You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
olegz
changed the title
Provide additional documentation (details) in security implications when actuator endpoints that are enabled
Provide additional documentation (details) on security implications when actuator endpoints that are enabled
Jun 24, 2022
olegz
changed the title
Provide additional documentation (details) on security implications when actuator endpoints that are enabled
Provide additional documentation (details) on security implications when actuator endpoints are enabled
Jun 24, 2022
Hi @olegz, I would happy to contribute to the updating of the document.
I have prepared the following paragraph for the relevant part. if it is convenient, I can create a PR.
NOTE: While enabling the POST method for /actuator/env endpoint can provide flexibility and convenience in managing your application environment variables, it's critical to ensure that the endpoint is secured and monitored to prevent potential security risks. Add a spring-boot-starter-security dependency to configure access control for the actuator’s endpoint.
Review and provide additional details on security implications of exposed actuator endpoint that gives access to Environment variables
The text was updated successfully, but these errors were encountered: