Application Layer
Authentication & Configuration
Authenticate your Application with Gremlin
In order to authenticate to Gremlin, you must provide the following configuration values to your application.
GREMLIN_ALFI_IDENTIFIER
: A unique identifier for the application. This will be used to distinguish all of the application instances from one anotherGREMLIN_TEAM_ID
: The Team ID that this application belongs to. Only users in that team may conduct attacks on it.GREMLIN_TEAM_CERTIFICATE_OR_FILE
: Certificate for authenticating to Gremlin. See below for syntax on permissible values.GREMLIN_TEAM_PRIVATE_KEY_OR_FILE
: Private key for authenticating to Gremlin. See below for syntax on permissible values.
You may set these as environment variables or in a gremlin.properties
file on the classpath. Certificates can be downloaded for each team from the Settings Page.
Examples:
As a raw value
GREMLIN_TEAM_CERTIFICATE_OR_FILE=-----BEGIN CERTIFICATE-----...
Or pointing to a file
GREMLIN_TEAM_CERTIFICATE_OR_FILE=file:///usr/gremlin/certificate.pem
Optional Configuration
The following keys may be set to tune how ALFI operates.
GREMLIN_ALFI_ENABLED
: If set to anything other thantrue
, all functionality is turned off. This is designed to give you the ability to safely deploy ALFI, knowing you've got a simple off-switch. When the functionality is off, no failures are ever injected by ALFI, no calls are made to the API, and no logging past configuration-time occurs.GREMLIN_REFRESH_INTERVAL_MS
: You may optionally provide this value to set the frequency with which the library will contact the Gremlin API. Minimum of 1000 (1 second), maximum of 300000 (5 minutes). Default of 10000 (10 seconds). This determines how quickly your application reacts to attacks being halted or created and the amount of network traffic generated by the library.
Examples:
GREMLIN_ALFI_ENABLED=true
GREMLIN_ALFI_IDENTIFIER=recommendation-service-i-0ab123456
GREMLIN_REFRESH_INTERVAL_MS=20000