Skip to content

Commit 64e91c9

Browse files
authored
docs: jaeger auth (#3778)
1 parent 805a50a commit 64e91c9

File tree

1 file changed

+24
-5
lines changed

1 file changed

+24
-5
lines changed

docs/jaeger-support.asciidoc

Lines changed: 24 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -97,11 +97,30 @@ As of this writing, the Jaeger Agent binary offers the `--reporter.grpc.host-por
9797
which can be used to set a static list of collectors for the Jaeger Agent to connect to.
9898
The `host:port` set here should correspond with the value set in `apm-server.jaeger.grpc.host`.
9999

100-
Jaeger Agent also offers the `--agent.tags` CLI flag, which can be used to pass Process tags
101-
to the Collector. If APM Server has `apm-server.jaeger.grpc.auth_tag` set, it will look for a
102-
Process tag of that name in incoming events, and use it for authorizing the Jaeger Agent against
103-
the configured secret token or API Keys. The auth tag will be removed from the events after
104-
being verified.
100+
*Optional token-based authorization**
101+
102+
A <<secret-token,secret token>> or <<api-key,API key>> can be used to ensure only authorized
103+
Jaeger Agents can send data to the APM Server.
104+
Authorization is off by default, but can be enabled by setting a value in `apm-server.jaeger.grpc.auth_tag`.
105+
When enabled, APM Server looks for a _Process tag_ in each incoming event,
106+
and uses it to authorize the Jaeger Agent against the configured `auth_tag` and secret token or API key.
107+
Auth tags will be removed from events after being verified.
108+
109+
Here's an example that sets the `auth_tag` and `secret_token` in APM Server:
110+
111+
[source,yaml]
112+
----
113+
apm-server.jaeger.grpc.enabled=true
114+
apm-server.jaeger.grpc.auth_tag=authorization
115+
apm-server.secret_token=qwerty1234
116+
----
117+
118+
To authorize Jaeger Agent communication, use the `--agent.tags` CLI flag to pass the corresponding Process tag to the APM Server:
119+
120+
[source,console]
121+
----
122+
--agent.tags "authorization=Bearer qwerty1234"
123+
----
105124

106125
See the https://www.jaegertracing.io/docs/1.16/cli/[Jaeger CLI flags documentation] for more information.
107126

0 commit comments

Comments
 (0)