Untrusted workflow execution

Do you folks support security for untrusted workflow execution? Eg enable external users to execute workflows zapier style (optionally allowing them to run arbitrary code)

1 Like

Hey David, sorry for the delayed response somehow this question got flagged as spam.

We do not support this directly but the architecture of the system makes it relatively easy to achieve it. To be clear, as of today Temporal does not have any built in authentication or authorization. Many users have added this themselves and it’s something we are prioritizing after our V1 release (it’s a requirement for our soon-to-be cloud offering). The only security mechanism we support is TLS.

As for reducing surface area against arbitrary user code, this is where the system shines. In Temporal architecture all workflow and activity code (aka the stuff you write as a user), is executed on a dedicated worker service and not directly within the Temporal server. While it’s possible to run our system and the workers on a single physical machine, very few users are doing things this way. Instead they usually isolate all of their worker machines in a separate VPC or in extreme cases even from each other. If your plan is to have users write standard code and not workflow code, it might even make sense to start up an isolated sandbox from an Activity which actually runs the user code. This way you can prevent the user from even accessing the Temporal server itself (assuming you opened up the ports within your VPC).

I hope this answers your question, if it doesn’t please feel free to ask for more info!

Is there support for mTLS?

1 Like

I guess mTLS is one way of authenticating clients, right?

mTLS is the only supported way of authenticating clients at this point.

1 Like

Greetings. You mentioned “many users have added this themselves”. I don’t suppose any of this is open-source? Are we talking modifications of Temporal code, or intercepting the incoming calls?