Skip to content

Commit

Permalink
Add a security doc (cortexproject#4337)
Browse files Browse the repository at this point in the history 
I thought it would be good to put a security page into the docs, so that
it shows up in a search.

Content is just pointing at other resources.

Signed-off-by: Bryan Boreham <bjboreham@gmail.com>
Signed-off-by: Alvin Lin <alvinlin@amazon.com>
  • Loading branch information
@bboreham @alvinlin123
bboreham authored and alvinlin123 committed Jan 14, 2022
1 parent 51b2a85 commit 9ceb7d6
Show file tree
Hide file tree
Showing 2 changed files with 15 additions and 0 deletions.
3 changes: 3 additions & 0 deletions docs/_index.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,6 +36,9 @@ should read:
1. [Getting started with Cortex](getting-started/_index.md)
1. [Information regarding configuring Cortex](configuration/_index.md)

There are also individual [guides](guides/_index.md) to many tasks.
Please review the important [security advice](guides/security.md) before deploying.

For a guide to contributing to Cortex, see the [contributor guidelines](contributing/).

## Further reading
Expand Down
12 changes: 12 additions & 0 deletions docs/guides/security.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
---
title: "Security"
linkTitle: "Security"
weight: 10
slug: security
---

Cortex must be deployed with due care over system configuration, using principles such as "least privilege" to limit any exposure due to flaws in the source code.

You must configure authorisation and authentication externally to Cortex; see [this guide](./authentication-and-authorisation.md)

Information about security disclosures and mailing lists is [in the main repo](https://github.com/cortexproject/cortex/blob/master/SECURITY.md)

0 comments on commit 9ceb7d6

Please sign in to comment.