Versions Compared

Old Version 13

changes.mady.by.user Technische Redaktion

Saved on

compared with

New Version 14

changes.mady.by.user Technische Redaktion

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Page Properties
hiddentrue
idPROGRESS

Product Version2021 Autumn
Report Note
AssigneeAntje

Resources & Remarks

Modification History

NameDateProduct VersionAction
Antje07 JUL 20212021 Autumn

Security of Actuator Endpoints

Agnieszka14 JUL 20212021 AutumnrLANG
Agnieszka29 JUL 20212021 AutumnrLANG
Excerpt

When updating your yuuvis® Momentum installation to version 2021 Autumn, manual configuration changes are required for some services.


Section
bordertrue


Column

Table of Contents

Table of Contents
maxLevel3
exclude(Table of Contents|Read on|Another Tutorial|Another Concept Article|Another interesting Tutorial|Ressources|Remarks|Authentication against the Core API|Graphical Overview \/ Use Cases \(Flows\)|Login to the Core API \(Java\)|yuuvis® Momentum Services|Basic Use Case Flows)

Cross-Tenant Service Accounts

In order to allow for the configuration and usage of Cross-Tenant Service Accountsan ancillary Kubernetes Service has to be created as follows.

  • Create a file authentication-internal.yml with the following content:

    Code Block
    languageyml
    kind: Service
apiVersion: v1
metadata:
  name: authentication-internal
spec:
  selector:
    app: authentication
  type: ClusterIP
  ports:
  - protocol: TCP
    port: 80
    targetPort: 8081


  • Run the command:

    Code Block
    languagepowershell
    kubectl -n yuuvis apply -f authentication-internal.yml


Note
titleSafety Note

The AUTHENTICATION service manages the cross-tenant requests of service accounts via the separate port 8081. This port must be accessible only within the yuuvis® Momentum cluster to ensure strict separation of tenants for users. Be sure to never expose this internal port for public access!





Excerpt

When updating your yuuvis® Momentum installation to version 2021 Autumn, manual configuration changes are required for some services.

Core

Configuration Changes for the AUTHENTICATION Service

...