Dear all, It seems that by default the grafana web page embedded inside the ceph dashboard is publicly available in read-only mode. More specifically the grafana configuration inside the docker running the grafana instance has the following configuration file (/usr/share/ceph/mgr/cephadm/templates/services/grafana/grafana.ini.j2)
[auth.anonymous] enabled = true org_name = 'Main Org.' org_role = 'Viewer' Do you think that this might be a security concern? Is there a way to enforce authentication also for the read-only mode? I wasn't able to find any documentation on how to configure grafana. The only thing I found which might be related to this issue is the following: https://tracker.ceph.com/issues/45372. Regards, Alessandro Piazza _______________________________________________ ceph-users mailing list -- ceph-users@ceph.io To unsubscribe send an email to ceph-users-le...@ceph.io
