Auth Schema
The Auth Plugin manages the authentication mechanisms that determine access controls for services interacting with sensitive data in the enclave, thus maintaining the system's security posture.
The Auth Plugin manages the authentication mechanisms that determine access controls for services interacting with sensitive data in the enclave, thus maintaining the system's security posture.
This reference page provides information about specific commands you can use during the installation and setup or deployment processes. These commands are divided into the following categories:
AWS Elastic Kubernetes Service (EKS) is a container orchestration service provided by Amazon Web Services. It simplifies the deployment, scaling, and management of containerized applications by using Kubernetes. Kubernetes is an open-source system that automates the deployment, scaling, and operations of application containers across clusters of hosts. With EKS, you don't need to install, operate, or maintain your own Kubernetes control plane or nodes, as it runs the Kubernetes management infrastructure across multiple AWS availability zones.
The External DNS Addon is a Kubernetes add-on that automatically manages DNS records for services in a Kubernetes cluster. It ensures that services are discoverable via DNS, making it easier to access applications running within the cluster from outside.
The Kube OBLV Stack is a software stack that is specifically designed to be deployed on Kubernetes environments. It uses multiple components and configurations to make managing cloud-native applications easier and more scalable.
The LoadBalancer Controller is a Kubernetes controller that manages Elastic Load Balancers (ELBs) for a Kubernetes cluster. It's designed to work with Amazon EKS (Elastic Kubernetes Service) and provides a way to expose Kubernetes services to the internet using AWS load balancers.
The logging plugin manages the collection and storage of operational data within the OBLV Deploy system. It provides logging capabilities that you can use for monitoring, troubleshooting, and ensuring the security of the system. You can customize the logging plugin to meet specific logging requirements for recording the operational data of your system.
A manifest is a YAML or JSON file that defines one or more resources to be created and managed by Kubernetes. These files serve as the blueprint for the system to understand what the user wishes to create, modify, or delete. They include specifications such as metadata (names and labels), desired states, resource types, and specifics concerning the deployment configuration.
OBLV CLI (Oblivious Command Line Interface) is a specialised tool designed to manage secure connections and configurations for applications operating within secure enclave environments. It facilitates secure, encrypted communications and operations between client applications and enclaves.
Plugins are used to customise and extend the deployment process of a Kubernetes system in AWS Enclaves. They allow you to integrate additional functionalities that aren't natively supported by the deployment process. This includes, but is not limited to, authentication mechanisms, logging solutions, and load-balancing configurations. When you use plugins, you can tailor the deployment process to meet the specific requirements of your applications and infrastructure.
Sessions refer to the management of interactions within secure enclaves, ensuring continuous and secure communication while prioritising scalability and reliability. These sessions encompass various elements described in more detail below including TLS with attestation for establishing trust and secure communication, persistent sessions for handling dynamic data interactions, and advanced load balancing and scaling mechanisms for optimising performance and security.
The telemetry plugin is used for monitoring and understanding the performance and behaviour of systems deployed within OBLV Deploy. It captures and transmits telemetry data, providing insights that help in performance tuning, anomaly detection, and system health monitoring. The telemetry collects and transmits data in real-time across Kubernetes systems.