From 21e4cc9f4dc7522b46c28c05ec025c01be387409 Mon Sep 17 00:00:00 2001 From: kevgliss Date: Thu, 24 Sep 2015 09:21:08 -0700 Subject: [PATCH 1/5] Adding connections in user guides --- docs/guide/index.rst | 82 +++++++++++++++++++++------------------ docs/quickstart/index.rst | 6 ++- 2 files changed, 49 insertions(+), 39 deletions(-) diff --git a/docs/guide/index.rst b/docs/guide/index.rst index bb369402..d34d4baf 100644 --- a/docs/guide/index.rst +++ b/docs/guide/index.rst @@ -3,46 +3,15 @@ User Guide These guides are quick tutorials on how to perform basic tasks in Lemur. -Create a New User -~~~~~~~~~~~~~~~~~ -.. figure:: settings.png - - From the settings dropdown select "Users" - -.. figure:: create.png - - In the user table select "Create" - -.. figure:: create_user.png - - Enter the username, email and password for the user. You can also assign any - roles that the user will need when they login. While there is no deletion - (we want to track creators forever) you can mark a user as 'Inactive' that will - not allow them to login to Lemur. - - -Create a New Role -~~~~~~~~~~~~~~~~~ - -.. figure:: settings.png - - From the settings dropdown select "Roles" - -.. figure:: create.png - - In the role table select "Create" - -.. figure:: create_role.png - - Enter a role name and short description about the role. You can optionally store - a user/password on the role. This is useful if your authority require specific roles. - You can then accurately map those roles onto Lemur users. Also optional you can assign - users to your new role. - Create a New Authority ~~~~~~~~~~~~~~~~~~~~~~ +Before Lemur can issue certificates you must configure the authority you wish use. Lemur itself does +not issue certificates, it relies on external CAs and the plugins associated with those CAs to create the certificate +that Lemur can then manage. + + .. figure:: create.png In the authority table select "Create" @@ -92,4 +61,43 @@ Import an Existing Certificate a certificate name but you can override that by passing a value to the `Custom Name` field. You can add notification options and upload the created certificate to a destination, both - of these are editable features and can be changed after the certificate has been created. + of these are editable features and can be changed after the certificate has been created. + + +Create a New User +~~~~~~~~~~~~~~~~~ +.. figure:: settings.png + + From the settings dropdown select "Users" + +.. figure:: create.png + + In the user table select "Create" + +.. figure:: create_user.png + + Enter the username, email and password for the user. You can also assign any + roles that the user will need when they login. While there is no deletion + (we want to track creators forever) you can mark a user as 'Inactive' that will + not allow them to login to Lemur. + + +Create a New Role +~~~~~~~~~~~~~~~~~ + +.. figure:: settings.png + + From the settings dropdown select "Roles" + +.. figure:: create.png + + In the role table select "Create" + +.. figure:: create_role.png + + Enter a role name and short description about the role. You can optionally store + a user/password on the role. This is useful if your authority require specific roles. + You can then accurately map those roles onto Lemur users. Also optional you can assign + users to your new role. + + diff --git a/docs/quickstart/index.rst b/docs/quickstart/index.rst index 342dde7d..4e2ec150 100644 --- a/docs/quickstart/index.rst +++ b/docs/quickstart/index.rst @@ -270,7 +270,9 @@ Decrypts sensitive key material - Used to decrypt the secrets stored in source d What's Next? ------------ -The above gets you going, but for production there are several different security considerations to take into account, +Get familiar with how Lemur works by reviewing the :doc:`../guide/index`. When you're ready +see :doc:`../production/index` for more details on how to configure Lemur for production. + +Remember the above just gets you going, but for production there are several different security considerations to take into account, remember Lemur is handling sensitive data and security is imperative. -See :doc:`../production/index` for more details on how to configure Lemur for production. From ed93b5a2c528a15078aab2251d3dff9a1980a34f Mon Sep 17 00:00:00 2001 From: kevgliss Date: Thu, 24 Sep 2015 09:36:11 -0700 Subject: [PATCH 2/5] SSL --- docs/quickstart/index.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/quickstart/index.rst b/docs/quickstart/index.rst index 4e2ec150..1d3907df 100644 --- a/docs/quickstart/index.rst +++ b/docs/quickstart/index.rst @@ -16,7 +16,7 @@ Some basic prerequisites which you'll need in order to run Lemur: * PostgreSQL * Nginx -.. note:: Lemur was built with in AWS in mind. This means that things such as databases (RDS), mail (SES), and SSL (ELB), +.. note:: Lemur was built with in AWS in mind. This means that things such as databases (RDS), mail (SES), and TLS (ELB), are largely handled for us. Lemur does **not** require AWS to function. Our guides and documentation try to be be as generic as possible and are not intended to document every step of launching Lemur into a given environment. From 63a388236ee172b50a67244fadb35336ef12c9e8 Mon Sep 17 00:00:00 2001 From: kevgliss Date: Thu, 24 Sep 2015 14:36:14 -0700 Subject: [PATCH 3/5] adding a link to our techblog --- README.rst | 1 + 1 file changed, 1 insertion(+) diff --git a/README.rst b/README.rst index 28f05787..5245da96 100644 --- a/README.rst +++ b/README.rst @@ -23,6 +23,7 @@ It works on CPython 2.7, 3.3, 3.4. We deploy on Ubuntu and develop on OS X. Project resources ================= +- `Lemur Blog Post `_ - `Documentation `_ - `Source code `_ - `Issue tracker `_ From 002de6f5e4814bf158fbe7bfc051d247efe4e6dd Mon Sep 17 00:00:00 2001 From: kevgliss Date: Thu, 24 Sep 2015 16:03:15 -0700 Subject: [PATCH 4/5] adding docker Link --- README.rst | 1 + 1 file changed, 1 insertion(+) diff --git a/README.rst b/README.rst index 5245da96..40bfcb64 100644 --- a/README.rst +++ b/README.rst @@ -27,3 +27,4 @@ Project resources - `Documentation `_ - `Source code `_ - `Issue tracker `_ +- `Docker `_ From 43683fe5545c4e7cbd33c6592177cc96ff726dd2 Mon Sep 17 00:00:00 2001 From: kevgliss Date: Thu, 24 Sep 2015 16:09:34 -0700 Subject: [PATCH 5/5] changing readme language --- README.rst | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/README.rst b/README.rst index 40bfcb64..f74a0924 100644 --- a/README.rst +++ b/README.rst @@ -16,7 +16,9 @@ Lemur .. image:: https://travis-ci.org/Netflix/lemur.svg :target: https://travis-ci.org/Netflix/lemur -Lemur manages TLS certificate creation. It provides a central portal for developers to issue their own TLS certificates with 'sane' defaults. +Lemur manages TLS certificate creation. While not able to issue certificates itself, Lemur acts as a broker between CAs +and environments providing a central portal for developers to issue TLS certificates with 'sane' defaults. + It works on CPython 2.7, 3.3, 3.4. We deploy on Ubuntu and develop on OS X.