Project

General

Profile

Documentation #45377

mgr/dashboard: document Prometheus' security model

Added by Patrick Seidensal 2 months ago. Updated about 1 month ago.

Status:
Resolved
Priority:
Normal
Category:
dashboard/documentation
Target version:
% Done:

0%

Tags:
monitoring
Backport:
octopus
Reviewed:
Affected Versions:
Pull request ID:

Description

As Prometheus' security model may not be obvious, we should document how Prometheus, by default, sees it and provide references to this perception.

For example, access to the Prometheus HTTP API cannot be password protected by configuring Prometheus and is, by default, considered to be accessible by untrusted users.

It is presumed that untrusted users have access to the Prometheus HTTP endpoint and logs.
-- https://prometheus.io/docs/operating/security/

History

#1 Updated by Patrick Seidensal 2 months ago

  • Pull request ID set to 34902

#2 Updated by Patrick Seidensal 2 months ago

  • Backport set to octopus

#3 Updated by Sebastian Wagner about 1 month ago

  • Status changed from In Progress to Resolved
  • Target version set to v15.2.4

Also available in: Atom PDF