Open DImuthuUpe opened 1 year ago
MFT Agents communicate with the controller through the consul key-value store. https://github.com/apache/airavata-mft/blob/master/common/common-clients/src/main/java/org/apache/airavata/mft/admin/MFTConsulClient.java Consul keys are represented through paths and each agent has its own path to access messages. Currently there is no mechanism to control access to those paths as anyone can read from it. We can use the Access Control setup provided through consul to enforce authorization for agent communication. https://developer.hashicorp.com/consul/tutorials/security/access-control-setup-production The idea is,
MFT Agents communicate with the controller through the consul key-value store. https://github.com/apache/airavata-mft/blob/master/common/common-clients/src/main/java/org/apache/airavata/mft/admin/MFTConsulClient.java Consul keys are represented through paths and each agent has its own path to access messages. Currently there is no mechanism to control access to those paths as anyone can read from it. We can use the Access Control setup provided through consul to enforce authorization for agent communication. https://developer.hashicorp.com/consul/tutorials/security/access-control-setup-production The idea is,