Updated Okta conditional access guide.#38206
Conversation
|
Adding @rfairburn to review the infra/prerequisites section. Adding @dantecatalfamo to "test" the guide in his dev environment. |
|
Should we also include a reference to https://github.com/fleetdm/fleet-terraform/tree/main/addons/okta-conditional-access if you use our fleet-terraform modules for your on-prem (AWS) hosting solution? |
Co-authored-by: Robert Fairburn <8029478+rfairburn@users.noreply.github.com>
@rfairburn Yes, I added. Does the fleet-terraform guide need to mention setting up DNS for domain with |
|
@coderabbitai full review |
✅ Actions performedFull review triggered. |
WalkthroughThe Okta conditional access integration guide is significantly expanded from a minimal placeholder into a comprehensive, step-by-step tutorial. The documentation now includes infrastructure prerequisites, mTLS proxy configuration, detailed Okta setup instructions, and procedures for enabling and disabling conditional access across both Fleet-hosted and self-hosted deployments. Changes
Estimated code review effort🎯 2 (Simple) | ⏱️ ~12 minutes Possibly related PRs
Suggested reviewers
🚥 Pre-merge checks | ✅ 4 | ❌ 1❌ Failed checks (1 warning)
✅ Passed checks (4 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing touches🧪 Generate unit tests (beta)
📜 Recent review detailsConfiguration used: Path: .coderabbit.yaml Review profile: CHILL Plan: Pro 📒 Files selected for processing (1)
🧰 Additional context used🧠 Learnings (4)📓 Common learnings📚 Learning: 2025-10-21T16:04:18.069ZApplied to files:
📚 Learning: 2025-11-26T18:58:18.865ZApplied to files:
📚 Learning: 2026-01-02T22:48:09.865ZApplied to files:
🪛 LanguageToolarticles/okta-conditional-access-integration.md[style] ~99-~99: Three successive sentences begin with the same word. Consider rewording the sentence or use a thesaurus to find a synonym. (ENGLISH_WORD_REPEAT_BEGINNING_RULE) [style] ~130-~130: You have already used this phrasing in nearby sentences. Consider replacing it to add variety to your writing. (REP_WANT_TO_VB) [style] ~133-~133: Consider using a different verb for a more formal wording. (FIX_RESOLVE) 🔇 Additional comments (7)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
The configuration snippet includes setting up the DNS and ACM certificate, and does mention "a separate subdomain" in the requirements and mentions "By default the module assumes that okta is added as a subdomain to the Fleet primary domain (e.g. fleet.example.com leverages okta.fleet.example.com), but this can be customized." If you think I need to provide additional context, I'm happy to do so. |
mike-j-thomas
left a comment
There was a problem hiding this comment.
Thanks, @getvictor. It reads well to me. Good to merge as soon as @rfairburn gives it the technical thumbs up.
Added blockquote markdown to render the note block correctly.
rfairburn
left a comment
There was a problem hiding this comment.
The changes I suggested are in place, approved.
Related issue: Resolves #37652
Summary by CodeRabbit
Release Notes
✏️ Tip: You can customize this high-level summary in your review settings.