mirror of
https://github.com/scylladb/scylladb.git
synced 2026-05-22 15:52:13 +00:00
afafb8a8fa
Update create superuser procedure: - Remove notes about default `cassandra` superuser - Add create superuser using existing superuser section - Update create superuser by using `scylla.yaml` config - Add create superuser using maintenance socket Update password reset procedure: - Add maintenance socket approach - Remove the old approach with deleting all the roles Update enabling authentication with downtime and during runtime: - Mention creating new superuser over the maintenance socket - Remove default superuser usage Update enable authorization: - Mention creating new superuser over the maintenance socket - Remove mention of default superuser Reasoning for deletion of the old approach: - [old] Needs cluster downtime, removes all roles, needs recreation of roles, needs maintenance socket anyways, if config values are not used for superuser - [new] No cluster downtime, possibly one node restart to enable maintenance socket, faster Refs SCYLLADB-409
66 lines
2.4 KiB
ReStructuredText
66 lines
2.4 KiB
ReStructuredText
Security
|
|
========
|
|
|
|
.. toctree::
|
|
:hidden:
|
|
|
|
security-checklist
|
|
authentication
|
|
runtime-authentication
|
|
create-superuser
|
|
gen-cqlsh-file
|
|
Reset Authenticator Password </troubleshooting/password-reset>
|
|
enable-authorization
|
|
authorization
|
|
certificate-authentication
|
|
rbac-usecase
|
|
auditing
|
|
client-node-encryption
|
|
node-node-encryption
|
|
generate-certificate
|
|
saslauthd
|
|
encryption-at-rest
|
|
ldap-authentication
|
|
ldap-authorization
|
|
sbom
|
|
.. panel-box::
|
|
:title: Security
|
|
:id: "getting-started"
|
|
:class: my-panel
|
|
|
|
* :doc:`ScyllaDB Security Checklist </operating-scylla/security/security-checklist/>`
|
|
* :doc:`ScyllaDB Auditing Guide </operating-scylla/security/auditing/>`
|
|
|
|
.. panel-box::
|
|
:title: Authentication and Authorization
|
|
:id: "getting-started"
|
|
:class: my-panel
|
|
|
|
* :doc:`Enable Authentication </operating-scylla/security/authentication/>`
|
|
* :doc:`Enable and Disable Authentication Without Downtime </operating-scylla/security/runtime-authentication/>`
|
|
* :doc:`Creating a Superuser </operating-scylla/security/create-superuser/>`
|
|
* :doc:`Generate a cqlshrc File <gen-cqlsh-file>`
|
|
* :doc:`Enable Authorization</operating-scylla/security/enable-authorization/>`
|
|
* :doc:`Role Based Access Control (RBAC) </operating-scylla/security/rbac-usecase/>`
|
|
* :doc:`Grant Authorization CQL Reference </operating-scylla/security/authorization/>`
|
|
* :doc:`Reset Authenticator Password </troubleshooting/password-reset/>`
|
|
* :doc:`Certificate Based Authentication </operating-scylla/security/certificate-authentication/>`
|
|
|
|
.. panel-box::
|
|
:title: Encryption
|
|
:id: "getting-started"
|
|
:class: my-panel
|
|
|
|
* :doc:`Encryption: Data in Transit Client to Node </operating-scylla/security/client-node-encryption/>`
|
|
* :doc:`Encryption: Data in Transit Node to Node </operating-scylla/security/node-node-encryption/>`
|
|
* :doc:`Generating a self-signed Certificate Chain Using openssl </operating-scylla/security/generate-certificate/>`
|
|
* :doc:`Encryption at Rest </operating-scylla/security/encryption-at-rest>`
|
|
|
|
Also check out the `Security Features lesson <https://university.scylladb.com/courses/scylla-operations/lessons/security-features/topic/security-features/>`_ on ScyllaDB University.
|
|
|
|
.. panel-box::
|
|
:title: Software Bill Of Materials (SBOM)
|
|
:id: "getting-started"
|
|
:class: my-panel
|
|
|
|
* :doc:`Software Bill Of Materials (SBOM) </operating-scylla/security/sbom/>` |