From 6f4af961fdcb2cb8e4da5ff0a58d7d001dfc7f05 Mon Sep 17 00:00:00 2001 From: Juan Antonio Osorio Robles Date: Wed, 3 Feb 2021 09:35:10 +0200 Subject: [PATCH] ocp4: Add link to documentation for etcd encryption This will make it easier for users to follow the guide. Signed-off-by: Juan Antonio Osorio Robles --- .../api-server/api_server_encryption_provider_cipher/rule.yml | 4 ++++ .../api-server/api_server_encryption_provider_config/rule.yml | 4 ++++ 2 files changed, 8 insertions(+) diff --git a/applications/openshift/api-server/api_server_encryption_provider_cipher/rule.yml b/applications/openshift/api-server/api_server_encryption_provider_cipher/rule.yml index 855844dbb24..288c94850b6 100644 --- a/applications/openshift/api-server/api_server_encryption_provider_cipher/rule.yml +++ b/applications/openshift/api-server/api_server_encryption_provider_cipher/rule.yml @@ -13,6 +13,10 @@ description: |- type: aescbc + For more information, follow + {{{ weblink(link="https://docs.openshift.com/container-platform/4.6/security/encrypting-etcd.html", + text="the relevant documentation") }}}. + rationale: |- aescbc is currently the strongest encryption provider, it should be preferred over other providers. diff --git a/applications/openshift/api-server/api_server_encryption_provider_config/rule.yml b/applications/openshift/api-server/api_server_encryption_provider_config/rule.yml index c273eb1be39..68085dfcf41 100644 --- a/applications/openshift/api-server/api_server_encryption_provider_config/rule.yml +++ b/applications/openshift/api-server/api_server_encryption_provider_config/rule.yml @@ -13,6 +13,10 @@ description: |- type: aescbc + For more information, follow + {{{ weblink(link="https://docs.openshift.com/container-platform/4.6/security/encrypting-etcd.html", + text="the relevant documentation") }}}. + rationale: |- etcd is a highly available key-value store used by OpenShift deployments for persistent storage of all REST API objects. These objects are