Details
-
Epic
-
Resolution: Won't Fix
-
Major
-
None
-
None
-
SDK docs security review
-
To Do
-
1
Description
- Make sure all travel-sample apps are peer-reviewed (at least within docs team, ideally by specialist in SDK, QE, DA etc.) for any style clangers, and especially for security vulnerabilities.
- TLS by default (for EE, but consider CE, with an admonition. Ian McCloy may be good resource to ask for background)
- Ensure all samples (except in Hello World, where it is called out) use "myAdministrator / myPassword" or something else non-default so they are not copy-pastable
- beyond this, make samples and docs show which RBAC needs to be used
- (provisioning-cluster-resources section on collections does this, for example)
- consider automation. This should probably be standard across docs so we can share an image with the correct RBAC
- also travel-sample! This is an opportunity to improve the app story for multi-tenancy too.
- beyond this, make samples and docs show which RBAC needs to be used
Attachments
Issue Links
- relates to
-
DOC-8805 travel-sample CSRF?
- Closed