-
Notifications
You must be signed in to change notification settings - Fork 65
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Enabling ACL #305
Comments
Can you point out where did see this? |
Enterprise Features > ACL > Enable enterprise ACL feature > Step 1 (where the command is missing) |
Closing this issue for now because the PR with the Fix has been merged. Please feel free to reopen if any other updates need to be made. |
I can see on the documentation that the command for key creation is still not randomly generated. We are still using the echo > hmac_secret_file command. This command will always store the key value mentioned in the command in the hmac_secret_file. Shouldn't it be more like the key generation command for encryption where a random key is generated and then stored in the file? (Link for encryption page - https://dgraph.io/docs/enterprise-features/encryption-at-rest/) (Link for ACL page - https://dgraph.io/docs/enterprise-features/access-control-lists/) |
@MichelDiz ^ this what i had discussed with you, it's okay - we can open another PR for this. im reopening this issue |
@skrdgraph could you please review the changes made in the new PR 350? |
Addresses the issue: #305 _added instructions to generate random key values Note: Create and edit docs in the `main` branch when you can, so that we only cherry-pick out of `main`, not into `main`. --> Fixes: #305 Co-authored-by: Sudhish <108091997+skrdgraph@users.noreply.github.com> Co-authored-by: Michel Diz <MichelDiz@users.noreply.github.com>
Enabling ACL requires a secret key generation, but there is no command given with which they can generate said file. Also, in the example given below the directions, they used the following command:
echo '12345678901234567890123456789012' > hmac_secret_file
to generate the secret file. This is not randomly generated and is therefore not the best to use as an example.
Fixes: #305
The text was updated successfully, but these errors were encountered: