Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Design a security model #2448

Open
Tracked by #2438
alecthomas opened this issue Aug 20, 2024 · 1 comment
Open
Tracked by #2438

Design a security model #2448

alecthomas opened this issue Aug 20, 2024 · 1 comment
Assignees
@gak @alecthomas @AlexSzlavik
Labels
P1 security relates to security (regardless of priority)

Comments

@alecthomas
Copy link
Collaborator

No description provided.

@alecthomas alecthomas mentioned this issue Aug 20, 2024
Open
20 tasks
@github-actions github-actions bot added the triage Issue needs triaging label Aug 20, 2024
@ftl-robot ftl-robot mentioned this issue Aug 20, 2024
Open
@github-actions github-actions bot removed the triage Issue needs triaging label Aug 20, 2024
@alecthomas alecthomas added triage Issue needs triaging security relates to security (regardless of priority) P1 labels Aug 20, 2024
@github-actions github-actions bot removed the triage Issue needs triaging label Aug 20, 2024
@AlexSzlavik AlexSzlavik self-assigned this Aug 26, 2024
This was referenced Aug 27, 2024
Open
Open
Open
Open
Open
Open
@AlexSzlavik
Copy link
Contributor

I think we should revisit this issue and maybe re-frame it around designing / implementing FTL identities + authorization capabilities. A Security model is something we are going to be iterating on, especially as the overall architecture is still being iterated on.

Completion of this issue should be a design document, addressing the following:

  • How are FTL workloads, humans and robot users identified
  • How is authorization to resources provided by components of FTL represented
  • What are the security boundaries for humans interacting with FTL components (end-user, module owner, cluster owner, infrastructure owner)
  • How is cluster integrity maintained (how do we have confidence in what's deployed)
  • How are FTL resources administered
  • What security boundaries are enforced vs made visible via audit capabilities

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@gak gak

@alecthomas alecthomas

@AlexSzlavik AlexSzlavik

Labels
P1 security relates to security (regardless of priority)
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@gak @alecthomas @AlexSzlavik