Project

General

Profile

Bug #44753

mgr/dashboard: Secure the Alertmanger receiver endpoint

Added by Stephan Müller almost 4 years ago. Updated almost 3 years ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
General - Back-end
Target version:
-
% Done:

0%

Source:
Tags:
Backport:
Regression:
No
Severity:
3 - minor
Reviewed:
Affected Versions:
ceph-qa-suite:
Pull request ID:
Crash signature (v1):
Crash signature (v2):

Description

Currently it is possible send push notification unauthenticated to the dashboard and the push notifications are not verified if they actually are coming from an Alertmanager instance.

To see whats configurable see https://prometheus.io/docs/alerting/configuration/#http_config

Removing the endpoint is not a solution to be considered as ceph orchestrator is configuring every Alertmanager instance to talk to the receiver of the dashboard.

The receiver is at the moment the only part that can handle multiple Altermanger instances.

History

#1 Updated by Ernesto Puerta almost 3 years ago

  • Project changed from mgr to Dashboard
  • Category changed from 146 to General - Back-end

Also available in: Atom PDF