From 3cebbbaaa82c679ff08eb22e9197bbabb9da1ec3 Mon Sep 17 00:00:00 2001 From: Kevin Blake Date: Wed, 29 Nov 2023 11:55:32 -0500 Subject: [PATCH] HCCDOC-1671: URL for allowlist is incorrect Version(s): PR applies to 4.11+ Issue: https://issues.redhat.com/browse/HCCDOC-1671 Link to docs preview: QE review: [ ] QE has approved this change. Additional information: - In table entries where `console.redhat.com/openshift` is referrenced, remove `/openshift`. - Remove references to port `80` from allowlist ports for console.redhat.com --- modules/configuring-firewall.adoc | 17 ++++++++--------- 1 file changed, 8 insertions(+), 9 deletions(-) diff --git a/modules/configuring-firewall.adoc b/modules/configuring-firewall.adoc index ed12bd986c..c195452b0d 100644 --- a/modules/configuring-firewall.adoc +++ b/modules/configuring-firewall.adoc @@ -52,9 +52,8 @@ If your environment has a dedicated load balancer in front of your {product-titl |Provides core container images |`sso.redhat.com` -|443, 80 -|The `https://console.redhat.com/openshift` site uses authentication from `sso.redhat.com` -[.small] +|443 +|The `https://console.redhat.com` site uses authentication from `sso.redhat.com` |=== + [.small] @@ -84,8 +83,8 @@ You can use the wildcards `\*.quay.io` and `*.openshiftapps.com` instead of `cdn |443, 80 |Required for Telemetry -|`console.redhat.com/api/ingress` -|443, 80 +|`console.redhat.com` +|443 |Required for Telemetry and for `insights-operator` |=== @@ -217,8 +216,8 @@ Alternatively, if you choose to not use a wildcard for AWS APIs, you must allowl |443, 80 |Required to download {op-system-first} images. -|`console.redhat.com/openshift` -|443, 80 +|`console.redhat.com` +|443 |Required for your cluster token. // |`registry.access.redhat.com` @@ -226,8 +225,8 @@ Alternatively, if you choose to not use a wildcard for AWS APIs, you must allowl // |Required for `odo` CLI. |`sso.redhat.com` -|443, 80 -|The `https://console.redhat.com/openshift` site uses authentication from `sso.redhat.com` +|443 +|The `https://console.redhat.com` site uses authentication from `sso.redhat.com` |=== Operators require route access to perform health checks. Specifically, the