Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Mike cedarling docs 01 #9016

Merged
merged 2 commits into from
Jul 23, 2024
Merged

Mike cedarling docs 01 #9016

merged 2 commits into from
Jul 23, 2024

Conversation

nynymike
Copy link
Contributor

Prepare

Description

Target issue

#8831

Implementation Details

More edits to cedarling doc

Test and Document the changes

  • Static code analysis has been run locally and issues have been fixed
  • Relevant unit and integration tests have been added/updated
  • Relevant documentation has been updated if any (i.e. user guides, installation and configuration guides, technical design docs etc)

Please check the below before submitting your PR. The PR will not be merged if there are no commits that start with docs: to indicate documentation changes or if the below checklist is not selected.

  • I confirm that there is no impact on the docs due to the code changes in this PR.

@nynymike
Prefixed bootstrap properties CEDERLING_
b151552 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Signed-off-by: Michael Schwartz
@nynymike
Edits to Cedarling docs
ece65c6 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Signed-off-by: Michael Schwartz
@dryrunsecurity DryRunSecurity
Copy link

dryrunsecurity bot commented Jul 23, 2024
edited
Loading

DryRun Security Summary

The pull request updates the documentation for the Cedarling authorization system, which is a local, autonomous Policy Decision Point (PDP) that runs as a WebAssembly component and includes several security-focused features such as externalized policy stores, JWT-based authorization, deterministic decision-making, token validation, and enterprise-level integration capabilities.

Expand for full summary

Summary:

The code changes in this pull request appear to be an update to the documentation for the Cedarling authorization system. The Cedarling is a local, autonomous Policy Decision Point (PDP) that runs as a WebAssembly component and can be called directly from a JavaScript function.

From an application security perspective, the Cedarling system includes several security-focused features, such as externalized policy stores, JWT-based authorization, deterministic decision-making, token validation, and enterprise-level integration capabilities. The ability to externalize policies, validate JWT tokens, and integrate with a "Lock Master" system for policy management and audit logging adds to the overall security and auditability of the authorization system. These features are important for ensuring the secure and consistent enforcement of authorization policies within the application.

Files Changed:

  • docs/admin/lock/cedarling.md: This file contains the documentation for the Cedarling authorization system. The changes appear to provide an overview of the system's key security features, including:
    • Externalized policy store
    • JWT-based authorization
    • Deterministic decision-making
    • Token validation
    • Integration with enterprise-level systems like the "Lock Master"

These security-focused features of the Cedarling system are important for maintaining the overall security and integrity of the application's authorization and access control mechanisms.

Code Analysis

We ran 9 analyzers against 2 files and 0 analyzers had findings. 9 analyzers had no findings.

Riskiness

🟢 Risk threshold not exceeded.

View PR in the DryRun Dashboard.

@nynymike nynymike requested a review from ossdhaval July 23, 2024 03:41
@mo-auto mo-auto added the area-documentation Documentation needs to change as part of issue or PR label Jul 23, 2024
@mo-auto mo-auto enabled auto-merge (squash) July 23, 2024 03:47
@mo-auto mo-auto merged commit eb0a4e9 into main Jul 23, 2024
11 checks passed
@mo-auto mo-auto deleted the mike-cedarling-docs-01 branch July 23, 2024 09:07
yuriyz pushed a commit that referenced this pull request Nov 7, 2024
@nynymike
Mike cedarling docs 01 (#9016)
357c888 
* Prefixed bootstrap properties CEDERLING_

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Signed-off-by: Michael Schwartz

* Edits to Cedarling docs

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Signed-off-by: Michael Schwartz
Former-commit-id: eb0a4e9
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mo-auto mo-auto mo-auto approved these changes

@ossdhaval ossdhaval ossdhaval approved these changes

Assignees
No one assigned
Labels
area-documentation Documentation needs to change as part of issue or PR
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@nynymike @ossdhaval @mo-auto