Authentication for /alive endpoint #57

przemeklal · 2023-10-27T07:58:08Z

Currently:

client ID (potentially sensitive) is sent over the network, without native TLS support in cos-alerter this means sending sensitive data unencrypted
even with HTTPS enabled, a malicious actor can send a valid client ID to the /alive endpoint and pretend to be an active alertmanager instance while the actual instance may be down

Potential solutions:

TLS support + a pre-shared secret (password) included in the client POST requests sent to /alive (ins tead of sending only client ID that may be easy to guess)
sending a token in the POST request and mapping that token to a client ID in cos-alerter.yaml config
mutual TLS (might be an overkill)

lucabello · 2023-12-07T13:55:29Z

We've implemented authentication using a client ID. Without TLS however this isn't secure; once TLS is implemented this can be closed.

lucabello · 2024-07-16T12:40:11Z

Closing this in favor of #59, so we can track the progress in a single place.

przemeklal added Status: Triage Type: Enhancement labels Oct 27, 2023

lucabello mentioned this issue Dec 7, 2023

Enable TLS #59

Open

lucabello closed this as not planned Won't fix, can't repro, duplicate, stale Jul 16, 2024

Provide feedback