Skip to content

Conversation

djmagee
Copy link
Contributor

@djmagee djmagee commented Aug 12, 2022

Preview

https://deploy-preview-1410--mystifying-fermi-1bc096.netlify.app/cloud

What does this PR do?

Add a whole bunch of content to support the new onboarding guide and creates true generated guides.

- The signing algorithm must include SHA-256 or stronger.
SHA-1 and MD5 signing algorithms are rejected.

When a client presents an end-entity certificate, and the whole certificate chain is constructed, each certificate in the chain (from end-entity to the root) must have a unique Distinguished Name (DN).
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

might need to link to documentation on what DN means? Example: https://knowledge.digicert.com/generalinformation/INFO1745.html (if we can find a better document or codify that ourselves, that's probably better)

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The exhaustive definition is in section 9.5 of ITU-T X.501, but it's not exactly light reading. Trying to boil it down to the level we need is tricky. I'll keep hunting for a more accessible definition (to which we can link, if from a reputable source, or that I can use as inspiration for an inline definition).

## Information

- [Account-level Roles](/cloud/what-are-the-account-level-roles-for-users-in-temporal-cloud)
- [Namespace-level permissions](/cloud/what-are-the-namespace-level-permissions-for-users-in-temporal-cloud)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

for consistency, why aren't these called Namespace-level Roles?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Roles apply to people (or at least their user accounts); permissions apply to objects.


## Upgrade policy

All customers will automatically be upgraded to the latest minor version.
Copy link
Member

@mastermanu mastermanu Aug 14, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't think this Upgrade Policy applies to the Cloud at all as the version we are running is managed by us and completely transparent to the end-user. I would just remove this entire section.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@rylandg, what's our current guidance on upgrade policy for Temporal Cloud?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@mastermanu how would you specify SDK release updates as they relate to the upgrading we are doing?
While its true we havent changed our underlying api with sdk versions, we frequently questions about how our own upgrading impacts their SDK versioning.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think we can and should mention SDK compatibility with the Cloud. But this specific section doesn't appear to mention anything related to SDKs and seems to have been meant more for the server, which doesn't apply here

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

So my understanding is that we are continuously upgrading Temporal Cloud, so this is an important statement. Cloud = OSS Server upgrades, so we should probably link out to a page that describes the Server / SDK compatibility caveats.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

For expediency, I'm dropping this section for now. We can address it properly after this iteration of the onboarding guide goes live.

@djmagee djmagee marked this pull request as ready for review August 18, 2022 04:34
@djmagee djmagee requested a review from a team as a code owner August 18, 2022 04:34
@djmagee djmagee marked this pull request as draft August 18, 2022 14:12
@djmagee djmagee marked this pull request as ready for review August 18, 2022 18:40
@djmagee djmagee merged commit 5f72b9b into master Aug 18, 2022
@djmagee djmagee deleted the djmagee/cloud-onboard-plus branch August 18, 2022 18:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

6 participants