-
Notifications
You must be signed in to change notification settings - Fork 123
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
docs/aws : incite to delete the config after 1st boot #576
Conversation
…boot The configuraton may contains sensitive data. As any subsequent container may be able to access the s3 bucket it is advised to clear it. See #306 Also remove one level in the s3 config title so it appear in the TOC
9610e1d
to
252128a
Compare
Any container running on the instance could be able to read the config, raising security concerns. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Once the instance have completed the first boot, we recommend cleaning up the configuration files. | |
Any container running on the instance could be able to read the config, raising security concerns. | |
Once the instance has completed the first boot,we recommend removing the Ignition config from the S3 bucket as any process or container running on the instance could access it. |
If you need to have secrets in your ignition configuration you should store it into a s3 bucket and have a minimal configuration in user-data. | ||
Make sure to clear the s3 bucket when the first boot is completed. | ||
|
||
See the https://coreos.github.io/ignition/operator-notes/#secrets[ignition documentation] for more advice on secret management. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Let's move that into a single paragraph with the rest at the top of this section.
Sorry for the partial review. I'm trying to figure out how we could best convey the risks while making the good option the default. Maybe we need to re-organize the entire page to start with the not on secrets in Ignition. |
I updated the PR with some of your ideas. If you think that's still not clear I'll try a complete rework of the page as you suggested |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM. Just one final nit: Ignition instead of ignition. Thanks!
Co-authored-by: Timothée Ravier <tim@siosm.fr>
The configuraton may contains sensitive data. As any subsequent container may be able to access the s3 bucket it is advised to clear it. See #306