See also: How to harden your deployment
Malicious actors may try to prevent you from accessing your data (Denial-of-Service (DoS) attacks, affecting availability); view your data (attacks affecting confidentiality); or tamper with your data (Man-in-the-Middle attacks, affecting data integrity). Juju takes a variety of means to protect you against all of these.
TLS-encrypted communication
Any communication to and from a Juju controller’s API server and clients, Charmhub, the container registry, the cloud image registry, clouds, or the application units deployed with their help, is TLS-encrypted (using AES 256).
See more: Wikipedia | TLS
User authentication
User authentication with the controller, machines provisioned by the controller, the controller database, etc., is implemented following industry standards. That is:
- macaroons
- (for Juju with JAAS; added in Juju 3.5) JWTs
- SSH keys
- passwords
Role-based access
Juju does not currently have role-based access. However, you can restrict user access at the controller, cloud, model, and application offer level.
See more: User access levels
Agent authentication
Any Juju agent interacting with a Juju controller is authenticated with a password.
Rate limiting
Authentication requests from a Juju unit agent to a Juju controller are rate-limited.
Database authentication
Any controllers, agents, or administrators trying to access the database must authenticate.
No plaintext passwords in the database
All passwords in the database are hashed and salted.
High availability
A controller on a machine cloud can operate in high availability mode. Depending on the charm, a charmed application on either a machine or a Kubernetes cloud can operate in high availability mode as well.
Filesystem permissions
Juju restricts filesystem permissions following a minimum access policy.
Regular backups
For machine controllers, Juju also provides tools to help with controller backups. This can help restore healthy state in the case of an attack affecting data integrity.
Time-limited tokens
Macaroons are time-limited.
Secrets and secret backends
Charmed applications can track high-value configurations as secrets.
Juju follows the industry standard for secret backends and supports Hashicorp Vault.
See more: Secret, Secret backends
No sensitive information in logs
Juju is careful not to store sensitive information in logs.
See more: Logs
Auditing and logging
Juju offers auditing and logging capabilities to help administrators track user activities, changes in the environment, and potential security incidents. These logs can be useful for identifying and responding to security threats or compliance requirements.
See more: Logs
Guided, tested, and maintained operations code
Juju encourages developers to follow best practices in creating software operators (‘charms’). This includes secure coding guidelines, testing, and regular maintenance to address potential security vulnerabilities.
See more: Charm SDK | Charm development best practices > Security
Regular updates and patches
Canonical releases updates and security patches for Juju to address vulnerabilities, improve performance, and add new features.
See more: Roadmap & Releases