With no specific authentication configuration supplied, Bacalhau runs in "anonymous mode" – which allows unidentified users limited control over the system. "Anonymous mode" is only appropriate for testing or evaluation setups
This is false for v2 and true for v1. In v2 there are not limits and anyone can submit a job to a cluster if they know its IP address. So in general this is false since all deployments support the v1 and v2 APIs
Users identified by a self-generated private key to submit any job and cancel their own jobs
This is false for v2 and true for v1. In v2 there are no signatures - identity of the job submitter are not checked and the submit job payload does not contain a signature. So in general this is false since all deployments support the v1 and v2 APIs`
Users not identified by any key to access other read-only endpoints, such as to read job lists, describe jobs, and query node or agent information.
This is false, all users have full permissions against a cluster by default.
To summarize, by default, a bacalhau cluster is wide open, anyone can do anything and nothing about their identity is checked.
As we migrate from v1 to v2 APIs we must consider the current authentication in our docs
https://docs.bacalhau.org/setting-up/running-node/auth#by-default
This is false for v2 and true for v1. In v2 there are not limits and anyone can submit a job to a cluster if they know its IP address. So in general this is false since all deployments support the v1 and v2 APIs
This is false for v2 and true for v1. In v2 there are no signatures - identity of the job submitter are not checked and the submit job payload does not contain a signature. So in general this is false since all deployments support the v1 and v2 APIs`
This is false, all users have full permissions against a cluster by default.
To summarize, by default, a bacalhau cluster is wide open, anyone can do anything and nothing about their identity is checked.