[brooklyn-docs] branch master updated: tidy grammar and clarity for sensitive-field blocking

Mon, 04 Oct 2021 02:54:19 -0700 

This is an automated email from the ASF dual-hosted git repository.

heneveld pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/brooklyn-docs.git


The following commit(s) were added to refs/heads/master by this push:
     new dae1171  tidy grammar and clarity for sensitive-field blocking
dae1171 is described below

commit dae1171d62b0992415c7bdcc7e01dd3b69924911
Author: Alex Heneveld <[email protected]>
AuthorDate: Mon Oct 4 10:53:09 2021 +0100

    tidy grammar and clarity for sensitive-field blocking
---
 guide/ops/security-guidelines.md | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/guide/ops/security-guidelines.md b/guide/ops/security-guidelines.md
index b55d857..43d4bdc 100644
--- a/guide/ops/security-guidelines.md
+++ b/guide/ops/security-guidelines.md
@@ -167,9 +167,12 @@ This does not apply to default values specified for 
parameters or to values supp
 as it is expected in these contexts that users are less likely to accidentally 
supply sensitive values in plaintext.
 
 All functions and complex objects, including mechanisms such as 
`$brooklyn:literal("value")` (to escape at design-time
-and evaluate as `value` at runtime). It can optionally be further restricted 
to exclude DSL values and complex objects
-whose string representation (unresolved) contains selected tokens or phrases. 
For example to prevent the usage of
-the `literal` DSL function anywhere in a supplied expression, the following 
setting can be used: 
+and evaluate as `value` at runtime), are permitted as values. 
+Sensitive field blocking can optionally be further restricted to exclude 
selected DSL values and complex objects
+where the string representation (unresolved `toString`) contains selected 
tokens or phrases, by using the
+`brooklyn.security.sensitive.fields.ext.blocked.phrases` configuration 
property.
+For example to prevent the usage of the `literal` DSL function anywhere in a 
supplied expression, 
+the following setting can be used: 
 
 ```
 brooklyn.security.sensitive.fields.ext.blocked.phrases = [ "$brooklyn:literal" 
]

Reply via email to