Security

Spinnaker has multiple options for both authentication and authorization

Spinnaker has multiple options for both authentication and authorization. Instead of reinventing yet-another-login system, Spinnaker hooks into a login system your organization probably already has, such as OAuth 2.0, SAML, or LDAP.

For authorization, Spinnaker similarly leverages a role-provider that your organization may already have set up, including Google Groups, GitHub Teams, SAML Roles, or LDAP groups.

See also hal config security .

For reference…

Authorization and Authentication Architecture and workflow

Next steps

Setup authentication for your Spinnaker deployment.


Authorization (RBAC)

Spinnaker has multiple options for both authentication and authorization.

Administrator functionality

Administrators have complete control over your Spinnaker deployment.

Authentication

Spinnaker’s authentication mechanism supports a variety of different login sources.

SSL

Spinnaker supports using SSL to secure communication for the UI and API.