I'm looking for inspiration on how to move on-prem services to the cloud. These on-prem services authenticate with our on-prem IPA currently, and I'd like to not add another authentication/identity management system to the mix.
Let's take our SVN server as an example (yes, should be Git, I know.) We wish to move this off-prem such that third parties, properly authenticated of course, can clone a subset of our software. Idea 1: Make a VPN tunnel from the off-prem server to our local network. Cons: expensive, cumbersome, attack vector. Idea 2: Somehow place an IPA server in a DMZ and open the relevant ports. Cons: anyone can authenticate, DoS attacks. Idea 3: Move the IPA server off-prem as well. How do we limit access? What will performance be like? -- _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
