You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The existing deployment guides for Kubernetes and Docker and the tutorials for different integrations do not deploy OPA a secured mode (e.g., no authorization policies are defined.) This is done to simplify the examples and make it easy for developers to inspect OPA in their test environment.
That being said, it would be good to include references in the deployment guides and tutorials on how users can secure OPA itself. At minimum we should point out that the example deployments are not secure.
Ref OPA-01-001
The text was updated successfully, but these errors were encountered:
tsandall
changed the title
Deployment guides and tutorials should refer to security docs
OPA-01-001: Deployment guides and tutorials should refer to security docs
Aug 30, 2018
The existing deployment guides for Kubernetes and Docker and the tutorials for different integrations do not deploy OPA a secured mode (e.g., no authorization policies are defined.) This is done to simplify the examples and make it easy for developers to inspect OPA in their test environment.
That being said, it would be good to include references in the deployment guides and tutorials on how users can secure OPA itself. At minimum we should point out that the example deployments are not secure.
Ref OPA-01-001
The text was updated successfully, but these errors were encountered: