jlengrand/moderne-docs
1
0
Fork 0
mirror of https://github.com/jlengrand/moderne-docs.git synced 2026-03-10 08:31:21 +00:00
Code Issues Packages Projects Releases Wiki Activity

GitBook: [#132] Clarify agent symmetric key configuration

Browse Source
This commit is contained in:
Greg Adams
2022-09-08 23:11:01 +00:00
committed by gitbook-bot
parent 1ecd8ba7af
commit 89edc01f53
1 changed files with 15 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
how-to/on-premise-agent/standard-configuration.md
View File

@@ -8,6 +8,14 @@ The purpose of the Moderne on-premise agent is to encrypt and ship AST artifacts
The Moderne on-premise agent is available as an OCI image or as a spring-boot executable jar artifact. Contact Moderne to obtain access. Moderne will provide access details appropriate for your chosen platform. In example commands below we will refer to this as `${MODERNE_AGENT_IMAGE_NAME}.` The latest one will be displayed in the "Agent" section of [the releases page](https://docs.moderne.io/releases/releases). Please note that additional integration-specific configuration is required, and consult the other subpages of [.](./ "mention").
### AST encryption symmetric key
The Moderne agent requires customers to provide a hex encoded 256 bit AES encryption key to be used to encrypt ASTs before they are sent to the SaaS tenant. To generate a key, the following openssl command can be used:
`openssl enc -aes-256-cbc -k secret -P`
Take the key property output by the command above and use it for the symmetric key configuration environment variable or argument below.
{% tabs %}
{% tab title="OCI Container" %}
Authenticate:
@@ -22,8 +30,9 @@ The agent container requires several environment variables:
* `MODERNE_AGENT_APIGATEWAYRSOCKETURI` - URI used to connect to the Moderne API, provided by Moderne
* `MODERNE_AGENT_TOKEN` - Moderne SaaS agent connection token, provided by Moderne
* `MODERNE_AGENT_CRYPTO_SYMMETRICKEY` - 256 bit AES encryption key, hex encoded
* example OpenSSL command to generate: `openssl enc -aes-256-cbc -k secret -P` (use key from the output)
* `MODERNE_AGENT_CRYPTO_SYMMETRICKEY` - 256 bit AES encryption key, hex encoded
Example using Docker (note that agent token and symmetric key are random examples)
@@ -44,10 +53,13 @@ The agent application requires several arguments:
* `--moderne.agent.apiGatewayRsocketUri` - URI used to connect to the Moderne API, provided by Moderne
* `--moderne.agent.token` - Moderne SaaS agent connection token, provided by Moderne
* `--moderne.agent.crypto.symmetricKey` - 256 bit AES encryption key, hex encoded
* example openssl command to generate: `openssl enc -aes-256-cbc -k secret -P` (use key from the output)
Note: system properties can be used in place of arguments. As an example, use `-Dmoderne.agent.token={token_value}` as an argument instead of `--moderne.agent.token={token_value}` as an argument.
Example (note that agent token and symmetric key are random examples)
```