Add agent & cloud hardening guides #20218
Conversation
|
The guides are essentially correct but what I would say is that they lack some details. We talk about securing this or that but the instructions on how to exactly do that are not there - what I need to change in which file to make it happen. |
|
I think @kanelatechnical can't add more details. Can you, @M4itee? @kanelatechnical will update the wording later. |
|
@M4itee hey hey! If you like you could make a separate draft with relative notes, so I can integrate the missing info in the guides myself |
|
I will try, do we have any ETA on this? I need to arrange my working time accordingly |
|
According to Costa this is priority, if you're working on something else that's also urgent perhaps consult with him about which should come first |
| | [Netdata Cloud (SaaS)](https://app.netdata.cloud) and its web dashboard | ✓ | | ||
| | Cloud-to-Agent interactions (including Netdata Parents) | ✓ | | ||
| | Optional on-premises or private-hosted Netdata Cloud setups | ✓ | | ||
| | Netdata Agent security (covered in separate guide) | ✗ | |
There was a problem hiding this comment.
We should link it when we will know what the link is going to be for agent hardening
There was a problem hiding this comment.
Of course this is a mockup
| | **3. Role-Based Access Control (RBAC)** | Assign least-privilege roles to team members within Netdata Cloud Rooms. | **High** | | ||
| | **4. Cloud Configuration Management** | Review change history for dashboards, alerts, and spaces. | **Medium** | | ||
| | **5. Alert Notification Security** | Secure all alert endpoints and notification channels. | **High** | | ||
| | **6. External Access Protection** | Secure the Cloud UI with SSO, enforce session expiration policies. | **Critical** | |
There was a problem hiding this comment.
The session expiration is something I have small issue with because cloud itself does not offer such setting. This needs to be fixed on SSO provider side.
There was a problem hiding this comment.
There was a problem hiding this comment.
Let me know whether you think it's useful info for the hardening guide (I thought it was), I understand your pov but I think since this isn't the product page it's okay that it's there
Costa requested the creation of hardening guides — two separate docs: one for the agent and one for cloud-based deployments.
Please review and feel free to correct or expand on any technical details I may not have gotten right.
These docs are intended to live under the broader "Privacy and Security" category.