scylla-operator icon indicating copy to clipboard operation
scylla-operator copied to clipboard

Published 20 hours ago verified publisher icon scylladb

Enforce CQL Authorization for new ScyllaClusters and disable default password

Open tnozicka opened this issue 1 year ago • 1 comments

We need to start all ScyllaCluster as secure. That requires enforcing authorization and removing the default, well know, password.

This also requires introducing a new path on how to configure the credentials using our APIs or using mTLS based CQL as the first step to configure uses natively in ScyllaDB.

### TODO
- [ ] Write proposal about securing CQL from Day 0
- [ ] Implementation

tnozicka avatar Feb 28 '24 14:02 tnozicka