How do we secure tctl commands . Can we pass authentication when running tctl commands .
Our kube team may not accept running tctl commands by login in docker ssh .
We may go via ingress can we secure with basic auth or JWT .
tctl supports plugins which can be used to set headers on outgoing requests. We ship an example plugin which supports basic auth: temporal/main.go at master · temporalio/temporal · GitHub
The plugin above is shipped alongside tctl in the homebrew package and docker container.
Hi bod,
Thank you for the response . Do we need to do any setting on temporal server to authenticate token sent from tctl .
Do we have any samples of tctl set headers .
Thanks
phani
Do we need to do any setting on temporal server to authenticate token sent from tctl .
Yes, you need to set up authentication/authorization as described in this doc page.
Hi ,
Can you please help me understand the below queries .
- Do we have any relevant JAVA API ?
- Do we need to implement this interface in worker or we need to implement in temporal server( with go code ) and re-package the docker-image and deploy again ?
Thanks
phani
- Do we have any relevant JAVA API ?
No
- Do we need to implement this interface in worker or we need to implement in temporal server( with go code ) and re-package the docker-image and deploy again ?
Yes. You’d need to implement the interface(s), inject your ClaimMapper/Authorizer implementation via server options, build server code and docker image, and deploy the customized version.