Uploaded image for project: 'Talend Component Kit'
  1. Talend Component Kit
  2. TCOMP-2033

Create a vault sidecar dedicated to multi-tenancy

Apply templateInsert Lucidchart Diagram
    XMLWordPrintable

Details

    • All
    • Hide

      made by arch team

      Show
      made by arch team
    • GreenHopper Ranking:
      0|i29x5v:
    • 9223372036854775807
    • Small

    Description

      The current component Server can already handle multitenant requests as it uses the tenant ID in the request in order to decrypt the relevant payload provided in the request.
      It uses a vault token that is exposed as a file in a mounted volume.

      For multitenancy the CS container is usable as of today although Infosec advised to make sure no credentials where stored on the java heap.
      For the Vault authentication we need to make the CS chart evolve in order to have an vault agent as a side car that would manage vault authentication and token lifecycle.

      In fact I would suggest that we use the VaultSideCar injector project developed by Alain.
      https://github.com/Talend/vault-sidecar-injector

       

       

      Attachments

        Activity

          People

            Unassigned Unassigned
            emmanuel_g emmanuel gallois
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: