Project

General

Profile

Bug #44753

mgr/dashboard: Secure the Alertmanger receiver endpoint

Added by Stephan Müller about 1 year ago. Updated 2 months ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
General - Back-end
Target version:
-
% Done:

0%

Source:
Tags:
Backport:
Regression:
No
Severity:
3 - minor
Reviewed:
Affected Versions:
ceph-qa-suite:
Pull request ID:
Crash signature (v1):
Crash signature (v2):

Description

Currently it is possible send push notification unauthenticated to the dashboard and the push notifications are not verified if they actually are coming from an Alertmanager instance.

To see whats configurable see https://prometheus.io/docs/alerting/configuration/#http_config

Removing the endpoint is not a solution to be considered as ceph orchestrator is configuring every Alertmanager instance to talk to the receiver of the dashboard.

The receiver is at the moment the only part that can handle multiple Altermanger instances.

History

#1 Updated by Ernesto Puerta 2 months ago

  • Project changed from mgr to Dashboard
  • Category changed from dashboard/backend to General - Back-end

Also available in: Atom PDF