Security
- At the moment Prometheus doesn't offer any support for authentication or encryption (TLS) on the server components
- They argue that they're focussing on building a monitoring solution. and want to avoid having to implement complex security features
- You can still enable authentication and TLS, using a reverse proxy
- This is only valid for server components, prometheus can scrape TLS and authentication enabled targets
- See tls_config in the prometheus configuration to configure a CA certificate, user certificate and user key
- You'd still need to setup a reverse proxy for the targets itself
Add Comment