We are now securing the server application in the sample configurations file used in the Getting Started section.
This section covers the basic configuration settings we provide in the provided sample configuration, please refer to the core security documentation for more detailed coverage of the security configuration options for the Spring Cloud Data Flow server and shell.
The security settings in the src/kubernetes/server/server-config-rabbit.yaml file are:
security: basic: enabled: truerealm: Spring Cloud Data Flow
spring: cloud: dataflow: security: authentication: file: enabled: true users: admin: admin, ROLE_MANAGE, ROLE_VIEW
user: password, ROLE_VIEW, ROLE_CREATE
| Enable security |
| Optionally set the realm, defaults to "Spring" |
| Create an 'admin' user with password set to 'admin' that can view apps, streams and tasks and that can also view management endpoints |
| Create a 'user' user with password set to 'password' than can register apps and create streams and tasks and also view them |
Feel free to change user names and passwords to suite, and also maybe move the definition of user passwords to a Kubernetes Secret.