Defining Users
This section only applies if you’re using the default user authentication system (More info here)
The ‘scs-users.yaml’ file contains the list of users of your SCS deployment. Set the ‘auth.options.users_file’ property in your ‘scs-configuration.yaml’ to point to the location of this file.
A simple scs-users.yaml, containg only 1 user, could look like:
- id: example-user
token: !scs-secret 'scs-tokens.yaml#example-user'
has_access:
to_paths:
- /configs/*
from_networks:
- 127.0.0.1/32
All properties are required, as defined in the schema.
You always have to whitelist both the ‘paths’ as well as the ‘from_networks’ for each user. You can use ‘*’ as a wildcard character in the paths. The ‘from_networks’ have to be a subset of the globally allowed IPs that are defined at auth.options.networks.whitelist
in scs-configuration.yaml. If you want to re-use parts like ‘from_networks’ for multiple users, use YAML anchors.
If you want to put your scs-users.yaml in a git repository, seperate the secrets as in the example above. Note that the !scs-secret YAML tag refers to the auth.options.directories.secrets
rather than directories.secrets
(though you can set these to the same value, as described here).