Closed izgeri closed 3 years ago
andytinkham
commented
3 years ago I'd like to add a threat model layer on top of these diagrams. Mostly making this comment so I remember to do it once the diagrams above are ready rather than it being something I expect the team to do as part of this. If whomever picks this up wants to do threat models, I'm happy to assist too.
izgeri
commented
3 years ago We can use PlantUML to build these flow charts / diagrams..
BradleyBoutcher
commented
3 years ago Flow chart of current implementation can be found here: https://gist.github.com/BradleyBoutcher/613aab0064e88420619006c7e8e8707c
Graphical representation:
rpothier
commented
3 years ago Flow chart for the proposed changes using Authn-K8s and Summon writing fixed files in shared memory. https://gist.github.com/rpothier/f0cfd1964aef2fe8002f3a40e3b37f83
BradleyBoutcher
commented
3 years ago Diagram for current implementation: https://gist.github.com/BradleyBoutcher/a3ef1e8e176bcf2ea2f925aee91dce12
We currently recommend users update their application container with the Summon / Summon-Conjur binaries when using the Authn-K8s client with their applications running in Kubernetes.
We don't currently have any flow charts describing this use case. In addition, we are working toward a model as described in this POC of injecting Summon into Kubernetes volume mounts to improve ease of install / use in Kubernetes.
In this card, we'd like to create some architecture diagrams and flow charts of the current flow and the proposed flow, to make it easier to visualize the current state vs the proposed state.
AC: