feat(nr-control): authentication #20130
Conversation
|
Hi @rubenruizdegauna 👋 Thanks for your pull request! Your PR is in a queue, and a writer will take a look soon. We generally publish small edits within one business day, and larger edits within three days. We will automatically generate a preview of your request, and will comment with a link when the preview is ready (usually 10 to 20 minutes). |
| is authenticated and coming from a verified source. | ||
|
|
||
| Agent Control must have a valid `L2 System Identity` and use it to sign all requests. L2 System Identities do not | ||
| expire and can be used throughout the lifecycle of Agent Control. |
There was a problem hiding this comment.
Can they be revoked/rotated?
For sure we recreate one if you delete the secret, but I am not sure whether you can marked as invalid an old one
There was a problem hiding this comment.
Good question 🤔 I know that it can be done through NerdGraph, but I'm not sure about the permissions required. I asked and tagged you in the question.
| ... | ||
| ``` | ||
|
|
||
| ### L1 Entities Expiration |
There was a problem hiding this comment.
I would point of that the job it leverages that only at installation time, but you can upgrade without issues with an expired key. (Is it the same for onHost?)
WriteMayur
added
content
rubenruizdegauna
force-pushed
the
feat_agent_control_authentication
branch
from
b737877 to
967ab41
Compare
rubenruizdegauna
changed the title
rubenruizdegauna
force-pushed
the
feat_agent_control_authentication
branch
from
967ab41 to
433111a
Compare
Please follow conventional commit standards
in your commit messages and pull request title.
Give us some context
The objective of this PR is adding an overview of L1/L2 Autentication process