Merge pull request #53 from ing-bank/fix/docs-remove-gargoyle

remove gargoyle name from docs
ing-bank · Mar 11, 2019 · 5284a79 · 5284a79
2 parents 5e4ce73 + 89fc23c
commit 5284a79
Show file tree

Hide file tree

Showing 2 changed files with 15 additions and 15 deletions.
diff --git a/docs/Ranger-2way-ssl.md b/docs/Ranger-2way-ssl.md
@@ -47,14 +47,14 @@ keytool -export -keystore ranger-admin-keystore.jks -alias rangeradmin -file ran
 * Create Client keystore and export certificate
 
 ```
-keytool -genkey -keyalg RSA -alias gargoyles3plugin -keystore ranger-plugin-keystore.jks -storepass securep -validity 360 -keysize 2048
-keytool -export -keystore ranger-plugin-keystore.jks -alias gargoyles3plugin -file gargoyles3plugin.cer -storepass securep
+keytool -genkey -keyalg RSA -alias airlocks3plugin -keystore ranger-plugin-keystore.jks -storepass securep -validity 360 -keysize 2048
+keytool -export -keystore ranger-plugin-keystore.jks -alias airlocks3plugin -file airlocks3plugin.cer -storepass securep
 ```
 
 * Cross import certificates (create truststores)   
 
 ```
-keytool -import -file gargoyles3plugin.cer -alias gargoyles3plugin -keystore ranger-admin-truststore.jks -storepass securep
+keytool -import -file airlocks3plugin.cer -alias airlocks3plugin -keystore ranger-admin-truststore.jks -storepass securep
 keytool -import -file rangeradmin.cer -alias rangeradmin -keystore ranger-plugin-truststore.jks -storepass securep
 ```
 

diff --git a/docs/What_is_airlock.md b/docs/What_is_airlock.md
@@ -1,6 +1,6 @@
-# What is Gargoyle?
+# What is Airlock?
 
-Gargoyle is a security layer on top of an S3 interface. It ensures authentication and authorisation for any S3 capable
+Airlock is a security layer on top of an S3 interface. It ensures authentication and authorisation for any S3 capable
 storage solution. It is originally developed to provide blob storage security for a Data Analytics Platform (DAP).
 
 ## Why
@@ -16,14 +16,14 @@ security features CEPH provides are insufficient for our team. Things we found l
 
 ## How
 
-Gargoyle filters and proxies requests to the S3 Api and implements part of the AWS IAM/STS api. This allows for 
+Airlock filters and proxies requests to the S3 Api and implements part of the AWS IAM/STS api. This allows for 
 interoperability with existing tools that support S3. We make use of the following services:
 
 - Keycloak for Multi-factor authentication
 - Apache Ranger for authorisation
 - Apache Atlas for data lineage
 
-Gargoyle exists of the following services and capabilities:
+Airlock exists of the following services and capabilities:
 
 - STS. The Security Token Service (STS) is a web service that enables you to request temporary, limited-privilege 
 credentials for AWS Identity and Access Management (IAM) users or for users that you authenticate. The following 
@@ -39,26 +39,26 @@ This results in the following architecture picture:
 ![alt text](./img/architecture.png)
 
 1. **User** goes to Keycloak and is requested to authenticate him/herself using MFA.
-2. **User** requests a short term token with the Gargoyle STS service for the type of access he requires to S3 (e.g. 
+2. **User** requests a short term token with the Airlock STS service for the type of access he requires to S3 (e.g. 
 assume a certain role or access to his own resources). This request includes the token received from Keycloak. 
 
-3. **Gargoyle STS** verifies the token with Keycloak and potentially verifies whether a user is allowed to 
+3. **Airlock STS** verifies the token with Keycloak and potentially verifies whether a user is allowed to 
 assume a certain role. If verified it returns a new short term token to the user.
-4. **User** sends the request to the Gargoyle proxy with the STS token.
-5. **Gargoyle Proxy** verifies the STS token with Gargoyle STS and retrieves the user corresponding to the AWS 
+4. **User** sends the request to the Airlock proxy with the STS token.
+5. **Airlock Proxy** verifies the STS token with Airlock STS and retrieves the user corresponding to the AWS 
 credentials.
-6. **Gargoyle Proxy** verifies authorisation of the request with Apache Ranger and writes audit log to Apache Ranger.
-7. **Gargoyle Proxy** passes through the request to CEPH if the STS and Apache Ranger checks both succeeded.
+6. **Airlock Proxy** verifies authorisation of the request with Apache Ranger and writes audit log to Apache Ranger.
+7. **Airlock Proxy** passes through the request to CEPH if the STS and Apache Ranger checks both succeeded.
     >If needed the proxy will automatically create the user on CEPH using the user info from the STS service.
     This user will only have rights for his own buckets initially, and should stil manually be made a system user to 
     access other buckets he has rights for in Apache Ranger.
 8. **CEPH** validates the request to ensure it hasn't been tampered with.
-9. **Gargoyle Proxy** logs lineage data with Apache Atlas.
+9. **Airlock Proxy** logs lineage data with Apache Atlas.
 
 
 ### Technologies
 
-The Gargoyle project is written entirely in Scala 2.12.6.
+The Airlock project is written entirely in Scala 2.12.8.
 
 To be determined:
 - KV store