STACKL.IO relies on TLS authentication. The SSL/TLS client certificates must be signed by a trusted certificate authority. For the SaaS based version, the client certificates will be signed by the STACKL.IO root CA. Each client or endpoint needs to trust the root certificate authority and must have a valid signed client-certificate.
Besides having a valid client-certificate, clients or endpoint certificates need to be assigned a role within the STACKL.IO platform. Without these mandatory requirements, a client is not able to access the STACKL.IO platform. The enablement of new endpoints or clients can be done via the REST API.
STACKL.IO has three different roles:
|administrator||This role can access all configuration data within STACKL.IO and is able to perform any operation provided by the REST API.|
|automation-endpoint||This role can access all configuration data within STACKL.IO, but cannot request stacks.|
|proxy||This role cannot request stacks and cannot access configuration data within STACKL.IO. It is meant only to forwards commands received by STACKL.IO platform to the respective automation endpoint.|
Caught a mistake or want to contribute to the docs? Edit this page on Gitlab!