Versions Compared

Old Version 10

changes.mady.by.user Adheli Tavares

Saved on

compared with

New Version 11

changes.mady.by.user Saul Gill

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Your Answer-Please ExplainSECCOM Feedback / Recommendations

No UI

No encryption, as data processed by PF hasn't been tagged as sensitive.

The application uses Swagger for RESTful API, wherein it is set that Authorization headers are required for accessing API documentation.

When PF runs with docker, the services use usernames and passwords that are stored as environment variables.

For helm deployments PF uses K8s secrets which are generated and stored as the application is deployed.

The user has the option to provide a username/password to the helm chart - in this case a kubernetes secret

will be generated by the chart and used for authentication. Alternatively, the user can provide a secret to the chart values - in this case, no secret

will be generated - the chart will just use the k8s secret provided by the user/deployer

?

  • Is https used? - no
  • Has the project migrated to the service mesh which provides https and RBAC - yes

...