Jennifer88huang commented on a change in pull request #5014: [doc] Improve Pulsar Security Overview URL: https://github.com/apache/pulsar/pull/5014#discussion_r317559812
########## File path: site2/docs/security-overview.md ########## @@ -4,28 +4,23 @@ title: Pulsar Security Overview sidebar_label: Overview --- -Apache Pulsar is the central message bus for a business. It is frequently used to store mission-critical data, and therefore enabling security features are crucial. +As the central message bus for a business, Apache Pulsar is frequently used for storing mission-critical data. Therefore, enabling security features in Pulsar is crucial. -By default, there is no encryption, authentication, or authorization configured. Any client can communicate to Apache Pulsar via plain text service urls. -It is critical that access via these plain text service urls is restricted to trusted clients only. Network segmentation and/or authorization ACLs can be used -to restrict access to trusted IPs in such cases. If neither is used, the cluster is wide open and can be accessed by anyone. +By default, Pulsar configures no encryption, authentication, or authorization. Any client can communicate to Apache Pulsar via plain text service urls. So we must ensure that Pulsar accessing via these plain text service urls is restricted to trusted clients only. In such cases, you can use Network segmentation and/or authorization ACLs to restrict access to trusted IPs. If you use neither, the state of cluster is wide open and anyone can access the cluster. Review comment: @Monica-zy Use "URLs" instead of "urls". It's proper noun. ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] With regards, Apache Git Services
