></ul></li><li class="nav-list-item "><a href="/reference/spark-client.html"
class="nav-list-link">Spark Client</a></li><li class="nav-list-item "><a href="/reference/api.html"
class="nav-list-link">lakeFS API</a></li><li class="nav-list-item "><a href="/reference/configuration.html"
Expand Down
3 changes: 3 additions & 0 deletions howto/deploy/upgrade.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -370,6 +370,9 @@
</li><li class="nav-list-item ">
<a href="/reference/security/rbac.html"
class="nav-list-link">Role-Based Access Control (RBAC)</a>
</li><li class="nav-list-item ">
<a href="/reference/security/sso.html"
class="nav-list-link">Single Sign On (SSO)</a>
</li></ul></li><li class="nav-list-item "><a href="/reference/spark-client.html"
class="nav-list-link">Spark Client</a></li><li class="nav-list-item "><a href="/reference/api.html"
class="nav-list-link">lakeFS API</a></li><li class="nav-list-item "><a href="/reference/configuration.html"
Expand Down
3 changes: 3 additions & 0 deletions howto/export.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -370,6 +370,9 @@
</li><li class="nav-list-item ">
<a href="/reference/security/rbac.html"
class="nav-list-link">Role-Based Access Control (RBAC)</a>
</li><li class="nav-list-item ">
<a href="/reference/security/sso.html"
class="nav-list-link">Single Sign On (SSO)</a>
</li></ul></li><li class="nav-list-item "><a href="/reference/spark-client.html"
class="nav-list-link">Spark Client</a></li><li class="nav-list-item "><a href="/reference/api.html"
class="nav-list-link">lakeFS API</a></li><li class="nav-list-item "><a href="/reference/configuration.html"
Expand Down
3 changes: 3 additions & 0 deletions howto/garbage-collection/gc.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -370,6 +370,9 @@
</li><li class="nav-list-item ">
<a href="/reference/security/rbac.html"
class="nav-list-link">Role-Based Access Control (RBAC)</a>
</li><li class="nav-list-item ">
<a href="/reference/security/sso.html"
class="nav-list-link">Single Sign On (SSO)</a>
</li></ul></li><li class="nav-list-item "><a href="/reference/spark-client.html"
class="nav-list-link">Spark Client</a></li><li class="nav-list-item "><a href="/reference/api.html"
class="nav-list-link">lakeFS API</a></li><li class="nav-list-item "><a href="/reference/configuration.html"
Expand Down
3 changes: 3 additions & 0 deletions howto/garbage-collection/managed-gc.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -370,6 +370,9 @@
</li><li class="nav-list-item ">
<a href="/reference/security/rbac.html"
class="nav-list-link">Role-Based Access Control (RBAC)</a>
</li><li class="nav-list-item ">
<a href="/reference/security/sso.html"
class="nav-list-link">Single Sign On (SSO)</a>
</li></ul></li><li class="nav-list-item "><a href="/reference/spark-client.html"
class="nav-list-link">Spark Client</a></li><li class="nav-list-item "><a href="/reference/api.html"
class="nav-list-link">lakeFS API</a></li><li class="nav-list-item "><a href="/reference/configuration.html"
Expand Down
3 changes: 3 additions & 0 deletions howto/hooks/airflow.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -370,6 +370,9 @@
</li><li class="nav-list-item ">
<a href="/reference/security/rbac.html"
class="nav-list-link">Role-Based Access Control (RBAC)</a>
</li><li class="nav-list-item ">
<a href="/reference/security/sso.html"
class="nav-list-link">Single Sign On (SSO)</a>
</li></ul></li><li class="nav-list-item "><a href="/reference/spark-client.html"
class="nav-list-link">Spark Client</a></li><li class="nav-list-item "><a href="/reference/api.html"
class="nav-list-link">lakeFS API</a></li><li class="nav-list-item "><a href="/reference/configuration.html"
Expand Down
Loading

0 comments on commit 3243e50

Please sign in to comment.