Grafana에서 JWT 인증 사용하기

Grafana에서 JWT 인증을 사용하는 방법

이 가이드는 Teleport와 함께 Grafana JWT 인증 을 구성하는 방법을 설명합니다. 작동 방식 # Teleport는 단기 JWT를 발급하고 Grafana로 프록시된 각 요청에 이를 주입합니다. Grafana는 Teleport의 JWT 서명자를 신뢰하도록 구성되어 사용자의 ID를 확인하고 Teleport 서명 토큰에서 역할 정보를 가져올 수 있습니다. 사전 조건 # A running Teleport cluster. If you want to get started with Teleport, sign up for a free trial or set up a demo environment . The tctl and tsh clients. Installing `tctl` and `tsh` clients Determine the version of your Teleport cluster. The tctl and tsh clients must be at most one major version behind your Teleport cluster version. Send a GET request to the Proxy Service at /v1/webapi/find and use a JSON query tool to obtain your cluster version. Replace with the web address of your Teleport Proxy Service: $ TELEPORT_DOMAIN= $ TELEPORT_VERSION="$(curl -s https://$TELEPORT_DOMAIN/v1/webapi/find | jq -r '.server_version')" Follow the instructions for your platform to install tctl and tsh clients: To check that you can connect to your Teleport cluster, sign in with tsh login , then verify that you can run tctl commands using your current credentials. For example, run the following command, assigning to the domain name of the Teleport Proxy Service in your cluster and to your Teleport username: $ tsh login --proxy= --user= $ tctl status # Cluster (=teleport.url=) # Version (=teleport.version=) # CA pin (=presets.ca_pin=) If you can connect to the cluster and run the tctl status command, you can use your current credentials to run subsequent tctl commands from your workstati