airship-in-a-bottle/doc/source/security/guide.rst
Aaron Sheffield 873a050f70 HAProxy Security Guide
- Added a basic HAProxy security guide.
Guide is light due to using TCP mode.

Change-Id: Ic5d5126c6ca45112acad640826fdbbb2b0e080f4
2018-08-14 10:10:40 -05:00

2.0 KiB

Airship Security Guide

An undercloud environment deployed via Airship crosses many security domains. This guide explains many of the security concerns that have been reviewed and considered by the Airship developers. Because Airship is a highly configuration-driven platform, there is some onus on the end-user to make good decisions with their configuration.

Layout and Nomenclature

Each topic in the security guide will provide some overview for scope of that topic and then provide a list of tactical security items. For each item two statuses will be listed as well as the project scope.

  • Project Scope: Which Airship projects address this security item.
  • Solution: The solution is how this security concern is addressed in the platform
    • Remediated: The item is solved for automatically
    • Configurable: The item is based on configuration. Guidance will be provided.
    • Pending: Addressing the item is in-progress
  • Audit: Auditing the item provides for ongoing monitoring to ensure there is no regression
    • Testing: The item is tested for in an automated test pipeline during development
    • Validation: The item is reported on by a validation framework after a site deployment
    • Pending: Auditing is in-progress

Airship Security Topics

template haproxy