DImuthuUpe opened a new issue, #76: URL: https://github.com/apache/airavata-mft/issues/76
MFT Agents communicate with the controller through the consul key-value store. https://github.com/apache/airavata-mft/blob/master/common/common-clients/src/main/java/org/apache/airavata/mft/admin/MFTConsulClient.java Consul keys are represented through paths and each agent has its own path to access messages. Currently there is no mechanism to control access to those paths as anyone can read from it. We can use the Access Control setup provided through consul to enforce authorization for agent communication. https://developer.hashicorp.com/consul/tutorials/security/access-control-setup-production The idea is, 1. No open access to any consul path is provided. All communication should happen through Consul tokens. 2. When an agent needs to connect to consul, it is give a consul token and agent can only access a particular path using that token. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
