3 Securing STAP Deployment

Learn how the Oracle Communications Solution Test Automation Platform (STAP) ensures secure deployment and protection of confidential information.

Topic in this chapter:

Ensuring a Secure STAP Deployment

Ensuring a Secure STAP Deployment

It emphasizes the importance of general security guidelines, such as access management to the environment, and OS and network-level security, to prevent unauthorized access to the deployment environment. Ensure to secure the deployment by running it only after safeguarding confidential information. To ensure a secure deployment for STAP, you need:

• Kubernetes Secrets: Kubernetes uses secrets to store confidential information. Use the scripts from the STAP Cloud Network Toolkit (CNTK) to ensure all passwords are protected.

  See "Installing STAP MIcro-Services" in STAP Deployment Guide for more information.

• SSL certificate: Use SSL certificate to secure communication between STAP components. See STAP Deployment Guide for details on creating and using SSL certificates during STAP deployment.

• Environment Access: Since STAP is a platform targeted for testing your solutions, ensure that STAP does not have access to any production environments. Do not use STAP to connect to any other systems other than the ones being used for testing.

• OAuth: STAP can be used with either Basic Auth or OAuth. For a more secure deployment, STAP uses OAuth to secure access to its UI.

STAP supports OAuth only when used in conjunction with IDCS. Ensure that you secure access to STAP for IDCS users.