Skip to content

feature: Secure your fleet, NGINX One #731

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

feature: Secure your fleet, NGINX One #731

wants to merge 1 commit into from

Conversation

mjang
Copy link
Contributor

@mjang mjang commented Jun 23, 2025

Proposed changes

Create end-to-end "use-case" documentation for admins / security engineers who want to use NGINX One Console to "Secure your fleet".

Fleets of NGINX deployments frequently include dozens and many more instances. With this use case, an admin/security engineer can set up the NGINX One Console to send them alerts for appropriate issues. Today, those issues include CVEs and other detected security "misconfigurations" identified by NGINX One Console.

This use case goes somewhat beyond NGINX One Console. This PR removes roadblocks to success in the following ways:

  • It clarifies what users need to access the NGINX One Console, specifically with:

    • Supporting checks of appropriate licenses
    • Describing the detailed process of setting up a tenant

  • It then shows users, step by step, how to set up notifications when one/more of their instances have CVEs and other detected security issues.

Replaces #637

Checklist

Before merging a pull request, run through this checklist and mark each as complete.

  • I have read the contributing guidelines
  • I have signed the F5 Contributor License Agreement (CLA)
  • I have rebased my branch onto main
  • I have ensured my PR is targeting the main branch and pulling from my branch from my own fork
  • I have ensured that the commit messages adhere to Conventional Commits
  • I have ensured that documentation content adheres to the style guide
  • If the change involves potentially sensitive changes1, I have assessed the possible impact
  • If applicable, I have added tests that prove my fix is effective or that my feature works
  • I have ensured that existing tests pass after adding my changes
  • If applicable, I have updated README.md and CHANGELOG.md

Footnotes

  1. Potentially sensitive changes include anything involving code, personally identify information (PII), live URLs or significant amounts of new or revised documentation. Please refer to our style guide for guidance about placeholder content.

@mjang mjang self-assigned this Jun 23, 2025
@mjang mjang requested review from a team as code owners June 23, 2025 14:11
@github-actions github-actions bot added documentation Improvements or additions to documentation product/nginx-one NGINX One Console labels Jun 23, 2025
@github-actions GitHub Actions
Copy link

Deploy Preview will be available once build job completes!

Name Link
😎 Deploy Preview https://frontdoor-test-docs.nginx.com/previews/docs/731/

ADubhlaoich
ADubhlaoich approved these changes Jun 23, 2025
View reviewed changes
Copy link
Contributor

@ADubhlaoich ADubhlaoich left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. Small LOGAF non-blocking edit suggestions.

If the PR replaces #637, then that should probably be closed.

@mjang mjang mentioned this pull request Jun 23, 2025
Closed
10 tasks
@jputrino
Copy link
Contributor

I find the order in which the docs are presented confusing. Is "Manage your fleet" really before "Get started"? Shouldn't "Manage your instances" include items like Connect your instances and Draft configurations?

I could see 3 top-level headings on the landing page: Get started, Secure your fleet, and Manage your fleet. Or maybe 4, if we also add one for Admin tasks (like RBAC, metrics, etc.).

y82
y82 approved these changes Jun 24, 2025
View reviewed changes
@mjang
Copy link
Contributor Author

mjang commented Jun 25, 2025

I find the order in which the docs are presented confusing. Is "Manage your fleet" really before "Get started"? Shouldn't "Manage your instances" include items like Connect your instances and Draft configurations?

I could see 3 top-level headings on the landing page: Get started, Secure your fleet, and Manage your fleet. Or maybe 4, if we also add one for Admin tasks (like RBAC, metrics, etc.).

Will be addressed in an internal issue (num-200 in internal-docs repo)

jasonclopper
jasonclopper reviewed Jun 25, 2025
View reviewed changes
mjang
mjang commented Jul 2, 2025
View reviewed changes
mjang
mjang commented Jul 2, 2025
View reviewed changes
mjang
mjang commented Jul 2, 2025
View reviewed changes
@mjang @ADubhlaoich
feat: Secure your fleet, NGINX One
7152a0d 
This commit adds a new landing page archetype, which has the
ability to display various cards to highlight specific items. The
archetype includes inline guidance like other archetypes, including
explanations of new frontmatter parameters and a new card shortcode.

---------

Co-authored-by: Mike Jang <[email protected]>
Co-authored-by: Alan Dooley <[email protected]>

Co-authored-by: Alan Dooley <[email protected]>
@mjang mjang force-pushed the secure-your-fleet-r3 branch from 2caef64 to 7152a0d Compare July 2, 2025 16:52
@mjang mjang requested a review from a team as a code owner July 2, 2025 16:52
@github-actions github-actions bot added product/nim NGINX Instance Manager product/ngf Issues related to NGINX Gateway Fabric product/agent NGINX Agent tooling Back end, repository, Hugo, and all things not related to content product/controller NGINX Controller (EOS product) product/mesh NGINX Service Mesh (EOS product) labels Jul 2, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jasonclopper jasonclopper jasonclopper left review comments

@ADubhlaoich ADubhlaoich ADubhlaoich approved these changes

@y82 y82 y82 approved these changes

Assignees

@mjang mjang

Labels
documentation Improvements or additions to documentation product/agent NGINX Agent product/controller NGINX Controller (EOS product) product/mesh NGINX Service Mesh (EOS product) product/ngf Issues related to NGINX Gateway Fabric product/nginx-one NGINX One Console product/nim NGINX Instance Manager tooling Back end, repository, Hugo, and all things not related to content
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@mjang @jputrino @ADubhlaoich @y82 @jasonclopper