Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Threat Modeling] Documentation of the potential impact of rate limiting #1003

Open
7 tasks
Tracked by #773
TorstenD-SAP opened this issue Sep 2, 2024 · 0 comments
Open
7 tasks
Tracked by #773

[Threat Modeling] Documentation of the potential impact of rate limiting #1003

TorstenD-SAP opened this issue Sep 2, 2024 · 0 comments
Labels
area/documentation Issues or PRs related to documentation area/service-mesh Issues or PRs related to service-mesh kind/feature Categorizes issue or PR as related to a new feature.

Comments

@TorstenD-SAP
Copy link

TorstenD-SAP commented Sep 2, 2024
edited by strekm
Loading

Description

Provide a documentation about the disadvantages and potential impact of the way, how rate limiting is implemented in Istio to enable customers to decide if they want to have this.

Reasons

The way how Rate Limiting is implemented can be abused for DoS attacks.

DoD:

  • Provide unit and integration tests.
  • Provide documentation.
  • Verify if the solution works for both open-source Kyma and SAP BTP, Kyma runtime.
  • If you changed the resource limits, explain why it was needed.
  • If the default configuration of Istio Operator has been changed, you performed a manual upgrade test to verify that the change can be rolled out correctly.
  • Verify that your contributions don't decrease code coverage. If they do, explain why this is the case.
  • Add release notes.

Attachments

part of: #773
@TorstenD-SAP TorstenD-SAP added the kind/feature Categorizes issue or PR as related to a new feature. label Sep 2, 2024
@strekm strekm added documentation Improvements or additions to documentation area/service-mesh Issues or PRs related to service-mesh area/documentation Issues or PRs related to documentation and removed documentation Improvements or additions to documentation labels Sep 5, 2024
@strekm strekm mentioned this issue Sep 5, 2024
Open
9 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area/documentation Issues or PRs related to documentation area/service-mesh Issues or PRs related to service-mesh kind/feature Categorizes issue or PR as related to a new feature.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@strekm @TorstenD-SAP