69854e4808
Remove docs.o.o from links from index pages so that these links work on both docs.openstack.org and docs-beta.openstack.org. Change-Id: I492f816c541a295f60c45bdfb7df4b8c2980480e
108 lines
3.2 KiB
HTML
108 lines
3.2 KiB
HTML
{% set scriptdir = '../common/js/' %}
|
|
{% set cssdir = '../common/css/' %}
|
|
{% extends "templates/base.tmpl" %}
|
|
{% block pagetitle %}Security Guide{% endblock %}
|
|
{% block title %}
|
|
<a href="http://docs.openstack.org/">Documentation</a> > Security Guide
|
|
{% endblock %}
|
|
{% block content %}
|
|
<div class="top-docs-wrapper">
|
|
<div class="container">
|
|
<div class="row">
|
|
<div class="col-lg-8 col-md-8 col-sm-8">
|
|
<h1>OpenStack Security Guide</h1>
|
|
<p><strong>The OpenStack Security Guide provides best practices learned by cloud operators while hardening their OpenStack deployments.
|
|
</strong>
|
|
This book was written by a close community of security experts from the
|
|
<a href="https://launchpad.net/~openstack-ossg">
|
|
OpenStack Security Group
|
|
</a>
|
|
in an intense week-long effort at an undisclosed location. One of the goals for this book is to bring together interested members to capture their collective knowledge and give it to the OpenStack community.
|
|
</p>
|
|
<hr />
|
|
<h3>Get the Book!</h3>
|
|
<a class="overview-btn docs-btn" href="/security-guide/" onclick="recordOutboundLink(this, 'Outbound Links', 'security-guide.html');return false;"> Current HTML<i class="fa fa-arrow-circle-o-down"></i></a>
|
|
</div>
|
|
<div class="col-lg-4 col-md-4 col-sm-4 superuser-wrapper">
|
|
<img src="../common/images/openstack-security-guide.jpg" width="100%"/>
|
|
</div>
|
|
|
|
</div>
|
|
</div>
|
|
</div>
|
|
|
|
<div class="mid-docs-wrapper" id="docs-main-body">
|
|
<div class="container">
|
|
<div class="row">
|
|
<div class="col-lg-12">
|
|
</div>
|
|
</div>
|
|
|
|
<div class="row">
|
|
<p>
|
|
In this book you'll find practical security guidance:
|
|
</p>
|
|
<ul>
|
|
<li>
|
|
Discussions about each OpenStack service
|
|
</li>
|
|
<li>
|
|
Information about isolating security domains and securing domain bridges
|
|
</li>
|
|
<li>
|
|
Public and private cloud considerations
|
|
</li>
|
|
<li>
|
|
Best practices for management layers and access
|
|
</li>
|
|
<li>
|
|
Secure node bootstrapping and hardening
|
|
</li>
|
|
<li>
|
|
SSL, SSH, and PKI availability per OpenStack service
|
|
</li>
|
|
<li>
|
|
API endpoint best practices
|
|
</li>
|
|
<li>
|
|
Security for messaging transport and queues
|
|
</li>
|
|
<li>
|
|
Database and data security best practices and considerations
|
|
</li>
|
|
<li>
|
|
Hypervisor selection advice
|
|
</li>
|
|
<li>
|
|
Security services available for OpenStack instances and trusted images
|
|
</li>
|
|
<li>
|
|
Migration information
|
|
</li>
|
|
<li>
|
|
Logging information and considerations
|
|
</li>
|
|
<li>
|
|
Access control and identity management concepts
|
|
</li>
|
|
</ul>
|
|
<div class="photo">
|
|
<img src="../common/images/openstack-security-guide-team.jpg" width="100%"/>
|
|
</div>
|
|
<p align="right">
|
|
<a href="http://creativecommons.org/licenses/by/3.0/us/" rel="license">
|
|
<img alt="Creative Commons License" src="http://i.creativecommons.org/l/by/3.0/us/88x31.png" style="border-width:0"/>
|
|
</a>
|
|
<br/>
|
|
This work is licensed under a
|
|
<a href="http://creativecommons.org/licenses/by/3.0/us/" rel="license">
|
|
Creative Commons Attribution 3.0 United States License
|
|
</a>
|
|
.
|
|
</p>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
{% endblock content %}
|