Password for coordinator console

Hi all,

would you recommend a way to make the console and overlord consoles password protected?

We do not want that anyone can access by just knowing the IP.

Thank you,

Hi,

FYI blocking the access to the UI is not enough to secure the coordinator. In fact the coordinator exposes some API endpoint so having any network connectivity can be exploited to alternate the state of the cluster.

IMO the best/common way to secure the coordinator is to deny any access based on a white list of known/trusted IPs. For instance you can use iptables to achieve this.

Hope that helps.

Yes, using iptables was our guess too. And you are right, even if the access to the console is blocked, the endpoints of the coordinator would still be open.

Thanks,

Any other suggestion? We’d like to avoid using iptables…

Hi Fede, no great options right now but we (at Imply) will be rebuilding the coordinator console at some point and it’ll have this feature.