Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

W-17464439 flex security diagrams gr #739

Open
wants to merge 11 commits into
base: latest
Choose a base branch
from
Open

W-17464439 flex security diagrams gr #739

wants to merge 11 commits into from

Conversation

glenn-rodgers-sf
Copy link
Contributor

Writer's Quality Checklist

Before merging your PR, did you:

  • Run spell checker
  • Run link checker to check for broken xrefs
  • Check for orphan files
  • Perform a local build and do a final visual check of your content, including checking for:
    • Broken images
    • Dead links
    • Correct rendering of partials if they are used in your content
    • Formatting issues, such as:
      • Misnumbered ordered lists (steps) or incorrectly nested unordered lists
      • Messed up tables
      • Proper indentation
      • Correct header levels
  • Receive final review and signoff from:
    • Technical SME
    • Product Manager
    • Editor or peer reviewer
    • Reporter, if this content is in response to a reported issue (internal or external feedback)
  • If applicable, verify that the software actually got released

@glenn-rodgers-sf glenn-rodgers-sf requested review from marinasasso and a team as code owners January 2, 2025 14:21
lfrittelli-mulesoft
lfrittelli-mulesoft reviewed Jan 6, 2025
View reviewed changes
gateway/1.8/modules/ROOT/assets/images/security-best-practices.png
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

typo: Cetificate

lfrittelli-mulesoft
lfrittelli-mulesoft reviewed Jan 6, 2025
View reviewed changes
gateway/1.8/modules/ROOT/pages/flex-security-best-practices.adoc

Flex Gateway stores registration information locally. This registration resource contains the certificate the Flex Replica uses to communicate and authenticate itself with Anypoint Platform. This diagram demonstrates how Flex Gateway communicates with Anypoint Platform via mTLS.

Restrict access to the registration resource to ensure there are unauthorized execution of replicas from outside the organization. Specifically:
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

there are no unauthorized execution. I would not mention 'from outside the org'

lfrittelli-mulesoft
lfrittelli-mulesoft reviewed Jan 6, 2025
View reviewed changes
gateway/1.8/modules/ROOT/pages/flex-security-best-practices.adoc

Runtime logs are available in the runtime layer through the `stdout` of the Flex Gateway pods and also in the Anypoint control plane for Connected Mode.

To ensure client information is not leaked if runtime logs become compromise don't log payload data in runtime logs.
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

'compromised'.
Also, avoid logging payload daata

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@lfrittelli-mulesoft lfrittelli-mulesoft lfrittelli-mulesoft left review comments

@marinasasso marinasasso Awaiting requested review from marinasasso marinasasso is a code owner

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@glenn-rodgers-sf @lfrittelli-mulesoft