Details
-
Improvement
-
Status: Resolved
-
Normal
-
Resolution: Fixed
-
None
-
Ghost
-
5
-
ghost-27.01.2021, ghost-10.02.2021, ghost-24.02.2021
-
Enhancement
-
dashboard can be accessed over https, in PE it can be accessed with an rbac token provided as a URL parameter
Description
Currently the only way to get to the performance dashboard is to open up the http listen address which means anyone could query the puppetdb API over http as well.
I'd prefer to simply load the performance dashboard over HTTPS.
I could see allowing it to load without permissions at all or in PE allowing it to load when passing in a token generated from RBAC. Something like:
https://10.20.1.41:8081/pdb/dashboard/index.html?token=eyJhbGciOiJSUzUxMiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJwdXBwZXRkYl9wZXJmIiwiaWF0IjoxNDc4MDM4MzEyLCJleHAiOjE0NzgwMzg2MTIsInN1YiI6eyJpZCI6ImE0ZjQxYTYxLWJkYjUtNGI1OS1hNjUwLTZmZGJiZGEyNGRiNyIsImxvZ2luIjoicHVwcGV0ZGJfcGVyZiJ9fQ.n3Wo00TVNdjIA76iRRkgORC8xPCzAIX9UDwR17jUJvLlKY2gy4FtwfdhTM-Jmh68oEkq1KByFIiCpo7WHQ6VSMAV3sKUX0uLEJJLXPMA-JsqbDY9uQzvwyJwEgoVNG27bgzwVhOM5NunW2rwZxP8xsxaRS16CSBUG3NBJmVYWqfBtrl8Kwf2aajId43qzbQNvITjIg8KLETylPIOqirgAZF_Y5GRWs-aHvslZCJflME0p6vvCMFwxKHMdU-p0AsCMtrgER198qSwssnaFBVJSARfnq9Fm356q3OckSMAvx7O_UWZXt_8_l8x7BOPYt6lM0NNXBCtCAHjrRG9_FI-uhcEYR_lxswm9bWVpB_U8HZUxIG4DCRFic4ZpH5zuWfihIWy1pWeBsezS6CgMUDBpF-M8bBS_eTAl09CJroUV1J4oG-jOECJQFFXtuc2rTGoyUeGx6i2SQl6rlAQadsJeBHXx19f1rIn1akVdpDtCpSX1ihfeUo91Z1pQKR48p7rO9xtgqvYMYSAPM5Xi-HnnNxPvQf5bhQPTEc6qqK3RsDeoeFlkvxHN664DHqvt8fIrJCWeBycHgZt07kFORCulugF1AK3F8toOUeyVYQHpqpna1K8WLn5ECG6jd7XJYa6I7LvusxIbrQtCq3ktks1xmOklaVwRlPM4mcxXD4NKwU
|