From 62e6c9bd6f281708f70c44bf3a2c4cf22e370269 Mon Sep 17 00:00:00 2001 From: Aliaksandr Valialkin Date: Fri, 8 Nov 2024 16:37:08 +0100 Subject: [PATCH] docs/VictoriaLogs/README.md: add `Security` chapter It is inspired by https://github.com/VictoriaMetrics/VictoriaMetrics/pull/7428#discussion_r1831555716 --- docs/VictoriaLogs/README.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/docs/VictoriaLogs/README.md b/docs/VictoriaLogs/README.md index a48cd2766..4d0457398 100644 --- a/docs/VictoriaLogs/README.md +++ b/docs/VictoriaLogs/README.md @@ -244,6 +244,13 @@ VictoriaLogs has very low overhead for per-tenant management, so it is OK to hav VictoriaLogs doesn't perform per-tenant authorization. Use [vmauth](https://docs.victoriametrics.com/vmauth/) or similar tools for per-tenant authorization. +## Security + +It is expected that VictoriaLogs runs in a protected environment, which is unreachable from the Internet without proper authorization. +It is recommended providing access to VictoriaLogs [data ingestion APIs](https://docs.victoriametrics.com/victorialogs/data-ingestion/) +and [querying APIs](https://docs.victoriametrics.com/victorialogs/querying/#http-api) via [vmauth](https://docs.victoriametrics.com/vmauth/) +or similar authorization proxies. + ## Benchmarks Here is a [benchmark suite](https://github.com/VictoriaMetrics/VictoriaMetrics/tree/master/deployment/logs-benchmark) for comparing data ingestion performance